last executing test programs: 42.010234475s ago: executing program 1 (id=2283): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(camellia)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000003080)=[{0x0, 0x0, 0x0}], 0x1, 0x0) recvmsg(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000240)=""/29, 0x1d}], 0x1}, 0x0) 40.651871636s ago: executing program 1 (id=2286): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_freezer_state(r0, &(0x7f00000000c0), 0x2, 0x0) r2 = openat$cgroup_procs(r0, &(0x7f00000001c0)='tasks\x00', 0x2, 0x0) write$cgroup_pid(r2, &(0x7f0000000040), 0x12) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) write$cgroup_freezer_state(r1, &(0x7f0000000400)='FROZEN\x00', 0x7) write$cgroup_freezer_state(r1, &(0x7f0000000080)='THAWED\x00', 0x7) 40.292279565s ago: executing program 1 (id=2289): syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000640)='./bus\x00', 0x0, &(0x7f0000000080)=ANY=[], 0x1, 0x1268, &(0x7f0000002500)="$eJzs3U9rI2UcB/Bf2vTv2qbquroL4oNeFCFue/DkpcguiAWl2gUVhFmbamialCYUIuLWkyfBlyHq0ZsgvoFevHgWBJFePO5BHGmT1aZJu7ptU5HP5zIPzzzfeWYyzMCE+TF7L32+sb7WLK9lrRgpFKK4ORbFuylSjMRodOzEc7d+/OnJN956+9XFpaUbyyndXHxz/sWU0uxT373z0ddPf9+6dOub2W8nYnfu3b3fFn7evbJ7de+Pr6LaTNVmqjdaKUu3G41WdrtWSavV5no5pddrlaxZSdV6s7LVs36t1tjcbKesvjozvblVaTZTVm+n9Uo7tQqptdVO2ftZtZ7K5XKamQ5OY+XLu3meR+T5WIxHnuf5VEzHpXgoZmI2SjEXD8cj8WhcjsfiSjweT8TVg1EXvd8AAAAAAAAAAAAAAAAAAADw/3Kf+v+C+n8AAAAAAAAAAAAAAAAAAAA4f0fr/4sRvv8PAAAAAAAAAAAAAAAAAAAAQ3af7/8fqf9/Xv0/AAAAAAAAAAAAAAAAAAAAnIfJzmI5pcmIjU+3V7ZXOstO/+JaVKMWlbgepfg9Dqr/Ozrtm68s3bieDszFCxt3uvk72yujvfn5sVLMFQbm5zv51JufiOnD+YUoxeXB8y8MzE/Gs8/s5z/p5MtRih/ei0bUYjWi0D36g/zH8ym9/NrSVG/+2v64Y42e82kBAACAs1ROf+l/ft/pDhq4vrOq+3yeuiMLJ/w/cOT5vBjXihd11NzTbH+4ntVqla0HbIwfv53x0225r1GIiCwO98xO/7K8P/mZTfGgjdGhTjp28phTnNMo/gd+zDNo/PrFoZ7JGO7sI91LIqvt3z//WSp28vxcd2zgxThxUur4e0ZhCPclhuPvk37RewIAAAAAAAAAAMC/MfDtv6mI6Hsf8IO+nnuvh/fG+7d8/OyfDeEIAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/mQHjgUAAAAAhPlbp9GxAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFcBAAD///ME0UM=") open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0) mount(&(0x7f00000000c0)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1400, 0x0) r0 = open(&(0x7f00000005c0)='./bus\x00', 0x0, 0x0) preadv2(r0, &(0x7f0000000040)=[{&(0x7f0000001200)=""/4096, 0xfffffdef}], 0x1, 0x0, 0x0, 0x0) 39.034654794s ago: executing program 1 (id=2291): r0 = gettid() dup2(0xffffffffffffffff, 0xffffffffffffffff) dup2(0xffffffffffffffff, 0xffffffffffffffff) syz_mount_image$fuse(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$cgroup(0x20000000, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000440)={[{@subsystem='devices'}]}) link(0x0, 0x0) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) mknodat(0xffffffffffffff9c, 0x0, 0x0, 0x0) timer_settime(0x0, 0x0, &(0x7f0000001880)={{}, {0x77359400}}, &(0x7f00000018c0)) rename(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000180)='./file0\x00') mount$cgroup(0x0, 0x0, 0x0, 0x180a9, 0x0) sendmsg$unix(0xffffffffffffffff, &(0x7f0000001800)={&(0x7f00000001c0)=@abs={0x1, 