last executing test programs: 17.937054949s ago: executing program 3 (id=2388): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180800000000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0xffffffffffffff7d) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r3 = open(&(0x7f0000000080)='./bus\x00', 0x181102, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f00000021c0)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x0, 0x0, 0x2, 0x1, 0x7, 0x81}, 0x20) ioctl$KDADDIO(r3, 0x4b34, 0x1) r4 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r4, 0x40345410, &(0x7f00000083c0)={{0x1}}) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r4, 0x40505412, &(0x7f00000000c0)={0x0, 0x8, 0x0, 0x0, 0xf}) ioctl$int_in(r4, 0x5452, &(0x7f00000001c0)=0xb2) ioctl$SNDRV_TIMER_IOCTL_START(r4, 0x54a0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000a0db000000000000000000850000000e000000d50000002a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f00000000c0)='netlink_extack\x00', r5}, 0x11) 16.476542732s ago: executing program 3 (id=2391): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) sendto$inet6(r0, &(0x7f0000000500)="a4", 0x1, 0x0, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r0, 0x84, 0x18, &(0x7f0000000040), &(0x7f0000000140)=0x8) 16.032028173s ago: executing program 3 (id=2394): socket$nl_netfilter(0x10, 0x3, 0xc) r0 = socket(0x11, 0x800000003, 0x0) syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./bus\x00', 0x0, &(0x7f0000001080), 0x1, 0x4f7, &(0x7f0000000540)="$eJzs3c9vI1cdAPDvTOJNmqZNCpUKCOhSCgtarZ1426jqqVxAqKqEqDhxSEPijaLYcRQ7pQkrNfkfkKjEAcGJMwckDpV64ojgBre9LAekBVagDRIHo/GPbHZjJ2HXsVX785FGM2/eeL7vrTXveb9J/AIYW1cj4iAirkTEexEx1z6ftLd4q7Vl1z24f3v16P7t1SQajXf/kTTrs3Nx4jWZZ9v3nI6I738n4kfJ6bi1vf3NlXK5tNMuF+qV7UJtb//GRmVlvbRe2ioWlxaXFt64+Xqxb319ufKbe9/eePsHH//uS3f/dPDNn2TNmm3XnexHP7W6njuOk5mMiLcvI9gQTLT7c2XYDeGJpBHxmYh4pfn8z8VE8928mC6PNQDwKdBozEVj7mQZABh1aTMHlqT5di5gNtI0n2/l8F6MmbRcrdWv36rubq21cmXzkUtvbZRLC+1c4Xzkkqy8+GF2/LBcjEfLNyPihYj46dQzzXJ+9eJ5BgCgv559bP7/91Rr/gcARtz0eRcsD6YdAMDgnDv/AwAjx/wPAOPH/A8A48f8DwDjx/wPAOPmTmf+nxh2SwCAgfjeO+9kW+Oo/f3Xa+/v7W5W37+xVqpt5iu7q/nV6s52fr1aXS+X8qvVynn3K1er24uvxe4HhXqpVi/U9vaXK9Xdrfpy83u9l0u5gfQKADjLCy9/8pckIg7efKa5xYm1HMzVMNrSYTcAGBo5fxhfvoUbxpf/4wPnreXZ81eEP3qCYI0Pn+BFQL9d+7z8P4wr+X8YX/L/ML7k/2F8NRpJrzX/0+NLAICRIscPDPTn/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAiZpvb/IlymubzEc9FxHzkklsb5dJCRDwfEX+eyk1l5cWhthgAeHrp35L2+l/X5l6dfbz2SvKfqeY+In7883d/9sFKvb6zmJ3/5/H5+kft88VhtB8AOE9nnu7M4x0P7t9e7WyDbM+9b7UWF83iHrW3Vs1kTGa7P05HLiJm/pW0ym3Z55WJPsQ/OIyIz3Xrf9LMjcy3Vz59PH4W+7mBxk8fiZ8261r77N/is6fuPNUz5nlrvcK4+CQbf97q9vylcbW5n+66+PF0c4R6ep3x7+jU+Nd53qebY0238e/qRWO89vvv9qw7jPjCZLf4yXH8pEf8Vy8Y/84Xv/xKr7rGLyOuRff4J2MV6pXtQm1v/8ZGZWW9tF7aKhaXFpcW3rj5erHQzFEXOpnq0/7+5vXne/b/1xEzPeJPn9P/r53Z68bxAPyr/773w6/0in8Y8Y2vdn//XzwjfjYnfv3M+A+tzPy25/LdWfy1Vv8P/9/3//oF49/96/7aBS8FAAagtre/uVIul3b6epCLPt/wxEFySW12MOIH2efxp73PS+2UWddr/vCLj1/KKofe074cDHlgAi7dw4d+2C0BAAAAAAAAAAAAAAB6ufQ/J0qH3UMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABG2f8CAAD//zwQyy8=") r1 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x0, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', &(0x7f0000000080), 0x18) renameat2(r2, &(0x7f0000000080)='./file1\x00', r1, &(0x7f00000000c0)='./file0\x00', 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) shutdown(r4, 0x0) sendmmsg(r5, &(0x7f0000000400), 0x10, 0x0) bind$netlink(r3, &(0x7f0000000200)={0x10, 0x0, 0x0, 0x1}, 0xc) socketpair$unix(0x1, 0x0, 0x0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x0) r6 = syz_open_procfs(0x0, 0x0) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000002000/0x13000)=nil, 0x13000, 0x0, 0x12, r7, 0x0) preadv(r6, 0x0, 0x0, 0x0, 0x0) r8 = socket$inet(0x2, 0x4000000000080001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r8, 0x0, 0x40, &(0x7f0000000500), 0x1) sendto$isdn(r0, &(0x7f00000000c0)={0x8, 0x1, "c851c18c6805a78625fbdd9f37dc80aecdb09e36a20ec25095d788bcb13795a8473392201e38dfafafe62096203377fa8b05df38d9d63b3b0ccb75c91e04"}, 0x46, 0x4080, &(0x7f0000000140)={0x22, 0x2, 0x1, 0x0, 0x1}, 0x6) socket$nl_generic(0x10, 0x3, 0x10) syz_emit_ethernet(0x36, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x1, 0x0, @private, @multicast1}, @timestamp}}}}, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, 0x0) r9 = socket$netlink(0x10, 0x3, 0x0) r10 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030033000b35d25a806c", 0xc}], 0x1}, 0x0) sendmsg$nl_route_sched(r9, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000880), 0xf4}}, 0x0) 15.039817166s ago: executing program 3 (id=2400): syz_mount_image$jfs(&(0x7f0000000080), &(0x7f0000000040)='./bus\x00', 0x0, &(0x7f0000001000)=ANY=[], 0xfd, 0x6194, &(0x7f0000004a40)="$eJzs3c9vHGf9B/DP/vSPfJtaPVT9Rgi5aflRSpM4KSFQoO0BDlx6QDmCErluFZECSgJKK4u48oUDJ/4CEBJHhDgiDvwBPXDlxokTkWwkUE8MWvt54tnNbu3U9s7az+slOTOfeWbtZ/a9sz8yM/sEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABDf/c73VloRceNnacFSxP9FJ6IdsTColyNiYXkpr9+NiOdipzmejYjeXMTg9jv/PB3xakR8dDZia3t9dbD48gH78e0//O23Pzjz1l9/37v4nz/e67w2ab3793/57z89ONw2AwAAQGmqqqpa6WP+ufT5vt10pwCAqciv/1WSl5/6+lf/eOvPs9QftVqtVqunUNdV4z2oFxGxUb/N4D2Dw/EAcMJsxMdNd4EGyb9o3Yg403QngJnWaroDHIut7fXVVsq3VX89WN5tz+eCDOW/0Xp0fcek6X5GzzGZ1uNrMzrxzIT+LEypD7Mk598ezf/Gbns/rXfc+U/LpPz7u5c+FSfn3xnNf8Tpyb89Nv9S5fy7T5R/R/4AAAAAADDD8v//LzV8/Hfu8JtyIJ90/Hd5Sn0AAAAAAAAAgKN22PH/HjH+HwAAAMyswWf1gV+f3Vs26bvYBsuvtyKeGlkfKEy6WGax6X4AAAAAAAAAAAAAQEm6u+fwXm9F9CLiqcXFqqoGP3Wj9ZM67O1PutK3H0rW9JM8AADs+ujsyLX8rYj5iLievuuvt7i4WFXzC4vVYrUwl9/P9ufmq4Xa59o8HSyb6x/gDXG3Xw1+2XztdnX7fV7er3309w3+Vr/qHKBjR6SX7s0JzQ2FDQDJ7qvRllekU6aqnp705gOG2P9PoaVYavpxxexr+mEKAAAAHL+qqqpW+jrvc+mYf7vpTgEAU5Ff/0ePCxyqbk9ojzia369Wq9VqtfpT1XXVeA/qRURs1G8zeM9gOH4AOGE24uOmu0CD5F+0bkQ813QngJnWaroDHIut7fXVVsq3VX89SOO753NBhvLfaO3cLt9+3HQ/o+eYTOvxtRmdeGZCf56dUh9mSc6/PZr/jd32flrvuPOflkn593cumStPzr8zmv+I05N/e2z+pcr5d58o/478AQAAAABghuX//19y/DdvMgAAAAAAAACcOFvb66v5utd8/P8zY9Zz/efplPNvPWn+C2le/idazr89kv8XR9br1OYfvrm3//9re331d/f++f95etD85/JMKz2yWukR0Up/qdVN08Ns3eM2e53+4C/1Wu1ON53zU/XeiVtxO9bi0tC67XR/7LWvDLUPetobar881N59rP3KUHsvfe9AtZDbL8Rq/Dhux9s77f3hu32s+X3un2qf9px/x/N/kXL+3drPIP/F1N4amQ48/LD92H5fn477O2/c+uwvLh3/5uxrMzqPtq1usH3nG+jPzn1yph8/vbt258L9m/fu3VmJNBlaejnS5Ijl/Hs7P3N7z/8v7LbnJ6D6/vrww/4T5z8rNqM7Mf8XavOD7X1pyn1rQs6/n35y/m+n9vH7/0nOf/L+/3ID/QEAAAAAAAAAAAAAAIBPUlXVziWib0TE1XT9T1PXZgIA05Vf/6skL1cfef39MxGz1B+1Wq1WF1jXVeO9Xi8i4i/12wzeM/x83C8DAGbZfyPi7013gsbIv2D5+/4G0xeb7gwwVXff/+CHN2/fXrtzt+meAAAAAAAAAACfVh7/c7k2/vOLEbE0st7Q+K9vxvJhx//s5plHA4we8UDfE2y2+512bbjx52NnfO4Lk8b/Ph+Pj/+dx8Tt1Ldjgt4+7f192uf2aZ8fu3QvrbEXetTk/J+vjXc+yP/cyPDrJYz/OjrmfQly/udrj+dB/l8YWa+ef/Wbmct/46ArbkZ7KP+L9977ycW773/wyq33br679u7aj66srFy6cvXqtWvXLr5z6/bapd1/j6fXMyDnn8e+dh5oWXL+OXP5lyXn/7lUy78sOf/Pp1r+Zcn55/d78i9Lzj9/9pF/WXL+L6Va/mXJ+X8p1fIvy9b2+twg/5dTLf+y5P3/y6mWf1ly/q+kWv5lyflfSLX8y5Lzv5jqA+Tv6+FPkZx/PsJl/y9Lzn8l1fIvS87/cqrlX5ac/5VUy78sOf9XUy3/suT8v5Jq+Zcl53811fIvS87/q6mWf1ly/tdSLf+y5Py/lmr5lyXn//VUy78sOf/XUi3/suT8v5Fq+Zcl5//NVMu/LDn/b6Va/mXJ+b+eavmXZe/7/82YMWMmzzT9zAQAAAAAAAAAAAAAjJrG6cRNbyMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/9iBAwEAAAAAIP/XRqiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrCDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFfbuNUaus74f+Jm9ee0QYiAEJ38Da8cY4yzZ9SW+8K8bE5IQEijNtaSX2K537Sz4Fq9dkjSSTQMlEo6KKqqmL9oCitpIVYVV8YJWKc2LqpdXTfuCvqmoKiE1qkIUUJHaimarmfM8j2dmZ2dmveP17Dmfj2T/dmfOzDlz5szsftf+7gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAqLfhY9NfrmRZVv1T+2ttlr2t+vHqsbW1yz5ytbcQAAAAWKr/rf395nXpgv1d3Khumb993z98e25ubi77zODvDH9tbi5dMZZlw6uyrHZddPHfHq3ULxM8m41WBuo+H+iw+sEO1w91uH64w/UjHa5f1eH60Q7Xz9sB86zOfx5Tu7NNtQ/X5rs0uz4brl23qcWtnq2sGhiIP8upqdRuMzd8JJvJjmXT2WTD8vmyldryL2+oruueLK5roG5d66tHyI+eORy3oRL28aaGdV26z+iHH83GfvyjZw7/0ZnXb2w1O+6GhvvLt3PLxup2fjFckm9rJVuV9knczoG67Vzf4jkZbNjOSu121Y+bt/PNLrdz8NJmLqvm53w0G6h9/GptPw3V/1gv7af14bL/ujnLsvOXNrt5mXnrygayNQ2XDFx6fkbzI7J6H9VD6Z3Z0KKO0w1dHKfVObWp8Thtfk3E539DuN3QAttQ/zT98Asj8573xR6nUfVRL/RaaT4Ge/1a6ZdjMB4Xr9Ye9HMtj8FN4fE/s3nhY7DlsdPiGEyPu+4Y3NjpGBwYGaxtc3oSKrXbXDoGtzUsP1hbU6U2X9vc/hicOHP81MTsU09/eOb4oaPTR6dP7Ni2bXLHrl179uyZODJzbHoy//sy93b/W5MNpNfAxrDv4mvgg03L1h+qc9/o3etwtM3rcG3Tsr1+HQ41P7jK8rwg5x/T+WvjoepOH70wkC3wGqs9P1uX/jpMj7vudThU9zps+TWlxetwqIvXYXWZU1u7+55lqO5Pq224Ul8L1tYdg83fjzQfg73+fqRfjsHRcFz8y9aFvxasD9v73Phivx8ZnHcMpocb3nuql6Tv90f31Ear4/Km6hXXjGRnZ6dP3/rkoTNnTm/LwlgW76o7VpqP1zV1jymbd7wOLPp43T/zvuduanH52rCvRj9c/Wt0weequszOW9s/V7Wvbq33Z8Ol27Mwemy592err+bV/ZmyZJv9WV3mixNL/1485dK699/hBd5/Y+5/K19fuqtnB4eH8tfvYNo7ww3vx41P1VDtvatSW/ebE929Hw+HP8v9fnx9m/fjdU3L9vr9eLj5wcX340qnn3YsTfPzORqOk2OT7d+Pq8us277YY3Ko7fvxzWFWwv7/UEgKKRfVHTsLHbdpXUNDw+FxDcU1NB6nOxqWHw7ZrLqul7Zf3nG65eb8vgbTo7tkuY7TsaZle32cpverhY7TSqefvl2e5udzNBwX1+9of5xWl3ll59LfO1fHD+veO0c6HYPDgyPVbR5OB2H+fj+3Oh6Dt2aHs5PZsWyqdu1I7Xiq1NY1flt3x+BI+LPc75Xr2hyDW5qW7fUxmL6OLXTsVYbmP/geaH4+R8Nx8cJt7Y/B6jJ37u7t965bwiVpmbrvXZt/vrbQz7xuatpNV/JnXtXt/Ovd7X82W13m2J7F5sz2++mWcMk1+UUj9fup+fW70GtqKlue/bQubOfrexbeT9XtqS7ztb1dHk/7syw798QdtZ/3hn9f+bOz3/t2w7+7tPo3nXNP3PHGtUf+ZjHbD8DK91Y+1uRf6+r+Zaqbf/8HAAAAVoSY+wfCTOR/AAAAKIyY++P/Ck/kfwAAACiMmPuHwkxKkv/X3fn6zFvnstTMnwvi9Wk33JsvFzuuk+HzsblLqpff8eL0T/7iXHfrHsiy7Kf3/nrL5dfdG7crNxa28+JdjZfPv+G5rtZ/8OFLy9X3178e7j8+nm4Pg1YV3Mksy16+7vnaesYevVCbr9x7sDYfOP/cs9Vl3tybfx5v/9q78uV/P5R/9x851HD718J++EGYk/e13h/xdt+68KH1ux+5tL54u8rGt9ce9guP5fcbf0/OV5/Nl4/7eaHt/8uvvPSt6vJPfqD19p8baL39L4X7fTHM/35vvnz9c1D9PN7uS2H74/ri7W795ndbbv/FL+fLn7o7X+5gmHH9W8Lnm+5+faZ+fz1ZOdTwuLKP58vF9U9+77dq18f7i/ffvP2jBy407I/m4+OVf8rvZ6Jp+Xh5XE/0503rr95P/fEZ1//Sbx5s2M+d1n/xgdfeW73f5vXf0rTcYNPtm39j0x986fmW64vbs/9PTzU8nv33h9dxWP8Lj4XjMVz/Pxefb1hvdPD+xvefuPzX155reDzRPT/O13/x9qO1+e9jP/m9a9527dvPv7+677Ls1Qfz++u0/qN/eLJh+79xw9ba8xGvjx395vUvJK7/9OfHT5ycPTszVbdXa78755P59qwaXb2mur3XhffW5s8PnDzz+PTpscmxySwbK+6v0Lts3wzzjXycX+zttz4cns+bfvflNZv/8Svx8n9+KL/8wn35160PhuW+Gi5fmz9/c5Ulrv+FDTfUXt+VV/LPG3rsPbB+03/s6WrB8Pibvy+Ix/updz9e2w/V62pfN+Lreonb//2p/H6+E/brXPjNzBtvuLS++uXj70a48GD+el/y/gtvc/F5/ePwfH/qB/n9x+2Kj/f74fuY765rfL+Lx8d3zg0033/tt3icD+8n2fn8+rhU3N8X3ryh5ebF30OSnb+x9vlvp/u5cVEPcyGzT81OHJs5cfbJiTPTs2cmZp96+sDxk2dPnDlQ+12eBz7b6faX3p/W1N6fpqZ37cwmV2dZdjKbXIY3rCuz/dWPutv+Uw8fnto9uXlq+sihs0fOPHxq+vTRw7Ozh6enZjcfOnJk+vOdbj8ztW/b9r07dm8fPzoztW/P3r079o7PnDhZ3Yx8ozrYNfm58ROnD9RuMrtv595tt922c3L8+Mmp6X27JyfHz3a6fe1r03j11r82fnr62KEzM8enx2dnnp7et23vrl3bO/42wOOnjsyOTZw+e2Li7Oz06Yn8sYydqV1c/drX6fYU0+y/5t/PNqvkv4gv+/Qtu9LvZ6168QsL3lW+SNMvEH09/C6av3/HqT3dfB5z/3CYSUnyPwAAAJRBzP0jYSbyPwAAABRGzP2rwkzkfwAAACiMmPtHw0xKkv/1//X/u+v/59fr/5er/3/qibxXutL7/7E/r/9fDle5/7/k9ev/6/8Xr//ffX9+pW+//r/+P/P1W/8/5v7VWVbK/A8AAABlEHP/mjAT+R8AAAAKI+b+a8JM5H8AAAAojJj73xZmUpL8r//fVf9/e6fCVfH7/87/r/+frcz+f3xy9P9LY9H9+0ceavhU/z/Q/9f/1//X/9f/Z8mGF7zmavX/Y+6/NsykJPkfAAAAyiDm/reHmcj/AAAAUBgx918XZiL/AwAAQGHE3L82zKQk+V//3/n/9f/1/wvd/1/q+f/rNkb/f2Vw/v/2Ft3/X6X/313/f1T/fyX2/4d7u/393f/vuPn6/1wR/Xb+/5j73xFmUpL8DwAAAGUQc/87w0zkfwAAACiMmPvfFWYi/wMAAEBhxNx/fZhJSfK//r/+v/6//r/+f+v1dz7/f/6R/n9/0f9vz/n/O3D+/3L1/3u8/f3d/+/1+f+H72q+vf4/rfRb/z/m/neHmZQk/wMAAEAZxNx/Q5iJ/A8AAACFEXP/e8JM5H8AAAAojJj714WZlCT/6//r/+v/6//r/7def+f+f07/v7/o/7en/9+B/r/+v/5/d/3/Ft/86v/TSr/1/2PuvzHMpCT5HwAAAMog5v6bwkzkfwAAACiMmPv/X5iJ/A8AAACFEXP/+jCTkuR//X/9f/3/cvX/bxnR/9f/L7Zi9v97902J/n8H+v/6//r/XZ7/f77F9P9XdbozCqPf+v8x9783zKQk+R8AAADKIOb+94WZyP8AAABQGDH3vz/MRP4HAACAwoi5fyzMpCT5X/+/WP3/P/mrF96f6f/r/3dYf0H7//Ew0P8vuWL2/3tH/78D/X/9f/3/Zen/Ux791v+PuX9DmElJ8j8AAACUQcz9G8NM5H8AAAAojJj7bw4zkf8BAACgMGLu3xRmUpL8r/9frP5/pP+v/99u/QXt/yf6/+Wm/99C3YtU/78D/X/9/9L3/+N3v/r/9Ea/9f9j7v9AmElJ8j8AAACUQcz9m8NM5H8AAAAojJj7PxhmIv8DAABAYcTcvyXMpCT5X/9f/1//X/9f/7/1+vX/Vyb9//YW2/8f0f/X/9f/L1n/3/n/6a1+6//H3P+hMJOS5H8AAAAog5j7t4aZyP8AAABQGPH/b+b/71X+BwAAgCKKuX88zKQk+V//X/+/TP3/iv6//r/+f+Hp/7fn/P8d6P/r/+v/6//TU/3W/4+5/8NhJiXJ/wAAAFAGMfffGmYi/wMAAEBhxNw/EWYi/wMAAEBhxNw/GWZSkvyv/6//X6b+v/P/6//r/xef/n97+v8d6P/r/xet/59l+v9cVf3W/4+5f1uYSUnyPwAAAJRBzP3bw0zkfwAAACiMmPt3hJnI/wAAAFAYMffvDDMpSf7X/y9q/38u0//X/19o/fr/+v9Fpv/fnv5/B/r/+v9F6/87/z9XWb/1/2Puvy3MpCT5HwAAAMog5v5dYSbyPwAAABRGzP27w0xC/m/1/7oBAACAlSXm/j1hJiX593/9/4L0/3/j7xrW7fz/+v/t1t+b/v9q/f8w9f/7S0H7/80vi8um/9+B/r/+v/6//j891W/9/5j794aZlCT/AwAAQBnE3P+RMBP5HwAAAAoj5v7/H2Yi/wMAAEBhxNz/M2EmJcn/+v8F6f830f/X/2+3fuf/1/8vsoL2/3umUP3/Af1//f/+2n79f/1/5rvy/f/4UXf9/5j794WZlCT/AwAAQBnE3P+zYSbyPwAAABRGzP23h5nI/wAAAFAYMffvDzMpSf7X/9f/1//X/78y/f/bs2b92P+vHjz6/8Wi/99eofr/zv+v/99n26//r//PfP12/v+Y+z8aZlKS/A8AAABlEHP/HWEm8j8AAAAURsz9Hwszkf8BAACgMGLuvzPMpCT5X/9f/1//X//f+f9br1//f2XS/29P/78D/X/9f/1//X96qt/6/zH33xVmUpL8DwAAAGUQc//dYSbyPwAAABRGzP0fDzOR/wEAAKAwYu6/J8ykJPlf/1//X/9f/1//v/X69f9XJv3/9vT/O9D/1//X/9f/p6f6rf8fc/8nwkxKkv8BAACgDGLuvzfMRP4HAACAwoi5/74wE/kfAAAACiPm/k+GmZQk/+v/6//r/+v/6/+3Xr/+/8qk/9+e/n8H+v/6//r/+v/0VL/1/2Pu/1SYSUnyPwAAAJRBzP0/F2Yi/wMAAEBhxNz/6TAT+R8AAAAKI+b+nw8zKUn+1//X/++v/v/cufrb6f/r/2e96v9Xb9Rd/38k3o/+/8qk/9+e/n8HLfr/q/T/9f/1//X/uWz91v+Puf/+MJOS5H8AAAAog5j7Hwgzkf8BAACgMGLufzDMRP4HAACAwoi5/6Ewk5Lkf/3/Uvb/00Puv/6/8//r/zv/v/7/0uj/t6f/34Hz/+v/6//r/9NT/db/j7n/4TCTkuR/AAAAKIOY+x8JM5H/AQAAoDBi7v+FMBP5HwAAAAoj5v7PhJmUJP9fVv8/ll71/5MV1v/v4/P/F63/P9RwfJSp/z9a93ym41L/X/9/Gej/t6f/34H+v/5/P/f/w9G8eoHb6//Tj/qt/x9z/6NhJiXJ/wAAAFAGMff/YpiJ/A8AAACFEXP/L4WZyP8AAABQGDH3/3KYSUnyv/P/6//r/9f3/z/h/P/O/6//v8Lp/7en/9+B/r/+fz/3/zvQ/6cf9Vv/P+b+XwkzWTD4vfGfXTxMAAAAoI/E3P9YmElJ/v0fAAAAyiDm/gNhJvI/AAAAFEbM/QfDTEqS//X/m/v/8Yyq+v/l7P/3+vz/jceH/r/+v/7/lde7/v97rs0y/X/9f/1//f/l7P8P6P9TOP3W/4+5/1CYSUnyPwAAAJRBzP2/GmYi/wMAAEBhxNx/OMxE/gcAAIDCiLl/KsykiPm/uVR7dfv/w/3Z/3f+/8vt//9U/1//P9D/b03/f3k4/397+v8d6P/r/zv/v/4/PdVv/f+Y+6fDTIqY/wEAAKBc0o+DY+4/EmYi/wMAAEBhxNx/NMxE/gcAAIDCiLn/8TCTkuR/5//X/3f+/6vR/x9qWF7/P6f/r//fC/r/7en/d6D/r/+v/6//T0/1W/8/5v6ZMJOS5H8AAAAog5j7PxtmIv8DAABAYcTc/7kwE/kfAAAACiPm/mNhJiXJ//r/+v9l7/9Xsuy88//r/7dav/7/yqT/357+fwf6//r/+v/6//RUv/X/Y+4/HmZSkvwPAAAAZRBz/4kwE/kfgP9j7z6a7DqrPQ4f+9oKo8tHYMyIIYzMR2DKjCrGFMnkYJucweQcTM45J5NzztnkHE00VImStNaSWn20j8LpPnu/63km60pl3e62W771v6qfXwAAhpG7/15xi/0PAAAAw8jdf++4pcn+1//r/7v3/6udvP+/96/X/5+m/9f/b8O+/v6q9X/d+aLw8/b/d7zTtXfX/+v/9f+T9P/6f/0/55pb/5+7/z5xS5P9DwAAAB3k7r9v3GL/AwAAwDBy998vbrH/AQAAYBi5+6+NW5rsf/2//l//r//f0//frP/X/y+b9/+n6f830P/r//X/+n+2am79f+7++8ctTfY/AAAAdJC7/wFxi/0PAAAAw8jd/8C4xf4HAACAYeTuf1Dc0mT/6//1//r/pfT/R7z/f87Xo//X/6+j/5+m/99A/6//1//r/9mqufX/ufsfHLc02f8AAADQQe7+h8Qt9j8AAAAMI3f/Q+MW+x8AAACGkbv/YXFLk/2v/9f/6/+X0v8f0vv/+n/9/8LdtDrz74TD7v+PbOG/P6D/n3f/v1rp/6dccD+//stbzud/Hvp//T/7za3/z93/8LjlLqvVkUv9IgEAAIBZyd3/iLilyZ//AwAAQAe5+6+LW+x/AAAAGEbu/uvjlib7X/+v/9f/6//1/+s/vv5/mbz/P+3y+/873O6e9+jb/3v/f5r3/7fd/5/8ztD/s2xz6/9z998QtzTZ/wAAANBB7v5Hxi32PwAAAAwjd/+j4hb7HwAAAIaRu//RcUuT/a//H63//789v+6s/v9U7aL/1//r//X/o9P/T/P+/wan/jV3vH6o/9f/e/9f/8/lmVv/n7v/MXFLk/0PAAAAHeTuf2zcYv8DAADAMHL3Py5usf8BAABgGLn7Hx+3NNn/+v/R+v+9v877//r/dR9f/6//H5n+f5r+f4NR3v+/xO+aXffzl2vXn7/+X//PfnPr/3P3PyFuabL/AQAAoIPc/U+MW+x/AAAAGEbu/ifFLfY/AAAADCN3/5Pjlib7X/+v/19G/58fQf+v/z/4/j/p/5dJ/z9N/7/BKP3/Jdp1P7/0z1//r/9nv7n1/7n7nxK3NNn/AAAA0EHu/qfGLfY/AAAADCN3/9PiFvsfAAAAhpG7/+lxS5P9r//X/y+j//f+v/7f+//6/wuj/5+m/99A/6//1//r/9mqufX/uftvjFua7H8AAADoIHf/M+IW+x8AAACGkbv/mXGL/Q8AAADDyN3/rLilyf7X/+v/9f/6f/3/+o+v/18m/f80/f8G+n/9v/5f/89Wzaj/P+tXHVs9O25psv8BAACgg9z9z4lb7H8AAAAYRu7+58Yt9j8AAAAMI3f/8+KWJvtf/z+b/v9UzjdW/398tVrp/1dN+//jZ/3zrO9L/b/+/xDo/6fp/zc4+RvyxBX6f/2//l//z5Ycbv9/8t/50/89gNz9z49bmux/AAAA6CB3/wviFvsfAAAAhpG7/4Vxi/0PAAAAw8jd/6K4pcn+1//Ppv8/Zaz+3/v/535/dOr/vf+/n/7/cOj/p+n/N/D+v/5f/6//Z6sOt//f/OPc/S+Om45cfclfIgAAADAzuftfErc0+fN/AAAA6CB3/0vjFvsfAAAAFurGfT+Tu/9lcUuT/a//327/f+Ssn9P/6//P/f7Q/+v/9f8HT/8/Tf+/gf5f/6//1/+zVXPr/3P3vzxuabL/AQAAoIPc/TfFLfY/AAAADCN3/yviFvsfAAAAhpG7/5VxS5P9r//3/r/+X/+v/1//8fX/y6T/n6b/30D/r//fbf9/9Mz/eLD9//E1v17/z0G4iP7/xIkT1x14/5+7/1VxS5P9DwAAAB3k7n913GL/AwAAwDBy978mbrH/AQAAYBi5+18btzTZ//r/pv1/fqsvq/+/frXS/+v/9f/6/2n6/2n6/w30//p/7//r/9mqub3/n7v/dXFLk/0PAAAAHeTuf33cYv8DAADAMHL3vyFusf8BAABgGLn73xi3NNn/+v+m/b/3//X/+v/D7v9vW+n/D8Ui+v91D2+Huff/N+j/9f8T2vX/d73znh/q//X/7De3/j93/5vilib7HwAAADrI3f/muMX+BwAAgGHk7n9L3GL/AwAAwDBy9781brqqyf7X/+v/9f/6f/3/+o9/yO//H1mtVvr/LVhE/z9h7v3/dt7/P/d3+Rn6f/3/kj9//b/+n/3m1v/n7n9b3NJk/wMAAEAHufvfHrfY/wAAADCM3P3viFvsfwAAABhG7v53xi1N9r/+X/+v/9f/D9//37CI/t/7/1ui/582j/7//PT/+v8lf/76f/0/F25X/X/u/nfFLU32PwAAAHSQu//dcYv9DwAAAMPI3f+euMX+BwAAgGHk7n9v3NJk/+v/9f8X0//n56n/H6v/Pzq7/v/Ynv99Td7/1/9vif5/mv5/A/2//l//f6P+n22a2/v/ufvfF7c02f8AAADQQe7+98et/9et/Q8AAADDyN3/gbjF/gcAAIBh5O7/YNzSZP/r//X/3v/X/w///r/+vxX9/zT9/wb6f/2//t/7/2zV3Pr/3P0filua7H8AAADoIHf/h+MW+x8AAACGkbv/I3GL/Q8AAADDyN1/c9zSZP/r//X/+n/9v/7/9D9D/f8Y9P/TDqf/P67/1/9XP39F/C7Q/+v/N/16xjS3/j93/0fjlib7HwAAADrI3f+xuMX+BwAAgGHk7v943GL/AwAAwCJdtebncvd/Im5psv/1//p//b/+X/+//uPr/5dpJ/1/flPo/73/H/r0/7ff86Olvf9/7v/90v/r/9m+ufX/ufs/Gbc02f8AAADQQe7+T8Ut9j8AAAAMI3f/p+MW+x8AAACGkbv/M3FLk/2v/9f/6//1//r/9R9f/79M3v+fpv/fQP+/0/fzl/756//1/+w3t/4/d/9n45Ym+x8AAAA6yN3/ubjF/gcAAIBh5O7/fNxi/wMAAMAwTu3+jMsa7n/9v/5f/6//1/+v//j6/2XS/0/T/2+g/9f/6//1/2zV3Pr/L5z6VcdWX4xbmux/AAAA6CB3/5fiFvsfAAAAhpG7/8txi/0PAAAAw8jd/5W4pcn+1//r/5fR/584ceI6/b/+f+/Xc6b/v0X/T9H/T9P/b6D/1//r//X/bNXc+v/c/V+NW5rsfwAAAOggd//X4hb7HwAAAIaRu//rcYv9DwAAAMPI3f+NuKXJ/tf/z6D/P6b/9/6//n/l/X/9/5bo/6fp/zcYsf8/duFf/q77+cu1689f/6//Z7+59f+5+78ZtzTZ/wAAANBB7v5vxS32PwAAAAwjd/+34xb7HwAAAIaRu/87cUuT/a//P7z+/+Tfuy7v/x9frf/89f/6f/2//v+g6f+n6f83GLH/vwi77ueX/vnr//X/7De3/j93/3fjlr3D7+qL+yoBAACAOcnd/724pcmf/wMAAEAHufu/H7fY/wAAADCM3P0/iFua7H/9/wze/x+w//f+//rvD/3/rPv/K/X/Y9D/T9P/b6D/1//r/7fU/+d3s/6/u7n1/7n7fxi3NNn/AAAA0EHu/h/FLfY/AAAADCN3/4/jFvsfAAAAhpG7/5a45az9v67tHoX+X/+v/9f/6//Xf3z9/zLp/6ddaP9/dHV5/X/S/+v/9f9d+3/v/3Pa3Pr/3P0/iVv8+T8AAAAsztXn+fnc/T+NW+x/AAAAGEbu/p/FLfY/AAAADCN3/8/jlluv3NWndKj0//p//b/+X/+//uPr/5dJ/z/N+/8b6P+30c9fo/8fo/9frfT/XL659f+5+38Rt/jzfwAAABhG7v5fxi32PwAAAAwjd/+v4hb7HwAAAIaRu//XcUuT/a//1/9fZv9/Ks3U/5+m/z9N/7+e/v9w6P+n6f830P97/1//7/1/tmpu/X/u/t/ELU32PwAAAHSQu/+3cYv9DwAAAMPI3f+7uMX+BwAAgGHk7v993NJk/++s/4+/1fr/xff/3v8/8P7/5Fen/9f/6/8vlP5/mv5/A/2//l//r/9nq+bW/+fu/0Pc0mT/AwAAQAe5+/8Yt9j/AAAAMIzc/X+KW+x/AAAAGEbu/j/HLU32v/f/9f/6/7n3/0O//79a6f/1/1um/5+m/1+v/kHp//X/+n/9P1s1t/4/d/9f4pYm+x8AAAA6yN3/17jF/gcAAIBh5O6/NW6x/wEAAGAYufv/Frc02f/6f/2//l//7/3/9R9f/79M+v9pu+z/7/b/mz+s9/933v/np6D/1//r/9mKufX/ufv/Hrc02f8AAADQQe7+f8Qt9j8AAAAMI3f/P+MW+x8AAACGkbv/X3FLk/2/of8/Wn+h/n+S/n/v56//X//9of/X/+v/D57+f9p0/3/W7+Zm7/8X/b/3//X/+n+2am79f+7+f8ctTfY/AAAAdJC7/7a4xf4HAACAYeTu/0/cYv8DAADAMHL3/zduabL/vf+/pP7/Gv2//l//r//X/2+g/5+2y/f/L4T+X/+/5M9f/6//Z7+59f+5+/8XAAD//1wjSv8=") syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000400)='./file2\x00', 0xc3804, &(0x7f00000001c0)=ANY=[@ANYBLOB='errors=continue,iocharset=iso8859e=00000000000000000000005,iocharset=koi8-r,uid=\x00'/93, @ANYRESHEX=0x0, @ANYBLOB=',errors=remount-ro,iocharset=maciceland,errors=remount-ro,discard,discard,\x00'], 0x5, 0x1518, &(0x7f0000002280)="$eJzs3AuYjVX7MPD7Xms9Y0jaTXIY1lr3wyaHZZIkhyQ5JEmSJDklJE3ySl4khpCkIQnJYUgOQ0gOE5PG+Xw+JknSJElITsn6rgmft7f63n/f2//1v/5z/67rufa693rWetba97Nnr+fZM/Nt16G1mtSu3oiI4N+CFx+SACAWAAYCwHUAEABA+bjycVn1OSUm/XsHYX+th1Ov9gjY1cT5z944/9kb5z974/xnb5z/7I3zn71x/rM3zj9j2dnm6QWv5y37bnz/Pzvjz///RTLLjP1ybZkbu/2JJpz/7I3z/79W8F/ZifOfvXH+szfOf/bG+c8OcvxhDec/u7p4TnD+GcvOrvb9Z96u7na1zz/GGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY9nDGX+FAoDL5as9LsYYY4wxxhhjjP11fI6rPQLGGGOMMcYYY4z990MQIEFBADGQA2IhJ+QCAQDXQh64DiJwPcTBDZAXboR8kB8KQEGIh0JQGDQYsEAQQhEoClEoBsXhJigBJaEUlAYHZSABboaycAuUg1uhPNwGFeB2qAiVoDJUgTugKtwJ1eAuqA53Qw2oCbWgNtwDdeBeqAv3QT24H+rDA9AAHoSG8BA0goehMTwCTeBRaAqPQTNoDi2gJbT6/2r/AvSEF6EX9IYk6AN94SXoB/3/7ysyCF6FwfAaJMMQGAqvwzB4A4bDmzACRsIoeAtGw9swBsbCOBgPKTABJsI7MAnehckwBabCNEiF6TAD3oOZMAtmw/swBz6AuTAP5sMCSIMPYSEsgnT4CBbDx5ABS2ApLIPlsAJWwipYDWtgLayD9bABNsIm2AxbYCtsg+2wA3bCLtgNn8Ae+BT2wmewDz7/k+1P/1P7bggIKFCgQoUxGIOxGIu5MBfmxtyYB/NgBCMYh3GYF/NiPsyHBbAAxmM8FsbCaNAgIWERLIJRjGJxLI4lsASWwlLo0GECJmBZvAXLYTksj+WxAlbAilgJK2EVrIJVsSpWw2pYHatjDayBtbAW3oP3YB+si3WxHtbD+lj/8u0pbISNsDE2xibYBJtiU2yGzbAFtsBW2ApbY2tsg22wHbbD9tgeO2AHTMRE7IgdsRN2ws7YGbtgF+yKXbEbdsfu+EIOwBfxReyNNUQf7It9sR8m5xiAL+PL+AoOwlfxVXwNk3EIDsXX8XV8A4fjKRyBI3EUjsKqvjcAjkUS4zEFU3AiTsRJOAkn4xScgtMwFafjDJyBM3EWzsL3cQ5+gB/gPJyHCzAN03AhLsJ0TMfFeBozcAkuxWW4HFfgclyFq3EVrsV1uBY34AbchJtwC27BbbgNd+AO3IUKAD/BT/FTTMZ9uA/34348gAfwIB7ETMzEQ3gID+NhPIJH8CgexWN4HE/gcTyJJ/EUnsYzeAbP4Tk8j8/Hf914V8k1ySCyKKFEjIgRsSJW5BK5RG6RW+QReURERESciBN5RV6RT+QTBUQBES/iRWFRWBhhBIkwBgBEVERFcVFclBAlRClRSjjhRIJIEGVFWVFOlBPlxW2igrhdVBSVRFtXRVQRVUU7V03cJaqL6qKGqClqidqitqgj6oi6oq6oJ+qJ+qK+aCAeFA1FHxyAD4uszDQRQ7CpGIrNRHMhL71fW4vh2Ea0Fe3Ek2IkjsAOorVLFM+IjmIMdhJ/E2PxOdFFjMeu4u+im+gueogXRE/RxvUSvcVk7CP6imnYT/QXA8TLYibWFO/jnJy1xGsiWQwRQ8XrYgG+IYaLN8UIMVKMEm+J0eJtMUaMFePEeJEiJoiJ4h0xSbwrJospYqqYJlLFdDFDvCdmillitnhfzBEfiLlinpgvFog08aFYKBaJdPGRWCw+FhliiVgqlonlYoVYKVaJ1WKNWCvWifVig9goNonNYovYKraJ7WKH2Cl2id3iE7FHfCr2is/EPvG52C++EAfEl+Kg+Epkiq/FIfGNOCy+FUfEd+Ko+F4cE8fFCfGDOCl+FKfEaXFGnBXnxE/ivPhZXBBegEQppJRKBjJG5pCxMqfMJa+RuWVw6dW9XsbJG2ReeaPMJ/PLArKgjJeFZGGppZFWkgxlEVlURmUxWVzeJEvIkrKULC2dLCMT5M2yrLxFlpO3yvLyNllB3i4rykqysqwi75BV5Z0SIhePUUPWlLVkbXmPrCPvlXXlfbKevF/Wlw/IBvJB2VA+JBvJh2Vj+YhsIh+VTeVjsplsLlvIlrKVfFy2lk/INrKtbCeflO3lU7KDfFomymdkR+kvnSLPyS7yedlV/l12k91lD/mzvCC97CV7S4A+sq98SfaT/eUA+bIcKF+Rg+SrcrB8TSbLIXKofF0Ok2/I4fJNOUKOlKPkW3K0fFuOkWPlODlepsgJcqJ8R06S78rJcoqcKqfJVDldDrjU02wp/2X7d36n/eBfjr5JbpZb5Fa5TW6XO+ROuUvulrvlHrlH7pV75T65T+6X++UBeUAelAdlpsyUh+QheVgelkfkEXlUHpXH5HF5Vv4gT8of5Sl5Wp6WZ+U5eU6ev/QagEIllFRKBSpG5VCxKqfKpa5RudW1Ko+6TkXU9SpO3aDyqhtVPpVfFVAFVbwqpAorrYyyilSoiqiiKqqK4aUTRpVSpZVTZVSCuvnPtFfF1U2qhCr5q/aXx6f/YHytVCvVWrVWbVQb1U61U+1Ve9VBdVCJKlF1VB1VJ9VJdVadVRfVRXVVXVU31U31UD1UT9VT9VK9VJJKUn3VS6qf6q8GqJfVQPWKGqQGqcFqsEpWyWqoGqqGqWFquBquRqgRapQapUar0WqMGqPGqXEqRaWoiWqimqQmqclqspqqpqpUlapmqBlqppqpZqvZao6ao+aquWq+mq/SVJpaqBaqdJWuFqvFKkMtUUvUMrVMrVAr1Cq1Sq1Ra9Q6tU5tUBtUhtqsNqutaqvarrarnWqn2q12qz1qj9qr9qp9ap/ar/arA+qAOqgOqkyVqQ6pQ+qwOqyOqCPqqDqqjqlj6oQ6oU6qk+qUOqXOqDPqnDqnzqvz6oK6kLXsC0QgAhWoICaICWKD2CBXkCvIHeQO8gR5gkgQCeKCuCBvcGOQL8gfFAgKBvFBoaBwoAMT2EBcSno0KBYUD24KSgQlg1JB6cAFZYKE4OagbHBLUC64NSgf3BZUCG4PKgaVgspBleCOoGpwZ1AtuCuoHtwd1AhqBrWC2sE9QZ3g3qBucF9QL7g/qB88EDQIHgwaBg8FjYKHg8bBI0GT4NGgafBY0CxoHrQIWgat/tL+vT+V/wnXS/fWSbqP7qtf0v10fz1Av6wH6lf0IP2qHqxf08l6iB6qX9fD9Bt6uH5Tj9Aj9Sj9lh6t39Zj9Fg9To/XKXqCnqjf0ZP0u3qynqKn6mk6VU/XM/R7eqaepWfr9/Uc/YGeq+fp+XqBTtMf6oV6kU7XH+nF+mOdoZfopXqZXq5X6JV6lV6t1+i1ep1erzfojXqT3qy36K16m96ud+idepferT/Re/Sneq/+TO/Tn+v9+gt9QH+pD+qvdKb+Wh/S3+jD+lt9RH+nj+rv9TF9XJ/QP+iT+kd9Sp/WZ/RZfU7/pM/rn/UF7bMW91kf70YZZWJMjIk1sSaXyWVym9wmj8ljIiZi4kycyWvymnwmnylgCph4E28Km8ImCxkyRUwREzVRU9wUNyVMCVPKlDLOOJNgEkxZU9aUM+VMeVPeVDAVTEVT0VQ2lc0d5g5zp7nT3GXuMnebu01NU9PUNrVNHVPH1DV1TT1Tz9Q39U0D08A0NA1NI9PINDaNTRPTxDQ1TU0z08y0MC1MK9PKtDatTRvTxrQz7Ux70950MB1Mokk0HU1H08l0Mp1NZ9PFdDFdTVfTzXQzPUwP09P0NL1ML5Nkkkxf09f0M/3MADPADDQDzSAzyAw2g02ySTZDzVAzzAwzw81wM8KMNKOyFqrmbTPGjDXjzHiTYlLMRDPRTDKTzGQz2Uw13qSaVDPDzDAzzUwz28w2c8wcM9fMNfPNfJNm0sxCs9Ckm3Sz2Cw2GSbDLDVLzXKz3Kw0K81qs9qsNWvNelhvNpqNZrPZbLaarWa72W52mp1mt9lt9pg9Zq/Za/aZfWa/2W8OmAPmoDloMk2mOWQOmcPmsDlijpij5qg5Zo6ZE+aEOWlOmlPmlDljzphzJv+lz0tvYm1Om8teY3Pba20ee53957iALWjjbSFb2Gqbz+b/VWystSVsSVvKlrbOlrEJ9ubfxBVtJVvZVrF32Kr2TlvtN3Ede6+ta++z9ez9tra951dxffuAbWAftQ0RAWxz29i2tE3so7apfcw2s81tC9vStrdP2Q72aZton7Ed7bO/iRfaRXa1XWPX2nV2j/3UnrFn7WH7rT1nf7K9bG870L5iB9lX7WD7mk22Q34Tj7Jv2dH2bTvGjrXj7PjfxFPtNJtqp9sZ9j070876TZxmP7RzbLqda+fZ+XbBL3HWmNLtR3ax/dhm2CV2qV1ml9sVdqVddXmsl7+tt7vtJ3ar3Wa32x12p931S5w1j732M7vPfm4P2W/sAfulPWiP2Ez79S9x1vyO2O/sUfu9PWaP2xP2B3vS/mhP2dO/zD9r7j/Yn+0F6y0QEpAkRQHFUA6KpZyUi66h3HQt5aHrKELXUxzdQHnpRspH+akAFaR4KkSFSZMhS0QhFaGiFKVidHmdXopKk6MylEA3U1m6hcrRrVSebqMKdDtVpEpUmarQHVSV7qRqdBdVp7upBtWkWlSb7qE6dC/VpfuoHt1P9ekBakAPUkN6iBrRw9SYHqEm9Cg1pceoGTWnFtSSWtHj1JqeoDbUltrRk9SenqIO9DQl0jPUkZ6lTvQ36kzPURd6nrrS36kbdace9AL1pBepF/WmJOpDfekl6kf9aQC9TAPpFRpEr9Jgeo2SaQgNpddpGL1Bw+lNGkEjaRS9RaPpbRpDY2kcjacUmkAT6R2aRO/SZJpCU2kapdJ0mkHv0UyaRbPpfZpDH9BcmkfzaQGl0Ye0kBZROn1Ei+ljyqAltJSW0XJaQStpFa2mNbSW1tF62kAbaRNtpi20lbbRdtpBO2kX7aZPaA99SnvpM9pHn9N++oIO0Jd0kL6iTPqaDtE3dJi+pSP0ne9N39MxOk4n6Ac6ST/SKTpNZ+gsnaOf6Dz9TBfIE4QYilCGKgzCmDBHGBvmDHOF14S5w2vDPOF1YSS8PowLbwjzhjeG+cL8YYGwYBgfFgoLhzo0oQ0pDMMiYdEwGhYLi4c3hSXCkmGpsHTowjJhQnhzWDa8JSwX3hqWD28LK4S3hxXDSuGj91cJ7wirhneG1cK7wurh3WGNsGZYK6wd3hPWCe8N64b3hfXC+8Ny4QNhg/DBsGH4UNgofDhsHD4SNgkfDZuGj4XNwuZhi7Bl2Cp8PGwdPhG2CduG7cInw/bhU2GH8OkwMXwm7Bg++0v9A4v+uD4p7BP2DV8KXwq9v0/Ojy6IpkU/jC6MLoqmRz+KLo5+HM2ILokujS6LLo+uiK6Mroqujq6Jro2ui66PbohujG6Kel87Bzh0wkmnXOBiXA4X63K6XO4al9td6/K461zEXe/i3A0ur7vR5XP5XQFX0MW7Qq6w084468iFrogr6qKumCvubnIlXElXypV2zpVxCa6la+VaudbuCdfGtXXt3JPuSfeUe8o97Z52z7iO7lnXyf3NdXbPuS7ueRUD4Lq57q6He8H1dBPyXHxPJrm+rq/r5/q5AW6AG+gGukFukBvsBrtkl+yGuqFumBvmhrvhboTLCQCj3Gg32o1xY9w4N86luBQ30U10k9wkN9lNdlPdVJfqUt0MN8PNdDNd1VkXjzLXzXXz3XyX5tLcQpe1Zkx3i91il+Ey3FK31C13y91Kt9KtdqvdWrfWrXfr3Ua30W12m91Wt9Vtd9vdTrfT7Xa73R5/3cVO3T633+13B9wBd9B95TLd1+6Q+8Yddt+6I+47d9R974654+6E+8GddD+6U+60O+POunPuJ3fe/ewuOO9SIhMiEyPvRCZF3o1MjkyJTI1Mi6RGpkdmRN6LzIzMisyOvB+ZE/kgMjcyLzI/siCSFvkwsjCyKJIe+SiyOPJxJCOyJLI0siyyPLIi4n2hraEv4ov6qC/mi/ubfAlf0pfypb3zZXyCv9mX9bf4cv5WX97f5iv4231FX8lX9o/5Zr65b+Fb+lb+cd/aP+Hb+La+nX/St/dP+Q7+aZ/on/Ed/bO+k/+b7+yf8138876r/7vv5rv7Hv4F39O/6Hv53j7J9/F9/Uu+n+/vB/iX/UD/ih/kX/WD/Ws+2Q/xQ/3rfph/ww/3b/oRfqQfFfOWH335EhnG+xQ/wU/07/hJ/l0/2U/xU/00n+qn+xn+PT/Tz/Kz/ft+jv8Akvw8P98v8Gn+Q7/QL/Lp/iO/2H/sM/ySy7dQ/Uq/yq/2a/xav86v9xv8Rr/Jb/Zb/Fa/zW/3O/xOv8vv9p/4Pf5Tv9d/5vf5z/1+/4U/4L/0B/1XPtN/7Q/5b/xh/60/4r/zR/33/pg/7k/4H/xJ/6M/5U/7M/6sP+d/8uf9z/4C/80aY4wxxth/yYQrRfF79X1+5znxDzv3BYBrtxXM/Mf6rBXl+nwXy/1FfPsIADzTu+vDl7caNZKSki7tmyEhKDoP4PI3QVli4Eq8BNrBU5AIbaHs746/v+h+jv5F/9HbAHL9Q5tYuBJf6f+LP+j/8SdHLawQnon7f/Q/D6BE0Sttsq6TLsdLoJ3KemwL5f6g//yt/8X4c36ZAtDmH9rkhivxlfEnwBPwLCT+ak/GGGOMMcYYY+yi/qJy58vXn5d/4/P3rs/j1ZU2OeBK/K+uzxljjDHGGGOMMXb1Pde9x9OPX1OsbedfComJf6JQ7c/szIXfK3j4HzGMiwXvAS4/owDg3+wQ4JfCuP/gLLb8R46VfOmt889Vy8/6AP5npPKvKFzlH0yMMcYYY4yxv9yVRf+vn1dXa0CMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxlg29J/4d2JXe46MMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcbY1fZ/AgAA//81OQSC") syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x61, &(0x7f00000001c0)=ANY=[], 0xfd, 0x0, &(0x7f0000000000)) 12.063215093s ago: executing program 3 (id=2424): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x180000e, &(0x7f00000001c0)={[{@usrjquota}, {@mblk_io_submit}, {@acl}, {@auto_da_alloc}, {@block_validity}, {@quota}]}, 0x3, 0x434, &(0x7f00000002c0)="$eJzs289rHFUcAPDv7CataVMTS/3RtGq0isEfSZPW2oMXRcGDgqCHeoxJWmK3jTQRbAkaRepRCt7Fo+Bf4Ekvop4Er3qXQpFcWj2tzO5MsrvZTbPpJlvdzwcmeW/mLe99d+btvjdvJ4CeNZr+SSIGI+L3iBiqZusLjFb/3Vpdnvl7dXkmiXL5rb+SSrmbq8szedH8dfvzTF9E4bMkjjSpd/HylfPTpdLcpSw/sXTh/YnFy1eem78wfW7u3NzFqdOnT56YfOHU1PMdiTON6+bIRwtHD7/2zrU3Zs5ce/fnb5M8/oY4OmR0s4NPlssdrq67DtSkk74uNoS2FKvdNPor/X8oirF+8obi1U+72jhgR5XL5fIDrQ+vlIH/sSS63QKgO/Iv+nT+m2+7NPS4K9x4qToBSuO+lW3VI31RyMr0N8xvO2k0Is6s/PNVusXO3IcAAKjzfTr+ebbZ+K8QtfeF7s3WUIYj4r6IOBgRpyLiUETcH1Ep+2BEPNRm/Y2LJBvHP4Xr2wpsi9Lx34vZ2lb9+C8f/cVwMcsdqMTfn5ydL80dz96Tsejfm+YnN6njh1d++6LVsdrxX7ql9edjwawd1/v21r9mdnpp+k5irnXjk4iRvmbxJ2srAUlEHI6IkW3WMf/0N0dbHbt9/JvowDpT+euIp6rnfyUa4s8lm69PTtwTpbnjE/lVsdEvv159s1X9dxR/B6Tnf1/T638t/uGkdr12sf06rv7xecs5zXav/z3J23X7PpxeWro0GbEneb3a6Nr9Uw3lptbLp/GPHWve/w/G+jtxJCLSi/jhiHgkIh7N2v5YRDweEcc2if+nl594r27H2GAb8e+sNP7Zts7/emJPNO5pniie//G7ukqHo4340/N/spIay/Zs5fNvK+3a3tUMAAAA/z2FiBiMpDC+li4Uxserv+E/FPsKpYXFpWfOLnxwcbb6jMBw9BfyO11DNfdDJ7NpfZ6fasifyO4bf1kcqOTHZxZKs90OHnrc/hb9P/VnsdutA3ac57Wgd+n/0Lv0f+hd+j/0rib9f6Ab7QB2X7Pv/4+70A5g9zX0f8t+0EPM/6F36f/Qu/R/6EmLA3H7h+QlJDYkonBXNENihxLd/mQCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADojH8DAAD//ygv5wk=") r1 = socket$kcm(0xa, 0x3, 0x3a) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0) preadv(r2, &(0x7f00000000c0)=[{&(0x7f0000000240)=""/140, 0x8c}], 0x1, 0x0, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0xf, &(0x7f0000000780)={&(0x7f00000000c0)=@ipv4_newroute={0x38, 0x18, 0x35f32a6dfa748ddd, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, [@RTA_ENCAP_TYPE={0x6, 0x15, 0x4}, @RTA_ENCAP={0x14, 0x16, 0x0, 0x1, @LWTUNNEL_IP_OPTS={0x4, 0x8, 0x0, 0x1, @LWTUNNEL_IP_OPTS_GENEVE={0xc, 0x1, 0x0, 0x1, @LWTUNNEL_IP_OPT_GENEVE_DATA={0x0, 0x3, "45f03ddbd8aa8987fe6255b1f0ce25722d4fbc3e175fdc7e099d8e96fb9e1684b3ce5ba5138c0597ab9dbe76c14ef51028ce0cbae0c1f2a920ddddc3faa3406091ba1969da904569a5ef5112d5b196a9c9326e7d3812d3d5ea0aa140"}}}}]}, 0x38}}, 0x0) syz_open_procfs(0x0, &(0x7f0000000080)='net/rt_acct\x00') sendmsg$kcm(r1, &(0x7f00000031c0)={&(0x7f00000006c0)=@l2tp6={0xa, 0x0, 0x0, @mcast1}, 0x80, &(0x7f0000000540)=[{&(0x7f0000000480)="9eb8a2c0e241fb0402ac8d04ecbc724648d79b443d283855fdba1e1dc6283591a8a07eb1436788b6b641ed5ea90be62fc7499c9b017d2e73973395411b7efb244a226ba0ae7657c57101711c5aa138abd03dec1e0899824e678aced03a92fec128f69d27d84ee2ff2e4ad7a3db73f4f12d0728bada715bf5abce312346bb7d7345e8df1fc10fa733c98030cb193341700961aa2ccb9f0f029190a1", 0x9b}, {0x0}], 