0x0, 0x4e23}, 0x6e, &(0x7f0000001740)=[{&(0x7f0000000280)}, {0x0}, {&(0x7f0000001540)="cab109fb7f40d64a01", 0x9}, {&(0x7f0000002240)}, {&(0x7f0000001580)="f6adb3c16c686237c5823777eadeabd0337477df748aec87de6aef67eea6fb6d9f8317a5ace5198e761e8d42c932e1f0cd48b1e6eed2d47850265d54340d8c150777c34fd3b7b49299c9744112d3c7236445192368ea1bab8e1b194c2c6fd68ef77b4d12a24a8384dc51b36f2f63dbe05af77b67860c9dbfab2c10a6d2177626946bebab34678268a9f6294d3e25d14b17ba73e66d5ccb8fdc9bddc94cd34834d843c1d9f11b09f8846d10e358cdcc5008a22c8943328c5e33d2ae5efca97de351273816ff01b3b38def268f8f8b", 0xce}, {&(0x7f0000001680)="5c9b1270767ee47cb0ca9d1ee58141be88a8855eaf10e6a6795199ee192aa8068d9dba06da5fc300db6ee82dbc9737312579ce781c0f64c3fd8c058573479545ee87bdbf58877da9747524cca70f532f868cdf7dafd8e023bfe487c64ac15fb97f0b7b28db8184ee8ea5d0b4a706d7a1ce2839e3907a3c46b5ba2adb559b9836dc8edeb044881c4550", 0x89}], 0x6}, 0x0) write$binfmt_script(0xffffffffffffffff, 0x0, 0x0) 36.672127385s ago: executing program 1 (id=2302): syz_mount_image$vfat(&(0x7f00000005c0), &(0x7f00000002c0)='./bus\x00', 0x1800840, &(0x7f0000002cc0)=ANY=[@ANYBLOB="6e6f6e756d7461696c3d302c756e695f786c6174653d302c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c73686f72746e616d653d77696e39352c6e6f6e756d7461696c3d302c757466383d302c6e6f6e756d7461696c3d302c696f636861727365743d69736f383835392d31342c636f6465706167653d3935302c696f636861727365743d6d6163696e7569742c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c005b5a0063b28c44cf0c3d"], 0x4, 0x367, &(0x7f0000000c80)="$eJzs3U9oHFUYAPBvO0k2KdTkIBQFYfQmaOgfPOgppaRQ3IvKUvXkYlOVbCxkcTE9dBsv4lHwqCcv4kEPHnoWQRFvHrxaQariQXsrWH2yu7PZ2ewmpsK2Fn+/w/Lle++b995mkp1Msi8vrcT6+dm4cOPG9Zifr8TMyumVuFmJpchi4EqMm5uQAwDuDTdTit9T3wFLKlOeEgAwZb3X/1eOlDJvfblf/+TVHwDuecXP/wv79Znfq+HiVKYEAEzZ2P3/R0aa50Z/1T9T+qsAAOBe9dwLLz59qhbxbJ7PR2y83a636/HUsP3UhXgtmrEWx2IxbkX0LxS6D5Xe45mztdVjeZ534qelqHcr2vWIjU673r9SOJX16qtxPBZjqagvrjZSStmZz2qrx/OeiLjS6Y0fG5V2fTYOF+N/fzjW4kTkcf9YfcTZ2uqJvDhAfWNQ34nYHt636M5/ORbj25fjYjTj/MK5SGlwWVNbvXw8z0+n2kh9u16N8zvPwp53QAAAAAAAAAAAAAAAAAAAAAAA4F9Zzncs7ex/k4b79ywvT2jv7Y/Try/2B9ru7w+UqilS+u3Nx+vvZDGyP9Du/Xna9Zk4dHeXDgAAAAAAAAAAAAAAAAAAAP8Zra25aDSba5utrUvr5aCz2do6FBHdzOtff/LFQoz3+Ydgphij1JQXqUvrjZQNOqdspE8RZN3BB5mPr+7MuNynurOKidOo7t3UbB55+Mf3h5mHssGR/xr2yWLyArNd0ygHG/f1p3Q7T9Slk0VwYnKfwTKb11JKk4/zZ0pp/MhRiZi5/U/cSJDvzqRu8NX1Vx842Tr6RC/zeep79LHFc9fe+/CX9UazO3Jvyh/NbbZupfVG8fHkk23vICudP5XoB5XymTCzX/n2aKaRfffr8w+++83BRk/lzBsT+mT95Xy62dqqFF8pvaZK/7Tp5nZVLTTPZhG7jjM74eSfQnD0g5XG1cs//HzQqtI3CRt1AAAAAAAAAAAAAAAAAADAHVF6r3iheLPv7H5VTz4z/ZkBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ0z/P//pWB7LHOQ4I9OjDdV1zZbEXN3e5kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPzP/R0AAP//pSBp3g==") open$dir(&(0x7f0000000200)='./file0\x00', 0x103, 0x0) 22.377859144s ago: executing program 0 (id=2344): syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="00b762db125ccf07756f2e63fad8dd9e30f85132ca13e943ea4a354592e11b24761ca4cb62d56be84c24d762829961ee1206e514b7157b7e9d72f1c22f355497bfeade86697ce75bafd8a0e9b8d1d0d8786433670adee675f9d31586f013397c412624f65ab90c85554812a382bf4bed80997a75b2fac6863112088405458d3c4c6b58"], 