0x2, &(0x7f0000000800)=ANY=[@ANYBLOB="1800cb54f152ada499552b4f9463e0440eb2e7df1d000004000000bf0000000000000092a8d072f0d45fc7d30afad0c55504f49b26d663fd3e4e2bb14965e2a03c9c522c79fc617e33b70ab8ec1eab9cec94a1b7b6fb2f5ef3f28a649a7f5bacb67527f925cd85f0e31cbe83934b05ebb5f4"], 0x18}, 0x8080) sendmsg$kcm(r1, &(0x7f0000000440)={&(0x7f0000000100)=@l2tp6={0xa, 0x0, 0x0, @remote}, 0x80, 0x0, 0x0, 0x0, 0x0, 0x900}, 0x0) mount(0x0, &(0x7f0000000740)='./file0\x00', &(0x7f0000000780)='affs\x00', 0x2010000, &(0x7f00000007c0)='\x00') r4 = syz_open_dev$vim2m(&(0x7f0000000200), 0x7, 0x2) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(r5, &(0x7f0000001ec0)={0x0, 0x0, &(0x7f0000001e80)={&(0x7f0000000000)={0x38, 0x0, 0x0, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}, @NLBL_CIPSOV4_A_MTYPE={0x8}, @NLBL_CIPSOV4_A_TAGLST={0x14, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x2}, {0x5, 0x3, 0x2}]}]}, 0x38}}, 0x0) ioctl$vim2m_VIDIOC_ENUM_FMT(r4, 0xc0405602, &(0x7f0000000000)={0x50, 0x1, 0x0, "ff16406e0000003e783b9db3ada49694c00000000000000000000000000086a6"}) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0) write$binfmt_script(r6, 0x0, 0x0) r7 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r7, &(0x7f0000000140)={0xffffffffffffffff, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=@newsa={0x140, 0x10, 0x1, 0x0, 0x0, {{@in6=@private1, @in6=@dev}, {@in=@local, 0x0, 0x6c}, @in=@loopback, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}, @tfcpad={0x8}]}, 0x140}}, 0x0) r8 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r8, 0x11b, 0x4, 0x0, 0x0) 7.959993364s ago: executing program 3 (id=2446): r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB='\x00'], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000080000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000100000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='blkio.bfq.sectors_recursive\x00', 0x275a, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000380)='ext4_ext_remove_space_done\x00', r1}, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x12, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='blkio.bfq.sectors_recursive\x00', 0x275a, 0x0) 6.198301153s ago: executing program 4 (id=2461): socket$nl_route(0x10, 0x3, 0x0) r0 = socket$inet6_sctp(0xa, 0x801, 0x84) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000000)={0x0, 0x3}, 0x8) sendto$inet6(r0, &(0x7f0000000300)="aa", 0x1, 0x0, &(0x7f0000000100)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010100}}, 0x1c) sendto$inet6(r0, &(0x7f0000000140)="11", 0x1, 0x0, &(0x7f0000000040)={0xa, 0x0, 0x0, @private2}, 0x1c) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f00000002c0), 0x8) syz_emit_vhci(&(0x7f0000000240)=ANY=[@ANYBLOB="040e0a010e04"], 0xd) pipe(0x0) syz_emit_ethernet(0x0, 0x0, 0x0) r1 = socket$packet(0x11, 0xa, 0x300) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000100)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10) r2 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r2, 0x89f0, &(0x7f00000002c0)={'ip6_vti0\x00', &(0x7f0000000240)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @empty, @empty}}) syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_user_confirm_req={{0x33, 0xa}, {@none, 0x3}}}, 0xd) syz_emit_ethernet(0xb3, 0x0, 0x0) ioctl$sock_inet6_SIOCDELRT(r2, 0x890c, &(0x7f0000000180)={@remote, @loopback, @remote, 0x4, 0xff, 0xcd, 0x400, 0x20, 0x1800000, r3}) r4 = socket$inet6_sctp(0xa, 0x801, 0x84) connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, 0x1c) shutdown(r4, 0x1) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r4, 0x84, 0x6, &(0x7f0000000440)={0x0, @in={{0x2, 0x0, @empty}}}, &(0x7f0000000040)=0x84) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_emit_vhci(&(0x7f0000000340)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x46}, @l2cap_cid_signaling={{0x42}, [@l2cap_conf_req={{0x4, 0x20, 0x13}, {0x4, 0x8, [@l2cap_conf_flushto={0x2, 0x2, 0x4faf}, @l2cap_conf_fcs={0x5, 0x1, 0x1}, @l2cap_conf_mtu={0x1, 0x2, 0x807d}, @l2cap_conf_ews={0x7, 0x2, 0x9}]}}, @l2cap_disconn_req={{0x6, 0x0, 0x4}, {0x6, 0x6a21}}, @l2cap_move_chan_req={{0xe, 0x9, 0x3}, {0xaf, 0x3}}, @l2cap_conf_rsp={{0x5, 0x0, 0x18}, {0x9, 0xb9, 0x3ff, [@l2cap_conf_efs={0x6, 0x10, {0x3f, 0x0, 0x100, 0x3, 0x7f, 0x80}}]}}]}}, 0x4b) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r5, 0x0, 0x0) mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) r6 = open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) unshare(0x2a020400) fcntl$setpipe(r6, 0x2, 0x0) syz_emit_ethernet(0x3e, &(0x7f0000000140)={@local, @remote, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "81d90d", 0x8, 0x0, 0x0, @mcast1, @ipv4={'\x00', '\xff\xff', @remote}, {[@dstopts={0x2}]}}}}}, 0x0) 5.818959194s ago: executing program 2 (id=2467): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x2000040, &(0x7f00000007c0)={[{@errors_remount}, {@nodiscard}, {@noquota}, {@init_itable}, {@stripe={'stripe', 0x3d, 0x79}}, {@resgid}, {@sysvgroups}, {@delalloc}, {@usrquota}]}, 0x10, 0x4d2, &(0x7f00000002c0)="$eJzs3c9rHG8ZAPBnJtlvf+VrUvVQC7bFVtKi3U0a2wYPtYLYU8Fa7zUmmxCyyYbspm1CkRTvCiIqePLkRfAPEKR/gggFvUsVRbTVgwd1ZWdnaxt3m0i3OzX5fGA67zvv7j7P27Az88687ARwaJ2LiJsRMRIRlyJiPN+e5sutdvudzutePH80316SaLXu/jmJJN/W/awkX5+IiJ2IOBoRX70V8Y3kv+M2trZX5mq16kZerzRX1yuNre3Ly6tzS9Wl6trMzPS12euzV2enBtLPiYi48aXff/87P/nyjV989sFv7/3x4jfbaY3l7a/2Y5A6XS9l/xddoxGx8S6CFWAkX5f6tH97ZIjJAACwp/Y5/kcj4lPZ+f94jGRnpwAAAMBB0vrCWPwjiWgBAAAAB1aazYFN0nI+F2As0rRc7szh/XgcT2v1RvMzi/XNtYXOXNmJKKWLy7XqVD5XeCJKSbs+nc+x7dav7KrPRMTJiPje+LGsXp6v1xaKvvgBAAAAh8SJXeP/v41n4/8jRecFAAAADNhE0QkAAAAA75zxPwAAABx8xv8AAABwoH3l9u320uo+/3rh/tbmSv3+5YVqY6W8ujlfnq9vrJeX6vWl7Df7Vvf6vFq9vv65WNt8WGlWG81KY2v73mp9c615b/m1R2ADAAAAQ3Ty7JPfJBGx8/lj2dL2QdFJAUOR7NGePSTkWV753RASAoZmpOgEgMKMFp0AUJhS0QkAhdvrOkDfyTu/HHwuAADAuzH5if73/10bgIMtLToBAGDo3P+Hw6v0+gzAq8VlAhTlI3u0v/39/1brf0oIAAAYuLFsSdJyfi9wLNK0XI74MHssQClZXK5Vp/Lxwa/HS0fa9ensncmec4YBAAAAAAAAAAAAAAAAAAAAAAAAgI5WK4kWAAAAcKBFpH9Isl/zj5gcvzC2+/rAB8nfx7N1RDz40d0fPJxrNjem29v/8nJ784f59itFXMEAAAAAduuO07vjeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYpBfPH813l2HG/dMXI2KiZ/yzR7PV0ShFxPG/JjH6yvuSiBgZQPydxxFxqlf8pJ1WTEQni17xjxUYP42IEwOID4fZk/b+52av718a57J17+/faL68rf77vzS6+7+RPvufD/cZ4/TTn1X6xn8ccXq09/6nGz/pE//8PuN//Wvb2/3aWj+OmOx5/Elei1Vprq5XGlvbl5dX55aqS9W1mZnpa7PXZ6/OTlUWl2vV/N+eMb77yZ//6039P94n/sQe/b+wz/7/8+nD5x/rFEu94l883/v4e6pP/DQ/9n06L7fbJ7vlnU75VWd++qszb+r/Qp/+v/z79zjQtmNe3Gf/L9351rN9vhQAGILG1vbKXK1W3fh/LKTxXqShMJDCkfcjDYVOoeg9EwAAMGj/OekvOhMAAAAAAAAAAAAAAAAAAAA4vIbxc2K7Y+4U01UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDf6dwAAAP//sf7Zeg==") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x3}, 0x25) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) r3 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TCSETSW(r3, 0x5403, &(0x7f0000000040)={0x0, 0x8000001, 0x0, 0x8, 0x0, "dadd1023b1df022dace17a32d21100000000de"}) ioctl$TIOCL_GETMOUSEREPORTING(r3, 0x5412, &(0x7f00000006c0)=0xd) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed0744", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bf"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) bind$unix(r5, &(0x7f0000000200)=@abs={0x1}, 0x6e) getpid() sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r6, &(0x7f0000000080)={0xa, 0x14e22, 0x0, @ipv4}, 0x1c) listen(r6, 0x0) r7 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r7, &(0x7f0000000080)=[{&(0x7f0000000200)="a10100001400add427323b470c45b45602067fffffff81004e22000d00ff0028925aa80020007b00090080000efffeffe809000000ff0000f03ac7100003a9dd27753f7f0000ffffffe7ee00000000000000000200000000", 0x1a1}], 0x1) fsopen(&(0x7f0000000000)='tmpfs\x00', 0x0) creat(&(0x7f0000000040)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, &(0x7f0000005b00)) open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0) 5.799382054s ago: executing program 4 (id=2468): syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000300)='./file0\x00', 0x800, &(0x7f0000000040)=ANY=[], 0x1, 0x694, &(0x7f0000000640)="$eJzs3c9vHGf9B/D3bBwnm/abuGnS5osq1WokQFgk/iEXzIWAEDJShapy4GwlTmNlkxbbRW6FqMPPaw/9A3rxBXFC4sQlUuHABW69IR8rIXHpBXNaNLOz6836R9ZNYjvl9YrGzzPzzPPM5/nMzP5UtAH+Z81PZOR+isxPvLZWrm9uzLQ2N2budOtJTiVZT0aSNJIU/2632x8n15KiN0wxUO7w4dLcG598tvlpZ22kXqr9G/v1G1Dvtz6web27bTzJibp8BA+Md/2Rxyt6kV9Lcrku4cidTNJun0y75yd/fbbXUjae65TN3XqfPrxAgSem6Dxvpn4+7hlLztQ3evk6oPvM2zj8CIdzasj9Bl9BAAAAwNNmmPfA57aylbXi7CGEAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF8I69u//1/US6NbH0/R/f3/0Xpb6vrx8vLBdr//pOIAAAAAAAAAgEP08la2spaz3fV2UX3n/0q1cqH6+0zeyUoWs5wrWctCVrOa5UwlGesbaHRtYXV1eWqIntO79px+SKCn6rL5eOYNAAAAAAAAAF8wv8j89vf/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwHBTJiU6R4l7f5rE0RpKcTjJablhP/t6tP83uH3UAAAAAcAjObWUraznbXW8XuZDkheozgNN5J3ezmqWsppXF3Kg+F+i8629sbsy0Njdm7pTLznG/868DhVGNmM5nD7sf+VK1RzM3s1RtuZLreSut3Eij6lm6VMfTHXUgrntlTMW3a0NGdqMuy5l/UJc7vH+gye7lgB+mjFUZOdnLyGQdW5mN57pnZvczdMCzM3ikqTR6wV4YONLAJD5Xzs/UZTmf3+yV8yMxmInpvqvvhf1znnzlj7//8WRdPz5TGs6JumxXf5s7MzHTl4kXh8nErdbd27durkw8bZnYYbLKxMXe+ny+nx9lIuN5PctZyk+zkNUsZjzfq2oL9ckv+m75PTJ17YG11x9Ym9+ZuNH6Cu2crIPF9ErV92yW8sO8lRtZzKvVv+lM5RuZzWzm+s7wxf3PcHXXN/a469v/t2saL3+1rjST/LYud7Vnw5NS5vW5vrz2P+aOVW39W7azdH6ILA0+Nv5p/1BGvlRXymP8si6Ph8FMTPVl4vn9MtG9kFdad28v31p4e7jDnf+gr/uvj9VDanm9nC9PVronaPvqKNue77YN5Ktsu9Bra+xou9hr69yp63veqaP1a7idI01XbS/u2jZTtV3qa9vt9VbnWyAAjrEzXzsz2vxn82/Nj5q/at5qvnb6u6e+eeql0Zz888lvjUye+HLjpeIP+Sg/337/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfH4r7753e6HVWlweqLTb7ff3aDrsyshDQt1Ryfg/nik7dLe002vq/pzZIc7i/59Nhu9V/wJPjkXmH2PlP+12u95S7LHP7/5ykET1V0aHvzYeUjndqbRrxyJ1R1Q5ogck4NBcXb3z9tWVd9/7+tKdhTcX31y8Ozc7Ozc5N/vqzNWbS63Fyc7fo44SeBK2n/SPOhIAAAAAAAAAAABgWMP9f4BH++8oRz1HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Ok2P5GR+ykyNXllslzf3JhplUu3vr3nSJJGkuJnSfFxci2dJWN9wxV7HefDpbk3Pvls89PtscolP7j+kH7DWa+XjCc50SnvPa7xrtflvor9plD0Zlgm7HI3cXDU/hsAAP//kxkBhg==") open(&(0x7f0000002000)='./bus\x00', 0x103042, 0x0) ioctl$TIOCNXCL(0xffffffffffffffff, 0x540d) r0 = open(&(0x7f0000000000)='./bus\x00', 0x14113e, 0x0) unlink(&(0x7f0000000080)='./bus\x00') write$char_usb(r0, &(0x7f00000002c0)="9f", 0x1) 5.323756375s ago: executing program 4 (id=2472): syz_emit_ethernet(0xae, &(0x7f00000000c0)={@local, @broadcast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "000210", 0x78, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{0x18, 0x1, "00d414ce8ad4"}, {0x18, 0xa, "a78ce54006598080a8030037004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af1802"}, {0x0, 0x1, "005ff92900ddab4992020900"}]}}}}}}, 0x0) 4.551410771s ago: executing program 4 (id=2473): r0 = socket$packet(0x11, 0xa, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000100)=[{0x80000006}]}, 0x10) syz_emit_ethernet(0x3a, &(0x7f0000002080)={@broadcast, @multicast, @val, {@ipv4={0x800, @dccp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x21, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @loopback}, {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "13209f", 0x0, "0dc1e8"}}}}}}, 0x0) 4.415475901s ago: executing program 0 (id=2474): syz_mount_image$udf(&(0x7f0000000000), &(0x7f0000000080)='./file1\x00', 0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB='uid=forget,noadinicb,iocharset=koi8-u,gid=ignore,dmode=00000000000000000000004,rootdir=00000000000005,iocharset=iso8859-2,nostrict,mode=00000000000000000004622,\x00\x00\x00\x00\x00\x00\x00'], 0x1, 0xc39, &(0x7f0000000240)="$eJzs3U9sHNd9B/DfGy5F0m4rJk5Uu42LTVukMmO5sqSYilW4q5pmG0CWiVDMLQBX5EpdmFoSJNXIbtowvfTQQ4Ci6CEnAq1RIEUDoymKHtnWBZKLD4VPPREtbARFD2wRIKeAxcy+FVf/LNkkJcr6fGzqOzv73sx7M+MZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxO+8cvb48+lBtwIAuJ/OT3/1+AnPfwB4pFzw//8AAAAAAAAAAAAAAHDQpSjiiUixdH4rzVafu4bPtTtXr81MTN6+2kiqag5U5cuf4edPnDz1pRfGT/fyw+vvtafitekLZ+svL15ZWm6trLTm6zOd9tzifOuet7Db+jcbqw5A/crrV+cvXVqpn3ju5A1fXxv9YOjxI6Nnxp859nSv7MzE5OR0X5na4Mfe+y3uNMLjUBRxLFI8+/0fp2ZEFLH7Y3GXa2e/jVSdGKs6MTMxWXVkod3srJZfTvUORBFR76vU6B2j+3AudqURsVY2v2zwWNm96aXmcvPiQqs+1Vxeba+2FztTqdvasj/1KOJ0iliPiM2hWzc3GEXUIsV3D2+lixEx0DsOX6wGBt+5HcU+9vEelO2sD0asFw/BOTvAhqKIVyPFT94pYq48ZvknvhDxapn/GPFWmS9FpPLCOBXxfnUdjTzglrMXalHEn5Xn/8xWmq/uB737yrmv1b/SubTYV7Z3X3nonw/30wG/Nw1HEc3qjr+VPv5vdgAAAAAAAAAAAAAAAADYayNRxFOR4pV//4NqXHFU49IPnxn/3dGf7x8z/uRdtlOWfS4i1op7G5N7KA8hnkpTKT3gscSPsuEo4o/y+L9vP+jGAAAAAAAAAAAAAAAAAAAAPNKKeC9SvPju0bQe/XOKtzuX6xeaFxe60+X25v7tzZm+vb29XU/dbOSczbmWcz3nRs7NnFHk+jkbOWdzruVcz7mRczNnDOT6ORs5Z3Ou5VzPuZFzM2fUcv2cjZyzOddyrufcyLmZMw7I3L0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ8kRRTxs0jxnW9spUgR0YiYjW5uDPXKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP0lAq4geRov57jevrahGRqn+7jpa/nIrGoTI/HY3xMl+KxtmczSprjW8/gPazO4OpiB9FiqHht6+f8Hz+B7ufrl8G8dY3dz79Uq2bA70vRz8YevzI4TPjk7/y5J2W0+0aMHau3bl6rT4zMTk53be6lvf+6b51o3m/xd50nYhYeePN15sLC61lC4/GQq27UIs93fJIxN5ucO8Wat2FfL+KB96eOyw0DkYzdhaiuvff9p7NJ0b5/H8/Uvzmu//Re+D3nv8/1/10/QkfP/3jnef/izdvaJ+e/0/0rXsx/25ksBYxvHplafBIxPDKG28ea19pXm5dbnVOHT/+5fHxL588PngoYvhSe6HVt7TrQwUAAAAAAAAAAAAAAABwf6UifjtSNH+0leoRca0arzV6ZvyZY08PxEA13uqGcVuvTV84W3958crScmtlpTVfn+m05xbnW/e6u+FquNfMxOS+dOauRva5/SPDLy8uvbHcvvz7q7f9/rHhsxdXVpebc7f/OkaiiGj0rxmrGjwzMVk1eqHd7FRVp/ZoYOZgKuI/I8XcqXr6fF6Xx/+V8d5gX9n+8f9rfeur5X0a//epm/aTUhE/jRS/8edPxuerdj4WtxyzXO6vI8XY6c/lcnGoLNdrQ/e9At2RgWXZ/40Uf/+zG8v2+v7ETtnnP9rRPfjK8384UvzgT78Xv5rX3fj+h53xn/3n/7GbN7RP5/8zfeseu+F9BbvuOvn8H4sULz3xdvxaXvdh7/8oYnt7+1sRR3Ph6+/n2Kfz/9m+daPR3e+v7133AQAAAAAAAAAAHlqDqYi/iRRPT9bSC3ndvfz9v/mbN7RPf//rF/vWzd+n+Yp2fVABAAAA4IAYTEW8Fykur759fQx13/jvG8d//tbO3OsT6aZvqz/n+4XqvQF7+ed//Ubzfmd3320AAAAAAAAAAAAAAAAAAAA4UFIq4oU8n/rsXeZT34gUr/z3s7lcOlKW680DP1r9Onx+sXPs7MLC4lxztXlxoVWfXmrOtcq6n4kUW3/1uVy3qOZX7803353jfXi7Nxf7cqSY/Nte2e5c7L25ybvzgXfnYi/LfipS/Nff3Vi2N4/1Z3fKnijL/mWk+Po/3b7skZ2yJ8uy34sUP/x6vVf2sbJs7/2o3XeSDtdiofXc3OLCLa9CrRS7PjUAAAAAAAAAAAAAAAAAAAA8QgZTEX8SKf7nynqs5WH/ef7/3gz8tV7Zt77ZN9//Ta5V8/yPVvP/32n548z/P7pnPQUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIdHiiLejBRL57fSxlD5uWv4XLtz9drMxOTtq42kquZAVb78GX7+xMlTX3ph/HQvP7z+XnsqXpu+cLb+8uKVpeXWykprvj7Tac8tzrfueQu7rb9z6LrGqgNQv/L61flLl1bqJ547ecPX10Y/GHr8yOiZ8WeOPd0rOzMxOTndV6Y2+BH2/pEat+NQFPEXkeLZ7/84/fNQRBG7PxZ3uXb220jVibGqEzMTk1VHFtrNzmr55VTvQBQR9b5Kjd4xug/nYlcaEWtl88sGj5Xdm15qLjcvLrTqU83l1fZqe7EzlbqtLftTjyJOp4j1iNgcunVzg1HE65Hiu4e30r8MRQz0jsMXz09/9fiJO7ej2Mc+3oOynfXBiPXiIThnB9hQFPEPkeIn7xyNfx2KqEX3J74Q8Wp/wZciUnlhnIp4/zbXEQ+nWhTxf+X5P7OV3hkq7we9+8q5r9W/0rm02Fe2d185SM+H7Y9+LY7swW7v3QG/Nw1HET+s7vhb6d/8dw0AAAAAAAAAAAAAAABwgBTxy5HixXePpmp88PUxxe3O5fqF5sWF7rC+3ti/esQflrm9vb1dT91s5JzNuZZzPedGzs2cUeT6ORs5Z3Ou5VzPuZFzM2cM5Po5Gzlnc67lXM+5kXMzZ9Sq2N7e/la3fi3Xz7mWc70WUZT18+fNnHFAxu4BAAAAAAAAAAAAAAAAAACfLEX1T4rvfGMrVXOpNiJmo5sb5gP9xPv/AAAA//+ZYP5q") r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r0, 0x7ffb, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xf}]}, @NFT_MSG_NEWSETELEM={0x30, 0xc, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x4}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0xb4}}, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x0) write$FUSE_ATTR(r0, &(0x7f0000000600)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee00}}}, 0x78) write$cgroup_type(r2, &(0x7f0000000200), 0x175d9003) syz_usb_control_io$uac1(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r3 = getpid() sched_setscheduler(r3, 0x1, &(0x7f0000000200)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r6, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r6, 0x6, 0x14, &(0x7f0000000280)=0x1, 0x4) connect$inet6(r6, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c) sendto$inet6(r6, &(0x7f00000001c0)="a6e2976b5c4383036d32dadd2e144d8645ca8d1b230e105614396838da83c754887e7bea2f35d4ea667817d90d532af065f2e398dd9081ea16f8b371a202a6f9e505bbc964a0d3880bf0104a0a0a2f0d311efee1637e85a0125b38f961918f99bf9c2c146e42327f178dc2b3d4936e7f7f0a79f74ba464d83ab41742d1186776dc1779b5c50ac82d0fa8f9e42074b5b6079207fb21e718080907964669be539791e3e98687ee05", 0xa7, 0x840, 0x0, 0x0) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r6, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, &(0x7f0000001380)=""/4080, 0xfffffffffffffdcc, 0x0, 0x0, 0xffffffffffffff29}, &(0x7f0000000000)=0x40) r7 = open(&(0x7f00000001c0)='.\x00', 0x0, 0x0) symlinkat(&(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r7, &(0x7f00000000c0)='./file0\x00') 4.411630764s ago: executing program 2 (id=2475): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0) syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0) write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000300)=[{{0x0, 0x0, &(0x7f0000001340)=[{&(0x7f0000000000)="82", 0x1}], 0x1}}], 0x1, 0x0) preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd600a847500140600fe8000"/34, @ANYRES32=0x41424344], 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000327000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f0000000180)="2e260f009d040000000f3266ba4100ec36650fc75d85b9800000c00f3235000800000f30b805000000b9060000000f01c10f1bde652e0f309a004800006700c4e29d026a05", 0x45}], 0x1, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) capset(&(0x7f0000000000), 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 4.285964494s ago: executing program 4 (id=2476): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x16, &(0x7f0000000040)={&(0x7f0000000b00)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01040000000000000000010000020900010073797a30000000002c000000030a010200000000030000000100ffff0900010073797a30000000000900030073797a3100000000d4040000060a010400000000000000000100000008000b4000000000ac0404802c000180080001006c6f6700200002800900024073797a300000000008000340000000060800034000000002380401800c000100626974776973650028040280080003400000000808000240000000140800064000000002080006400000000064020580bb0001001d92704a203d5ecc985c4e4280e5378a36a2856959ffa601c237cc270251cf18420d11613ec98e629c7d84c655efcb2b5ecd71666675bf512cadfe09e4d05a4f60f60e007ca1cf70a5185f973cec0f1ab052acf1acf6a2df83dd88facc62c6e94a1b6368d6bda68abcaed2ee48c3d589bf2a814b728efb93401dfa1d1063200c10e56294dba0e7b780ce0f6090bd0de9f5e000c98c4b97cd985c91284c2bca23e4757407bb41fd8de797502a72e122032d4ef3160f9f7b00fd000100854e3cb6d05d310db3d528811da7f7450ebb2d62cddc6981343570b9f4ab17d75de9411dea482f508c0dce42c25c4778ebc56bb303f9f51c489eedffcb1490560ab26ab7507ec029cca3ddfe7c4f4f6d91db07cbc008636bc7bea7f96954d31da9d8a9ca043df7b409ca2864d56fc6b2a70fcc2f1a3579737bf47542dae337d5203869caff9ab95a317c25521ebf848fad8ceb87f4655ace0701dbe961e9dcaeffa37bfa2e9d127d61b8d6edc1437b46f54c061e1c9d68120ac8300e91d19c708aa9589c37de59a9f8df5546855e934599a2f31b6cb847347fc02231fec395b906e60300340d60ebe7a3f23e1aa6eec9e0150a9d16b3c25e590000002400028008000340fffffff8080003400000000908000340684dbc5808000180ffffffff6200010091de8d9ca3503f5a0a8259007bc5088ccfe97cfebb5ebb90e05d4e8a63fcbee6f14ab7eff7469cf243a6ef6e528b811dfd72af1e7e08de8fbdd4849367ea82016412fab2ccc0fb94fa63fac7fd0c6ea48c0e9ac7d1a30ecf3e70e44ed5ff00001c0002800800034080000000080003400000000308000180fffffffc080001400000000d600004804000028008000180fffffffb0d00020073797a3000000000080001802b30a3bc08000180000000000900020073797a31000000002900020073797a31000000001c0002800900020073797a31000000000900020073797a3200000000080002400000000a30010480380002800900020073797a3200000000080003400000000908000180fffffffc0800018000000007080003408000000108000340000000050b0001000bca99f460f4b0002800028008000180fffffffb0900020073797a3000000000080003400000000308000340000001ff04000100bc000100e27404a10a99dbcc4575917adc29373e2cc46e5e8f99d7a36b7c42c92713cce62084d863a11eb9c2e19fde212924e527db981a9be0c2c15f6a04a67e9e20f86e4bebd07665e2d01da200712427a5525403c1c75468f31b91a60def25f7757c9921d08b9a5b0bc6f8953efbd0416091bf2b30d9a37e789198313dd07b7b70cebff25c562434b67e9a6b70708dd84c86135ab9b0ffda2c4b2fb4a139220c101f4c0a3d58eb124346005c82dea6f0f36444b28300758475eb3d34000180090001006d65746100000000240002800800024000000002080003400000000d08000340000000090800034000000001100001800a0001006c696d69740000000900010073797a30"], 0x548}}, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_int(r1, 0x1, 0x1000000000000f, &(0x7f0000000180)=0x57bb, 0x3c) memfd_create(0x0, 0x0) setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x4, &(0x7f0000000000)="d64018d045425ac05ef8825ab12f4cdfaf249ed25b2237ec697b1a2672f0eebf752b42a90d7ce1bb6cecde79137894996f34a9ddd06068a9360753eac71eb73e721b50443ae5e8577a1d34201aee2aa328c12d859757fb0edfbdea0f3628fe3f4a7644a465df876afdcdcd2e30859763deda795aefd8d36d1fba16e6c96c78a38742063c8de5acbfc6308a7fd282d958725da202db52c2d49bed515de5035d8fb6b24ae8d37accc6181d74535e8f01aaabd131cd5f44030f5d26eda9c4f7f0168557ca9e3a9f0ee806", 0xc9) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f00000002c0), 0xffffffffffffffff) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="180400000100f1ff0000000000030000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x10) sendmsg$ETHTOOL_MSG_CHANNELS_GET(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="8f9f000000000000000004000000180001801400020076657468300001000000000000000000"], 0x2c}}, 0x0) r5 = syz_open_dev$tty1(0xc, 0x4, 0x1) r6 = dup(r5) ioctl$TIOCL_SETSEL(r6, 0x541c, &(0x7f0000000100)) ioctl$TIOCL_SETSEL(r5, 0x541c, &(0x7f0000001900)={0x2, {0x2, 0x3000, 0x0, 0x1ff}}) ioctl$LOOP_SET_STATUS64(r6, 0x4c04, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x9, 0x1b, 0x0, "05be04f85f24b3154478c908c2f6ecd93900e179a582b52ce9cfeb10f466693ce04d4c38eef0cdc8075077a1f8d2e67f41bbcb62a57680a053b58536349d9c41", "e3c055e4c17b5fec8c1737c24bc5bbb0751fe63b9e0c55b1e82eac590b9d7f057b8d7c7af91d8d9d0b4f7525250c81dd277b5b6cbc5b00", "7a91b590b9c06821ef5c606d5f4ba751aae2edcc2717a215ed6e2285e774391e", [0x7, 0x2]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000200)={0x3, &(0x7f0000000000)=[{0x15}, {0x5}, {0x6, 0x8d, 0x0, 0x1}]}) r7 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x80100, 0x0, 0x20}, 0x18) fcntl$setownex(r7, 0xf, &(0x7f00000000c0)) open_tree(r7, &(0x7f0000000100)='./file0\x00', 0x9000) socket$nl_generic(0x10, 0x3, 0x10) openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x400280, 0x0) openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000001780)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0) pipe(&(0x7f0000000140)={0xffffffffffffffff}) connect$inet(r8, &(0x7f00000000c0)={0x2, 0x4e23, @multicast1}, 0x10) 3.957463073s ago: executing program 1 (id=2478): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000001740)=0x6) ioprio_set$pid(0x3, 0x0, 0x0) ioprio_get$pid(0x3, 0x0) 3.781975537s ago: executing program 1 (id=2479): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000040)) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000140)={0xc, 0x0, &(0x7f00000001c0)=[@acquire, @enter_looper], 0x0, 0x0, 0x0}) r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0) preadv(r3, &(0x7f0000000180)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000640)={0x20, 0x0, &(0x7f0000000280)=[@request_death, @clear_death], 0x0, 0x0, 0x0}) 2.76427254s ago: executing program 2 (id=2480): syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1000400, &(0x7f0000000200)={[{@debug}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x41d7}}]}, 0x6, 0x588, &(0x7f00000008c0)="$eJzs3U1sHFcdAPD/TOzsOnGaFHooCGgohYCirmOnjapeWi5IUFUgFU49pNZ6Y0VeZyPvutTGB+fEgSsSlTjBhQsnDpU4IPWEuHKDG5dyQCooAtVICE01491kd7ObbOOPie3fTxrte/P1f2/kfeN5szMvgBPrYkRsR8TpiHgnIs5HUsxPulO8vjvl631yd6u+c3ernkSWvfWvqe4etuq99XvORsRPR8Sq9KXbG5sri81mY62bn+us3p5rb2y+eHN1cbmx3Li1sHBt/tqVV66+vLBvdX1u9Xcff+fmGz/6w++//NGft7/1k7zMr3WX5XXrWzXJsmzvAV/rHZfpmO3OSiMiP3Jv7H3vT4RT3fqcLrsgPJb87/FzEfF8N31PtbwyAQAHK8vOR3a+P39fOpDLsmTEOgDA0ZNf889Gkta61/+zkaa1WtGHV30mzqTNVrtz+UZr/VbS6+KbTm/cbDauFH2FEZWYTvL8fERcKKbd/MJQ/mpEPB0RP6/MFPlavdVcKuU/HgDg7ND5/z+V/PxfmWRTdwgA4ChzJgeAk+fB8/90KeUAAA6P638AOHn6zv8T3fkHAI6+6tCz/yNlyaGUBQA4HCP7/98+dz/9bDL0ii8A4Khz/x8ATpQfvPlmPmU7WVK8/3rp3Y31lda7Ly412iu11fV6rd5au11bbrWWi3f2rI7YxZ3+TLPVuj3/Uqy/N9dptDtz7Y3N66ut9Vud68V7va83PFgAAOV7+rkP/5pExParM8UUvbEcHv2DAOCISyNmyi4DUI5TZRcAKM1U2QUASqM/HnjUj3tH/kRoJiLeH7+NjgV4sl36wpj+/+H/DQbvB/x/H0bHBkrW/VrrBoATaG/9/3oP4Ch7+Infg0FwnGVZYjx/ADhhJriC9xNBOOYe6/4/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnHCzxZSkte5Y4LORprVaxLmIuBDTyY2bzcaViHgqIv5Sma7k+fmyCw0A7FH6j6Q7/tel8y/MDi89nfy3UnxGxI9/+dYv3lvs9IYOvDe/834xv7O2MDJA5eDrAAD0mRqe0TtPF599F/Kf3N2q96bDLODH394dXDSPu3N3q35/POKpbuGrkc878+9koDLJPg1MvH0nIp4drn96b/mF7sinw/Hz2OcOLH4UNZwdiD/4b1RaLNv9zI/F52cmjLcPZYbj4sO8/Xl91PcvjYvFZ/f7NzXYmFbjZw82ro+h1/7tZLvt305f/Hz/3z9XLdqaUe3fxUljvPTH745ddudU9sWpiF7snb72Z1e1SI2K/8KE8f/2pa88P+5gZb+KuBQPi7+bmuus3p5rb2z+9nsf/Gm5sdy4tbBwbf7alVeuvrwwV/RRz/V6qh/0z1cvPzW+/hFnxsSvPqL+X5+w/r/+3ztvf/Uh8b/5tVHx03jmIfHzc+I3Ym2i+ItnPhg7fHcef2lM/acG4p8e2C6fd3l4Z2P+ID/6++bSRAUFAA5Fe2NzZbHZbKxNkkhjc2Wxd6E58VYDiZnH2mrCRBzYnkcnpgcOQvWgYp0ds+g3n3mH03Gox2ffEnc+w8qVcop6Kpq9/qhHrtxdb3svQbNsD2W+OME6JTVIwKG5/6UvuyQAAAAAAAAAAAAAAMA47R92X/m3zw9F9T8MV3YdAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOL4+DQAA//+T6cce") r0 = socket$inet6(0xa, 0x2, 0x3a) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast1, 0x6}, 0x1c) sendto$inet6(r0, &(0x7f0000000100)="80000fdc2208", 0x6, 0x0, 0x0, 0x0) syz_fuse_handle_req(r0, &(0x7f0000005ac0)="4b2491b461bedcb9048c176a7382f91f7a6483b2a1586d010993885efce3d556a22a448b9235a4a34121cc80b619b8e437e9873df079ca643e34e2bc1a535d9b2a9715b4e5857bc20df3038c4a552abba5397e029e19754b57555e01956a5f0cca8ca6a8e7047b2ecb5a9cfd9aa1073df281cf12de3a7c659616d560d5615d5e610a1f72fa41807627908f23a797dc3766289b04fa3187c07de31e49056a916103908501dd83aca8d2a5a66f6ce934164edaf5a7e372a86b3b1e66bbe3c50409717e5947cf16f71bc84ec60723acb7de047af2667135c2865db451b7c7c92c858f374e86b8bf5ece0da6c5970fccf1714fba7be72122dc6fe77b8620421b55af59d9a0256a168ffd531ff9290a3142104a55b1e5c2b11ffa0a00f7b40167c228eef62d7bfd0b50c7b07ffdea383fe89812f6e1f1b006e31d0b5fdcf7c1725f9ceb355b133ec8ab9cddfe7052d418393e5cb4b5a08bfd036e8aa93fec6a62f03cf34d0024aad605bc3344c920733ce3b4defb22a1a5839faffa2e0a1c19b3db8a499e996781e8061c0f4b9f193bbd8ae74971e821b0cf5af91ebd14f49443264e1a03e419589dff9d10e2e491a6f0a020de6afe564aa5f49342ddda455049eff63a96dd4f2db86d75b60f7617e9afe6299379b13b1d10e230e4f38941f24006eb981424264740c66afc4d3f7a78f3deffac4ae559f5d0f3da9fb7e0855b4746dda982506d1a3a52dc12d6abff23454f35d7d96a75a561b4286e4c62edb28da1899974319f3a7d5b90a3082805d6f800f3360893130281d3f1e4f5569ce40007bdd9e798b19217ff1db4b74ca41ea760c4de95680e4b82d00981271898685e618463ee69175f68b707fba213b36f63826ba07700a27d17d70e50bba2c603499285df2286b5d74926e0d0c7aec135d1981373d0db8ae14b4c4451f207ba6c9959b57f5e26cda62b9268ec21495e49beffcc8899058232cee856f26ee47afb06fd6bac8512e65bc5d4bfeedfdb75e75786e2770aa9bc89aa1e038c8b6f4b78460d4734b2ecab7d9e8609c1731731d9cf776c1334191e57cf00434e1a9745e50a54e28f324bc3dda179c57f45264c6e8f5e95b79f2934e0c2a68efa79918ec4274ec0b33120398c9c7c7c763554859a6a6ca5038cdba2d4fd04b845f4c0f0ce027d8f2a848f4cd3604fe198aa8c6668d572567855cebad36f87e6983bd88fc07357ba9d7fbbd325db7f24297b5122c9aa6eacd915d32bc87f63c108f256151a318c7061cef2fdaecede878d4ea6db06ece2a57cc01436bbba663140acbf6f33946e8349cfe41a528ce72a43c244dcd2a5d8b56934ffb2cba99a1c112c0eb4c13afaf21a88bdaf58378a1b9abc8e57b6dfbbdb66cf27b869fa74ceedf9fbf528c3e2cf8111712aa48fc62e4f2ca4ab09032d57b91dd39d7bd798a4c6d567ab75001e926ff74d71bc566d102632ac3e36852a334d8e889568d135bba35a8b77955e85982c95ef57ec4d385c9d71917b3eab51e23a646c3e4a6ecd616f007746c6a05504ba28b223e39a670005856f39e3ad012ada10dd841cc63bee98792fe8aeafb31bd9c8c2e8f5264b9abc433bfbd40fa82e9308f56134d904ee718b6804b06a3407210bb40da9231007ca30f72d0e1b24c279f5e1f57e81c0c37de3ea8adc0daabb8c1572a64ebad81be98c51dd1794594d19b1de2f9d239568515b5aac3a342a3ba4d24c5f1a83b096be25df7d1744a59a691a2b3bc73045dbd73d8392a048659bfeed84fe028fdb45959bba31c6c1d756a05c9c5275f1d4182056e6114562b9adb5dfeb7ac90e4084c61034b16974cca62b757a8040a4ad5f7e0aaca84433f1d7b86075e35b3c90249a7ecf73ce1c41fda2d55179010b51c4e80cbc0ac14bf285942710e9dcd0788ed5863250163e0d6938d3470af3e3deb61b9dcb5443378f915c25d3bb26958cbb34bfc59e770c456bbb03fda3ab9bb446144ed1ff2323d05b5fb34282fdb1567b24c511026e1d103894fcad880baddc55fb8a21c62f8baa4f460841b556ce62586e0a4953604e6322115bcf4616d6a07056c11b11506f4ef7ccd585030a1c48bee3a27e2357a8e0045177fe14de7d44b888153bfaaea4b507685c18d90aa6b8d2297d18897f82eee25c12243fb968c11bf2540bedc6354420258477eedf5d1b18da6432b9b61d1823e2b591b624642b52b1d4c5f6ec6467e72ee924d3b7cabf481c0d616288000f57a6df18deded00b7e1d9673f836b1ecc20f14fff609c839a0f18db8c60defa3aca368c48cc174753e643d32a75034d07c608545036160f304e8c7db02d96e6bdc20e5bb3c8c5c513016c0365bfdfda47100aa5aeaf1e3f751b7a5ca10ab74050ac0ccf28cf1cb13c57c9b0cd7a3c421cb604620902273aee2db6ac3047331b68460248d5d7c91bdfbd29df2f702146a3debd443c46c62705db392bdf021f89de1ffc236b9dc0f0bb94a4ca62f8e8bb0010f0585a738ef840ee980424a15d3662efc4a51965bcb6935b61308f497293e7af7ceb972fa9184aaa8433123811f825ed203b4141274c66c7334116dede159bcf62e15ab39d4fae9789052dd3a91ffd0015a25ec03fda69786a0a002abee9b0d452bde1a6eba15a01ad7c73ab90d078c1fab6775e7dde159f7d79efd28c79c598b8ee38e9a01f93c4f98ef9c1c1ddafbf2db0685a70ec0720e95702036ca46243c95c917791d80ebafe63305783efa474652245cf542a8e05e74af8b5b9efa9a31d1b5cf5d695ae84caeec2215b02d599fa85013740129c97fa6be073c02c212aa34dfb4f2084df2ba973c6a03487f2540e877ee6020a885ac8591e113f154fd954145336b338a2f7e5b4e154c9ec444febd8e9054144480990b4672d5c022ad373effa865be24d74000666943fa4c4fd5c714cf489a01da6cc3558292d0174f335707bf315a33aa0ff2586815cee5aa34f443f3297e8d83ffb38b0081ef99682d1a332f92bbd0cf159e291f8499d0f71f696b97832fd507f526c48d70fe2e2c11969a46d203f6bbbe2a91551b41ea7f0e1c4407f2c553aa11148fdb00830409e516aebe506757dc8070f8f8204522ec035574a8e7849b9d8223de69b66400095c46482d252ee3996d163bbd7afe4a9d02f65d7644d3a8be257f563d56e62c8edfe4abb173670511905aa89876a8dfe3f866706c10443863b2f0f33967a8b97fd09bd268d25772602a76953d5518fb15c987ce36ff7ef906cb8b32f1da6d6a248b1e4db10302f61feb5d0fb9a38b4583d2c59b7c3922b9f67533f7697dad383723198c8132b9f8b56c2ab4767a30b117126911e3ce3d147df6b621e6f4c6cff4b0b99b7ce2ae8c770342fea1d4e71e96b27fb08efafcf187e31e93c049c214c7c6d9db652907da7d4b274946adf25d0030c5abacbb987069f0cf977e3675fde0ad23c87edbecafcb3b63f1c96dff5406630a02b1bbf6ffdd7c2072a3e6bb536718e26fe262fd25b574495e9877bdf11fb5c4bb300b0687da710c1464841757d52be584f8783d10f857141b725b31e21e6ae56a53c033da14a7007ade63bccc1b79c27de989902fe849e6f56b7762ef00d2f5f8c8aa7a37d0d5da02f1db50b22de67f572b9f596645b5b8ad48a107c709ccdc31c2b22ccc75c6aa644cbc669eefb7b2798e848615748db19dfbb1fcd378209a08eca2db3ea53bfe0bc768cf2d4658579d7c17586c93d945cb6e85b80bcdb13f49f091272f25824ab4d361f79556d4b227164c1ed431874a88d6bb9612ea8edba924ff2be24641a1a9dc16c54290583785dd07ef437f5c4838ac4c1b2031d5f117f2fc696faf7fc76473b9066782209739956d8cc6147ca640f63db6b373d0837af31238041adb39d7ce97a5ea03b64f0a8e3301c24604026130a56f9666f270ec77bdcbe8210ce6ef1bf65f3ac73518a3bbbb18105a849ff99a2485a9cf70ed6a656d242db20b284facd0786c4c471a221df68e13a5e710977df026edb52443f59bfe48178cc50bf5042fce96a7ee788ea529b83e5cd06e42dbf49b499756271e8ad2bdeac76481eb04a36b7ca413f303da44143c691bd13c61e064e4f7ce278d9cfb105f381e0c37a5dcf0dd96ecfff04df387471a829204585fa77a671b702e6139061449647eb30584f3ce36031b5cdbddf8e04f71f517240cc8dc54fa691b531a1c6c39367e2f2d731c10d0eb706dfaa089e173f17d68385ad79d1a01d12534915e13a932106789b9527e794cace8a3faedb65042258085c1f4a61bc862fcc627a36bb2159b8197a5a350448abaeec8636d972485feb05c1a4a669ed138ca5fb1baf68d7bf643df5677ecc1b2e0d0cd6293daa2fb69c1c769c1972110034b2d247e6884b1fc741c9448fb199ba93c6dd90e406fa0e07e513511ed008d58cc4fd804cce55d4b4da598c0b6c259d311a71a02a533ad5aed6267936c4e990cbbae547ce511431ec217b19392ca7625522df6615514f1cc54d9ada3f9aa731ec1a379bffd0dc5e7dfc0befe97311995ffb3e84e7aa2fb017a6502576ceed10b07feb61c9d1c4d7cbd80f33a0f35ac97e632ab87af457e02ecb5e57eeac2103561fe22d0af63bda651ca2ff02d72cc29e8725265909bf3bae72320cc3c0d54f5d0e8cedc33f7f1eb01974a0385fe534d3f04b56a23c7fb4e48ceb3c5d52535a2adeb32d21c17ebea71696381cd87350bce38ec78ce7233bbed809609eabd442cd3e30567adb6dbd337586d54c44d701b917e2ee6c46d87132c1a8c2baeee898820fa39c1304c5590fb75b070d8231931138767e85f518556e5712b419027b0c4397fcc48b4b15cfd06bddad3dfb369bb29b13c6721cc22da9bb33d9f49b60e6cc051750dee1b20e7d084a7444be72201c3eb5bb81cce7c07c3d35b0896ed59381fd171d216df24e6061dd17ffb80e2d4e64b13f285b9ed8ade9ee4d831dd5c3a34e1420bc0ce51b6a8c8a5c315d6c10082548669eb31f6c1feb171a95749e3fb8b217867aff419a7c06b16ee024028b0d0ade0af2ba5ed09100d5f26587f686fa15a2022a35a462b7bbbeac496c096a39c4d7413450e945322cc41019cce595a3f5f96002101829b45a7d3148236692dcfcdd0bbb8f0db5b58f84d136f8db06de1b8229a99da0908abd2bddd7039a978518467d0e5b64b05ed16c0170eaa5ce390c5415d76da48c8363ce81703420780919c12a7eab01a1dc5707f72f4efb7b4e94e30a5ecd3c997f730fb39b8e4604ada9a60b57d8efb9e3806959544d83fef509cf0289e7919c9ad5b9412cbefc16ae039d41706c43911496db03dcd948c9d823ac7f804c8d7afa18f3176a2a803ae672a43981fb19aa68f566c9e6d88f583a3fc148476b019d581bdb008db71dee2af7370f30aaaf6930cc3c283ddd34c2faf87ca7ecb7922ab8904486e5b04174fa24de1d068225c32e0603ad586a6f5f7a1be1e237703b4e61d52bd6f7468f841cd92c5269b15bc69be65740f22d72c39159daa03b3a9dbddf3a2fcd212c2dbef7197234661952852d65e989302a6db5663835784e7d0a0bd6f51988d9f43b52a1b7d3d0fcfa9963549cd45d3d5486fdb639603c05dc684517532c444c0650a48331835f41373e6f6b2835caa28426d8145135b9102d31ff614e9766eb95d095376b8854f7923d0ff3ad89d253a7cb4fae9ac8189c863c23fcf234090f13750b64fbea2e9c527a37363df2f7b2db115c400dd3831b33f986b2b379ab786908ab86fffb43052f2b7dda9ddc646f534aafdb4214686d22e91fdb1de42be04bfa7327bc37a4f38b80300496ddc794cb73f4c31e558a19ebad905fb86244fac48a7784c282809556dc4b2978efc15b85764836346f9741bb5bc7cd4d454764f4a88fce7f64cd6a9a0b2eceb52c955527b327d4991bac7a1a7c0a30ec1232f53994978a4d7979d927c24c28ab052345cf89ef48ab27d5e115244dcdd1ce2c8093e753ea83351bbb03922dc4ac34633d270d2ec0156b2cece1c7c91c86f60cce3d1babe05ace441474ed90d0dd400841816419a18b715fb2ac1eb073b23f0a16741fd4596fc546c39e38087af4f96357fa8eb39047f638fbc8fbf9ba35e19e7608dfcef5e6093b5c0afded071c0cdde8fc57fdb555f2753a96cbc65393df09236b69e8a3788384d4a0b40da6b621c1052905d2a6c43bc7e181068a5907be47e224f66a777747e77523961685b672591d8a1cb4b7560ac9eb96f4346704797d786973914f7d339041f1249c93f9758314a9b7a3884b174184fcb4c3cf033c1245a6acad4ca2b6223e9fedaa1044897a9d54990eb37c2fb0ea047624115471fc69d543a6b864fd91974cdbc0242512c049f35788adc533705658c16157f479558f6ae604384249d1463f66f53f061036372bf281e425c31cc12e70c485ea561a0c7cd405d1755c7e5a5c1f734d480f6c5e9d61c60dc9abcb132bd34f6b97393569a8af11f513a747702a385711eff08422acd0f4103b9f29588e0a6f2b9e72f863c9919f594daafa0767a6bf63dd6622a0eeab18837b91201b00d4b10feabf20d47a347ace80f2c82a6bb83cb85bff6113037136684afa631b7eba48c9ff51fab22635a3b4a2a90ff91714cec24368e8c0c3094ed353d590b32b00ffaa782555cf0f2cef6fbfe01add053cb96a9ccad0ddc99b6fbb922cd00dec303d628289843f17dc2dd145fcb507c65fafad0125cd81e01d89db180c3f4ce304991d796c87b4f273260812929e0a518780167489ce8d4282ba9d53eeb3ebb249a7d15139056fcbc37ccf6d9f9c44936aa96f9b1d9be9965c2cb0f95b4d838e99dd451b64900035f15c5942e566cea549a7fb900a766c76c77f275030842937f344ee17fccec14e58c14eee8fb39e462edb3c7ba6c489c7d3331ada9d5d9626181a61a2d78ca6c0b3047858b254be43194fb5f94e172b633dc4c2c4c9ee911655627299fa7579f2c2671c7176567e195bb154d6cd4af71a13eaf9a727d3a6b4dd6852a14c8c443aabbcb766e8ba417738a7a5cc392a8ed4d1c3b39b87c19be38f95b118e4bcf5d42402d70379a20393f2b5e3e4dba70e5bcc8373dc0fe84bfc0ac6a4267e9e36f5716cf70eb85e20717f9892830c71217c95fb612f64179acf2546934286df6529efcf5d53762d53c96c59ec5acbc65a08da76f8ff1e89a0bac78bfde18787612d3d1491ae8ae28a5f4ece0267dbae8367ceaf219cc33bbf901691ac64f599e1427affb1712176c3902d225afe4e33eac3c03ce701fb50d20f0aa4b58285a3416ddda4b87748f7a9b5996552711f361a1896c0ce1413c580919284e6ff3eb7bfca7522d86a0c3a18c97d6752732e1d124ae6d2a2bb9adee47878875fd7cf311488a97d2894a12f3b4d744145c8d3ed6aef533f28588703bb1628388264fd1d94b35fa054a663a22d542047f1a089f7b0670a9c4dd1769510bdecccb545df9dcd43ff81361cec08ff60cadd0a0d0f4f51403454b0ccaf6b8921611a10b7e8db805e5c05bb413a311cc7788fe35e136498f089ab618a2384098406cedc65eefaee3636abbce5b4265ff05a748d13bf19678ea7182cadddd7c59ef86c476eff9090f69dc6b1b42add9d47103d16263372dc740d1853a0251d390d480e7383f3be0fbe309faa86ae3fe44ca87a3fd32e6f49ad8a8eae13c4dc864382ee80b7012f7c1b74e003a37ae27aca499e14e165ab2e7739ac8318fe35720c1e5b7f5f31ff6b6b0c25b1227f39250353a4f2f69c4908e7cbc457c5f237455367e5f42d457aae2de3cb87eaad4546d465de31d07c1870d28812651e9504c882b692e1ec25f3ea72de270dc437f4ae7c7f31938290d6a7e13ef9285de082cddcc91d7e5699438a0cfcfbcba986f0e2b1d916e649e277a062121f913312c614ac6d3998c81b1938bd0360bedb2c27280c39eaa3b81cfd56bab9aa87cccdf0125ab6fe9b0bb1e60ee8ebae26d4fc0e4935278aef43e0211d36f1fee615dbb59cb28da37fad05a89ccc435a6bd9cd88e6a56724593f5a5db6ea25298ec9104efabbc8a65bc75a8f9c76b22c2d28f65f2bd51185465c5594873aba967cd6df3a72916be6031a7b56ed9976fb1db48fb1d5af3e7949cd932cb32ba7f337bc7341382fa8192788a9eda6d69c844b90cd9bfceeb8ba5703536f9334eeb1efabb02de6e9594ccd70883be2f5f5508c6158adde35ea19160009384ec15570e2a8a31c7d16f3cf1962b3a56f516e578dc98d2bd0421e0ee652440432dd4c255452ad42171afa6b8bd367873af00266b604d5401a34e45eea22cfcb804359513235603cd504c8ff308345da31463befc763d5cd60dd27c10baa4b1336433dac7ad640753fba5f4842d82f707f793cad401056f88d1532710193119e992677a4e48f5dc70ced64339a483a3883fd95e21f32ef603f452045ca0ad0b21e439eeeca0b00cbee143158f445fcf69b14f16c4aa7b47c7192ce821c368d57caeaa1da9b42c1c8bf1dada1fd3d7b92daf3cb5279e5fc578de099e7ec45f7e38b31653a98006d53ef7fcd39716822cf7b0824f2556a8e2af830877e3e331bb6a31c9278697aa6cab9ec816968580f64a35af7169351d1c81fc0cbe6c5b5bbbc9d2b25b62d7000c27f3828023c3bcce22226a8c40ff1a7f4167ce93c3c07ebd859b31277854b09adc2d0d7c63b0026aa4e5e6a67256a2a1ea954465c71c159fdcb603f543da7f6a39a29faa617a4fdd520334f0945f1c7233708c13592254fcfd29188ddd062e66b94ea4edb392cbc4a5bac87267000b685c346d817fba73590e33d981daeed3301caf643cb418bf0df9b09e1b5c3b6194a0115af20ace4670a2d8d13e782266d412f0f464e3f11df2a141e451da458cba86e163206e1578b327d002d5a1b8a24e7035686e5af36d5846a3d5d92638e5f992901051395d6fcb9fa359ea1c934a4f0bc64268a88b99a09402a17a02cf93c7c79e855db26fb74b2905b4e3ed316a319f7c7d9e37f7f93629329af6156fb1bfdb127f27f158f9b602700d8986fc02f9edd7fc9b6acc433cece4f03aed8edf8d7d3bce9edd64448657ba3df5d0fc886a725ad135fcf2566b94f29c7cd2dbac3c6e5b838e0f85ba920a26c68935be333de3e21645d18f9bc8acfe4f84ed2b5b300a08949290e08f83c8da4fdc96be04d9b8a9c36089b318166d72f2d5f8184aaa3eef2b75f659c9f3712d8a66c8c043b48f4505de1f8cc54d6835a3a6407d91eea56617047e140b078409bb3299d022fd895c259cc4f2b901f2002e23c8d0afa643c339c50f08ff8f3d7f92c17ad644a3dad5a6a095992cd87defba1e9597da116938ae632c1160164f3f1f4a2e2feb1eb8a179a5308929e5fb65badc814cf6e30fa81bfc63967531e93f8644761c45f0b7d7e6163e7384f16685bf33df2fdeb27cf54edf7f9b87ae6eb60c77d197fb8b2c465165235d5a8ebc072ba72bee190a667e193e9057ae1f3e474eff54d3e8d330f0dba651cc54dcb475b307884f3d74a5b275da064f4d2063de25c8d99dc5385e1784f842924a3369af81c133385fef6efc0e8b7d9e52f4cc716836b07782844cde998def45361bf6a51d1ec5e53376251c595e017489c27680c380ad6fe44b3d4953cb9649d9b0c14c7c2333a5387f31f6dea457374bc834cb8209129c00cb56a8ffeeddcf15f93fdc9beefddb6ae5b535c8b06edb09cfb14f2e3240fb6ced025d9c9255490302573490f990bae971001cc1e8bba93c50b6fd3a5c94249b6718781776efd1efbbd5bf19ad7c5c15d780c8292073ae3f2494c070dcc6297fea78be5ef76b183b1bb00f300e46645fc22ab2a404d5dba9849370ea19d8961fb887e41d50358a8dd752d93d636f0693c3e6af18ccff4a82574dc1fe3a038b482b4ca14edfa64a8c3a0554181356b82b43732db6625c8619a2eea6a451bebba2d24940310b7dd40ae7e768ed3a115db3f0dfd06ca912a9d74142bc2e52ddf82317583b622aee9d3c36c1c604b0ac089fee53d1dce3ab25cca18b112912e2377ef028f55767586f4db93a27a17a215c463fba811df547a6c38726c94263ae4090fa2abb14e73d3329710554f56eafd2ea125319611aa66051870b13672acab2b773ce26b985db74ab2f51e421032c44cbdf2a523d277eef612c3b67819383c1fff0ad2669beb9a087bc144ede0573a13be82227228a08cc2f8b5ad05a5f3d31831763a357d58dfec1a4e94e4c6c65cf792f61a2e081e6aabb7717d91db37fb4f64b9bcdc65640833ce9dc0cf4de69e13dc5219a81cd7b2df8fbf012cbeaab5244578ac592dac0b715d5a91a4dd040d7c60950627ec2622cf4482f3568420efa31e4e0bb77bd7567868cb6f5c4b7a21b6dc8cace15687a3bbea014e78fdd4e7140fe06d8c91e76f65935510cd25c4b4226eced3780d406ab631a2ba25d52f1a3e1931d540f0c3a7ec2ba2d43e80749e2b7b5178419155cc7f69ff2c8d5a2dd941d275ca6e5f8637f1113d487379acf0232e969accb10bc273cdffbd3ee33a02d0f21872a401af794e8a008d6567e6eeea6b52575d7d79ac36f380c42801f01e08e3d45beb977d40bce86bfeacaea1a27a38434248c127eca4f77a223aae190013792a77818d053d566913630869a0f948b7714c4ed39057fa8d0aa4de9bb08e9ccb5838092ede6b749a90a2120124e0a146e092ec967b56a3ba8469433256660904dee6eb2b34cf00446216c98d748a1be1893f8877608f8bed44db52fc743eb47ba6a18aebcb20776c3f42cfae69679b5b32bbc3a26a5909848dcf65e9118ee14702c1e42fea811934a8319dd6fafa593c0648afe21b612c005775c96c6006cf910f179af08b299fdb866f77881ab7d8270f9388a901e30219d25fd9a1ad24df35adfc013237f0ae177079c4e0f90e76ccaa3a41f88c1ba1b0e6a4a3a04bffee9d170395d150ac335758d02b130f1ebf2e257a7d960d82693da9a2615949dd29a71aaedaa678729faa05cc327d7255be061e5e59f97bfb402a2f9b7c3095b0f85399e7d83a6da8c3cbd1f88535d5d44d1efdda60a9ab91542a37a65805e43d222781161035766770e24f7930099f5e08ff1efcef0985e08671c1f3e20188b3fec5ae5594fc8fa45e29be0429399a980b06954ece629e9ab0267d5bf17a638dad14079bd96fbddba65426229c69f69def765d2aae1a52a9c59c280eb5beb6ae189747bdc4774883d9e77fa3b1439e26e35c3de07e229447139129ff5d4c7f3eb7b8849c3570187786572aaf859e55cf939e0925f951acfe3240c1964ee40b3717a8a1fb2b15a0784744952535283e777b400558a4fbadd0163273d62a58fc40e124e893ca03ce0ea396762d2c0e497cfbb041d75fe678fc309f5744af7c704357d678b2600962ba7550a794f3632f802c5aaaf76541d6a4ac54900a0a8543dec8117ae961ddea6889c018e444f9a86e656579d9e748222b5efb148a174919a2c733769089f436ec59a9d4ca5d930ac16b7001ed3935448a3158ce8cafe9b82753634e9e7d9cde132550d88f6d165b04c48db6e42254c651963abd7964f2dfff92be5d4845e2d952fe37b2e19c2", 0x2000, 0x0) ioctl$SIOCGSTAMP(r0, 0x8906, 0x0) socket$alg(0x26, 0x5, 0x0) r1 = syz_open_dev$usbfs(&(0x7f00000001c0), 0x77, 0x101301) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) ioctl$USBDEVFS_BULK(r1, 0xc0185502, &(0x7f0000000040)={{}, 0x0, 0x0, 0x0}) creat(&(0x7f0000000040)='./bus\x00', 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r2, &(0x7f0000000140)={0x1f, 0xffff, 0x3}, 0x6) write(r2, &(0x7f00000000c0)="510003000000", 0x6) 2.600759707s ago: executing program 1 (id=2481): bpf$MAP_CREATE(0x0, &(0x7f0000000100), 0x48) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x0, 0x1, 0xf000, 0x2000, &(0x7f0000f9a000/0x2000)=nil}) r3 = dup(r2) ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000040)) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f00000001c0)=0x10000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2.56696995s ago: executing program 2 (id=2482): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) r0 = socket$unix(0x1, 0x5, 0x0) dup2(r0, 0xffffffffffffffff) r1 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000200)={0x0, &(0x7f0000000140)=[0x0], 0x0, 0x0, 0x0, 0x1}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) socket$l2tp6(0xa, 0x2, 0x73) socket$packet(0x11, 0x0, 0x300) ioctl$sock_inet6_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000240)={@local, @mcast1, @private0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x8460000f}) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) timer_create(0x0, 0x0, 0x0) timer_getoverrun(0x0) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) syz_open_dev$tty1(0xc, 0x4, 0x1) syz_init_net_socket$x25(0x9, 0x5, 0x0) r5 = openat$mixer(0xffffffffffffff9c, &(0x7f00000018c0), 0x0, 0x0) ioctl$mixer_OSS_GETVERSION(r5, 0x40086608, &(0x7f0000000000)) 2.507416877s ago: executing program 0 (id=2483): r0 = socket$inet6_sctp(0xa, 0x801, 0x84) sendto$inet6(r0, &(0x7f0000000000)="c5", 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @remote, 0x15}, 0x1c) setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x16, 0x0, 0x4) 2.208094935s ago: executing program 1 (id=2484): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000200)={0x1, &(0x7f0000000040)=[{0x6}]}) mkdirat(0xffffffffffffff9c, 0x0, 0x0) unshare(0x6040600) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x401c2103, 0x0) 1.492859612s ago: executing program 2 (id=2485): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x2000040, &(0x7f00000007c0)={[{@errors_remount}, {@nodiscard}, {@noquota}, {@init_itable}, {@stripe={'stripe', 0x3d, 0x79}}, {@resgid}, {@sysvgroups}, {@delalloc}, {@usrquota}]}, 0x10, 0x4d2, &(0x7f00000002c0)="$eJzs3c9rHG8ZAPBnJtlvf+VrUvVQC7bFVtKi3U0a2wYPtYLYU8Fa7zUmmxCyyYbspm1CkRTvCiIqePLkRfAPEKR/gggFvUsVRbTVgwd1ZWdnaxt3m0i3OzX5fGA67zvv7j7P27Az88687ARwaJ2LiJsRMRIRlyJiPN+e5sutdvudzutePH80316SaLXu/jmJJN/W/awkX5+IiJ2IOBoRX70V8Y3kv+M2trZX5mq16kZerzRX1yuNre3Ly6tzS9Wl6trMzPS12euzV2enBtLPiYi48aXff/87P/nyjV989sFv7/3x4jfbaY3l7a/2Y5A6XS9l/xddoxGx8S6CFWAkX5f6tH97ZIjJAACwp/Y5/kcj4lPZ+f94jGRnpwAAAMBB0vrCWPwjiWgBAAAAB1aazYFN0nI+F2As0rRc7szh/XgcT2v1RvMzi/XNtYXOXNmJKKWLy7XqVD5XeCJKSbs+nc+x7dav7KrPRMTJiPje+LGsXp6v1xaKvvgBAAAAh8SJXeP/v41n4/8jRecFAAAADNhE0QkAAAAA75zxPwAAABx8xv8AAABwoH3l9u320uo+/3rh/tbmSv3+5YVqY6W8ujlfnq9vrJeX6vWl7Df7Vvf6vFq9vv65WNt8WGlWG81KY2v73mp9c615b/m1R2ADAAAAQ3Ty7JPfJBGx8/lj2dL2QdFJAUOR7NGePSTkWV753RASAoZmpOgEgMKMFp0AUJhS0QkAhdvrOkDfyTu/HHwuAADAuzH5if73/10bgIMtLToBAGDo3P+Hw6v0+gzAq8VlAhTlI3u0v/39/1brf0oIAAAYuLFsSdJyfi9wLNK0XI74MHssQClZXK5Vp/Lxwa/HS0fa9ensncmec4YBAAAAAAAAAAAAAAAAAAAAAAAAgI5WK4kWAAAAcKBFpH9Isl/zj5gcvzC2+/rAB8nfx7N1RDz40d0fPJxrNjem29v/8nJ784f59itFXMEAAAAAduuO07vjeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYpBfPH813l2HG/dMXI2KiZ/yzR7PV0ShFxPG/JjH6yvuSiBgZQPydxxFxqlf8pJ1WTEQni17xjxUYP42IEwOID4fZk/b+52av718a57J17+/faL68rf77vzS6+7+RPvufD/cZ4/TTn1X6xn8ccXq09/6nGz/pE//8PuN//Wvb2/3aWj+OmOx5/Elei1Vprq5XGlvbl5dX55aqS9W1mZnpa7PXZ6/OTlUWl2vV/N+eMb77yZ//6039P94n/sQe/b+wz/7/8+nD5x/rFEu94l883/v4e6pP/DQ/9n06L7fbJ7vlnU75VWd++qszb+r/Qp/+v/z79zjQtmNe3Gf/L9351rN9vhQAGILG1vbKXK1W3fh/LKTxXqShMJDCkfcjDYVOoeg9EwAAMGj/OekvOhMAAAAAAAAAAAAAAAAAAAA4vIbxc2K7Y+4U01UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDf6dwAAAP//sf7Zeg==") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x3}, 0x25) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) r3 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TCSETSW(r3, 0x5403, &(0x7f0000000040)={0x0, 0x8000001, 0x0, 0x8, 0x0, "dadd1023b1df022dace17a32d21100000000de"}) ioctl$TIOCL_GETMOUSEREPORTING(r3, 0x5412, &(0x7f00000006c0)=0xd) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed0744", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bf"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) bind$unix(r5, &(0x7f0000000200)=@abs={0x1}, 0x6e) getpid() sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r6, &(0x7f0000000080)={0xa, 0x14e22, 0x0, @ipv4}, 0x1c) listen(r6, 0x0) r7 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r7, &(0x7f0000000080)=[{&(0x7f0000000200)="a10100001400add427323b470c45b45602067fffffff81004e22000d00ff0028925aa80020007b00090080000efffeffe809000000ff0000f03ac7100003a9dd27753f7f0000ffffffe7ee00000000000000000200000000", 0x1a1}], 0x1) fsopen(&(0x7f0000000000)='tmpfs\x00', 0x0) creat(&(0x7f0000000040)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, &(0x7f0000005b00)) open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0) 1.106899534s ago: executing program 0 (id=2486): r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000000)={0xc, 0x0, 0x0}) ioctl$IOMMU_TEST_OP_ADD_RESERVED(r0, 0x3ba0, &(0x7f00000000c0)={0x48, 0x1, r1, 0x0, 0xfffffffffffffffe}) ioctl$IOMMU_TEST_OP_ADD_RESERVED(r0, 0x3ba0, &(0x7f0000000280)={0x48, 0x1, r1, 0x0, 0xfffffffffffffffe}) ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r0, 0x3ba0, &(0x7f0000000200)={0x48, 0x2, r1}) ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000140)={0x28, 0x0, r1, 0x0, &(0x7f0000ffb000/0x4000)=nil, 0x4000}) 374.186866ms ago: executing program 1 (id=2487): setsockopt$inet6_udp_encap(0xffffffffffffffff, 0x11, 0x64, 0x0, 0x0) r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)={0x114, 0x28, 0x1, 0x0, 0x0, "", [@nested={0x105, 0x0, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@dev}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd3f8cd1"]}]}, 0x114}], 0x1}, 0x0) 253.759801ms ago: executing program 2 (id=2488): syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000400)='./file1\x00', 0x1a08800, &(0x7f0000000140)=ANY=[], 0x1, 0x67c, &(0x7f0000000440)="$eJzs3c1rHOcdB/DvrFay5IKjJLaTlkBFDGmpqS1ZKK16idtD0SGU4B5CoRdhy7HwWgmSUpRQWvX92kP+gPSgQ6GXFno3pNBT21voTfRQAoVectLNZWZnpZX1kl1Z0lrN52Nm95l5Xue3M89odjET4HNr7mqaD1Nk7urra+X65sZ0a3Nj+lyd3UpSphtJs/2WYikpPkpupr3ki+XGunxxUD8fLM7e+vjTzU/aa816qco3DqvXm/V6yUSSofp9r+EjtXf7wPYON7+dKrb3sAzYlU7gYNAe7bHeT/UnPG+Bp0HRvm7uMZ6cTzJa/x2QenZonO7ojl9fsxwAAACcUc9sZStruTDocQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBZUj//v6iXRic9kaLz/P+Relvq9K3GgMf8JB4OegAAAAAAAAAAcAy+vJWtrOVC6h/3H7V/2X+5er1YvX4h72YlC1nOtaxlPqtZzXKmkox3NTSyNr+6ujzVQ80b+9a8cbTx//Fo1QAAAAAAAADg/83PM9f+/R8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ4WRTLUfquWi530eBrNJKNJRspy68k/Oukzothv48PTHwcAAAA8kdEj1HlmK1tZy4XO+qOiuue/XN0vj+bdLGU1i1lNKwu5U99Dl3f9jc2N6dbmxvSDzY3pquMfPmprt/Pt//Y1jKrFtL972L/nF6sSY7mbxWrLtdyuBnMnjapm6cV6PNvL7k5+Vo5p7LVajyO7U7+Xnf32oG8RjkOj3wrjVaXh7YhM1mMrG3r28Eh85qfTPLSnqTS2v/m5eEhPnV0q+oz5+U69JL9+LOav/fv3P+ixmROwHYlGqkjc6Dr6Lh8e8+Qrf/7Dm/daS/fv3V25emKH0Wl5/JiY7orEC2c6Es0+y09Wkbi0vT6X7+b7uZqJvJHlLOZHmc9qFlLPjJmvj+fydbwrSsmeSN3ctfbGZ41kpP5c2rNoL2OayLkqNZ+Xq7oXspgib+dOFvJq9e9GpvKNzGQms12f8KUDP+Fq36qZttHfWX/lq9k51X9TztS91Uv+2mvB/rUvqWVcn+2Ka/ecO17ldW/ZidJzPVyP+pwbm1+qE2UfvzjKZePEPB6Jqa5IPH94JH5XnRsrraX7y/fm3zmg/fXH1l8Z3kn/6iSvzH0rj5fnMlrPJLuPjjLv+e1ZZne8RupfXNp5jT15l6q8ouicqd/b50wtIz5blb68b0s3qrwX9uYN1SP/57+68nb9vZW3/zaYeALQp/NfOz8y9p+xv499OPbLsXtjr49+59w3z700kuG/DH+rOTn0SuOl4k/5MD/Zuf8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACObuW99+/Pt1oLy/snGgdnHW+iqB/kc1CZZsZyCsM4zUSRrB97yxn8fvWQ6DxE8EnbefPmU7E7ZzoxlKTe8tNk5/ipP6KjPFwUOBOurz545/rKe+9/ffHB/FsLby0sDc/MzE7Ozrw6ff3uYmthsv066FECJ2Hn74FBjwQAAAAAAAAAAADo1Wn8T4Ou7iYGuKsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAGTV3Nc3hFJmavDZZrm9uTLfKpZPeKdlM0mgkxY+T4qPkZtpLxruaKw7q54PF2Vsff7r5yU5bzU75xmH1erNeL5lIMlS/7zFytPZuH9Rez4rtPSwDdqUTOBi0/wUAAP//6PAGzw==") r0 = syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x10, &(0x7f00000014c0), 0x1, 0x793, &(0x7f0000001700)="$eJzs3c1rXFUbAPDnTpKmb9r3TV4QbF0FBA2UTkyNrYKLigsRLBR0bTtMpqFmkimZSWlCoBYR3AhaXAi66dqPunPrx1b/Bd2ISEvVtFhxISN3PjqTZiadtvloze8Htz3n3jM595l77zln5h7mBrBjjab/ZCL2R8R7ScRwY30SEQO1VH/E0Xq5myvL+XRJolp99bekVubGynI+2l6T2tPI7IuIb96OOJBZW295cWkmVywW5hv58crsmfHy4tLB07O56cJ0Ye7wxOTkoSPPHBncuFj/+H5p79X3X3ry86N/vfXo5Xe/TeJo7G1sa49jo4zGaOM9GUjfwlVe3OjKtlmy3TvAPUkvzb76VR77Yzj6aqne9F4SAHiQnI+IKgCwwyT6fwDYYZrfA9xYWc6nS/X89n4fsdWuvRARu+vxN+9v1rf0N+7Z7a7dBx26kay635FExMgG1D8aER9/+fqn6RKbdB8SoJM3L0TEyZHRZvvfan+SNXMW6nqfkPFUD2VGb8tr/2DrfJWOf55tjf9a11/m1vgnOox/Bjtcu/diNGJXe37t9Z+5sgHVdJWO/54faM1tu9kWf8NIXyP339qYbyA5dbpYSNu2/0XEWAwMpvmJdeoYu/739VUr+lrJ9vHf7xff+CStP/2/VSJzpf+2JncqV8ndb9xN1y5EPNbfKf7k1vFPuox/j/dYx8vPvfNRt21p/Gm8zWV1/Js/q6x6KeKJ6Bx/U7Le/MTD47XTYbx5UnTwxU8fDnWrv/34p0taf/OzwFZIj//Q+vGPJO3zNct3X8d3l4a/7rbtzvF3Pv93Ja/V0s3G41yuUpmfiNiVvLJ2/aHWa5v5Zvk0/rHHO1//653/6WfCkz3G33/118/uPf7NlcY/dVfH/+4Tl2/O9HWrv7fjP1lLjTXW9NL+9bqD9/PeAQAAAAAAAAAAAAAAAAAAAAAAAECvMhGxN5JM9lY6k8lm68/wfiSGMsVSuXLgVGlhbipqz8oeiYFM86cuh9t+D3Wi8Xv4zfyh2/JPR8T/I+KDwf/U8tl8qTi13cEDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQMOeLs//T/0yuN17BwBsmt13LHG9sCU7AgBsmTv3/wDAv43+HwB2Hv0/AOw8+n8A2Hn0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGyy48eOpUv1z5XlfJqfOru4MFM6e3CqUJ7Jzi7ks/nS/JnsdKk0XSxk86XZtpf+0OnvFUulM5Mxt3BuvFIoV8bLi0snZksLc5UTp2dz04UThYEtiwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeldeXJrJFYuFeYmHJVEdrh+6B2V/Nj/x88Ef961X5qLTeOMT290yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwc/gkAAP//skMoxA==") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = open(&(0x7f0000007fc0)='./bus\x00', 0x262043, 0x0) r5 = open(&(0x7f0000000380)='./file1\x00', 0x42042, 0x0) bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000001740)={0x9c02}, 0x8) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000004000000000000000000850000002300000095"], &(0x7f0000000180)='GPL\x00', 0x4, 0x8f, &(0x7f00000002c0)=""/143, 0x0, 0x0, '\x00', 0x0, 0x0, r5}, 0x90) r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000380)='sched_switch\x00', r6}, 0x10) r8 = socket(0x10, 0x80002, 0x4) sendmsg$nl_route_sched(r8, &(0x7f0000002980)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000006c0)=@newtaction={0x60, 0x13, 0x53b, 0x0, 0x0, {}, [{0x4c, 0x1, [@m_sample={0x48, 0x100, 0x0, 0x0, {{0xb}, {0x1c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PSAMPLE_GROUP={0x8}, @TCA_SAMPLE_RATE={0x8, 0x3, 0x2}, @TCA_SAMPLE_TRUNC_SIZE={0x8, 0x4, 0x1}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x60}}, 0x0) r9 = bpf$ITER_CREATE(0x21, &(0x7f00000010c0)={r4}, 0x8) r10 = socket(0x10, 0x80002, 0x4) sendmsg$nl_route_sched(r10, &(0x7f0000002980)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000600), 0x70}}, 0x0) sendmmsg$unix(r3, &(0x7f00000003c0)=[{{0x0, 0x0, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000a40)}, {0x0}, {&(0x7f0000000b00)="6455089ab9075e64c4bedb2b941533bc71ec4be38eeb5e2e6c9ecdda0c6ed7bd4706c3fb85575d0034077bb770e214219d50542e7e671050c17a8022b175ce074558fe4e94f15f588cb4a56928bae16bd7f992b843c5011456ed86b60133edc2903c9f6bdf9a3620f7577841abe2e06fef85eb3ee0091a527f0977e3ba534f7fa31caf7465d30df85587b36f219c23d089bbff7e259bffa1157b2393f0a3cd0a5bd97fadc821f659", 0xa8}, {&(0x7f0000000bc0)="148187735e85181ef5b798e0e0df3f67ae40874566271a94a4c5672cb6b12c53f6d38fb1e5b243e0fa875e9e3d66ab33a3f9738fb48c072d1f50e59e4dbc9e920775d2900835f91f3629cd853370b1f5ac1978d3d610b0a8332a25389244c9c5165173bf18e89b7e8be9507774d8824a1a61b29a1b8081c0ea1dd6a0d3d4e8e8a11debfa97f12b69736819fffc7f3b", 0x8f}], 0x5, &(0x7f0000000d00)=ANY=[@ANYRES8=r5, @ANYRES8=r4, @ANYRES32=r5, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRESHEX=r6, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32, @ANYRES32=0xee00, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000fa000000", @ANYRESHEX, @ANYBLOB, @ANYRESOCT=r1, @ANYRES32=r8, @ANYRESOCT=r7, @ANYRES32=r0, @ANYRES32=r9, @ANYRES32=r10], 0xa8, 0x40040}}], 0x1, 0x4000) r11 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000005c0)='/sys/kernel/address_bits', 0x200, 0x54) sendmsg$NL80211_CMD_SET_WIPHY_NETNS(r4, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000040)={&(0x7f0000001240)=ANY=[@ANYBLOB="3d00001126ee28dcd11ce5ec583d7039267bfd91e686737de5b57db34d10740fd023", @ANYRES32=0x0, @ANYBLOB="0c00990004000000580000000800010057000000080001002e0000000800db00", @ANYRES32=r11], 0x48}, 0x1, 0x0, 0x0, 0x4001}, 0x11) ioctl$sock_SIOCSIFBR(r8, 0x8941, &(0x7f0000000680)=@add_del={0x2, &(0x7f00000001c0)='syzkaller1\x00'}) ftruncate(r5, 0x2007ffb) sendfile(r4, r5, 0x0, 0x1000000211005) fsopen(&(0x7f0000000000)='debugfs\x00', 0x0) 207.119064ms ago: executing program 4 (id=2489): r0 = socket(0x10, 0x803, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={0x0, 0xb8}}, 0x0) getsockname$packet(r0, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee8000004000000b6a36b3605", @ANYRES32=r2, @ANYBLOB="ddfffffdff000000140012000c000100627269646765"], 0x34}}, 0x0) sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000c40)=@ipv6_newaddr={0x40, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r2}, [@IFA_CACHEINFO={0x14, 0x6, {0x0, 0x3f}}, @IFA_ADDRESS={0x14, 0x1, @private1}]}, 0x40}}, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x8002, &(0x7f00000000c0), 0x1, 0x49b, &(0x7f0000000100)="$eJzs3E9sFFUYAPBvdltaQKQioiBqEY2NxhYKCgcvGE08aGLEgx6bthCkUENrIoRoSQweDYl349GrB6/qzXgy8YpHE0NCDBfA05jZndlu909Ly7Zb2N8vWfrezJt979uZN/Nm3i4B9Kzh7J8k4pGIuB4RO6vZpQWGq3/u3Lo8effW5clYSNOT/yaVcrezfK7YbnueGSlFlL5KIvqa6527eOnsxMzM9IU8PzZ/7tOxuYuXXj1zbuL09Onp8+PHjx89cvjY6+OvrT6opHlRFtftfV/M7t/7zsfX3pustWgw/1sfR6cMx3CrplS82OnKumxHXTppsb/ZnMpR7Z79lf6/M8qtOivwUErTNB1ov3ohbXSlaQnwwEqi2y0AuqO40Gf3v8Vrg4Yem8LNE9UboCzuO/mruqYvSnmZ/ob7204ajoiPFv77LnvFOj2HAACo98uJYiTYOP4rxZ66co/mcyhDEfFYROyKiMcjYndEPBFRKftkRDzV8P7Z+CZdpv7hhnzz+Kd0474CXEE2/nsjn9taOv4rRn8xVM5zOyKKAfP0ofwzGYn+gVNnZqYPL1PHr2/9+U27dfXjv+yV1V+MBfN23OhreEA3NTE/seaAG9y8ErGvrzH+pC8iqc0EJBGxNyL2reJ9h+rSZ17+YX8t07+03MrxV6Qt59E6MFWRfh/xUnX/L8SS/b9YY7L8/OTYYMxMHxrLjoJDLev4/Y+r77erf8X4f/q7cZO3j/188n7Drsn2/7a64z+K+dvF+IeSiKQ2Xzu3+jqu/vV123uatR7/W5IPK+kt+bLPJ+bnLxyO2JK827x8fHHbIl+Uz+IfOdi6/+/Kt8k+iacjIjuIn4mIZyPiubztByLi+Yg4uEz8v735widrj399ZfFPtTz/Ldn/i/P1a0iUzx64frfNyePe9v/RSmokX9L6/JcsOUXcawM78BECAADApleKynf/S6O1dKk0Olp9BrQ7tpVmZufmXzk1+9n5qepvBIaiv1Q86ao+D+5PiuefQ3X58Yb8kfy58bflrZX86OTszFS3g4cet73S55Om/p/5p9zt1gHrzk9+oHet1P/3XNughgAbzvUfeldd/19oU2TBN2Xg4eT6D72rVf//cg3bAA+WVF+Gnqb/Q+/qiw9q6VJXWwJsNNd/6En387v+lRPpQOtVg9FcOAbXpxlbW9TVlUQ2supK7VvXslXxvym0LROl1b3hQDSvKkdX9sXpPR0/+NP8u/KdbuqPG9JPWyW6cjoCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADouP8DAAD//zy63n8=") 144.520097ms ago: executing program 0 (id=2490): socket$unix(0x1, 0x2, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/unix\x00') lseek(r0, 0x38, 0x0) close(0x3) read$FUSE(r0, &(0x7f0000000c00)={0x2020}, 0x2020) 143.826542ms ago: executing program 1 (id=2491): syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1000400, &(0x7f0000000200)={[{@debug}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x41d7}}]}, 0x6, 0x588, &(0x7f00000008c0)="$eJzs3U1sHFcdAPD/TOzsOnGaFHooCGgohYCirmOnjapeWi5IUFUgFU49pNZ6Y0VeZyPvutTGB+fEgSsSlTjBhQsnDpU4IPWEuHKDG5dyQCooAtVICE01491kd7ObbOOPie3fTxrte/P1f2/kfeN5szMvgBPrYkRsR8TpiHgnIs5HUsxPulO8vjvl631yd6u+c3ernkSWvfWvqe4etuq99XvORsRPR8Sq9KXbG5sri81mY62bn+us3p5rb2y+eHN1cbmx3Li1sHBt/tqVV66+vLBvdX1u9Xcff+fmGz/6w++//NGft7/1k7zMr3WX5XXrWzXJsmzvAV/rHZfpmO3OSiMiP3Jv7H3vT4RT3fqcLrsgPJb87/FzEfF8N31PtbwyAQAHK8vOR3a+P39fOpDLsmTEOgDA0ZNf889Gkta61/+zkaa1WtGHV30mzqTNVrtz+UZr/VbS6+KbTm/cbDauFH2FEZWYTvL8fERcKKbd/MJQ/mpEPB0RP6/MFPlavdVcKuU/HgDg7ND5/z+V/PxfmWRTdwgA4ChzJgeAk+fB8/90KeUAAA6P638AOHn6zv8T3fkHAI6+6tCz/yNlyaGUBQA4HCP7/98+dz/9bDL0ii8A4Khz/x8ATpQfvPlmPmU7WVK8/3rp3Y31lda7Ly412iu11fV6rd5au11bbrWWi3f2rI7YxZ3+TLPVuj3/Uqy/N9dptDtz7Y3N66ut9Vud68V7va83PFgAAOV7+rkP/5pExParM8UUvbEcHv2DAOCISyNmyi4DUI5TZRcAKM1U2QUASqM/HnjUj3tH/kRoJiLeH7+NjgV4sl36wpj+/+H/DQbvB/x/H0bHBkrW/VrrBoATaG/9/3oP4Ch7+Infg0FwnGVZYjx/ADhhJriC9xNBOOYe6/4/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnHCzxZSkte5Y4LORprVaxLmIuBDTyY2bzcaViHgqIv5Sma7k+fmyCw0A7FH6j6Q7/tel8y/MDi89nfy3UnxGxI9/+dYv3lvs9IYOvDe/834xv7O2MDJA5eDrAAD0mRqe0TtPF599F/Kf3N2q96bDLODH394dXDSPu3N3q35/POKpbuGrkc878+9koDLJPg1MvH0nIp4drn96b/mF7sinw/Hz2OcOLH4UNZwdiD/4b1RaLNv9zI/F52cmjLcPZYbj4sO8/Xl91PcvjYvFZ/f7NzXYmFbjZw82ro+h1/7tZLvt305f/Hz/3z9XLdqaUe3fxUljvPTH745ddudU9sWpiF7snb72Z1e1SI2K/8KE8f/2pa88P+5gZb+KuBQPi7+bmuus3p5rb2z+9nsf/Gm5sdy4tbBwbf7alVeuvrwwV/RRz/V6qh/0z1cvPzW+/hFnxsSvPqL+X5+w/r/+3ztvf/Uh8b/5tVHx03jmIfHzc+I3Ym2i+ItnPhg7fHcef2lM/acG4p8e2C6fd3l4Z2P+ID/6++bSRAUFAA5Fe2NzZbHZbKxNkkhjc2Wxd6E58VYDiZnH2mrCRBzYnkcnpgcOQvWgYp0ds+g3n3mH03Gox2ffEnc+w8qVcop6Kpq9/qhHrtxdb3svQbNsD2W+OME6JTVIwKG5/6UvuyQAAAAAAAAAAAAAAMA47R92X/m3zw9F9T8MV3YdAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOL4+DQAA//+T6cce") r0 = socket$inet6(0xa, 0x2, 0x3a) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast1, 0x6}, 0x1c) sendto$inet6(r0, &(0x7f0000000100)="80000fdc2208", 0x6, 0x0, 0x0, 0x0) syz_fuse_handle_req(r0, &(0x7f0000005ac0)="4b2491b461bedcb9048c176a7382f91f7a6483b2a1586d010993885efce3d556a22a448b9235a4a34121cc80b619b8e437e9873df079ca643e34e2bc1a535d9b2a9715b4e5857bc20df3038c4a552abba5397e029e19754b57555e01956a5f0cca8ca6a8e7047b2ecb5a9cfd9aa1073df281cf12de3a7c659616d560d5615d5e610a1f72fa41807627908f23a797dc3766289b04fa3187c07de31e49056a916103908501dd83aca8d2a5a66f6ce934164edaf5a7e372a86b3b1e66bbe3c50409717e5947cf16f71bc84ec60723acb7de047af2667135c2865db451b7c7c92c858f374e86b8bf5ece0da6c5970fccf1714fba7be72122dc6fe77b8620421b55af59d9a0256a168ffd531ff9290a3142104a55b1e5c2b11ffa0a00f7b40167c228eef62d7bfd0b50c7b07ffdea383fe89812f6e1f1b006e31d0b5fdcf7c1725f9ceb355b133ec8ab9cddfe7052d418393e5cb4b5a08bfd036e8aa93fec6a62f03cf34d0024aad605bc3344c920733ce3b4defb22a1a5839faffa2e0a1c19b3db8a499e996781e8061c0f4b9f193bbd8ae74971e821b0cf5af91ebd14f49443264e1a03e419589dff9d10e2e491a6f0a020de6afe564aa5f49342ddda455049eff63a96dd4f2db86d75b60f7617e9afe6299379b13b1d10e230e4f38941f24006eb981424264740c66afc4d3f7a78f3deffac4ae559f5d0f3da9fb7e0855b4746dda982506d1a3a52dc12d6abff23454f35d7d96a75a561b4286e4c62edb28da1899974319f3a7d5b90a3082805d6f800f3360893130281d3f1e4f5569ce40007bdd9e798b19217ff1db4b74ca41ea760c4de95680e4b82d00981271898685e618463ee69175f68b707fba213b36f63826ba07700a27d17d70e50bba2c603499285df2286b5d74926e0d0c7aec135d1981373d0db8ae14b4c4451f207ba6c9959b57f5e26cda62b9268ec21495e49beffcc8899058232cee856f26ee47afb06fd6bac8512e65bc5d4bfeedfdb75e75786e2770aa9bc89aa1e038c8b6f4b78460d4734b2ecab7d9e8609c1731731d9cf776c1334191e57cf00434e1a9745e50a54e28f324bc3dda179c57f45264c6e8f5e95b79f2934e0c2a68efa79918ec4274ec0b33120398c9c7c7c763554859a6a6ca5038cdba2d4fd04b845f4c0f0ce027d8f2a848f4cd3604fe198aa8c6668d572567855cebad36f87e6983bd88fc07357ba9d7fbbd325db7f24297b5122c9aa6eacd915d32bc87f63c108f256151a318c7061cef2fdaecede878d4ea6db06ece2a57cc01436bbba663140acbf6f33946e8349cfe41a528ce72a43c244dcd2a5d8b56934ffb2cba99a1c112c0eb4c13afaf21a88bdaf58378a1b9abc8e57b6dfbbdb66cf27b869fa74ceedf9fbf528c3e2cf8111712aa48fc62e4f2ca4ab09032d57b91dd39d7bd798a4c6d567ab75001e926ff74d71bc566d102632ac3e36852a334d8e889568d135bba35a8b77955e85982c95ef57ec4d385c9d71917b3eab51e23a646c3e4a6ecd616f007746c6a05504ba28b223e39a670005856f39e3ad012ada10dd841cc63bee98792fe8aeafb31bd9c8c2e8f5264b9abc433bfbd40fa82e9308f56134d904ee718b6804b06a3407210bb40da9231007ca30f72d0e1b24c279f5e1f57e81c0c37de3ea8adc0daabb8c1572a64ebad81be98c51dd1794594d19b1de2f9d239568515b5aac3a342a3ba4d24c5f1a83b096be25df7d1744a59a691a2b3bc73045dbd73d8392a048659bfeed84fe028fdb45959bba31c6c1d756a05c9c5275f1d4182056e6114562b9adb5dfeb7ac90e4084c61034b16974cca62b757a8040a4ad5f7e0aaca84433f1d7b86075e35b3c90249a7ecf73ce1c41fda2d55179010b51c4e80cbc0ac14bf285942710e9dcd0788ed5863250163e0d6938d3470af3e3deb61b9dcb5443378f915c25d3bb26958cbb34bfc59e770c456bbb03fda3ab9bb446144ed1ff2323d05b5fb34282fdb1567b24c511026e1d103894fcad880baddc55fb8a21c62f8baa4f460841b556ce62586e0a4953604e6322115bcf4616d6a07056c11b11506f4ef7ccd585030a1c48bee3a27e2357a8e0045177fe14de7d44b888153bfaaea4b507685c18d90aa6b8d2297d18897f82eee25c12243fb968c11bf2540bedc6354420258477eedf5d1b18da6432b9b61d1823e2b591b624642b52b1d4c5f6ec6467e72ee924d3b7cabf481c0d616288000f57a6df18deded00b7e1d9673f836b1ecc20f14fff609c839a0f18db8c60defa3aca368c48cc174753e643d32a75034d07c608545036160f304e8c7db02d96e6bdc20e5bb3c8c5c513016c0365bfdfda47100aa5aeaf1e3f751b7a5ca10ab74050ac0ccf28cf1cb13c57c9b0cd7a3c421cb604620902273aee2db6ac3047331b68460248d5d7c91bdfbd29df2f702146a3debd443c46c62705db392bdf021f89de1ffc236b9dc0f0bb94a4ca62f8e8bb0010f0585a738ef840ee980424a15d3662efc4a51965bcb6935b61308f497293e7af7ceb972fa9184aaa8433123811f825ed203b4141274c66c7334116dede159bcf62e15ab39d4fae9789052dd3a91ffd0015a25ec03fda69786a0a002abee9b0d452bde1a6eba15a01ad7c73ab90d078c1fab6775e7dde159f7d79efd28c79c598b8ee38e9a01f93c4f98ef9c1c1ddafbf2db0685a70ec0720e95702036ca46243c95c917791d80ebafe63305783efa474652245cf542a8e05e74af8b5b9efa9a31d1b5cf5d695ae84caeec2215b02d599fa85013740129c97fa6be073c02c212aa34dfb4f2084df2ba973c6a03487f2540e877ee6020a885ac8591e113f154fd954145336b338a2f7e5b4e154c9ec444febd8e9054144480990b4672d5c022ad373effa865be24d74000666943fa4c4fd5c714cf489a01da6cc3558292d0174f335707bf315a33aa0ff2586815cee5aa34f443f3297e8d83ffb38b0081ef99682d1a332f92bbd0cf159e291f8499d0f71f696b97832fd507f526c48d70fe2e2c11969a46d203f6bbbe2a91551b41ea7f0e1c4407f2c553aa11148fdb00830409e516aebe506757dc8070f8f8204522ec035574a8e7849b9d8223de69b66400095c46482d252ee3996d163bbd7afe4a9d02f65d7644d3a8be257f563d56e62c8edfe4abb173670511905aa89876a8dfe3f866706c10443863b2f0f33967a8b97fd09bd268d25772602a76953d5518fb15c987ce36ff7ef906cb8b32f1da6d6a248b1e4db10302f61feb5d0fb9a38b4583d2c59b7c3922b9f67533f7697dad383723198c8132b9f8b56c2ab4767a30b117126911e3ce3d147df6b621e6f4c6cff4b0b99b7ce2ae8c770342fea1d4e71e96b27fb08efafcf187e31e93c049c214c7c6d9db652907da7d4b274946adf25d0030c5abacbb987069f0cf977e3675fde0ad23c87edbecafcb3b63f1c96dff5406630a02b1bbf6ffdd7c2072a3e6bb536718e26fe262fd25b574495e9877bdf11fb5c4bb300b0687da710c1464841757d52be584f8783d10f857141b725b31e21e6ae56a53c033da14a7007ade63bccc1b79c27de989902fe849e6f56b7762ef00d2f5f8c8aa7a37d0d5da02f1db50b22de67f572b9f596645b5b8ad48a107c709ccdc31c2b22ccc75c6aa644cbc669eefb7b2798e848615748db19dfbb1fcd378209a08eca2db3ea53bfe0bc768cf2d4658579d7c17586c93d945cb6e85b80bcdb13f49f091272f25824ab4d361f79556d4b227164c1ed431874a88d6bb9612ea8edba924ff2be24641a1a9dc16c54290583785dd07ef437f5c4838ac4c1b2031d5f117f2fc696faf7fc76473b9066782209739956d8cc6147ca640f63db6b373d0837af31238041adb39d7ce97a5ea03b64f0a8e3301c24604026130a56f9666f270ec77bdcbe8210ce6ef1bf65f3ac73518a3bbbb18105a849ff99a2485a9cf70ed6a656d242db20b284facd0786c4c471a221df68e13a5e710977df026edb52443f59bfe48178cc50bf5042fce96a7ee788ea529b83e5cd06e42dbf49b499756271e8ad2bdeac76481eb04a36b7ca413f303da44143c691bd13c61e064e4f7ce278d9cfb105f381e0c37a5dcf0dd96ecfff04df387471a829204585fa77a671b702e6139061449647eb30584f3ce36031b5cdbddf8e04f71f517240cc8dc54fa691b531a1c6c39367e2f2d731c10d0eb706dfaa089e173f17d68385ad79d1a01d12534915e13a932106789b9527e794cace8a3faedb65042258085c1f4a61bc862fcc627a36bb2159b8197a5a350448abaeec8636d972485feb05c1a4a669ed138ca5fb1baf68d7bf643df5677ecc1b2e0d0cd6293daa2fb69c1c769c1972110034b2d247e6884b1fc741c9448fb199ba93c6dd90e406fa0e07e513511ed008d58cc4fd804cce55d4b4da598c0b6c259d311a71a02a533ad5aed6267936c4e990cbbae547ce511431ec217b19392ca7625522df6615514f1cc54d9ada3f9aa731ec1a379bffd0dc5e7dfc0befe97311995ffb3e84e7aa2fb017a6502576ceed10b07feb61c9d1c4d7cbd80f33a0f35ac97e632ab87af457e02ecb5e57eeac2103561fe22d0af63bda651ca2ff02d72cc29e8725265909bf3bae72320cc3c0d54f5d0e8cedc33f7f1eb01974a0385fe534d3f04b56a23c7fb4e48ceb3c5d52535a2adeb32d21c17ebea71696381cd87350bce38ec78ce7233bbed809609eabd442cd3e30567adb6dbd337586d54c44d701b917e2ee6c46d87132c1a8c2baeee898820fa39c1304c5590fb75b070d8231931138767e85f518556e5712b419027b0c4397fcc48b4b15cfd06bddad3dfb369bb29b13c6721cc22da9bb33d9f49b60e6cc051750dee1b20e7d084a7444be72201c3eb5bb81cce7c07c3d35b0896ed59381fd171d216df24e6061dd17ffb80e2d4e64b13f285b9ed8ade9ee4d831dd5c3a34e1420bc0ce51b6a8c8a5c315d6c10082548669eb31f6c1feb171a95749e3fb8b217867aff419a7c06b16ee024028b0d0ade0af2ba5ed09100d5f26587f686fa15a2022a35a462b7bbbeac496c096a39c4d7413450e945322cc41019cce595a3f5f96002101829b45a7d3148236692dcfcdd0bbb8f0db5b58f84d136f8db06de1b8229a99da0908abd2bddd7039a978518467d0e5b64b05ed16c0170eaa5ce390c5415d76da48c8363ce81703420780919c12a7eab01a1dc5707f72f4efb7b4e94e30a5ecd3c997f730fb39b8e4604ada9a60b57d8efb9e3806959544d83fef509cf0289e7919c9ad5b9412cbefc16ae039d41706c43911496db03dcd948c9d823ac7f804c8d7afa18f3176a2a803ae672a43981fb19aa68f566c9e6d88f583a3fc148476b019d581bdb008db71dee2af7370f30aaaf6930cc3c283ddd34c2faf87ca7ecb7922ab8904486e5b04174fa24de1d068225c32e0603ad586a6f5f7a1be1e237703b4e61d52bd6f7468f841cd92c5269b15bc69be65740f22d72c39159daa03b3a9dbddf3a2fcd212c2dbef7197234661952852d65e989302a6db5663835784e7d0a0bd6f51988d9f43b52a1b7d3d0fcfa9963549cd45d3d5486fdb639603c05dc684517532c444c0650a48331835f41373e6f6b2835caa28426d8145135b9102d31ff614e9766eb95d095376b8854f7923d0ff3ad89d253a7cb4fae9ac8189c863c23fcf234090f13750b64fbea2e9c527a37363df2f7b2db115c400dd3831b33f986b2b379ab786908ab86fffb43052f2b7dda9ddc646f534aafdb4214686d22e91fdb1de42be04bfa7327bc37a4f38b80300496ddc794cb73f4c31e558a19ebad905fb86244fac48a7784c282809556dc4b2978efc15b85764836346f9741bb5bc7cd4d454764f4a88fce7f64cd6a9a0b2eceb52c955527b327d4991bac7a1a7c0a30ec1232f53994978a4d7979d927c24c28ab052345cf89ef48ab27d5e115244dcdd1ce2c8093e753ea83351bbb03922dc4ac34633d270d2ec0156b2cece1c7c91c86f60cce3d1babe05ace441474ed90d0dd400841816419a18b715fb2ac1eb073b23f0a16741fd4596fc546c39e38087af4f96357fa8eb39047f638fbc8fbf9ba35e19e7608dfcef5e6093b5c0afded071c0cdde8fc57fdb555f2753a96cbc65393df09236b69e8a3788384d4a0b40da6b621c1052905d2a6c43bc7e181068a5907be47e224f66a777747e77523961685b672591d8a1cb4b7560ac9eb96f4346704797d786973914f7d339041f1249c93f9758314a9b7a3884b174184fcb4c3cf033c1245a6acad4ca2b6223e9fedaa1044897a9d54990eb37c2fb0ea047624115471fc69d543a6b864fd91974cdbc0242512c049f35788adc533705658c16157f479558f6ae604384249d1463f66f53f061036372bf281e425c31cc12e70c485ea561a0c7cd405d1755c7e5a5c1f734d480f6c5e9d61c60dc9abcb132bd34f6b97393569a8af11f513a747702a385711eff08422acd0f4103b9f29588e0a6f2b9e72f863c9919f594daafa0767a6bf63dd6622a0eeab18837b91201b00d4b10feabf20d47a347ace80f2c82a6bb83cb85bff6113037136684afa631b7eba48c9ff51fab22635a3b4a2a90ff91714cec24368e8c0c3094ed353d590b32b00ffaa782555cf0f2cef6fbfe01add053cb96a9ccad0ddc99b6fbb922cd00dec303d628289843f17dc2dd145fcb507c65fafad0125cd81e01d89db180c3f4ce304991d796c87b4f273260812929e0a518780167489ce8d4282ba9d53eeb3ebb249a7d15139056fcbc37ccf6d9f9c44936aa96f9b1d9be9965c2cb0f95b4d838e99dd451b64900035f15c5942e566cea549a7fb900a766c76c77f275030842937f344ee17fccec14e58c14eee8fb39e462edb3c7ba6c489c7d3331ada9d5d9626181a61a2d78ca6c0b3047858b254be43194fb5f94e172b633dc4c2c4c9ee911655627299fa7579f2c2671c7176567e195bb154d6cd4af71a13eaf9a727d3a6b4dd6852a14c8c443aabbcb766e8ba417738a7a5cc392a8ed4d1c3b39b87c19be38f95b118e4bcf5d42402d70379a20393f2b5e3e4dba70e5bcc8373dc0fe84bfc0ac6a4267e9e36f5716cf70eb85e20717f9892830c71217c95fb612f64179acf2546934286df6529efcf5d53762d53c96c59ec5acbc65a08da76f8ff1e89a0bac78bfde18787612d3d1491ae8ae28a5f4ece0267dbae8367ceaf219cc33bbf901691ac64f599e1427affb1712176c3902d225afe4e33eac3c03ce701fb50d20f0aa4b58285a3416ddda4b87748f7a9b5996552711f361a1896c0ce1413c580919284e6ff3eb7bfca7522d86a0c3a18c97d6752732e1d124ae6d2a2bb9adee47878875fd7cf311488a97d2894a12f3b4d744145c8d3ed6aef533f28588703bb1628388264fd1d94b35fa054a663a22d542047f1a089f7b0670a9c4dd1769510bdecccb545df9dcd43ff81361cec08ff60cadd0a0d0f4f51403454b0ccaf6b8921611a10b7e8db805e5c05bb413a311cc7788fe35e136498f089ab618a2384098406cedc65eefaee3636abbce5b4265ff05a748d13bf19678ea7182cadddd7c59ef86c476eff9090f69dc6b1b42add9d47103d16263372dc740d1853a0251d390d480e7383f3be0fbe309faa86ae3fe44ca87a3fd32e6f49ad8a8eae13c4dc864382ee80b7012f7c1b74e003a37ae27aca499e14e165ab2e7739ac8318fe35720c1e5b7f5f31ff6b6b0c25b1227f39250353a4f2f69c4908e7cbc457c5f237455367e5f42d457aae2de3cb87eaad4546d465de31d07c1870d28812651e9504c882b692e1ec25f3ea72de270dc437f4ae7c7f31938290d6a7e13ef9285de082cddcc91d7e5699438a0cfcfbcba986f0e2b1d916e649e277a062121f913312c614ac6d3998c81b1938bd0360bedb2c27280c39eaa3b81cfd56bab9aa87cccdf0125ab6fe9b0bb1e60ee8ebae26d4fc0e4935278aef43e0211d36f1fee615dbb59cb28da37fad05a89ccc435a6bd9cd88e6a56724593f5a5db6ea25298ec9104efabbc8a65bc75a8f9c76b22c2d28f65f2bd51185465c5594873aba967cd6df3a72916be6031a7b56ed9976fb1db48fb1d5af3e7949cd932cb32ba7f337bc7341382fa8192788a9eda6d69c844b90cd9bfceeb8ba5703536f9334eeb1efabb02de6e9594ccd70883be2f5f5508c6158adde35ea19160009384ec15570e2a8a31c7d16f3cf1962b3a56f516e578dc98d2bd0421e0ee652440432dd4c255452ad42171afa6b8bd367873af00266b604d5401a34e45eea22cfcb804359513235603cd504c8ff308345da31463befc763d5cd60dd27c10baa4b1336433dac7ad640753fba5f4842d82f707f793cad401056f88d1532710193119e992677a4e48f5dc70ced64339a483a3883fd95e21f32ef603f452045ca0ad0b21e439eeeca0b00cbee143158f445fcf69b14f16c4aa7b47c7192ce821c368d57caeaa1da9b42c1c8bf1dada1fd3d7b92daf3cb5279e5fc578de099e7ec45f7e38b31653a98006d53ef7fcd39716822cf7b0824f2556a8e2af830877e3e331bb6a31c9278697aa6cab9ec816968580f64a35af7169351d1c81fc0cbe6c5b5bbbc9d2b25b62d7000c27f3828023c3bcce22226a8c40ff1a7f4167ce93c3c07ebd859b31277854b09adc2d0d7c63b0026aa4e5e6a67256a2a1ea954465c71c159fdcb603f543da7f6a39a29faa617a4fdd520334f0945f1c7233708c13592254fcfd29188ddd062e66b94ea4edb392cbc4a5bac87267000b685c346d817fba73590e33d981daeed3301caf643cb418bf0df9b09e1b5c3b6194a0115af20ace4670a2d8d13e782266d412f0f464e3f11df2a141e451da458cba86e163206e1578b327d002d5a1b8a24e7035686e5af36d5846a3d5d92638e5f992901051395d6fcb9fa359ea1c934a4f0bc64268a88b99a09402a17a02cf93c7c79e855db26fb74b2905b4e3ed316a319f7c7d9e37f7f93629329af6156fb1bfdb127f27f158f9b602700d8986fc02f9edd7fc9b6acc433cece4f03aed8edf8d7d3bce9edd64448657ba3df5d0fc886a725ad135fcf2566b94f29c7cd2dbac3c6e5b838e0f85ba920a26c68935be333de3e21645d18f9bc8acfe4f84ed2b5b300a08949290e08f83c8da4fdc96be04d9b8a9c36089b318166d72f2d5f8184aaa3eef2b75f659c9f3712d8a66c8c043b48f4505de1f8cc54d6835a3a6407d91eea56617047e140b078409bb3299d022fd895c259cc4f2b901f2002e23c8d0afa643c339c50f08ff8f3d7f92c17ad644a3dad5a6a095992cd87defba1e9597da116938ae632c1160164f3f1f4a2e2feb1eb8a179a5308929e5fb65badc814cf6e30fa81bfc63967531e93f8644761c45f0b7d7e6163e7384f16685bf33df2fdeb27cf54edf7f9b87ae6eb60c77d197fb8b2c465165235d5a8ebc072ba72bee190a667e193e9057ae1f3e474eff54d3e8d330f0dba651cc54dcb475b307884f3d74a5b275da064f4d2063de25c8d99dc5385e1784f842924a3369af81c133385fef6efc0e8b7d9e52f4cc716836b07782844cde998def45361bf6a51d1ec5e53376251c595e017489c27680c380ad6fe44b3d4953cb9649d9b0c14c7c2333a5387f31f6dea457374bc834cb8209129c00cb56a8ffeeddcf15f93fdc9beefddb6ae5b535c8b06edb09cfb14f2e3240fb6ced025d9c9255490302573490f990bae971001cc1e8bba93c50b6fd3a5c94249b6718781776efd1efbbd5bf19ad7c5c15d780c8292073ae3f2494c070dcc6297fea78be5ef76b183b1bb00f300e46645fc22ab2a404d5dba9849370ea19d8961fb887e41d50358a8dd752d93d636f0693c3e6af18ccff4a82574dc1fe3a038b482b4ca14edfa64a8c3a0554181356b82b43732db6625c8619a2eea6a451bebba2d24940310b7dd40ae7e768ed3a115db3f0dfd06ca912a9d74142bc2e52ddf82317583b622aee9d3c36c1c604b0ac089fee53d1dce3ab25cca18b112912e2377ef028f55767586f4db93a27a17a215c463fba811df547a6c38726c94263ae4090fa2abb14e73d3329710554f56eafd2ea125319611aa66051870b13672acab2b773ce26b985db74ab2f51e421032c44cbdf2a523d277eef612c3b67819383c1fff0ad2669beb9a087bc144ede0573a13be82227228a08cc2f8b5ad05a5f3d31831763a357d58dfec1a4e94e4c6c65cf792f61a2e081e6aabb7717d91db37fb4f64b9bcdc65640833ce9dc0cf4de69e13dc5219a81cd7b2df8fbf012cbeaab5244578ac592dac0b715d5a91a4dd040d7c60950627ec2622cf4482f3568420efa31e4e0bb77bd7567868cb6f5c4b7a21b6dc8cace15687a3bbea014e78fdd4e7140fe06d8c91e76f65935510cd25c4b4226eced3780d406ab631a2ba25d52f1a3e1931d540f0c3a7ec2ba2d43e80749e2b7b5178419155cc7f69ff2c8d5a2dd941d275ca6e5f8637f1113d487379acf0232e969accb10bc273cdffbd3ee33a02d0f21872a401af794e8a008d6567e6eeea6b52575d7d79ac36f380c42801f01e08e3d45beb977d40bce86bfeacaea1a27a38434248c127eca4f77a223aae190013792a77818d053d566913630869a0f948b7714c4ed39057fa8d0aa4de9bb08e9ccb5838092ede6b749a90a2120124e0a146e092ec967b56a3ba8469433256660904dee6eb2b34cf00446216c98d748a1be1893f8877608f8bed44db52fc743eb47ba6a18aebcb20776c3f42cfae69679b5b32bbc3a26a5909848dcf65e9118ee14702c1e42fea811934a8319dd6fafa593c0648afe21b612c005775c96c6006cf910f179af08b299fdb866f77881ab7d8270f9388a901e30219d25fd9a1ad24df35adfc013237f0ae177079c4e0f90e76ccaa3a41f88c1ba1b0e6a4a3a04bffee9d170395d150ac335758d02b130f1ebf2e257a7d960d82693da9a2615949dd29a71aaedaa678729faa05cc327d7255be061e5e59f97bfb402a2f9b7c3095b0f85399e7d83a6da8c3cbd1f88535d5d44d1efdda60a9ab91542a37a65805e43d222781161035766770e24f7930099f5e08ff1efcef0985e08671c1f3e20188b3fec5ae5594fc8fa45e29be0429399a980b06954ece629e9ab0267d5bf17a638dad14079bd96fbddba65426229c69f69def765d2aae1a52a9c59c280eb5beb6ae189747bdc4774883d9e77fa3b1439e26e35c3de07e229447139129ff5d4c7f3eb7b8849c3570187786572aaf859e55cf939e0925f951acfe3240c1964ee40b3717a8a1fb2b15a0784744952535283e777b400558a4fbadd0163273d62a58fc40e124e893ca03ce0ea396762d2c0e497cfbb041d75fe678fc309f5744af7c704357d678b2600962ba7550a794f3632f802c5aaaf76541d6a4ac54900a0a8543dec8117ae961ddea6889c018e444f9a86e656579d9e748222b5efb148a174919a2c733769089f436ec59a9d4ca5d930ac16b7001ed3935448a3158ce8cafe9b82753634e9e7d9cde132550d88f6d165b04c48db6e42254c651963abd7964f2dfff92be5d4845e2d952fe37b2e19c2", 0x2000, 0x0) ioctl$SIOCGSTAMP(r0, 0x8906, 0x0) socket$alg(0x26, 0x5, 0x0) r1 = syz_open_dev$usbfs(&(0x7f00000001c0), 0x77, 0x101301) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) ioctl$USBDEVFS_BULK(r1, 0xc0185502, &(0x7f0000000040)={{}, 0x0, 0x0, 0x0}) creat(&(0x7f0000000040)='./bus\x00', 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r2, &(0x7f0000000140)={0x1f, 0xffff, 0x3}, 0x6) write(r2, &(0x7f00000000c0)="510003000000", 0x6) 52.170313ms ago: executing program 0 (id=2492): r0 = socket$pppl2tp(0x18, 0x1, 0x1) r1 = socket$pppl2tp(0x18, 0x1, 0x1) r2 = socket$inet_udp(0x2, 0x2, 0x0) connect$pppl2tp(r1, &(0x7f0000000980)=@pppol2tpin6={0x18, 0x1, {0x0, r2, 0x1, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @local}}}, 0x32) connect$pppl2tp(r0, &(0x7f0000000980)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @empty}, 0x1, 0x3}}, 0x26) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0) write$binfmt_script(r3, &(0x7f0000000100), 0xfecc) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r4, 0x0) getsockopt$bt_BT_SECURITY(r0, 0x111, 0x5, 0x0, 0x20001f00) 0s ago: executing program 0 (id=2493): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYBLOB="0000000000000000b7080000000000007b"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000002200000c0000000000fee300760000000f8a49dc75000000a000020095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='io_uring_register\x00', r0}, 0x10) r1 = io_uring_setup(0x2c49, &(0x7f0000002240)) io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r1, 0x18, &(0x7f0000000000), 0x1) kernel console output (not intermixed with test programs): ttempt to access beyond end of device [ 539.817712][T11665] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 540.814529][T11676] loop2: detected capacity change from 0 to 64 [ 541.259785][T11680] netlink: 'syz.2.1788': attribute type 1 has an invalid length. [ 542.062993][ C1] DEBUG: waiting rtnl_mutex for 523 jiffies. [ 542.069083][ C1] task:syz-executor state:D stack:21024 pid:11484 tgid:11484 ppid:11479 flags:0x00004002 [ 542.079380][ C1] Call Trace: [ 542.082697][ C1] [ 542.085678][ C1] __schedule+0x1800/0x4a60 [ 542.090224][ C1] ? __pfx___schedule+0x10/0x10 [ 542.095181][ C1] ? __pfx_lock_release+0x10/0x10 [ 542.100273][ C1] ? __mutex_trylock_common+0x92/0x2e0 [ 542.105831][ C1] ? schedule+0x90/0x320 [ 542.110113][ C1] schedule+0x14b/0x320 [ 542.114329][ C1] schedule_preempt_disabled+0x13/0x30 [ 542.119802][ C1] __mutex_lock+0x6a4/0xd70 [ 542.124380][ C1] ? __mutex_lock+0x527/0xd70 [ 542.129095][ C1] ? nsim_create+0x408/0x890 [ 542.133754][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 542.138859][ C1] ? kmemdup_noprof+0x45/0x60 [ 542.143613][ C1] ? nsim_udp_tunnels_info_create+0x592/0x7c0 [ 542.149756][ C1] ? get_rtnl_holder+0x144/0x190 [ 542.154737][ C1] nsim_create+0x408/0x890 [ 542.159190][ C1] ? debugfs_create_symlink+0x191/0x1f0 [ 542.164830][ C1] __nsim_dev_port_add+0x6c0/0xae0 [ 542.169979][ C1] ? __pfx___nsim_dev_port_add+0x10/0x10 [ 542.175685][ C1] ? queue_delayed_work_on+0x267/0x390 [ 542.181191][ C1] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 542.187087][ C1] ? init_timer_key+0x197/0x310 [ 542.191989][ C1] nsim_dev_port_add_all+0x33/0xf0 [ 542.197173][ C1] nsim_drv_probe+0x85f/0xb80 [ 542.201875][ C1] ? __pfx_nsim_drv_probe+0x10/0x10 [ 542.207162][ C1] ? kernfs_create_link+0x187/0x1f0 [ 542.212434][ C1] ? sysfs_do_create_link_sd+0xdd/0x110 [ 542.218166][ C1] ? driver_sysfs_add+0x1de/0x1f0 [ 542.223360][ C1] ? really_probe+0x147/0xad0 [ 542.228093][ C1] ? __pfx_nsim_bus_probe+0x10/0x10 [ 542.233377][ C1] really_probe+0x2b8/0xad0 [ 542.237940][ C1] __driver_probe_device+0x1a2/0x390 [ 542.243292][ C1] driver_probe_device+0x50/0x430 [ 542.248371][ C1] __device_attach_driver+0x2d6/0x530 [ 542.253901][ C1] bus_for_each_drv+0x24e/0x2e0 [ 542.258783][ C1] ? __pfx___device_attach_driver+0x10/0x10 [ 542.264750][ C1] ? __pfx_bus_for_each_drv+0x10/0x10 [ 542.270169][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 542.275262][ C1] __device_attach+0x333/0x520 [ 542.280072][ C1] ? __pfx___device_attach+0x10/0x10 [ 542.285436][ C1] bus_probe_device+0x189/0x260 [ 542.290358][ C1] device_add+0x856/0xbf0 [ 542.294739][ C1] new_device_store+0x3f3/0x890 [ 542.299613][ C1] ? kernfs_fop_write_iter+0x1eb/0x500 [ 542.305142][ C1] ? __pfx_new_device_store+0x10/0x10 [ 542.310561][ C1] ? sysfs_kf_write+0x182/0x2a0 [ 542.315453][ C1] ? bus_attr_store+0x4f/0xa0 [ 542.320139][ C1] ? __pfx_sysfs_kf_write+0x10/0x10 [ 542.325408][ C1] kernfs_fop_write_iter+0x3a1/0x500 [ 542.330747][ C1] vfs_write+0xa72/0xc90 [ 542.335032][ C1] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 542.340941][ C1] ? __pfx_vfs_write+0x10/0x10 [ 542.345784][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 542.351810][ C1] ksys_write+0x1a0/0x2c0 [ 542.356225][ C1] ? __pfx_ksys_write+0x10/0x10 [ 542.361119][ C1] ? do_syscall_64+0x100/0x230 [ 542.365953][ C1] ? do_syscall_64+0xb6/0x230 [ 542.370750][ C1] do_syscall_64+0xf3/0x230 [ 542.375295][ C1] ? clear_bhb_loop+0x35/0x90 [ 542.379985][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 542.385953][ C1] RIP: 0033:0x7f6e7237475f [ 542.390396][ C1] RSP: 002b:00007ffd4054af30 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 542.398872][ C1] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007f6e7237475f [ 542.406928][ C1] RDX: 0000000000000003 RSI: 00007ffd4054af80 RDI: 0000000000000005 [ 542.414961][ C1] RBP: 00007f6e723e45c4 R08: 0000000000000000 R09: 00007ffd4054ad87 [ 542.422988][ C1] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 542.430991][ C1] R13: 00007ffd4054af80 R14: 00007f6e73034620 R15: 0000000000000003 [ 542.439048][ C1] [ 542.442085][ C1] DEBUG: waiting rtnl_mutex for 560 jiffies. [ 542.448101][ C1] task:syz-executor state:D stack:20816 pid:11522 tgid:11522 ppid:11502 flags:0x00000000 [ 542.458321][ C1] Call Trace: [ 542.461693][ C1] [ 542.464692][ C1] __schedule+0x1800/0x4a60 [ 542.469290][ C1] ? __pfx___schedule+0x10/0x10 [ 542.474226][ C1] ? __pfx_lock_release+0x10/0x10 [ 542.479345][ C1] ? __mutex_trylock_common+0x92/0x2e0 [ 542.484971][ C1] ? schedule+0x90/0x320 [ 542.489266][ C1] schedule+0x14b/0x320 [ 542.493488][ C1] schedule_preempt_disabled+0x13/0x30 [ 542.498981][ C1] __mutex_lock+0x6a4/0xd70 [ 542.503557][ C1] ? __mutex_lock+0x527/0xd70 [ 542.508286][ C1] ? rtnetlink_rcv_msg+0x847/0x1180 [ 542.513574][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 542.518652][ C1] ? get_rtnl_holder+0x144/0x190 [ 542.523654][ C1] rtnetlink_rcv_msg+0x847/0x1180 [ 542.528753][ C1] ? rtnetlink_rcv_msg+0x208/0x1180 [ 542.534039][ C1] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 542.539539][ C1] ? is_bpf_text_address+0x285/0x2a0 [ 542.544909][ C1] ? __pfx_validate_chain+0x10/0x10 [ 542.550154][ C1] ? __pfx_validate_chain+0x10/0x10 [ 542.555421][ C1] ? arch_stack_walk+0x16d/0x1b0 [ 542.560377][ C1] ? mark_lock+0x9a/0x360 [ 542.564775][ C1] ? __pfx_validate_chain+0x10/0x10 [ 542.570017][ C1] ? __lock_acquire+0x1359/0x2000 [ 542.575134][ C1] ? mark_lock+0x9a/0x360 [ 542.579509][ C1] ? __lock_acquire+0x1359/0x2000 [ 542.584636][ C1] netlink_rcv_skb+0x1e3/0x430 [ 542.589535][ C1] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 542.595061][ C1] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 542.600423][ C1] ? netlink_deliver_tap+0x2e/0x1b0 [ 542.605779][ C1] netlink_unicast+0x7f0/0x990 [ 542.610591][ C1] ? __pfx_netlink_unicast+0x10/0x10 [ 542.615940][ C1] ? __virt_addr_valid+0x183/0x530 [ 542.621098][ C1] ? __check_object_size+0x49c/0x900 [ 542.626454][ C1] ? bpf_lsm_netlink_send+0x9/0x10 [ 542.631658][ C1] netlink_sendmsg+0x8e4/0xcb0 [ 542.636508][ C1] ? __pfx_netlink_sendmsg+0x10/0x10 [ 542.641820][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 542.647844][ C1] ? aa_sock_msg_perm+0x91/0x160 [ 542.652812][ C1] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 542.658170][ C1] ? security_socket_sendmsg+0x87/0xb0 [ 542.663726][ C1] ? __pfx_netlink_sendmsg+0x10/0x10 [ 542.669026][ C1] __sock_sendmsg+0x221/0x270 [ 542.673770][ C1] __sys_sendto+0x3a4/0x4f0 [ 542.678349][ C1] ? __pfx___sys_sendto+0x10/0x10 [ 542.683475][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 542.689497][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 542.695900][ C1] __x64_sys_sendto+0xde/0x100 [ 542.700713][ C1] do_syscall_64+0xf3/0x230 [ 542.705257][ C1] ? clear_bhb_loop+0x35/0x90 [ 542.709977][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 542.715934][ C1] RIP: 0033:0x7fd98eb7796c [ 542.720408][ C1] RSP: 002b:00007ffe19208d60 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 542.728887][ C1] RAX: ffffffffffffffda RBX: 00007fd98f834620 RCX: 00007fd98eb7796c [ 542.736962][ C1] RDX: 0000000000000064 RSI: 00007fd98f834670 RDI: 0000000000000003 [ 542.745117][ C1] RBP: 0000000000000000 R08: 00007ffe19208db4 R09: 000000000000000c [ 542.753166][ C1] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 542.761164][ C1] R13: 0000000000000000 R14: 00007fd98f834670 R15: 0000000000000000 [ 542.769200][ C1] [ 542.772231][ C1] DEBUG: holding rtnl_mutex for 593 jiffies. [ 542.778265][ C1] task:kworker/u8:5 state:D stack:20536 pid:968 tgid:968 ppid:2 flags:0x00004000 [ 542.788512][ C1] Workqueue: netns cleanup_net [ 542.793355][ C1] Call Trace: [ 542.796663][ C1] [ 542.799636][ C1] __schedule+0x1800/0x4a60 [ 542.804263][ C1] ? __pfx___schedule+0x10/0x10 [ 542.809178][ C1] ? __pfx_lock_release+0x10/0x10 [ 542.814289][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 542.820221][ C1] ? kthread_data+0x52/0xd0 [ 542.824784][ C1] ? wq_worker_sleeping+0x66/0x240 [ 542.829920][ C1] ? schedule+0x90/0x320 [ 542.834221][ C1] schedule+0x14b/0x320 [ 542.838409][ C1] synchronize_rcu_expedited+0x684/0x830 [ 542.844118][ C1] ? __pfx_synchronize_rcu_expedited+0x10/0x10 [ 542.850323][ C1] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 542.855703][ C1] ? __pfx___might_resched+0x10/0x10 [ 542.861190][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 542.867248][ C1] ? __pfx_autoremove_wake_function+0x10/0x10 [ 542.873495][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 542.879896][ C1] synchronize_rcu+0x11b/0x360 [ 542.884709][ C1] ? __pfx_synchronize_rcu+0x10/0x10 [ 542.890048][ C1] lockdep_unregister_key+0x556/0x610 [ 542.895485][ C1] ? __pfx_lockdep_unregister_key+0x10/0x10 [ 542.901459][ C1] ? rcu_is_watching+0x15/0xb0 [ 542.906275][ C1] ? qdisc_reset+0x3bf/0x5b0 [ 542.910903][ C1] __qdisc_destroy+0x165/0x410 [ 542.915762][ C1] dev_shutdown+0x9b/0x440 [ 542.920218][ C1] unregister_netdevice_many_notify+0x9c7/0x1d20 [ 542.926700][ C1] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 542.933608][ C1] ? unregister_netdevice_queue+0x26b/0x370 [ 542.939586][ C1] ? batadv_softif_destroy_netlink+0x1e0/0x270 [ 542.945823][ C1] default_device_exit_batch+0xa0f/0xa90 [ 542.951671][ C1] ? __pfx___might_resched+0x10/0x10 [ 542.957017][ C1] ? __pfx_default_device_exit_batch+0x10/0x10 [ 542.963254][ C1] ? cfg802154_pernet_exit+0xc3/0xe0 [ 542.968554][ C1] ? __pfx_default_device_exit_batch+0x10/0x10 [ 542.974785][ C1] cleanup_net+0x89d/0xcc0 [ 542.979239][ C1] ? __pfx_cleanup_net+0x10/0x10 [ 542.984222][ C1] ? process_scheduled_works+0x945/0x1830 [ 542.989959][ C1] process_scheduled_works+0xa2c/0x1830 [ 542.995611][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 543.001635][ C1] ? assign_work+0x364/0x3d0 [ 543.006268][ C1] worker_thread+0x86d/0xd40 [ 543.010882][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 543.016939][ C1] ? __kthread_parkme+0x169/0x1d0 [ 543.022006][ C1] ? __pfx_worker_thread+0x10/0x10 [ 543.027163][ C1] kthread+0x2f0/0x390 [ 543.031276][ C1] ? __pfx_worker_thread+0x10/0x10 [ 543.036447][ C1] ? __pfx_kthread+0x10/0x10 [ 543.041075][ C1] ret_from_fork+0x4b/0x80 [ 543.045566][ C1] ? __pfx_kthread+0x10/0x10 [ 543.050203][ C1] ret_from_fork_asm+0x1a/0x30 [ 543.055072][ C1] [ 543.058198][ C1] [ 543.058198][ C1] Showing all locks held in the system: [ 543.066028][ C1] 3 locks held by kworker/u8:3/53: [ 543.071164][ C1] #0: ffff888029d26948 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 543.082798][ C1] #1: ffffc90000bd7d00 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 543.096609][ C1] #2: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0x19/0x30 [ 543.106252][ C1] 5 locks held by kworker/u8:5/968: [ 543.111482][ C1] #0: ffff888015edd948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 543.122444][ C1] #1: ffffc90003ed7d00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 543.133107][ C1] #2: ffffffff8f5f2c10 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0 [ 543.142606][ C1] #3: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: default_device_exit_batch+0xe9/0xa90 [ 543.152727][ C1] #4: ffffffff8e33ac38 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x381/0x830 [ 543.163796][ C1] 3 locks held by kworker/u8:6/1087: [ 543.169112][ C1] #0: ffff8880b943ea18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140 [ 543.179266][ C1] #1: ffff8880b9428948 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x3a7/0x770 [ 543.190718][ C1] #2: ffff8880b942a718 (&base->lock){-.-.}-{2:2}, at: lock_timer_base+0x112/0x240 [ 543.200109][ C1] 2 locks held by getty/4849: [ 543.204830][ C1] #0: ffff88802a5e60a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 543.214711][ C1] #1: ffffc900031232f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10 [ 543.224939][ C1] 3 locks held by kworker/1:3/5148: [ 543.230162][ C1] #0: ffff888015080948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 543.241212][ C1] #1: ffffc90003de7d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 543.252261][ C1] #2: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60 [ 543.261406][ C1] 7 locks held by syz-executor/11484: [ 543.266852][ C1] #0: ffff88801e41a420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x227/0xc90 [ 543.275870][ C1] #1: ffff88802d730488 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500 [ 543.285806][ C1] #2: ffff888022499b48 (kn->active#50){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500 [ 543.295898][ C1] #3: ffffffff8ef05248 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: new_device_store+0x1b4/0x890 [ 543.306356][ C1] #4: ffff88805cf440e8 (&dev->mutex){....}-{3:3}, at: __device_attach+0x8e/0x520 [ 543.315656][ C1] #5: ffff88805cf40250 (&devlink->lock_key#23){+.+.}-{3:3}, at: nsim_drv_probe+0xcb/0xb80 [ 543.325775][ C1] #6: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: nsim_create+0x408/0x890 [ 543.334753][ C1] 1 lock held by syz-executor/11522: [ 543.340087][ C1] #0: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x847/0x1180 [ 543.349660][ C1] 2 locks held by syz.3.1773/11632: [ 543.354905][ C1] #0: ffffc90000a18c00 (net/core/rtnetlink.c:83){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650 [ 543.365097][ C1] #1: ffffffff8e335860 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 543.375025][ C1] 2 locks held by syz.4.1785/11667: [ 543.380247][ C1] #0: ffffffff8ee52848 (ppp_mutex){+.+.}-{3:3}, at: ppp_ioctl+0x112/0x1cd0 [ 543.389045][ C1] #1: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: ppp_ioctl+0x78b/0x1cd0 [ 543.397897][ C1] 1 lock held by syz.4.1785/11668: [ 543.403049][ C1] #0: ffffffff8ee52848 (ppp_mutex){+.+.}-{3:3}, at: ppp_ioctl+0x112/0x1cd0 [ 543.411784][ C1] 1 lock held by syz.2.1789/11682: [ 543.416948][ C1] #0: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x847/0x1180 [ 543.426591][ C1] [ 543.428940][ C1] ============================================= [ 543.428940][ C1] [ 543.651490][ T968] team0 (unregistering): Port device team_slave_1 removed [ 543.748653][ T968] team0 (unregistering): Port device team_slave_0 removed [ 544.469544][ C1] DEBUG: waiting rtnl_mutex for 664 jiffies. [ 544.475639][ C1] task:kworker/1:3 state:D stack:19920 pid:5148 tgid:5148 ppid:2 flags:0x00004000 [ 544.485967][ C1] Workqueue: events linkwatch_event [ 544.491232][ C1] Call Trace: [ 544.494594][ C1] [ 544.497569][ C1] __schedule+0x1800/0x4a60 [ 544.502144][ C1] ? __pfx___schedule+0x10/0x10 [ 544.507088][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 544.513187][ C1] ? __pfx_lock_release+0x10/0x10 [ 544.518280][ C1] ? kick_pool+0x45c/0x620 [ 544.522880][ C1] ? preempt_schedule_thunk+0x1a/0x30 [ 544.528324][ C1] ? schedule+0x90/0x320 [ 544.532609][ C1] schedule+0x14b/0x320 [ 544.536874][ C1] schedule_preempt_disabled+0x13/0x30 [ 544.542416][ C1] __mutex_lock+0x6a4/0xd70 [ 544.547028][ C1] ? __mutex_lock+0x527/0xd70 [ 544.551785][ C1] ? linkwatch_event+0xe/0x60 [ 544.556572][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 544.561757][ C1] ? get_rtnl_holder+0x144/0x190 [ 544.566786][ C1] ? process_scheduled_works+0x945/0x1830 [ 544.572570][ C1] linkwatch_event+0xe/0x60 [ 544.577167][ C1] process_scheduled_works+0xa2c/0x1830 [ 544.582802][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 544.588903][ C1] ? assign_work+0x364/0x3d0 [ 544.593593][ C1] worker_thread+0x86d/0xd40 [ 544.598261][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 544.604259][ C1] ? __kthread_parkme+0x169/0x1d0 [ 544.609343][ C1] ? __pfx_worker_thread+0x10/0x10 [ 544.614525][ C1] kthread+0x2f0/0x390 [ 544.618613][ C1] ? __pfx_worker_thread+0x10/0x10 [ 544.623784][ C1] ? __pfx_kthread+0x10/0x10 [ 544.628426][ C1] ret_from_fork+0x4b/0x80 [ 544.632963][ C1] ? __pfx_kthread+0x10/0x10 [ 544.637614][ C1] ret_from_fork_asm+0x1a/0x30 [ 544.642411][ C1] [ 544.645501][ C1] DEBUG: waiting rtnl_mutex for 604 jiffies. [ 544.651504][ C1] task:syz.4.1785 state:D stack:23800 pid:11667 tgid:11666 ppid:7077 flags:0x00004004 [ 544.661801][ C1] Call Trace: [ 544.665161][ C1] [ 544.668132][ C1] __schedule+0x1800/0x4a60 [ 544.672741][ C1] ? __pfx___schedule+0x10/0x10 [ 544.677714][ C1] ? __pfx_lock_release+0x10/0x10 [ 544.682778][ C1] ? __mutex_trylock_common+0x92/0x2e0 [ 544.688364][ C1] ? schedule+0x90/0x320 [ 544.692763][ C1] schedule+0x14b/0x320 [ 544.697036][ C1] schedule_preempt_disabled+0x13/0x30 [ 544.702551][ C1] __mutex_lock+0x6a4/0xd70 [ 544.707164][ C1] ? __mutex_lock+0x527/0xd70 [ 544.711895][ C1] ? ppp_ioctl+0x78b/0x1cd0 [ 544.716469][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 544.721519][ C1] ? alloc_netdev_mqs+0xb6f/0xff0 [ 544.726717][ C1] ? get_rtnl_holder+0x144/0x190 [ 544.731717][ C1] ppp_ioctl+0x78b/0x1cd0 [ 544.736128][ C1] ? __pfx_ppp_ioctl+0x10/0x10 [ 544.740938][ C1] ? __fget_files+0x3f6/0x470 [ 544.745704][ C1] ? __fget_files+0x29/0x470 [ 544.750361][ C1] ? bpf_lsm_file_ioctl+0x9/0x10 [ 544.755386][ C1] ? security_file_ioctl+0x87/0xb0 [ 544.760531][ C1] ? __pfx_ppp_ioctl+0x10/0x10 [ 544.765451][ C1] __se_sys_ioctl+0xfc/0x170 [ 544.770879][ C1] do_syscall_64+0xf3/0x230 [ 544.775463][ C1] ? clear_bhb_loop+0x35/0x90 [ 544.780176][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 544.786159][ C1] RIP: 0033:0x7f0499775bd9 [ 544.790623][ C1] RSP: 002b:00007f049a5cb048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 544.799116][ C1] RAX: ffffffffffffffda RBX: 00007f0499903f60 RCX: 00007f0499775bd9 [ 544.807167][ C1] RDX: 0000000020001400 RSI: 00000000c004743e RDI: 0000000000000003 [ 544.815233][ C1] RBP: 00007f04997e4e60 R08: 0000000000000000 R09: 0000000000000000 [ 544.823292][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 544.831295][ C1] R13: 000000000000000b R14: 00007f0499903f60 R15: 00007ffe0cba9c08 [ 544.839342][ C1] [ 544.842379][ C1] DEBUG: waiting rtnl_mutex for 800 jiffies. [ 544.848413][ C1] task:syz-executor state:D stack:21024 pid:11484 tgid:11484 ppid:11479 flags:0x00004002 [ 544.858649][ C1] Call Trace: [ 544.861949][ C1] [ 544.864939][ C1] __schedule+0x1800/0x4a60 [ 544.869497][ C1] ? __pfx___schedule+0x10/0x10 [ 544.874480][ C1] ? __pfx_lock_release+0x10/0x10 [ 544.879544][ C1] ? __mutex_trylock_common+0x92/0x2e0 [ 544.885080][ C1] ? schedule+0x90/0x320 [ 544.889440][ C1] schedule+0x14b/0x320 [ 544.893656][ C1] schedule_preempt_disabled+0x13/0x30 [ 544.899175][ C1] __mutex_lock+0x6a4/0xd70 [ 544.903749][ C1] ? __mutex_lock+0x527/0xd70 [ 544.908484][ C1] ? nsim_create+0x408/0x890 [ 544.913157][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 544.918220][ C1] ? kmemdup_noprof+0x45/0x60 [ 544.922966][ C1] ? nsim_udp_tunnels_info_create+0x592/0x7c0 [ 544.929112][ C1] ? get_rtnl_holder+0x144/0x190 [ 544.934139][ C1] nsim_create+0x408/0x890 [ 544.938622][ C1] ? debugfs_create_symlink+0x191/0x1f0 [ 544.944275][ C1] __nsim_dev_port_add+0x6c0/0xae0 [ 544.949440][ C1] ? __pfx___nsim_dev_port_add+0x10/0x10 [ 544.955212][ C1] ? queue_delayed_work_on+0x267/0x390 [ 544.960731][ C1] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 544.966611][ C1] ? init_timer_key+0x197/0x310 [ 544.971491][ C1] nsim_dev_port_add_all+0x33/0xf0 [ 544.976703][ C1] nsim_drv_probe+0x85f/0xb80 [ 544.981445][ C1] ? __pfx_nsim_drv_probe+0x10/0x10 [ 544.986719][ C1] ? kernfs_create_link+0x187/0x1f0 [ 544.991961][ C1] ? sysfs_do_create_link_sd+0xdd/0x110 [ 544.997575][ C1] ? driver_sysfs_add+0x1de/0x1f0 [ 545.002629][ C1] ? really_probe+0x147/0xad0 [ 545.007358][ C1] ? __pfx_nsim_bus_probe+0x10/0x10 [ 545.012570][ C1] really_probe+0x2b8/0xad0 [ 545.017147][ C1] __driver_probe_device+0x1a2/0x390 [ 545.022475][ C1] driver_probe_device+0x50/0x430 [ 545.027567][ C1] __device_attach_driver+0x2d6/0x530 [ 545.033022][ C1] bus_for_each_drv+0x24e/0x2e0 [ 545.037931][ C1] ? __pfx___device_attach_driver+0x10/0x10 [ 545.043994][ C1] ? __pfx_bus_for_each_drv+0x10/0x10 [ 545.049406][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 545.054494][ C1] __device_attach+0x333/0x520 [ 545.059310][ C1] ? __pfx___device_attach+0x10/0x10 [ 545.064703][ C1] bus_probe_device+0x189/0x260 [ 545.069730][ C1] device_add+0x856/0xbf0 [ 545.074170][ C1] new_device_store+0x3f3/0x890 [ 545.079064][ C1] ? kernfs_fop_write_iter+0x1eb/0x500 [ 545.084590][ C1] ? __pfx_new_device_store+0x10/0x10 [ 545.090034][ C1] ? sysfs_kf_write+0x182/0x2a0 [ 545.094975][ C1] ? bus_attr_store+0x4f/0xa0 [ 545.099702][ C1] ? __pfx_sysfs_kf_write+0x10/0x10 [ 545.104962][ C1] kernfs_fop_write_iter+0x3a1/0x500 [ 545.110294][ C1] vfs_write+0xa72/0xc90 [ 545.114601][ C1] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 545.120443][ C1] ? __pfx_vfs_write+0x10/0x10 [ 545.125283][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 545.131335][ C1] ksys_write+0x1a0/0x2c0 [ 545.135731][ C1] ? __pfx_ksys_write+0x10/0x10 [ 545.140611][ C1] ? do_syscall_64+0x100/0x230 [ 545.145433][ C1] ? do_syscall_64+0xb6/0x230 [ 545.150139][ C1] do_syscall_64+0xf3/0x230 [ 545.154701][ C1] ? clear_bhb_loop+0x35/0x90 [ 545.159444][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 545.165395][ C1] RIP: 0033:0x7f6e7237475f [ 545.169933][ C1] RSP: 002b:00007ffd4054af30 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 545.178441][ C1] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007f6e7237475f [ 545.186495][ C1] RDX: 0000000000000003 RSI: 00007ffd4054af80 RDI: 0000000000000005 [ 545.194540][ C1] RBP: 00007f6e723e45c4 R08: 0000000000000000 R09: 00007ffd4054ad87 [ 545.202546][ C1] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 545.210564][ C1] R13: 00007ffd4054af80 R14: 00007f6e73034620 R15: 0000000000000003 [ 545.218592][ C1] [ 545.221620][ C1] DEBUG: waiting rtnl_mutex for 838 jiffies. [ 545.227650][ C1] task:syz-executor state:D stack:20816 pid:11522 tgid:11522 ppid:11502 flags:0x00000000 [ 545.237922][ C1] Call Trace: [ 545.241238][ C1] [ 545.244238][ C1] __schedule+0x1800/0x4a60 [ 545.248814][ C1] ? __pfx___schedule+0x10/0x10 [ 545.253759][ C1] ? __pfx_lock_release+0x10/0x10 [ 545.258829][ C1] ? __mutex_trylock_common+0x92/0x2e0 [ 545.264368][ C1] ? schedule+0x90/0x320 [ 545.268659][ C1] schedule+0x14b/0x320 [ 545.272909][ C1] schedule_preempt_disabled+0x13/0x30 [ 545.278398][ C1] __mutex_lock+0x6a4/0xd70 [ 545.282960][ C1] ? __mutex_lock+0x527/0xd70 [ 545.287691][ C1] ? rtnetlink_rcv_msg+0x847/0x1180 [ 545.292970][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 545.298074][ C1] ? get_rtnl_holder+0x144/0x190 [ 545.303150][ C1] rtnetlink_rcv_msg+0x847/0x1180 [ 545.308249][ C1] ? rtnetlink_rcv_msg+0x208/0x1180 [ 545.313536][ C1] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 545.319115][ C1] ? is_bpf_text_address+0x285/0x2a0 [ 545.324676][ C1] ? __pfx_validate_chain+0x10/0x10 [ 545.329929][ C1] ? __pfx_validate_chain+0x10/0x10 [ 545.335196][ C1] ? arch_stack_walk+0x16d/0x1b0 [ 545.340171][ C1] ? mark_lock+0x9a/0x360 [ 545.344563][ C1] ? __pfx_validate_chain+0x10/0x10 [ 545.349825][ C1] ? __lock_acquire+0x1359/0x2000 [ 545.355467][ C1] ? mark_lock+0x9a/0x360 [ 545.359847][ C1] ? __lock_acquire+0x1359/0x2000 [ 545.364983][ C1] netlink_rcv_skb+0x1e3/0x430 [ 545.369794][ C1] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 545.375318][ C1] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 545.380676][ C1] ? netlink_deliver_tap+0x2e/0x1b0 [ 545.385937][ C1] netlink_unicast+0x7f0/0x990 [ 545.390767][ C1] ? __pfx_netlink_unicast+0x10/0x10 [ 545.396128][ C1] ? __virt_addr_valid+0x183/0x530 [ 545.401282][ C1] ? __check_object_size+0x49c/0x900 [ 545.406635][ C1] ? bpf_lsm_netlink_send+0x9/0x10 [ 545.411808][ C1] netlink_sendmsg+0x8e4/0xcb0 [ 545.416658][ C1] ? __pfx_netlink_sendmsg+0x10/0x10 [ 545.422008][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 545.428128][ C1] ? aa_sock_msg_perm+0x91/0x160 [ 545.433124][ C1] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 545.438459][ C1] ? security_socket_sendmsg+0x87/0xb0 [ 545.444003][ C1] ? __pfx_netlink_sendmsg+0x10/0x10 [ 545.449313][ C1] __sock_sendmsg+0x221/0x270 [ 545.454062][ C1] __sys_sendto+0x3a4/0x4f0 [ 545.458622][ C1] ? __pfx___sys_sendto+0x10/0x10 [ 545.463761][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 545.469800][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 545.476253][ C1] __x64_sys_sendto+0xde/0x100 [ 545.481078][ C1] do_syscall_64+0xf3/0x230 [ 545.485668][ C1] ? clear_bhb_loop+0x35/0x90 [ 545.490382][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 545.496337][ C1] RIP: 0033:0x7fd98eb7796c [ 545.500777][ C1] RSP: 002b:00007ffe19208d60 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 545.509272][ C1] RAX: ffffffffffffffda RBX: 00007fd98f834620 RCX: 00007fd98eb7796c [ 545.517321][ C1] RDX: 0000000000000064 RSI: 00007fd98f834670 RDI: 0000000000000003 [ 545.525371][ C1] RBP: 0000000000000000 R08: 00007ffe19208db4 R09: 000000000000000c [ 545.533409][ C1] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 545.541404][ C1] R13: 0000000000000000 R14: 00007fd98f834670 R15: 0000000000000000 [ 545.549425][ C1] [ 545.552470][ C1] DEBUG: holding rtnl_mutex for 871 jiffies. [ 545.558493][ C1] task:kworker/u8:5 state:R running task stack:20536 pid:968 tgid:968 ppid:2 flags:0x00004008 [ 545.570325][ C1] Workqueue: netns cleanup_net [ 545.575156][ C1] Call Trace: [ 545.578468][ C1] [ 545.581338][ C1] sched_show_task+0x506/0x6d0 [ 545.586184][ C1] ? report_rtnl_holders+0x29e/0x3f0 [ 545.591526][ C1] ? __pfx__printk+0x10/0x10 [ 545.596200][ C1] ? __pfx_sched_show_task+0x10/0x10 [ 545.601542][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 545.607506][ C1] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 545.613909][ C1] report_rtnl_holders+0x320/0x3f0 [ 545.619084][ C1] call_timer_fn+0x18e/0x650 [ 545.623830][ C1] ? call_timer_fn+0xc0/0x650 [ 545.628551][ C1] ? __pfx_report_rtnl_holders+0x10/0x10 [ 545.634275][ C1] ? __pfx_call_timer_fn+0x10/0x10 [ 545.639455][ C1] ? __pfx_report_rtnl_holders+0x10/0x10 [ 545.645162][ C1] ? __pfx_report_rtnl_holders+0x10/0x10 [ 545.650847][ C1] ? __pfx_report_rtnl_holders+0x10/0x10 [ 545.656570][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 545.661826][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 545.667103][ C1] ? __pfx_report_rtnl_holders+0x10/0x10 [ 545.672781][ C1] __run_timer_base+0x66a/0x8e0 [ 545.677737][ C1] ? __pfx___run_timer_base+0x10/0x10 [ 545.683203][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 545.689589][ C1] run_timer_softirq+0xb7/0x170 [ 545.694565][ C1] handle_softirqs+0x2c4/0x970 [ 545.699456][ C1] ? __irq_exit_rcu+0xf4/0x1c0 [ 545.704374][ C1] ? __pfx_handle_softirqs+0x10/0x10 [ 545.709717][ C1] ? irqtime_account_irq+0xd4/0x1e0 [ 545.714975][ C1] __irq_exit_rcu+0xf4/0x1c0 [ 545.719576][ C1] ? __pfx___irq_exit_rcu+0x10/0x10 [ 545.724838][ C1] irq_exit_rcu+0x9/0x30 [ 545.729120][ C1] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 545.734810][ C1] [ 545.737741][ C1] [ 545.740673][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 545.746820][ C1] RIP: 0010:preempt_schedule_irq+0xf6/0x1c0 [ 545.752755][ C1] Code: 89 f5 49 c1 ed 03 eb 0d 48 f7 03 08 00 00 00 0f 84 8b 00 00 00 bf 01 00 00 00 e8 15 24 c8 f5 e8 10 c3 00 f6 fb bf 01 00 00 00 55 ad ff ff 43 80 7c 3d 00 00 74 08 4c 89 f7 e8 45 de 5f f6 48 [ 545.772413][ C1] RSP: 0018:ffffc90003ed7440 EFLAGS: 00000286 [ 545.778544][ C1] RAX: a44c6f04a6043f00 RBX: 1ffff920007dae90 RCX: ffffffff816fddda [ 545.786618][ C1] RDX: dffffc0000000000 RSI: ffffffff8bcac900 RDI: 0000000000000001 [ 545.794673][ C1] RBP: ffffc90003ed7500 R08: ffffffff9301078f R09: 1ffffffff26020f1 [ 545.802702][ C1] R10: dffffc0000000000 R11: fffffbfff26020f2 R12: 1ffff920007dae88 [ 545.810854][ C1] R13: 1ffff920007dae8c R14: ffffc90003ed7460 R15: dffffc0000000000 [ 545.818918][ C1] ? mark_lock+0x9a/0x360 [ 545.823355][ C1] ? __pfx_preempt_schedule_irq+0x10/0x10 [ 545.829128][ C1] irqentry_exit+0x5e/0x90 [ 545.833607][ C1] asm_sysvec_reschedule_ipi+0x1a/0x20 [ 545.839109][ C1] RIP: 0010:lockdep_unregister_key+0x56d/0x610 [ 545.845464][ C1] Code: ff 92 48 c7 c6 10 bc 6f 81 e8 8f 04 0a 00 e8 fa 18 0a 00 e9 e5 fb ff ff e8 c0 62 21 0a 41 f7 c7 00 02 00 00 74 d0 fb 45 84 f6 <75> cf eb e0 90 0f 0b 90 45 31 f6 e9 62 ff ff ff 90 0f 0b 90 e9 a1 [ 545.865113][ C1] RSP: 0018:ffffc90003ed75c0 EFLAGS: 00000246 [ 545.871189][ C1] RAX: dffffc0000000000 RBX: 1ffff920007daec0 RCX: ffffffff947f4803 [ 545.879224][ C1] RDX: 0000000000000001 RSI: ffffffff8bcad5e0 RDI: ffffffff8c207f20 [ 545.887260][ C1] RBP: ffffc90003ed7698 R08: ffffffff92ffedbf R09: 1ffffffff25ffdb7 [ 545.895298][ C1] R10: dffffc0000000000 R11: fffffbfff25ffdb8 R12: ffffc90003ed7600 [ 545.903354][ C1] R13: 1ffff920007daebc R14: 0000000000000000 R15: 0000000000000206 [ 545.911372][ C1] ? __pfx_lockdep_unregister_key+0x10/0x10 [ 545.917352][ C1] ? rcu_is_watching+0x15/0xb0 [ 545.922169][ C1] ? qdisc_reset+0x3bf/0x5b0 [ 545.926835][ C1] __qdisc_destroy+0x165/0x410 [ 545.931667][ C1] dev_shutdown+0x9b/0x440 [ 545.936198][ C1] unregister_netdevice_many_notify+0x9c7/0x1d20 [ 545.942602][ C1] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 545.949515][ C1] ? unregister_netdevice_queue+0x26b/0x370 [ 545.955484][ C1] ? batadv_softif_destroy_netlink+0x1e0/0x270 [ 545.961681][ C1] default_device_exit_batch+0xa0f/0xa90 [ 545.967393][ C1] ? __pfx___might_resched+0x10/0x10 [ 545.972708][ C1] ? __pfx_default_device_exit_batch+0x10/0x10 [ 545.978941][ C1] ? cfg802154_pernet_exit+0xc3/0xe0 [ 545.984312][ C1] ? __pfx_default_device_exit_batch+0x10/0x10 [ 545.990520][ C1] cleanup_net+0x89d/0xcc0 [ 545.995000][ C1] ? __pfx_cleanup_net+0x10/0x10 [ 545.999976][ C1] ? process_scheduled_works+0x945/0x1830 [ 546.005755][ C1] process_scheduled_works+0xa2c/0x1830 [ 546.011532][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 546.017583][ C1] ? assign_work+0x364/0x3d0 [ 546.022211][ C1] worker_thread+0x86d/0xd40 [ 546.026877][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 546.032817][ C1] ? __kthread_parkme+0x169/0x1d0 [ 546.038103][ C1] ? __pfx_worker_thread+0x10/0x10 [ 546.043390][ C1] kthread+0x2f0/0x390 [ 546.047564][ C1] ? __pfx_worker_thread+0x10/0x10 [ 546.052735][ C1] ? __pfx_kthread+0x10/0x10 [ 546.057443][ C1] ret_from_fork+0x4b/0x80 [ 546.061908][ C1] ? __pfx_kthread+0x10/0x10 [ 546.066598][ C1] ret_from_fork_asm+0x1a/0x30 [ 546.071438][ C1] [ 546.074525][ C1] [ 546.074525][ C1] Showing all locks held in the system: [ 546.082260][ C1] 2 locks held by kworker/u8:0/11: [ 546.087435][ C1] #0: ffff8880b943ea18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140 [ 546.097433][ C1] #1: ffffc90000107d00 ((work_completion)(&(&bat_priv->nc.work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 546.110687][ C1] 3 locks held by kworker/u8:3/53: [ 546.115853][ C1] #0: ffff888029d26948 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 546.127526][ C1] #1: ffffc90000bd7d00 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 546.141267][ C1] #2: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0x19/0x30 [ 546.150844][ C1] 6 locks held by kworker/u8:5/968: [ 546.156092][ C1] #0: ffff888015edd948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 546.167074][ C1] #1: ffffc90003ed7d00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 546.177683][ C1] #2: ffffffff8f5f2c10 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0 [ 546.187235][ C1] #3: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: default_device_exit_batch+0xe9/0xa90 [ 546.197423][ C1] #4: ffffc90000a18c00 (net/core/rtnetlink.c:83){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650 [ 546.207619][ C1] #5: ffffffff8e335860 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 546.217550][ C1] 2 locks held by getty/4849: [ 546.222239][ C1] #0: ffff88802a5e60a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 546.232079][ C1] #1: ffffc900031232f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10 [ 546.242343][ C1] 3 locks held by kworker/1:3/5148: [ 546.247568][ C1] #0: ffff888015080948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 546.258611][ C1] #1: ffffc90003de7d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 546.269696][ C1] #2: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60 [ 546.278739][ C1] 2 locks held by kworker/u8:9/6139: [ 546.284066][ C1] #0: ffff8880b943ea18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140 [ 546.294063][ C1] #1: ffffc9000486fd00 ((work_completion)(&(&bat_priv->nc.work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 546.307312][ C1] 1 lock held by syz-executor/10613: [ 546.312617][ C1] #0: ffffffff8e33ac38 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x381/0x830 [ 546.323563][ C1] 7 locks held by syz-executor/11484: [ 546.328933][ C1] #0: ffff88801e41a420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x227/0xc90 [ 546.337992][ C1] #1: ffff88802d730488 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500 [ 546.347930][ C1] #2: ffff888022499b48 (kn->active#50){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500 [ 546.358030][ C1] #3: ffffffff8ef05248 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: new_device_store+0x1b4/0x890 [ 546.368464][ C1] #4: ffff88805cf440e8 (&dev->mutex){....}-{3:3}, at: __device_attach+0x8e/0x520 [ 546.377789][ C1] #5: ffff88805cf40250 (&devlink->lock_key#23){+.+.}-{3:3}, at: nsim_drv_probe+0xcb/0xb80 [ 546.388047][ C1] #6: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: nsim_create+0x408/0x890 [ 546.397111][ C1] 1 lock held by syz-executor/11522: [ 546.402442][ C1] #0: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x847/0x1180 [ 546.412050][ C1] 2 locks held by syz.4.1785/11667: [ 546.417317][ C1] #0: ffffffff8ee52848 (ppp_mutex){+.+.}-{3:3}, at: ppp_ioctl+0x112/0x1cd0 [ 546.426181][ C1] #1: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: ppp_ioctl+0x78b/0x1cd0 [ 546.435119][ C1] 1 lock held by syz.4.1785/11668: [ 546.440257][ C1] #0: ffffffff8ee52848 (ppp_mutex){+.+.}-{3:3}, at: ppp_ioctl+0x112/0x1cd0 [ 546.449035][ C1] 1 lock held by syz.2.1789/11682: [ 546.454216][ C1] #0: ffffffff8f5ff788 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x847/0x1180 [ 546.463863][ C1] [ 546.466223][ C1] ============================================= [ 546.466223][ C1] [ 546.898631][T11682] netlink: 3 bytes leftover after parsing attributes in process `syz.2.1789'. [ 547.057779][T11700] sd 0:0:1:0: device reset [ 547.804692][T11484] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 547.827993][T11484] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 547.896273][T11484] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 547.921941][T11484] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 548.347246][T11717] netlink: 3 bytes leftover after parsing attributes in process `syz.3.1806'. [ 548.571589][T11484] 8021q: adding VLAN 0 to HW filter on device bond0 [ 548.692404][T11484] 8021q: adding VLAN 0 to HW filter on device team0 [ 548.756028][ T927] bridge0: port 1(bridge_slave_0) entered blocking state [ 548.763268][ T927] bridge0: port 1(bridge_slave_0) entered forwarding state [ 548.865187][ T5148] bridge0: port 2(bridge_slave_1) entered blocking state [ 548.872488][ T5148] bridge0: port 2(bridge_slave_1) entered forwarding state [ 548.889971][T11727] loop3: detected capacity change from 0 to 256 [ 549.199503][T11522] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 549.244017][T11522] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 549.276458][T11522] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 549.316679][T11522] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 549.350267][T11719] loop4: detected capacity change from 0 to 32768 [ 549.420743][T11742] loop3: detected capacity change from 0 to 512 [ 549.455641][T11719] XFS (loop4): Mounting V5 Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a [ 549.499091][T11742] EXT4-fs (loop3): 1 truncate cleaned up [ 549.518566][T11522] 8021q: adding VLAN 0 to HW filter on device bond0 [ 549.540626][T11742] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 549.546894][T11522] 8021q: adding VLAN 0 to HW filter on device team0 [ 549.574279][ T5148] bridge0: port 1(bridge_slave_0) entered blocking state [ 549.581481][ T5148] bridge0: port 1(bridge_slave_0) entered forwarding state [ 549.592674][ T5148] bridge0: port 2(bridge_slave_1) entered blocking state [ 549.599919][ T5148] bridge0: port 2(bridge_slave_1) entered forwarding state [ 549.725242][T11719] XFS (loop4): Ending clean mount [ 549.763458][ T29] audit: type=1800 audit(1720491326.948:122): pid=11755 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1816" name="bus" dev="loop3" ino=18 res=0 errno=0 [ 549.767170][T11484] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 549.858844][T11522] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 549.885313][T11522] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 550.011424][ T7077] XFS (loop4): Unmounting Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a [ 550.072352][T11484] veth0_vlan: entered promiscuous mode [ 550.102576][T11484] veth1_vlan: entered promiscuous mode [ 550.217094][T11484] veth0_macvtap: entered promiscuous mode [ 550.242017][T11484] veth1_macvtap: entered promiscuous mode [ 550.320029][T11484] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 550.340843][T11484] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 550.351096][T11484] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 550.362346][T11484] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 550.372350][T11484] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 550.383497][T11484] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 550.396033][T11484] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 550.406574][T11484] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 550.420851][T10613] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 550.430645][T11484] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 550.490232][T11484] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 550.506449][T11484] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 550.523743][T11484] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 550.540746][T11484] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 550.552369][T11484] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 550.570896][T11484] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 550.580968][T11484] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 550.592419][T11484] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 550.606038][T11484] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 550.641693][T11522] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 550.666996][T11484] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 550.682958][T11484] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 550.699253][T11484] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 550.708701][T11484] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 550.986380][T11768] loop2: detected capacity change from 0 to 256 [ 550.991748][T11522] veth0_vlan: entered promiscuous mode [ 551.043679][ T1105] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 551.051573][ T1105] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 551.059345][T11522] veth1_vlan: entered promiscuous mode [ 551.247425][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 551.251126][T11522] veth0_macvtap: entered promiscuous mode [ 551.282979][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 551.316070][T11522] veth1_macvtap: entered promiscuous mode [ 551.404435][T11522] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 551.432920][T11522] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 551.457310][T11522] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 551.484039][T11522] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 551.506290][T11522] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 551.529204][T11522] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 551.552961][T11522] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 551.555904][T11763] loop3: detected capacity change from 0 to 40427 [ 551.572617][T11763] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 551.580402][T11522] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 551.580431][T11522] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 551.590706][T11522] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 551.593073][T11522] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 551.622380][T11763] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 551.709905][T11522] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 551.757624][T11522] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 551.762596][T11763] F2FS-fs (loop3): Found nat_bits in checkpoint [ 551.782938][T11522] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 551.823701][T11522] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 551.852565][T11522] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 551.889239][T11522] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 551.933135][T11522] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 551.968645][T11522] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 551.975188][T11763] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 551.999033][T11522] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 552.038663][T11785] loop2: detected capacity change from 0 to 4096 [ 552.053024][T11522] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 552.087044][T11763] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 552.088075][T11522] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 552.103831][T11785] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 552.128736][T11763] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 552.161678][T11785] ntfs3: loop2: Inode r=0 is not in use! [ 552.187479][T11522] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 552.200174][T11785] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 552.215158][T11785] ntfs3: loop2: Failed to load $MFT (-116). [ 552.229939][T11522] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 552.233804][T11763] syz.3.1819: attempt to access beyond end of device [ 552.233804][T11763] loop3: rw=2049, sector=77824, nr_sectors = 520 limit=40427 [ 552.255388][T11522] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 552.273560][T11522] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 552.299317][T11796] syz.3.1819: attempt to access beyond end of device [ 552.299317][T11796] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 552.383874][T11785] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1825'. [ 552.575010][ T968] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 552.601880][ T968] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 552.664412][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 552.672302][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 552.947962][T11819] loop0: detected capacity change from 0 to 1024 [ 553.004022][T11819] EXT4-fs: Ignoring removed orlov option [ 553.009759][T11819] EXT4-fs: Ignoring removed nomblk_io_submit option [ 553.086096][T11819] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 553.277684][T11522] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 555.037055][T11879] loop0: detected capacity change from 0 to 2048 [ 555.189931][T11879] EXT4-fs (loop0): couldn't mount as ext3 due to feature incompatibilities [ 555.865797][T11839] loop2: detected capacity change from 0 to 40427 [ 555.880383][T11839] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 555.914856][T11839] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 555.939354][T11885] loop3: detected capacity change from 0 to 8192 [ 555.970924][T11879] loop0: detected capacity change from 0 to 512 [ 555.982375][T11839] F2FS-fs (loop2): Found nat_bits in checkpoint [ 555.990592][T11879] EXT4-fs: Mount option(s) incompatible with ext2 [ 555.997877][T11885] loop3: p1 p2[DM] p4 [ 556.013115][T11885] loop3: p1 size 196608 extends beyond EOD, truncated [ 556.053155][T11885] loop3: p2 start 4292936063 is beyond EOD, truncated [ 556.070227][T11885] loop3: p4 size 50331648 extends beyond EOD, truncated [ 556.099544][T11879] loop0: detected capacity change from 0 to 2048 [ 556.116283][T11839] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 556.163476][T11879] Alternate GPT is invalid, using primary GPT. [ 556.182033][T11879] loop0: p2 p3 p7 [ 556.216874][T11879] bridge0: port 2(bridge_slave_1) entered disabled state [ 556.221036][T11839] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 556.225145][T11879] bridge0: port 1(bridge_slave_0) entered disabled state [ 556.267724][T11839] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 556.385783][T11839] syz.2.1841: attempt to access beyond end of device [ 556.385783][T11839] loop2: rw=2049, sector=77824, nr_sectors = 520 limit=40427 [ 556.517245][T11839] syz.2.1841: attempt to access beyond end of device [ 556.517245][T11839] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 556.992945][T11926] netlink: 'syz.4.1871': attribute type 2 has an invalid length. [ 557.021983][T11926] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.1871'. [ 557.617332][T11923] loop1: detected capacity change from 0 to 32768 [ 557.641804][T11923] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 0 transid 8 /dev/loop1 (7:1) scanned by syz.1.1869 (11923) [ 557.655577][T11950] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1870'. [ 557.777470][ T5149] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 557.983038][ T5149] usb 4-1: Using ep0 maxpacket: 16 [ 558.011487][ T5149] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 558.022164][ T5149] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 558.036370][T11958] netlink: 'syz.1.1884': attribute type 2 has an invalid length. [ 558.053056][T11958] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.1884'. [ 558.061643][ T5149] usb 4-1: New USB device found, idVendor=1286, idProduct=2046, bcdDevice=b4.5b [ 558.082526][ T5149] usb 4-1: New USB device strings: Mfr=1, Product=130, SerialNumber=3 [ 558.108296][ T5149] usb 4-1: Product: syz [ 558.112549][ T5149] usb 4-1: Manufacturer: syz [ 558.133034][ T5149] usb 4-1: SerialNumber: syz [ 558.159850][ T5149] usb 4-1: config 0 descriptor?? [ 558.191836][ T5149] usb 4-1: NFC: intf ffff88806da77000 id ffffffff8ecbc580 [ 558.443731][ T5150] usb 4-1: USB disconnect, device number 10 [ 558.581124][T11946] loop0: detected capacity change from 0 to 40427 [ 558.611837][T11946] F2FS-fs (loop0): invalid crc value [ 558.617202][T11974] loop1: detected capacity change from 0 to 8192 [ 558.636903][T11976] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1892'. [ 558.642799][T11946] F2FS-fs (loop0): Found nat_bits in checkpoint [ 558.684231][T11974] loop1: p1 p2[DM] p4 [ 558.691487][T11974] loop1: p1 size 196608 extends beyond EOD, truncated [ 558.708984][T11946] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 558.720865][T11974] loop1: p2 start 4292936063 is beyond EOD, truncated [ 558.738122][T11974] loop1: p4 size 50331648 extends beyond EOD, truncated [ 558.762189][ T29] audit: type=1804 audit(1720491335.948:123): pid=11946 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1880" name="/newroot/8/file0/cgroup.controllers" dev="loop0" ino=10 res=1 errno=0 [ 558.796894][T11522] syz-executor: attempt to access beyond end of device [ 558.796894][T11522] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 558.815045][T11522] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 559.118562][T11988] netlink: 'syz.1.1898': attribute type 2 has an invalid length. [ 559.145401][T11988] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.1898'. [ 559.483338][T12001] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1903'. [ 560.223240][ T5148] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 560.425323][ T5148] usb 2-1: Using ep0 maxpacket: 16 [ 560.444984][ T5148] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 560.463097][ T5148] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 560.496473][ T5148] usb 2-1: New USB device found, idVendor=1286, idProduct=2046, bcdDevice=b4.5b [ 560.512909][ T5148] usb 2-1: New USB device strings: Mfr=1, Product=130, SerialNumber=3 [ 560.527105][ T5148] usb 2-1: Product: syz [ 560.541684][ T5148] usb 2-1: Manufacturer: syz [ 560.550107][ T5148] usb 2-1: SerialNumber: syz [ 560.569262][ T5148] usb 2-1: config 0 descriptor?? [ 560.592556][ T5148] usb 2-1: NFC: intf ffff88807c731000 id ffffffff8ecbc580 [ 560.762785][T12017] loop0: detected capacity change from 0 to 32768 [ 560.844406][T12017] XFS (loop0): Mounting V5 Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a [ 560.846079][T12007] loop4: detected capacity change from 0 to 40427 [ 560.920658][ T5150] usb 2-1: USB disconnect, device number 10 [ 560.947147][T12007] F2FS-fs (loop4): invalid crc value [ 560.980899][T12007] F2FS-fs (loop4): Found nat_bits in checkpoint [ 560.989106][T12023] loop3: detected capacity change from 0 to 32768 [ 561.032536][T12017] XFS (loop0): Ending clean mount [ 561.050950][T12023] jfs_strtoUCS: char2uni returned -22. [ 561.062974][T12023] charset = ascii, char = 0xd5 [ 561.101295][T12007] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 561.160070][ T29] audit: type=1804 audit(1720491338.348:124): pid=12007 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.1905" name="/newroot/318/file0/cgroup.controllers" dev="loop4" ino=10 res=1 errno=0 [ 561.201979][ T7077] syz-executor: attempt to access beyond end of device [ 561.201979][ T7077] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 561.253189][ T7077] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 561.264381][T11522] XFS (loop0): Unmounting Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a [ 561.781024][T12042] loop0: detected capacity change from 0 to 512 [ 561.789729][T12040] loop3: detected capacity change from 0 to 2048 [ 561.804895][T12040] EXT4-fs (loop3): couldn't mount as ext3 due to feature incompatibilities [ 561.838134][T12042] EXT4-fs (loop0): 1 truncate cleaned up [ 561.861861][T12042] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 561.997225][T12040] loop3: detected capacity change from 0 to 512 [ 562.026882][T12040] EXT4-fs: Mount option(s) incompatible with ext2 [ 562.070689][ T29] audit: type=1800 audit(1720491339.258:125): pid=12054 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1917" name="bus" dev="loop0" ino=18 res=0 errno=0 [ 562.216864][T12040] loop3: detected capacity change from 0 to 2048 [ 562.283100][T12040] Alternate GPT is invalid, using primary GPT. [ 562.309206][T12040] loop3: p2 p3 p7 [ 562.445935][T12040] bridge0: port 2(bridge_slave_1) entered disabled state [ 562.453619][T12040] bridge0: port 1(bridge_slave_0) entered disabled state [ 562.739554][T11522] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 563.349222][ T1252] ieee802154 phy0 wpan0: encryption failed: -22 [ 563.355872][ T1252] ieee802154 phy1 wpan1: encryption failed: -22 [ 563.460997][T12072] loop4: detected capacity change from 0 to 32768 [ 563.475549][T12072] XFS: ikeep mount option is deprecated. [ 563.495266][T12072] XFS: ikeep mount option is deprecated. [ 563.532193][T12099] loop3: detected capacity change from 0 to 8 [ 563.539552][T12072] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 563.549660][T12100] loop1: detected capacity change from 0 to 512 [ 563.568615][T12100] EXT4-fs (loop1): 1 truncate cleaned up [ 563.578650][T12100] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 563.704230][T12072] XFS (loop4): Ending clean mount [ 563.736203][ T29] audit: type=1800 audit(1720491340.918:126): pid=12108 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1937" name="bus" dev="loop1" ino=18 res=0 errno=0 [ 564.117698][ T7077] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 564.321349][T12112] loop3: detected capacity change from 0 to 512 [ 564.335660][T12112] EXT4-fs: Ignoring removed orlov option [ 564.376191][T12112] EXT4-fs error (device loop3): dx_probe:822: inode #2: comm syz.3.1940: Attempting to read directory block (0) that is past i_size (256) [ 564.469449][T12112] EXT4-fs (loop3): Remounting filesystem read-only [ 564.498522][T12112] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117 [ 564.528021][T12112] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 564.572022][T11484] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 564.689844][T12112] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: none. [ 564.792205][T10613] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 565.247676][T12129] rdma_op ffff8880513c81f0 conn xmit_rdma 0000000000000000 [ 565.402300][T12134] loop1: detected capacity change from 0 to 512 [ 565.419787][T12134] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 565.482516][T12134] EXT4-fs (loop1): 1 truncate cleaned up [ 565.490423][T12134] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 565.546319][T12134] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2856: Unable to expand inode 12. Delete some EAs or run e2fsck. [ 565.656555][T11484] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 566.075892][T12148] loop3: detected capacity change from 0 to 2048 [ 566.109411][T12148] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 566.143087][T12148] ext4 filesystem being mounted at /112/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 566.276820][T12160] rdma_op ffff888064c061f0 conn xmit_rdma 0000000000000000 [ 566.296747][T10613] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 566.435331][T12168] loop3: detected capacity change from 0 to 512 [ 566.437789][T12166] loop0: detected capacity change from 0 to 512 [ 566.453780][T12168] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 566.467794][T12166] EXT4-fs: Ignoring removed orlov option [ 566.480014][T12166] EXT4-fs error (device loop0): dx_probe:822: inode #2: comm syz.0.1962: Attempting to read directory block (0) that is past i_size (256) [ 566.495302][T12166] EXT4-fs (loop0): Remounting filesystem read-only [ 566.496171][T12168] EXT4-fs (loop3): 1 truncate cleaned up [ 566.501887][T12166] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -117 [ 566.521843][T12166] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 566.521852][T12168] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 566.563861][T12171] loop1: detected capacity change from 0 to 1024 [ 566.576933][T12171] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 566.589070][T12174] loop4: detected capacity change from 0 to 8 [ 566.633128][T10613] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 566.644185][T12171] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 566.660259][T12166] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: none. [ 566.762422][T11522] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 566.794573][T11484] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 566.833207][T12177] loop3: detected capacity change from 0 to 4096 [ 566.948456][T12185] loop1: detected capacity change from 0 to 256 [ 567.218092][T12193] rdma_op ffff888021d409f0 conn xmit_rdma 0000000000000000 [ 567.388192][T12194] loop3: detected capacity change from 0 to 2048 [ 567.477797][T12194] hpfs: filesystem error: invalid number of hotfixes: 266, used: 2; already mounted read-only [ 567.515438][T12194] hpfs: filesystem error: improperly stopped [ 567.521526][T12194] hpfs: filesystem error: sector(s) 'dir_band' badly placed at 7b318cc2 [ 567.677999][T12202] loop4: detected capacity change from 0 to 8 [ 567.937378][T12208] loop1: detected capacity change from 0 to 1024 [ 567.958705][T12208] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 568.002601][T12208] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 568.075303][T12215] loop3: detected capacity change from 0 to 128 [ 568.216910][T12215] Process accounting resumed [ 568.226639][T12215] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 545) [ 568.239100][T12215] FAT-fs (loop3): Filesystem has been set read-only [ 568.253439][T12215] FAT-fs (loop3): error, fat_free_clusters: deleting FAT entry beyond EOF [ 568.441632][T11484] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 568.520008][T12221] rdma_op ffff8880653331f0 conn xmit_rdma 0000000000000000 [ 568.795922][T12225] loop1: detected capacity change from 0 to 512 [ 569.467520][T12225] EXT4-fs (loop1): 1 truncate cleaned up [ 569.530174][T12225] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 569.782262][T11484] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 571.209665][T12253] loop3: detected capacity change from 0 to 128 [ 571.271391][T12253] Process accounting resumed [ 571.278532][T12253] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 545) [ 571.287791][T12253] FAT-fs (loop3): Filesystem has been set read-only [ 571.294858][T12253] FAT-fs (loop3): error, fat_free_clusters: deleting FAT entry beyond EOF [ 571.864006][ T5150] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 572.052939][ T5150] usb 5-1: Using ep0 maxpacket: 8 [ 572.063830][ T5150] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 572.078962][ T5150] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 572.114633][ T5150] usb 5-1: New USB device found, idVendor=05ac, idProduct=9219, bcdDevice=61.da [ 572.134214][ T5150] usb 5-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0 [ 572.157775][ T5150] usb 5-1: Manufacturer: syz [ 572.219820][ T5150] usb 5-1: config 0 descriptor?? [ 572.219942][T12285] loop0: detected capacity change from 0 to 128 [ 572.230801][ T5150] appledisplay 5-1:0.0: Submitting URB failed [ 572.245521][ T5150] appledisplay 5-1:0.0: probe with driver appledisplay failed with error -5 [ 572.389455][T12285] Process accounting resumed [ 572.400300][T12285] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 545) [ 572.411612][T12285] FAT-fs (loop0): Filesystem has been set read-only [ 572.428364][T12285] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF [ 572.486495][ T5149] usb 5-1: USB disconnect, device number 17 [ 573.180597][ T5102] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 573.198386][ T5102] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 573.216939][ T5102] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 573.229841][ T5102] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 573.238161][ T5102] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 573.245717][ T5102] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 573.874083][T12311] loop0: detected capacity change from 0 to 2048 [ 573.952288][T12311] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 574.087765][ T29] audit: type=1804 audit(1720491351.278:127): pid=12311 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.2019" name="/newroot/29/file1/file1" dev="loop0" ino=15 res=1 errno=0 [ 574.115072][T12311] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 574.203996][T12311] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 32 with error 28 [ 574.276554][T12311] EXT4-fs (loop0): This should not happen!! Data will be lost [ 574.276554][T12311] [ 574.339252][T12311] EXT4-fs (loop0): Total free blocks count 0 [ 574.391880][T12311] EXT4-fs (loop0): Free/Dirty block details [ 574.398289][T12311] EXT4-fs (loop0): free_blocks=2415919104 [ 574.413496][T12311] EXT4-fs (loop0): dirty_blocks=32 [ 574.437762][T12295] chnl_net:caif_netlink_parms(): no params data found [ 574.451539][T12311] EXT4-fs (loop0): Block reservation details [ 575.948234][T12331] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 576.385289][ T5114] Bluetooth: hci3: command tx timeout [ 576.402996][T12311] EXT4-fs (loop0): i_reserved_data_blocks=2 [ 576.545833][T12333] loop4: detected capacity change from 0 to 256 [ 576.918970][T11522] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 577.252990][ T9] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 577.597009][T12295] bridge0: port 1(bridge_slave_0) entered blocking state [ 577.711937][ T9] usb 4-1: Using ep0 maxpacket: 16 [ 578.079356][ T9] usb 4-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6 [ 578.420473][T12295] bridge0: port 1(bridge_slave_0) entered disabled state [ 578.450314][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 578.459224][T12295] bridge_slave_0: entered allmulticast mode [ 578.473165][ T5102] Bluetooth: hci3: command tx timeout [ 578.500697][T12295] bridge_slave_0: entered promiscuous mode [ 578.508528][ T9] usb 4-1: Product: syz [ 578.516434][ T9] usb 4-1: Manufacturer: syz [ 578.555914][ T9] usb 4-1: SerialNumber: syz [ 578.576434][T12295] bridge0: port 2(bridge_slave_1) entered blocking state [ 578.587549][T12360] tmpfs: Bad value for 'mpol' [ 578.602174][ T9] usb 4-1: config 0 descriptor?? [ 578.607355][T12295] bridge0: port 2(bridge_slave_1) entered disabled state [ 578.607628][T12295] bridge_slave_1: entered allmulticast mode [ 578.641052][T12295] bridge_slave_1: entered promiscuous mode [ 578.864709][T12295] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 578.926614][T12295] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 579.112279][T12295] team0: Port device team_slave_0 added [ 579.113029][ T5148] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 579.140241][T12295] team0: Port device team_slave_1 added [ 579.274754][T12295] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 579.292058][T12295] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 579.307579][ T47] usb 4-1: USB disconnect, device number 11 [ 579.346061][T12295] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 579.366143][ T5148] usb 5-1: Using ep0 maxpacket: 32 [ 579.392233][ T5148] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 579.393598][T12295] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 579.429779][T12295] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 579.437824][ T5148] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 579.491291][T12295] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 579.530553][ T5148] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 579.541095][ T5148] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 579.554743][ T5148] usb 5-1: New USB device found, idVendor=1b96, idProduct=9f0a, bcdDevice= 0.15 [ 579.564019][ T5148] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 579.631728][ T5148] usb 5-1: config 0 descriptor?? [ 579.745473][T12295] hsr_slave_0: entered promiscuous mode [ 579.796482][T12295] hsr_slave_1: entered promiscuous mode [ 579.836458][T12295] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 579.862941][T12295] Cannot create hsr debugfs directory [ 580.100978][ T5148] hid-generic 0003:1B96:9F0A.0008: hidraw0: USB HID v0.00 Device [HID 1b96:9f0a] on usb-dummy_hcd.4-1/input0 [ 580.553495][ T5102] Bluetooth: hci3: command tx timeout [ 580.711427][T12376] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 581.254537][ T9] usb 5-1: USB disconnect, device number 18 [ 581.694237][T12295] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 581.944164][T12387] loop0: detected capacity change from 0 to 2048 [ 582.003512][T12387] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 582.033135][T12387] ext4 filesystem being mounted at /36/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 582.127618][T11522] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 582.139619][T12295] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 582.292792][T12295] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 582.475838][T12295] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 582.603574][ T5190] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 582.623123][ T5102] Bluetooth: hci3: command tx timeout [ 582.645357][T12409] loop0: detected capacity change from 0 to 8 [ 582.708149][T12409] SQUASHFS error: Unable to read inode 0x9 [ 582.762211][T12295] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 582.770366][T12409] loop0: detected capacity change from 0 to 128 [ 582.797700][T12295] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 582.825350][ T5190] usb 2-1: Using ep0 maxpacket: 16 [ 582.825484][T12409] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 582.833669][T12295] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 582.866002][T12409] ext4 filesystem being mounted at /40/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 582.879944][T12385] loop3: detected capacity change from 0 to 40427 [ 582.894125][ T5190] usb 2-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6 [ 582.895041][T12295] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 582.910724][ T5190] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 582.929380][ T5190] usb 2-1: Product: syz [ 582.932939][T12385] F2FS-fs (loop3): Invalid Fs Meta Ino: node(1) meta(2) root(0) [ 582.936350][ T5190] usb 2-1: Manufacturer: syz [ 582.941261][T12385] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 582.957336][ T5190] usb 2-1: SerialNumber: syz [ 582.971263][ T5190] usb 2-1: config 0 descriptor?? [ 583.004000][T12385] F2FS-fs (loop3): invalid crc value [ 583.032233][T12385] F2FS-fs (loop3): Found nat_bits in checkpoint [ 583.079203][T11522] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 584.023445][T12385] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 584.030739][T12385] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 584.121878][T12295] 8021q: adding VLAN 0 to HW filter on device bond0 [ 584.164575][T12385] syz.3.2040: attempt to access beyond end of device [ 584.164575][T12385] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 584.186727][ T5148] usb 2-1: USB disconnect, device number 11 [ 584.200114][T12295] 8021q: adding VLAN 0 to HW filter on device team0 [ 584.261624][ T5150] bridge0: port 1(bridge_slave_0) entered blocking state [ 584.268912][ T5150] bridge0: port 1(bridge_slave_0) entered forwarding state [ 584.312155][ T5190] bridge0: port 2(bridge_slave_1) entered blocking state [ 584.319419][ T5190] bridge0: port 2(bridge_slave_1) entered forwarding state [ 584.328205][T10613] syz-executor: attempt to access beyond end of device [ 584.328205][T10613] loop3: rw=2049, sector=45104, nr_sectors = 8 limit=40427 [ 584.389044][T10613] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 584.479896][T12295] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 584.882786][T12295] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 585.046603][T12295] veth0_vlan: entered promiscuous mode [ 585.089008][T12295] veth1_vlan: entered promiscuous mode [ 585.094906][ T5150] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 585.214974][T12295] veth0_macvtap: entered promiscuous mode [ 585.227785][T12425] loop4: detected capacity change from 0 to 32768 [ 585.244582][T12295] veth1_macvtap: entered promiscuous mode [ 585.275639][T12295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 585.287455][T12295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 585.298147][ T5150] usb 1-1: Using ep0 maxpacket: 32 [ 585.303901][T12295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 585.318712][T12425] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 585.328256][ T5150] usb 1-1: config 1 has an invalid interface number: 66 but max is 2 [ 585.337563][ T5150] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 585.348714][T12295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 585.363080][ T5150] usb 1-1: config 1 has 4 interfaces, different from the descriptor's value: 3 [ 585.372969][T12295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 585.384284][ T5150] usb 1-1: config 1 has no interface number 3 [ 585.390567][ T5150] usb 1-1: too many endpoints for config 1 interface 1 altsetting 4: 123, using maximum allowed: 30 [ 585.401544][T12295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 585.419881][T12295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 585.432056][ T5150] usb 1-1: config 1 interface 1 altsetting 4 has 0 endpoint descriptors, different from the interface descriptor's value: 123 [ 585.445471][T12295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 585.455430][ T5150] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 585.468838][T12295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 585.480113][ T5150] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 585.482377][T12425] XFS (loop4): Ending clean mount [ 585.489937][T12295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 585.489963][T12295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 585.489985][T12295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 585.492414][T12295] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 585.535640][ T5150] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 585.545542][ T5150] usb 1-1: config 1 interface 1 has no altsetting 2 [ 585.552197][ T5150] usb 1-1: config 1 interface 2 has no altsetting 0 [ 585.560944][T12425] XFS (loop4): Quotacheck needed: Please wait. [ 585.561888][ T5150] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 585.595311][T12295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 585.606772][ T5150] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 585.618436][ T5150] usb 1-1: Product: syz [ 585.622712][ T5150] usb 1-1: Manufacturer: syz [ 585.627457][T12295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 585.637928][ T5150] usb 1-1: SerialNumber: syz [ 585.644983][T12295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 585.657005][T12295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 585.680827][T12295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 585.699083][T12295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 585.716077][T12425] XFS (loop4): Quotacheck: Done. [ 585.732952][T12295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 585.763509][T12295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 585.782950][T12295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 585.812930][T12295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 585.859154][T12295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 585.884554][ T5150] usb 1-1: selecting invalid altsetting 0 [ 585.924498][T12295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 585.940711][T12295] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 585.979611][ T5150] usb 1-1: USB disconnect, device number 16 [ 586.189442][T12295] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 586.391557][T12295] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 586.552352][T12295] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 586.709260][T12295] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 586.854773][ T7077] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 586.868205][T12468] loop1: detected capacity change from 0 to 128 [ 587.091007][ T968] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 587.104218][ T968] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 587.192129][ T968] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 587.235907][ T968] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 587.502225][T12486] netlink: 'syz.2.2009': attribute type 1 has an invalid length. [ 587.685225][T12495] loop2: detected capacity change from 0 to 1024 [ 587.727340][T12495] hfsplus: failed to load root directory [ 587.942596][T12501] loop1: detected capacity change from 0 to 512 [ 588.155777][T12501] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found [ 588.264263][T12501] UDF-fs: Scanning with blocksize 512 failed [ 588.429116][T12501] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found [ 588.554319][T12501] UDF-fs: Scanning with blocksize 1024 failed [ 588.604556][T12501] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found [ 588.644959][T12501] UDF-fs: Scanning with blocksize 2048 failed [ 588.680444][T12501] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 588.724969][T12501] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 589.891484][T12532] loop2: detected capacity change from 0 to 1024 [ 589.902921][ T927] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 589.965706][T12532] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 590.066768][T12535] loop1: detected capacity change from 0 to 512 [ 590.127281][T12535] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 590.178050][T12295] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 590.201456][T12535] ext4 filesystem being mounted at /65/w5T)`)YFnA@T<3ڂ$rcnHwC" -8 supports timestamps until 2038-01-19 (0x7fffffff) [ 590.315451][ T927] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 590.335469][T12549] xt_socket: unknown flags 0x50 [ 590.466318][T12535] EXT4-fs error (device loop1): ext4_do_update_inode:5149: inode #2: comm syz.1.2088: corrupted inode contents [ 590.487363][ T927] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 590.666428][T12535] EXT4-fs error (device loop1): ext4_dirty_inode:6009: inode #2: comm syz.1.2088: mark_inode_dirty error [ 590.740012][ T927] usb 4-1: New USB device found, idVendor=1799, idProduct=011b, bcdDevice=ba.b6 [ 590.840031][ T927] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 590.849619][T12535] EXT4-fs error (device loop1): ext4_do_update_inode:5149: inode #2: comm syz.1.2088: corrupted inode contents [ 590.902869][ T927] usb 4-1: Product: syz [ 590.916330][T12535] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #2: comm syz.1.2088: mark_inode_dirty error [ 590.932543][ T927] usb 4-1: Manufacturer: syz [ 590.954012][ T927] usb 4-1: SerialNumber: syz [ 590.994467][T12554] netlink: 'syz.2.2094': attribute type 1 has an invalid length. [ 591.062000][ T927] usb 4-1: config 0 descriptor?? [ 591.073885][T12535] trusted_key: encrypted_key: master key parameter 'user:' is invalid [ 591.098327][ T927] usb 4-1: bad CDC descriptors [ 591.226467][T11484] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 591.339242][ T927] usb 4-1: USB disconnect, device number 12 [ 591.366121][ T5148] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 591.573076][ T5148] usb 1-1: Using ep0 maxpacket: 32 [ 591.582997][ T5148] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 59, changing to 9 [ 591.617592][ T5148] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 17172, setting to 1024 [ 591.681181][ T5148] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 591.742589][ T5148] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 592.020028][ T5148] hub 1-1:4.0: USB hub found [ 592.205752][ T5148] hub 1-1:4.0: 2 ports detected [ 592.397508][ T5148] hub 1-1:4.0: hub_hub_status failed (err = -71) [ 592.429384][ T5148] hub 1-1:4.0: config failed, can't get hub status (err -71) [ 592.526356][ T5148] usb 1-1: USB disconnect, device number 17 [ 593.416030][T12583] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 593.801665][T12588] loop3: detected capacity change from 0 to 512 [ 593.991873][T12588] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 594.079510][T12602] xt_socket: unknown flags 0x50 [ 594.133260][T12588] ext4 filesystem being mounted at /148/w5T)`)YFnA@T<3ڂ$rcnHwC" -8 supports timestamps until 2038-01-19 (0x7fffffff) [ 594.718608][T12588] EXT4-fs error (device loop3): ext4_do_update_inode:5149: inode #2: comm syz.3.2107: corrupted inode contents [ 594.783270][T12588] EXT4-fs error (device loop3): ext4_dirty_inode:6009: inode #2: comm syz.3.2107: mark_inode_dirty error [ 594.847348][T12588] EXT4-fs error (device loop3): ext4_do_update_inode:5149: inode #2: comm syz.3.2107: corrupted inode contents [ 594.897344][T12607] netlink: 'syz.1.2112': attribute type 10 has an invalid length. [ 594.912881][T12588] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #2: comm syz.3.2107: mark_inode_dirty error [ 594.951081][T12607] team0: Port device netdevsim0 added [ 594.973079][ T5150] usb 5-1: new high-speed USB device number 19 using dummy_hcd [ 594.991207][T12610] netlink: 'syz.1.2112': attribute type 10 has an invalid length. [ 595.037969][T12588] trusted_key: encrypted_key: master key parameter 'user:' is invalid [ 595.183096][ T5150] usb 5-1: Using ep0 maxpacket: 32 [ 595.215448][ T5150] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 595.253136][ T5150] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 595.313194][ T5150] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 595.367499][ T5150] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 595.407928][T10613] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 595.427228][ T5150] usb 5-1: New USB device found, idVendor=1b96, idProduct=9f0a, bcdDevice= 0.15 [ 595.454337][ T5150] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 595.577425][ T5150] usb 5-1: config 0 descriptor?? [ 596.675742][ T5150] hid-generic 0003:1B96:9F0A.0009: hidraw0: USB HID v0.00 Device [HID 1b96:9f0a] on usb-dummy_hcd.4-1/input0 [ 597.224031][T12647] vxcan1: tx drop: invalid sa for name 0x0000000000000003 [ 597.476960][ T5150] usb 5-1: USB disconnect, device number 19 [ 597.839784][T12673] loop2: detected capacity change from 0 to 2048 [ 597.872599][T12673] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 598.630411][T12688] xt_socket: unknown flags 0x50 [ 600.128189][T12675] loop0: detected capacity change from 0 to 32768 [ 600.541392][T12716] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2154'. [ 600.800294][T12716] netlink: 'syz.1.2154': attribute type 15 has an invalid length. [ 600.877965][T12716] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 65023 - 0 [ 600.888515][T12716] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 65023 - 0 [ 600.898192][T12716] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 65023 - 0 [ 600.907614][T12716] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 65023 - 0 [ 600.924410][T12675] JFS: charset not found [ 601.085531][T12716] vxlan0: entered promiscuous mode [ 601.309544][T12732] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2163'. [ 601.768536][ T25] usb 1-1: new high-speed USB device number 18 using dummy_hcd [ 602.168675][T12741] loop3: detected capacity change from 0 to 512 [ 602.207292][T12741] EXT4-fs (loop3): blocks per group (95) and clusters per group (32768) inconsistent [ 602.257917][ T25] usb 1-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.32 [ 602.301338][ T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 602.582728][ T25] usb 1-1: config 0 descriptor?? [ 602.592768][ T25] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state. [ 603.754039][ T25] gp8psk: usb in 128 operation failed. [ 603.774134][ T25] gp8psk: usb in 137 operation failed. [ 603.783942][ T25] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-22) [ 603.797209][ T25] dvb_usb_gp8psk 1-1:0.0: probe with driver dvb_usb_gp8psk failed with error -22 [ 603.818743][ T25] usb 1-1: USB disconnect, device number 18 [ 604.023690][T12767] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2176'. [ 604.095297][T12769] vxcan1: tx drop: invalid sa for name 0x0000000000000003 [ 604.933061][ T5150] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 605.358187][T12805] loop0: detected capacity change from 0 to 128 [ 605.836387][T12809] loop4: detected capacity change from 0 to 512 [ 605.863918][T12809] EXT4-fs (loop4): blocks per group (95) and clusters per group (32768) inconsistent [ 605.886800][ T5150] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 0, changing to 7 [ 605.912906][ T5150] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xFF has invalid wMaxPacketSize 0 [ 605.922737][ T5150] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 605.976656][ T5150] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 605.991423][ T5150] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 606.020016][ T5150] usb 2-1: config 0 descriptor?? [ 606.339666][T12819] loop3: detected capacity change from 0 to 4096 [ 606.350848][T12819] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [ 606.409171][T12819] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [ 606.463946][ T5150] plantronics 0003:047F:FFFF.000A: unknown main item tag 0x0 [ 606.483931][ T5150] plantronics 0003:047F:FFFF.000A: No inputs registered, leaving [ 606.506213][ T5534] usb 1-1: new high-speed USB device number 19 using dummy_hcd [ 606.507885][ T5150] plantronics 0003:047F:FFFF.000A: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 606.711028][ T5534] usb 1-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.32 [ 606.740980][ T5534] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 606.770885][ T5534] usb 1-1: config 0 descriptor?? [ 606.791105][ T5534] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state. [ 607.756618][ T5534] gp8psk: usb in 128 operation failed. [ 607.914448][ T5534] gp8psk: usb in 137 operation failed. [ 607.920258][ T5534] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-22) [ 607.953308][ T5534] dvb_usb_gp8psk 1-1:0.0: probe with driver dvb_usb_gp8psk failed with error -22 [ 607.969808][ T5534] usb 1-1: USB disconnect, device number 19 [ 608.125023][T12847] loop2: detected capacity change from 0 to 512 [ 608.269491][T12853] loop2: detected capacity change from 0 to 164 [ 608.653101][T12860] loop1: detected capacity change from 0 to 64 [ 608.768608][ T927] usb 2-1: USB disconnect, device number 12 [ 608.979603][T12868] loop2: detected capacity change from 0 to 512 [ 609.095646][T12868] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 609.156628][T12868] ext4 filesystem being mounted at /35/w5T)`)YFnA@T<3ڂ$rcnHwC" -8 supports timestamps until 2038-01-19 (0x7fffffff) [ 609.260213][T12868] EXT4-fs error (device loop2): ext4_do_update_inode:5149: inode #2: comm syz.2.2214: corrupted inode contents [ 609.283694][T12868] EXT4-fs error (device loop2): ext4_dirty_inode:6009: inode #2: comm syz.2.2214: mark_inode_dirty error [ 609.297145][T12868] EXT4-fs error (device loop2): ext4_do_update_inode:5149: inode #2: comm syz.2.2214: corrupted inode contents [ 609.312040][T12868] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #2: comm syz.2.2214: mark_inode_dirty error [ 609.394973][T12868] trusted_key: encrypted_key: master key parameter 'user:' is invalid [ 609.591048][T12295] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 609.664127][T12891] loop0: detected capacity change from 0 to 512 [ 609.756090][T12898] loop0: detected capacity change from 0 to 164 [ 609.957304][T12888] loop1: detected capacity change from 0 to 4096 [ 610.007017][T12908] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 610.079697][T12910] loop2: detected capacity change from 0 to 1024 [ 610.112431][T12910] hfsplus: failed to load root directory [ 610.525471][T12921] loop2: detected capacity change from 0 to 64 [ 610.564510][T12921] hfs: bad catalog namelength [ 610.573804][T12921] hfs: get root inode failed [ 610.716107][T12928] loop1: detected capacity change from 0 to 512 [ 610.759043][T12928] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 610.778976][T12928] ext4 filesystem being mounted at /100/w5T)`)YFnA@T<3ڂ$rcnHwC" -8 supports timestamps until 2038-01-19 (0x7fffffff) [ 610.800998][T12931] loop4: detected capacity change from 0 to 1024 [ 610.886478][T12931] syz.4.2233: attempt to access beyond end of device [ 610.886478][T12931] loop4: rw=0, sector=201326592, nr_sectors = 2 limit=1024 [ 610.903294][T12931] Buffer I/O error on dev loop4, logical block 100663296, async page read [ 610.913998][T12931] syz.4.2233: attempt to access beyond end of device [ 610.913998][T12931] loop4: rw=0, sector=201326592, nr_sectors = 2 limit=1024 [ 610.929299][T12931] Buffer I/O error on dev loop4, logical block 100663296, async page read [ 610.958091][T12928] EXT4-fs error (device loop1): ext4_do_update_inode:5149: inode #2: comm syz.1.2232: corrupted inode contents [ 611.003404][T12928] EXT4-fs error (device loop1): ext4_dirty_inode:6009: inode #2: comm syz.1.2232: mark_inode_dirty error [ 611.051750][T12928] EXT4-fs error (device loop1): ext4_do_update_inode:5149: inode #2: comm syz.1.2232: corrupted inode contents [ 611.079293][T12928] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #2: comm syz.1.2232: mark_inode_dirty error [ 611.181685][T12928] trusted_key: encrypted_key: master key parameter 'user:' is invalid [ 611.202377][T12940] loop0: detected capacity change from 0 to 512 [ 611.338273][T12950] loop0: detected capacity change from 0 to 164 [ 611.505275][T11484] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 612.544559][ T930] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 612.763191][ T930] usb 2-1: Using ep0 maxpacket: 32 [ 612.770851][ T930] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 59, changing to 9 [ 612.800233][ T930] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 17172, setting to 1024 [ 612.825054][ T930] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 612.843973][ T930] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 612.860949][ T930] hub 2-1:4.0: USB hub found [ 612.941837][T12984] netlink: 'syz.4.2254': attribute type 1 has an invalid length. [ 612.995487][T12984] 8021q: adding VLAN 0 to HW filter on device bond1 [ 613.006537][T12984] bond0: (slave bond1): Enslaving as an active interface with an up link [ 613.024374][T12984] bond1: entered promiscuous mode [ 613.029769][T12984] bond1: entered allmulticast mode [ 613.073543][ T930] hub 2-1:4.0: 2 ports detected [ 613.204968][T12995] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 613.257408][T12994] loop4: detected capacity change from 0 to 2048 [ 613.268154][T12994] udf: Unknown parameter '00000000000000000000000uid' [ 613.277850][ T930] hub 2-1:4.0: hub_hub_status failed (err = -71) [ 613.303220][ T930] hub 2-1:4.0: config failed, can't get hub status (err -71) [ 613.352490][ T930] usb 2-1: USB disconnect, device number 13 [ 614.757949][T13016] netlink: 'syz.1.2267': attribute type 1 has an invalid length. [ 614.966567][T13016] 8021q: adding VLAN 0 to HW filter on device bond1 [ 615.006804][T13016] bond0: (slave bond1): Enslaving as an active interface with an up link [ 615.092225][T13016] bond1: entered promiscuous mode [ 615.108368][T13016] bond1: entered allmulticast mode [ 615.199476][T13008] loop4: detected capacity change from 0 to 32768 [ 615.247621][T13022] loop2: detected capacity change from 0 to 4096 [ 615.335917][T13008] JFS: charset not found [ 615.350827][T13025] loop1: detected capacity change from 0 to 2048 [ 615.368254][T13022] ntfs3: loop2: try to read out of volume at offset 0x3fffffc7000 [ 615.377697][T13025] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 615.379161][T13022] ntfs3: loop2: ino=21, The size of extended attributes must not exceed 64KiB [ 615.416302][T13025] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 616.697158][T13031] loop0: detected capacity change from 0 to 2048 [ 616.728309][T13031] udf: Unknown parameter '00000000000000000000000uid' [ 616.801974][ T1087] kworker/u8:6: attempt to access beyond end of device [ 616.801974][ T1087] loop1: rw=1, sector=2355, nr_sectors = 216 limit=2048 [ 618.259042][T13057] loop1: detected capacity change from 0 to 4096 [ 618.406152][T13057] ntfs3: loop1: try to read out of volume at offset 0x3fffffc7000 [ 618.422220][T13057] ntfs3: loop1: ino=21, The size of extended attributes must not exceed 64KiB [ 619.063427][T13080] loop1: detected capacity change from 0 to 128 [ 619.457492][T13090] netlink: 'syz.4.2296': attribute type 1 has an invalid length. [ 619.625719][T13090] 8021q: adding VLAN 0 to HW filter on device bond2 [ 619.687744][T13090] bond0: (slave bond2): Enslaving as an active interface with an up link [ 619.749226][T13101] bond2: entered promiscuous mode [ 619.764819][ T5114] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 619.786240][ T5114] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 619.800081][ T5114] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 619.816418][ T5114] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 619.824349][ T5114] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 619.833749][ T5114] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 619.861587][T13101] bond2: entered allmulticast mode [ 619.920276][T13106] loop0: detected capacity change from 0 to 2048 [ 620.123061][T13106] loop0: p3 < > p4 < > [ 620.127368][T13106] loop0: partition table partially beyond EOD, truncated [ 620.143742][T13106] loop0: p3 start 4284289 is beyond EOD, truncated [ 620.329395][T13110] loop1: detected capacity change from 0 to 2048 [ 620.521715][T13110] NILFS (loop1): corrupt root inode [ 620.809167][T13103] chnl_net:caif_netlink_parms(): no params data found [ 620.969181][T13108] loop1: detected capacity change from 0 to 512 [ 621.007660][T13108] EXT4-fs (loop1): Number of reserved GDT blocks insanely large: 40960 [ 621.131221][T13103] bridge0: port 1(bridge_slave_0) entered blocking state [ 621.143179][T13103] bridge0: port 1(bridge_slave_0) entered disabled state [ 621.163209][T13103] bridge_slave_0: entered allmulticast mode [ 621.181642][T13103] bridge_slave_0: entered promiscuous mode [ 621.243392][T13103] bridge0: port 2(bridge_slave_1) entered blocking state [ 621.261295][T13103] bridge0: port 2(bridge_slave_1) entered disabled state [ 621.272746][T13103] bridge_slave_1: entered allmulticast mode [ 621.286829][T13103] bridge_slave_1: entered promiscuous mode [ 621.356019][T13103] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 621.388898][T13103] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 621.907490][ T5102] Bluetooth: hci7: command tx timeout [ 622.107849][T13103] team0: Port device team_slave_0 added [ 622.131476][T13103] team0: Port device team_slave_1 added [ 622.283231][T13103] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 622.301006][T13103] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 622.327002][ C1] vkms_vblank_simulate: vblank timer overrun [ 622.389654][T13103] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 622.428271][T13103] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 622.451654][T13145] loop0: detected capacity change from 0 to 512 [ 622.467415][T13103] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 622.493368][ C1] vkms_vblank_simulate: vblank timer overrun [ 622.515124][T13103] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 622.532654][T13145] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 622.563230][T13148] netlink: 'syz.1.2314': attribute type 1 has an invalid length. [ 622.577259][T13145] EXT4-fs (loop0): 1 truncate cleaned up [ 622.586243][T13145] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 622.674546][T13158] bond2: entered promiscuous mode [ 622.679649][T13158] bond2: entered allmulticast mode [ 622.716205][T13151] 8021q: adding VLAN 0 to HW filter on device bond2 [ 622.744503][T13151] bond0: (slave bond2): Enslaving as an active interface with an up link [ 623.014166][T11522] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 623.017613][T13103] hsr_slave_0: entered promiscuous mode [ 623.035954][T13103] hsr_slave_1: entered promiscuous mode [ 623.084473][T13103] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 623.127776][T13103] Cannot create hsr debugfs directory [ 623.827771][ C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 624.004501][ T5102] Bluetooth: hci7: command tx timeout [ 624.211432][T13103] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 624.236651][T13183] loop4: detected capacity change from 0 to 256 [ 624.317436][T13182] netlink: 2 bytes leftover after parsing attributes in process `syz.0.2324'. [ 624.342756][T13183] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 624.374142][ T29] audit: type=1326 audit(1720491401.568:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13181 comm="syz.0.2324" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd98eb75bd9 code=0x0 [ 624.790994][ T1252] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.798959][ T1252] ieee802154 phy1 wpan1: encryption failed: -22 [ 625.535650][T13103] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 625.841633][T13103] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 626.007809][T13103] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 626.063725][ T5102] Bluetooth: hci7: command tx timeout [ 626.149183][T13217] ieee802154 phy0 wpan0: encryption failed: -22 [ 626.168269][T13217] loop2: detected capacity change from 0 to 512 [ 626.192487][T13217] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2234: inode #15: comm syz.2.2335: corrupted in-inode xattr: invalid ea_ino [ 626.225614][T13217] EXT4-fs error (device loop2): ext4_orphan_get:1399: comm syz.2.2335: couldn't read orphan inode 15 (err -117) [ 626.256949][ C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 626.281995][T13217] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 626.289361][T13103] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 626.316167][T13103] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 626.327546][T13103] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 626.349266][T13103] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 626.358516][T13217] EXT4-fs error (device loop2): ext4_lookup:1814: inode #2: comm syz.2.2335: deleted inode referenced: 15 [ 626.418969][T13217] EXT4-fs error (device loop2): ext4_lookup:1814: inode #2: comm syz.2.2335: deleted inode referenced: 15 [ 626.454366][T13217] EXT4-fs error (device loop2): ext4_lookup:1814: inode #2: comm syz.2.2335: deleted inode referenced: 15 [ 626.530616][T12295] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 626.556737][T13225] loop1: detected capacity change from 0 to 256 [ 626.602623][T13225] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 626.606906][T13103] 8021q: adding VLAN 0 to HW filter on device bond0 [ 626.675948][T13225] netlink: 'syz.1.2339': attribute type 8 has an invalid length. [ 626.698377][T13103] 8021q: adding VLAN 0 to HW filter on device team0 [ 626.755368][ T5534] bridge0: port 1(bridge_slave_0) entered blocking state [ 626.762651][ T5534] bridge0: port 1(bridge_slave_0) entered forwarding state [ 626.791624][ T5534] bridge0: port 2(bridge_slave_1) entered blocking state [ 626.798866][ T5534] bridge0: port 2(bridge_slave_1) entered forwarding state [ 626.952128][T13231] loop4: detected capacity change from 0 to 512 [ 627.011067][T13231] EXT4-fs: Ignoring removed i_version option [ 627.063830][T13231] EXT4-fs: Ignoring removed mblk_io_submit option [ 627.108460][T13231] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 627.285091][T13231] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b056e118, mo2=0002] [ 627.571316][T13231] System zones: 1-12 [ 627.873424][T13231] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2234: inode #15: comm syz.4.2342: corrupted in-inode xattr: e_value size too large [ 627.991580][T13231] EXT4-fs error (device loop4): ext4_orphan_get:1399: comm syz.4.2342: couldn't read orphan inode 15 (err -117) [ 628.109950][T13231] EXT4-fs (loop4): mounted filesystem 00000000-00c8-1300-0000-000000000000 r/w without journal. Quota mode: writeback. [ 628.111647][T13252] loop0: detected capacity change from 0 to 2048 [ 628.144239][ T5102] Bluetooth: hci7: command tx timeout [ 628.153447][T13252] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 628.164542][T13252] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4 [ 628.178271][T13252] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 628.240289][T13103] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 628.339419][T13103] veth0_vlan: entered promiscuous mode [ 628.365841][T13103] veth1_vlan: entered promiscuous mode [ 628.374441][T13260] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2350'. [ 628.396950][T13260] bridge0: port 2(bridge_slave_1) entered disabled state [ 628.404714][T13260] bridge0: port 1(bridge_slave_0) entered disabled state [ 628.417817][T13260] bridge0: entered promiscuous mode [ 628.547786][T13103] veth0_macvtap: entered promiscuous mode [ 628.570566][T13103] veth1_macvtap: entered promiscuous mode [ 628.601151][T13103] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 628.612173][T13103] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 628.613279][ T25] usb 5-1: new high-speed USB device number 20 using dummy_hcd [ 628.635499][T13103] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 628.646499][T13103] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 628.658049][T13103] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 628.675121][T13103] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 628.689139][T13103] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 628.700428][T13103] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 628.712172][T13103] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 628.733336][T13103] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 628.752604][T13103] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 628.764154][T13103] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 628.768813][T13269] loop0: detected capacity change from 0 to 7 [ 628.774540][T13103] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 628.791484][T13103] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 628.796558][T13269] Dev loop0: unable to read RDB block 7 [ 628.804660][T13103] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 628.807533][T13269] loop0: AHDI p1 [ 628.820604][T13269] loop0: partition table partially beyond EOD, truncated [ 628.836922][T13103] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 628.848931][T13103] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 628.861156][T13103] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 628.865349][ T25] usb 5-1: config 17 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 149, changing to 11 [ 628.885261][T13103] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 628.895561][T13103] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 628.906486][T13103] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 628.927762][T13103] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 628.934130][ T25] usb 5-1: config 17 interface 0 altsetting 0 endpoint 0xFF has invalid maxpacket 59391, setting to 1024 [ 628.940278][T13103] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 628.960918][T13103] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 628.976835][ T25] usb 5-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00 [ 628.986587][T13103] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 628.992334][ T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 629.015692][T13103] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 629.032370][T13231] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 629.053277][T13103] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 629.063692][T13103] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 629.074658][T13103] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 629.093860][T13103] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 629.137202][T13103] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 629.154951][T13103] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 629.164143][T13103] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 629.173469][T13103] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 629.195150][T13276] loop1: detected capacity change from 0 to 64 [ 629.464019][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 629.471908][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 629.597811][T13286] loop1: detected capacity change from 0 to 1024 [ 629.619440][ T6139] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 629.638520][ T6139] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 629.640163][ T25] aiptek 5-1:17.0: Aiptek using 400 ms programming speed [ 629.678221][ T25] input: Aiptek as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:17.0/input/input25 [ 629.694264][T13286] hfsplus: failed to load root directory [ 629.738068][T13288] netlink: 256 bytes leftover after parsing attributes in process `syz.0.2362'. [ 629.738365][ T25] usb 5-1: USB disconnect, device number 20 [ 629.748064][ C1] aiptek 5-1:17.0: aiptek_irq - usb_submit_urb failed with result -19 [ 629.961392][T13296] netlink: 2 bytes leftover after parsing attributes in process `syz.0.2364'. [ 629.995837][ T29] audit: type=1326 audit(1720491407.188:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13294 comm="syz.0.2364" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd98eb75bd9 code=0x0 [ 630.167070][T13298] loop1: detected capacity change from 0 to 64 [ 630.198500][T13298] hfs: bad catalog namelength [ 630.207973][T13298] hfs: get root inode failed [ 630.334495][ T7077] EXT4-fs (loop4): unmounting filesystem 00000000-00c8-1300-0000-000000000000. [ 630.546211][T13313] loop4: detected capacity change from 0 to 256 [ 630.556770][T13313] FAT-fs (loop4): bogus number of directory entries (4) [ 630.563842][T13313] FAT-fs (loop4): Can't find a valid FAT filesystem [ 630.732712][T13322] loop2: detected capacity change from 0 to 512 [ 630.824318][T13322] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 630.840694][T13322] ext4 filesystem being mounted at /84/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 631.137134][T12295] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 631.238550][T13344] loop4: detected capacity change from 0 to 256 [ 631.278142][T13345] loop0: detected capacity change from 0 to 512 [ 631.314924][T13344] FAT-fs (loop4): bogus number of directory entries (4) [ 631.322255][T13344] FAT-fs (loop4): Can't find a valid FAT filesystem [ 631.330956][T13345] EXT4-fs: Ignoring removed mblk_io_submit option [ 631.342398][T13345] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 631.449053][T13345] EXT4-fs (loop0): 1 truncate cleaned up [ 631.457831][T13345] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 633.404539][T11522] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 634.056717][T13376] loop3: detected capacity change from 0 to 512 [ 634.153022][T13376] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 634.209826][T13376] ext4 filesystem being mounted at /7/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 634.396393][T13389] loop1: detected capacity change from 0 to 256 [ 634.423385][T13391] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2399'. [ 634.445692][T13391] bridge0: entered promiscuous mode [ 634.487232][T13103] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 634.544834][T13394] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2398'. [ 634.979126][T13405] loop0: detected capacity change from 0 to 512 [ 635.011623][T13405] EXT4-fs: Ignoring removed mblk_io_submit option [ 635.029895][T13405] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 635.141830][T13405] EXT4-fs (loop0): 1 truncate cleaned up [ 635.150433][T13405] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 635.869362][T13427] loop2: detected capacity change from 0 to 512 [ 635.879720][T11522] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 635.937871][T13427] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 635.983128][T13427] ext4 filesystem being mounted at /90/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 636.016131][T13435] loop1: detected capacity change from 0 to 128 [ 636.369793][T12295] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 636.435238][T13400] loop3: detected capacity change from 0 to 32768 [ 637.334030][T13400] JFS: charset not found [ 637.362085][ T29] audit: type=1326 audit(1720491414.538:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13455 comm="syz.2.2423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e34d75bd9 code=0x7ffc0000 [ 637.489574][ T29] audit: type=1326 audit(1720491414.538:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13455 comm="syz.2.2423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e34d75bd9 code=0x7ffc0000 [ 638.772917][ T29] audit: type=1326 audit(1720491414.538:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13455 comm="syz.2.2423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f5e34d75bd9 code=0x7ffc0000 [ 638.828101][T13468] loop4: detected capacity change from 0 to 128 [ 638.878619][T13469] loop1: detected capacity change from 0 to 1024 [ 638.892866][ T29] audit: type=1326 audit(1720491414.538:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13455 comm="syz.2.2423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e34d75bd9 code=0x7ffc0000 [ 638.984518][ T29] audit: type=1326 audit(1720491414.538:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13455 comm="syz.2.2423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=203 compat=0 ip=0x7f5e34d75bd9 code=0x7ffc0000 [ 639.038014][T13471] loop0: detected capacity change from 0 to 64 [ 639.090058][ T29] audit: type=1326 audit(1720491414.678:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13455 comm="syz.2.2423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e34d75bd9 code=0x7ffc0000 [ 639.112097][T13475] loop4: detected capacity change from 0 to 256 [ 639.161602][ T29] audit: type=1326 audit(1720491414.678:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13455 comm="syz.2.2423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e34d75bd9 code=0x7ffc0000 [ 639.162691][T13471] BFS-fs: bfs_fill_super(): Inode 0x00000032 corrupted on loop0 [ 639.238834][T13475] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000e8a4, chksum : 0xe00de75b, utbl_chksum : 0xe619d30d) [ 639.409423][T13484] loop3: detected capacity change from 0 to 512 [ 639.425001][T13483] openvswitch: netlink: nsh attr 1 has unexpected len 0 expected 8 [ 639.440732][T13484] EXT4-fs: Ignoring removed mblk_io_submit option [ 639.469156][T13484] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 639.524771][T13484] EXT4-fs (loop3): 1 truncate cleaned up [ 639.538373][T13484] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 639.866953][T13495] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2436'. [ 639.891532][T13499] binder: 13488:13499 ioctl c0046209 0 returned -22 [ 640.573652][T13502] loop2: detected capacity change from 0 to 128 [ 640.581788][T13503] netem: change failed [ 641.003173][ T927] usb 1-1: new high-speed USB device number 20 using dummy_hcd [ 641.213418][ T927] usb 1-1: Using ep0 maxpacket: 16 [ 641.234553][ T927] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7 [ 641.247301][ T927] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 641.258065][ T927] usb 1-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 641.268215][ T927] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 641.302453][ T927] usb 1-1: config 0 descriptor?? [ 641.502135][T13514] loop2: detected capacity change from 0 to 64 [ 641.537683][T13503] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 641.563856][T13514] BFS-fs: bfs_fill_super(): Inode 0x00000032 corrupted on loop2 [ 641.572081][T13103] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 641.572552][T13503] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 641.610580][T13516] loop4: detected capacity change from 0 to 256 [ 641.633254][ T930] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 641.654452][T13516] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000e8a4, chksum : 0xe00de75b, utbl_chksum : 0xe619d30d) [ 641.836012][ T930] usb 2-1: config 1 has an invalid descriptor of length 208, skipping remainder of the config [ 641.854003][T13503] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 641.862644][ T930] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 641.863056][T13503] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 641.896828][ T930] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 641.914261][ T930] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 641.932316][ T930] usb 2-1: SerialNumber: syz [ 641.968628][ T927] hid (null): bogus close delimiter [ 641.972274][T13523] openvswitch: netlink: nsh attr 1 has unexpected len 0 expected 8 [ 641.997336][ T927] hid-generic 0003:0158:0100.000B: unknown main item tag 0x0 [ 642.038191][ T927] hid-generic 0003:0158:0100.000B: unknown main item tag 0x0 [ 642.058554][ T927] hid-generic 0003:0158:0100.000B: bogus close delimiter [ 642.089412][ T927] hid-generic 0003:0158:0100.000B: item 0 0 2 10 parsing failed [ 642.123868][ T927] hid-generic 0003:0158:0100.000B: probe with driver hid-generic failed with error -22 [ 642.191915][ T927] usb 1-1: USB disconnect, device number 20 [ 642.214585][ T930] usb 2-1: invalid UAC_HEADER (v1) [ 642.248406][T13527] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2451'. [ 642.288469][T13529] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2452'. [ 642.323415][ T930] snd-usb-audio 2-1:1.0: probe with driver snd-usb-audio failed with error -22 [ 642.392249][ T930] usb 2-1: USB disconnect, device number 14 [ 642.455260][ T29] audit: type=1326 audit(1720491419.648:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13531 comm="syz.4.2454" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0499775bd9 code=0x0 [ 642.514699][T13533] loop2: detected capacity change from 0 to 128 [ 642.578978][ T5114] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 642.595988][ T5114] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 642.605889][ T5114] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 642.625086][ T5114] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 642.633615][ T5114] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 642.647196][ T5114] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 642.855138][ T6139] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 643.035654][ T29] audit: type=1326 audit(1720491420.228:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13539 comm="syz.0.2456" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd98eb75bd9 code=0x0 [ 643.065243][ T6139] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 643.090287][T13545] netlink: 'syz.1.2458': attribute type 1 has an invalid length. [ 643.100241][T13545] netlink: 9388 bytes leftover after parsing attributes in process `syz.1.2458'. [ 643.207163][ T6139] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 643.389543][ T6139] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 643.553728][T13559] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2463'. [ 643.614591][T13562] loop2: detected capacity change from 0 to 128 [ 643.840690][T13534] chnl_net:caif_netlink_parms(): no params data found [ 643.841969][T13571] loop2: detected capacity change from 0 to 512 [ 643.896194][T13571] EXT4-fs (loop2): blocks per group (71) and clusters per group (20800) inconsistent [ 643.904471][T13569] loop4: detected capacity change from 0 to 1024 [ 643.932210][ T6139] bridge_slave_1: left allmulticast mode [ 643.944325][ T6139] bridge_slave_1: left promiscuous mode [ 643.957501][ T6139] bridge0: port 2(bridge_slave_1) entered disabled state [ 643.994898][ T6139] bridge_slave_0: left allmulticast mode [ 644.006366][ T6139] bridge_slave_0: left promiscuous mode [ 644.156244][ T6139] bridge0: port 1(bridge_slave_0) entered disabled state [ 644.284835][ T29] audit: type=1326 audit(1720491421.478:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13579 comm="syz.0.2471" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd98eb75bd9 code=0x0 [ 644.853055][ T5102] Bluetooth: hci7: command tx timeout [ 645.225689][T13589] loop0: detected capacity change from 0 to 2048 [ 645.290929][T13589] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 645.318622][T13589] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 645.537363][ T29] audit: type=1326 audit(1720491422.688:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13593 comm="syz.4.2476" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0499775bd9 code=0x0 [ 646.863136][ T5104] Bluetooth: hci7: command tx timeout [ 646.876955][T13610] loop2: detected capacity change from 0 to 512 [ 646.905402][T13610] EXT4-fs: Invalid want_extra_isize 16855 [ 646.923325][T13610] Bluetooth: MGMT ver 1.23 [ 647.101557][ T11] kworker/u8:0: attempt to access beyond end of device [ 647.101557][ T11] loop0: rw=1, sector=2347, nr_sectors = 728 limit=2048 [ 647.343810][ T5097] Bluetooth: hci2: command 0x0406 tx timeout [ 647.350222][ T5104] Bluetooth: hci1: command 0x0406 tx timeout [ 647.630972][ T29] audit: type=1326 audit(1720491424.818:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13617 comm="syz.1.2484" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6e72375bd9 code=0x0 [ 648.032213][ T6139] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 648.077440][ T6139] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 648.102354][T13624] loop2: detected capacity change from 0 to 512 [ 648.120735][T13624] EXT4-fs (loop2): blocks per group (71) and clusters per group (20800) inconsistent [ 648.297138][ T6139] bond0 (unregistering): Released all slaves [ 649.100315][ T5114] Bluetooth: hci7: command tx timeout [ 649.216693][T13631] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 649.239461][T13632] netlink: 'syz.1.2487': attribute type 1 has an invalid length. [ 649.286856][T13632] netlink: 224 bytes leftover after parsing attributes in process `syz.1.2487'. [ 649.390708][T13636] loop2: detected capacity change from 0 to 1024 [ 649.494985][T13643] loop1: detected capacity change from 0 to 512 [ 649.502234][T13643] EXT4-fs: Invalid want_extra_isize 16855 [ 649.536090][ T11] ================================================================== [ 649.544310][ T11] BUG: KASAN: slab-use-after-free in l2tp_session_delete+0x28/0x9e0 [ 649.552380][ T11] Write of size 8 at addr ffff888029361008 by task kworker/u8:0/11 [ 649.560307][ T11] [ 649.562657][ T11] CPU: 0 UID: 0 PID: 11 Comm: kworker/u8:0 Not tainted 6.10.0-rc6-next-20240703-syzkaller #0 [ 649.572833][ T11] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 649.582922][ T11] Workqueue: l2tp l2tp_tunnel_del_work [ 649.588394][ T11] Call Trace: [ 649.591677][ T11] [ 649.594612][ T11] dump_stack_lvl+0x241/0x360 [ 649.599313][ T11] ? __pfx_dump_stack_lvl+0x10/0x10 [ 649.604552][ T11] ? __pfx__printk+0x10/0x10 [ 649.609157][ T11] ? _printk+0xd5/0x120 [ 649.613339][ T11] ? __virt_addr_valid+0x183/0x530 [ 649.618560][ T11] ? __virt_addr_valid+0x183/0x530 [ 649.623699][ T11] print_report+0x169/0x550 [ 649.628212][ T11] ? __virt_addr_valid+0x183/0x530 [ 649.633352][ T11] ? __virt_addr_valid+0x183/0x530 [ 649.638475][ T11] ? __virt_addr_valid+0x45f/0x530 [ 649.643604][ T11] ? __phys_addr+0xba/0x170 [ 649.648124][ T11] ? l2tp_session_delete+0x28/0x9e0 [ 649.653331][ T11] kasan_report+0x143/0x180 [ 649.657866][ T11] ? l2tp_session_delete+0x28/0x9e0 [ 649.663076][ T11] kasan_check_range+0x282/0x290 [ 649.668025][ T11] l2tp_session_delete+0x28/0x9e0 [ 649.673056][ T11] ? l2tp_tunnel_del_work+0x1d3/0x330 [ 649.678432][ T11] l2tp_tunnel_del_work+0x1cb/0x330 [ 649.683638][ T11] ? process_scheduled_works+0x945/0x1830 [ 649.689365][ T11] process_scheduled_works+0xa2c/0x1830 [ 649.694933][ T11] ? __pfx_process_scheduled_works+0x10/0x10 [ 649.700925][ T11] ? assign_work+0x364/0x3d0 [ 649.705525][ T11] worker_thread+0x86d/0xd40 [ 649.710134][ T11] ? __kthread_parkme+0x169/0x1d0 [ 649.715169][ T11] ? __pfx_worker_thread+0x10/0x10 [ 649.720288][ T11] kthread+0x2f0/0x390 [ 649.724383][ T11] ? __pfx_worker_thread+0x10/0x10 [ 649.729509][ T11] ? __pfx_kthread+0x10/0x10 [ 649.734110][ T11] ret_from_fork+0x4b/0x80 [ 649.738541][ T11] ? __pfx_kthread+0x10/0x10 [ 649.743153][ T11] ret_from_fork_asm+0x1a/0x30 [ 649.747952][ T11] [ 649.750985][ T11] [ 649.753306][ T11] Allocated by task 13644: [ 649.757804][ T11] kasan_save_track+0x3f/0x80 [ 649.762485][ T11] __kasan_kmalloc+0x98/0xb0 [ 649.767086][ T11] __kmalloc_noprof+0x1fc/0x400 [ 649.771956][ T11] l2tp_session_create+0x3b/0xc20 [ 649.776983][ T11] pppol2tp_connect+0xca3/0x17a0 [ 649.781922][ T11] __sys_connect+0x2df/0x310 [ 649.786517][ T11] __x64_sys_connect+0x7a/0x90 [ 649.791282][ T11] do_syscall_64+0xf3/0x230 [ 649.795956][ T11] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 649.801876][ T11] [ 649.804203][ T11] Freed by task 11: [ 649.808005][ T11] kasan_save_track+0x3f/0x80 [ 649.812684][ T11] kasan_save_free_info+0x40/0x50 [ 649.817736][ T11] poison_slab_object+0xe0/0x150 [ 649.822681][ T11] __kasan_slab_free+0x37/0x60 [ 649.827451][ T11] kfree+0x149/0x360 [ 649.831364][ T11] __sk_destruct+0x58/0x5f0 [ 649.835882][ T11] rcu_core+0xaaa/0x17a0 [ 649.840134][ T11] handle_softirqs+0x2c4/0x970 [ 649.844907][ T11] do_softirq+0x11b/0x1e0 [ 649.849244][ T11] __local_bh_enable_ip+0x1bb/0x200 [ 649.854476][ T11] l2tp_tunnel_del_work+0x1c3/0x330 [ 649.859764][ T11] process_scheduled_works+0xa2c/0x1830 [ 649.865318][ T11] worker_thread+0x86d/0xd40 [ 649.869916][ T11] kthread+0x2f0/0x390 [ 649.873992][ T11] ret_from_fork+0x4b/0x80 [ 649.878429][ T11] ret_from_fork_asm+0x1a/0x30 [ 649.883205][ T11] [ 649.885531][ T11] Last potentially related work creation: [ 649.891238][ T11] kasan_save_stack+0x3f/0x60 [ 649.895919][ T11] __kasan_record_aux_stack+0xac/0xc0 [ 649.901302][ T11] call_rcu+0x167/0xa70 [ 649.905467][ T11] pppol2tp_release+0x24b/0x350 [ 649.910318][ T11] sock_close+0xbc/0x240 [ 649.914567][ T11] __fput+0x24a/0x8a0 [ 649.918571][ T11] task_work_run+0x24f/0x310 [ 649.923183][ T11] syscall_exit_to_user_mode+0x168/0x370 [ 649.929030][ T11] do_syscall_64+0x100/0x230 [ 649.933635][ T11] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 649.939546][ T11] [ 649.941886][ T11] The buggy address belongs to the object at ffff888029361000 [ 649.941886][ T11] which belongs to the cache kmalloc-1k of size 1024 [ 649.956051][ T11] The buggy address is located 8 bytes inside of [ 649.956051][ T11] freed 1024-byte region [ffff888029361000, ffff888029361400) [ 649.969771][ T11] [ 649.972096][ T11] The buggy address belongs to the physical page: [ 649.978513][ T11] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x29360 [ 649.987309][ T11] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 649.995824][ T11] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 650.003811][ T11] page_type: 0xfdffffff(slab) [ 650.008496][ T11] raw: 00fff00000000040 ffff888015041dc0 0000000000000000 dead000000000001 [ 650.017081][ T11] raw: 0000000000000000 0000000000100010 00000001fdffffff 0000000000000000 [ 650.025937][ T11] head: 00fff00000000040 ffff888015041dc0 0000000000000000 dead000000000001 [ 650.034615][ T11] head: 0000000000000000 0000000000100010 00000001fdffffff 0000000000000000 [ 650.043290][ T11] head: 00fff00000000003 ffffea0000a4d801 ffffffffffffffff 0000000000000000 [ 650.051965][ T11] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 650.060696][ T11] page dumped because: kasan: bad access detected [ 650.067128][ T11] page_owner tracks the page as allocated [ 650.072841][ T11] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 5105, tgid 5105 (syz-executor), ts 81499728484, free_ts 81485091403 [ 650.092142][ T11] post_alloc_hook+0x1f3/0x230 [ 650.096930][ T11] get_page_from_freelist+0x2ccb/0x2d80 [ 650.102491][ T11] __alloc_pages_noprof+0x256/0x6c0 [ 650.107704][ T11] alloc_slab_page+0x5f/0x120 [ 650.112388][ T11] allocate_slab+0x5a/0x2f0 [ 650.116912][ T11] ___slab_alloc+0xcd1/0x14b0 [ 650.121620][ T11] __slab_alloc+0x58/0xa0 [ 650.125969][ T11] __kmalloc_cache_noprof+0x1d5/0x2c0 [ 650.131362][ T11] batadv_hard_if_event+0xe71/0x1620 [ 650.136658][ T11] notifier_call_chain+0x19f/0x3e0 [ 650.141782][ T11] register_netdevice+0x167f/0x1b00 [ 650.147017][ T11] macvlan_common_newlink+0x1189/0x1930 [ 650.152614][ T11] rtnl_newlink+0x14fe/0x2070 [ 650.157306][ T11] rtnetlink_rcv_msg+0x8a0/0x1180 [ 650.162344][ T11] netlink_rcv_skb+0x1e3/0x430 [ 650.167126][ T11] netlink_unicast+0x7f0/0x990 [ 650.171898][ T11] page last free pid 5099 tgid 5099 stack trace: [ 650.178223][ T11] free_unref_page+0xd22/0xea0 [ 650.182998][ T11] __put_partials+0xeb/0x130 [ 650.187591][ T11] put_cpu_partial+0x17c/0x250 [ 650.192364][ T11] __slab_free+0x2ea/0x3d0 [ 650.196783][ T11] qlist_free_all+0x9e/0x140 [ 650.201466][ T11] kasan_quarantine_reduce+0x14f/0x170 [ 650.206944][ T11] __kasan_slab_alloc+0x23/0x80 [ 650.211823][ T11] __kmalloc_cache_noprof+0x132/0x2c0 [ 650.217223][ T11] ref_tracker_alloc+0x14b/0x490 [ 650.222172][ T11] netdev_queue_update_kobjects+0x186/0x5f0 [ 650.228083][ T11] netdev_register_kobject+0x265/0x320 [ 650.233562][ T11] register_netdevice+0x12c5/0x1b00 [ 650.238776][ T11] macvlan_common_newlink+0x1189/0x1930 [ 650.244349][ T11] rtnl_newlink+0x14fe/0x2070 [ 650.249036][ T11] rtnetlink_rcv_msg+0x8a0/0x1180 [ 650.254075][ T11] netlink_rcv_skb+0x1e3/0x430 [ 650.258851][ T11] [ 650.261171][ T11] Memory state around the buggy address: [ 650.266803][ T11] ffff888029360f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 650.274872][ T11] ffff888029360f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 650.282940][ T11] >ffff888029361000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 650.291022][ T11] ^ [ 650.295362][ T11] ffff888029361080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 650.303530][ T11] ffff888029361100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 650.311591][ T11] ================================================================== [ 650.319756][ C0] vkms_vblank_simulate: vblank timer overrun [ 650.372946][ T11] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 650.380207][ T11] CPU: 0 UID: 0 PID: 11 Comm: kworker/u8:0 Not tainted 6.10.0-rc6-next-20240703-syzkaller #0 [ 650.390658][ T11] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 650.400753][ T11] Workqueue: l2tp l2tp_tunnel_del_work [ 650.406275][ T11] Call Trace: [ 650.409599][ T11] [ 650.412558][ T11] dump_stack_lvl+0x241/0x360 [ 650.417386][ T11] ? __pfx_dump_stack_lvl+0x10/0x10 [ 650.422720][ T11] ? __pfx__printk+0x10/0x10 [ 650.427353][ T11] ? preempt_schedule+0xe1/0xf0 [ 650.432418][ T11] ? vscnprintf+0x5d/0x90 [ 650.436798][ T11] panic+0x349/0x870 [ 650.440745][ T11] ? check_panic_on_warn+0x21/0xb0 [ 650.445900][ T11] ? __pfx_panic+0x10/0x10 [ 650.450340][ T11] ? _raw_spin_unlock_irqrestore+0x130/0x140 [ 650.456333][ T11] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 650.462679][ T11] ? print_report+0x502/0x550 [ 650.467381][ T11] check_panic_on_warn+0x86/0xb0 [ 650.472337][ T11] ? l2tp_session_delete+0x28/0x9e0 [ 650.477541][ T11] end_report+0x77/0x160 [ 650.481799][ T11] kasan_report+0x154/0x180 [ 650.486317][ T11] ? l2tp_session_delete+0x28/0x9e0 [ 650.491528][ T11] kasan_check_range+0x282/0x290 [ 650.496492][ T11] l2tp_session_delete+0x28/0x9e0 [ 650.501525][ T11] ? l2tp_tunnel_del_work+0x1d3/0x330 [ 650.506907][ T11] l2tp_tunnel_del_work+0x1cb/0x330 [ 650.512115][ T11] ? process_scheduled_works+0x945/0x1830 [ 650.517842][ T11] process_scheduled_works+0xa2c/0x1830 [ 650.523417][ T11] ? __pfx_process_scheduled_works+0x10/0x10 [ 650.529411][ T11] ? assign_work+0x364/0x3d0 [ 650.534020][ T11] worker_thread+0x86d/0xd40 [ 650.538716][ T11] ? __kthread_parkme+0x169/0x1d0 [ 650.543759][ T11] ? __pfx_worker_thread+0x10/0x10 [ 650.548891][ T11] kthread+0x2f0/0x390 [ 650.552978][ T11] ? __pfx_worker_thread+0x10/0x10 [ 650.558096][ T11] ? __pfx_kthread+0x10/0x10 [ 650.562698][ T11] ret_from_fork+0x4b/0x80 [ 650.567129][ T11] ? __pfx_kthread+0x10/0x10 [ 650.571732][ T11] ret_from_fork_asm+0x1a/0x30 [ 650.576516][ T11] [ 650.579771][ T11] Kernel Offset: disabled [ 650.584128][ T11] Rebooting in 86400 seconds..