0x1, 0x17a, &(0x7f0000000240)="$eJzsmM9KAlEUxr97x5SiJ2jTIiEjGmfGijYthJYtiv7RLslJrFFDZ5Hu2rb1CYLeIGjdC/QCrSoSInDZeuL+UW+SWouC6PwWx+96zz2ee4RvYEAQxL/l6fHtofV8cWUBmEQSCf39i9XL4UZ+udlqVkvrrzfzd5v3a9ex/noMQBR9/fdFgdushVCvo+jj6aT+3Abv6h1wzGm9BwZb6wNw7Grtg2Ff62NDV0S+bR8VA98+rAR5IRwRXBE8ETL9/bXPGfJGf8zYr9UbJ7kg8Ks/KEbNr53lWDX6M/+vzmwcY34uOFytM2DY0noFic5s1EiM+0/FevWtX74/CRIk/pro+VN0yTBr+JP50EiHpdN0rd5YKJZyBb/glz0vs+wsOs6Sl5ZGpOIQ/xuX/jRh1B8bkBtncZzlwrDqqthdeyp+5rhc+h9HakathffHB3aj9pk+x6RKWUPSCYIgCIIgCIIgCIIgCIIgvsE0mHwLOgJvQ2a/BwAA///uyXjV") socketpair(0x0, 0x0, 0x0, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}}, 0x0) timer_gettime(0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) mknodat$loop(0xffffffffffffffff, 0x0, 0x0, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ptrace$ARCH_SHSTK_STATUS(0x1e, 0x0, 0x0, 0x5005) r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x24, &(0x7f00000002c0)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x3}, {{0x18, 0x1, 0x1, 0x0, r4}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x2, 0x3, 0xa, 0x9, 0xfe00}, {0x5, 0x0, 0xb, 0xa}, {0x3, 0x3, 0x3, 0xa, 0xa, 0xfff8}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8, 0x0, 0x0, 0xfffffdff}, {}, {}, {0x7, 0x0, 0xc}, {0x18, 0x2, 0x2, 0x0, r3}, {}, {0x46, 0x8, 0xfff0, 0x76}}, @printk={@u, {0x3, 0x3, 0x3, 0x4, 0x9}}], {{0x7, 0x1, 0x7, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f00000003c0)) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000500)='./file2\x00', 0x0, 0x0) read$FUSE(r5, &(0x7f0000001a40)={0x2020}, 0x2020) 21.280980007s ago: executing program 0 (id=2345): r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) r1 = fanotify_init(0x200, 0x0) fanotify_mark(r1, 0x1, 0x4800003e, r0, 0x0) r2 = dup2(r1, r0) syz_mount_image$exfat(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x1000000, &(0x7f00000018c0)=ANY=[@ANYBLOB="6572726f72733d636f6e74696e75652c646973636172642c616c6c6f775f7574696d653d30303030303030303030303030303030303030303430312c696f636861727365743d63703935302c757466382c646d61736b3d30303030303030303030303030303030303030303030312c646d61736b5786944d6d0d7ff47c1b3d30303030303030303030303030303030303030303030302c646d61736b3d30303030303030303030303030303030303030303030312c757458382c6e61a790a69ebdbbbf279002bbb0837d3fe17076920e4685528ac8e0168c08ed55aad9e85cd4f24374d90543ed0327c6e4a194818cf9cba1d1e7e532c85817d3138c178df9e2e7d3031b26f469adbbb13b729e5c08bb949ef002b1b2efa13373f12277c4c18c4e9e46c695325f31c8a40d6ed83df20400000000000000bbb3b2af"], 0x1, 0x1515, &(0x7f00000002c0)="$eJzs3Au8jdXWMPAx5pwPm6SV5D7HHA8ruUySJJeEXJIkSZLcEpIkSUJyyy0JScg95B6SW0ju9/s9SY4kSUJCkvn9VOd1ztd7vvrec77Pe949/r/fs/cc+1ljrPGssfZez3p+e+9v2g2sVKdy+VrMDP8U/PVTVwBIAYA+AHAdAEQAUCxTsUyX96fT2PWfuxPxr/Xw1KvdgbiaZP6pm8w/dZP5p24y/9RN5p+6yfxTN5l/6ibzFyI12zot+/Wypd7tz1//d//n3XL9/9+QvP7/j/WnvtNk/qmbzD91k/mnbjL/1E3mn7rJ/FM3mX/qJvMXIjW72tef/w22vz5UV7uPP9ii/1Le1X32CSGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYRILc6HKwwA/HV9tfsSQgghhBBCCCHEv05Ie7U7EEIIIYQQQgghxP97CGA0GIggDaSFFEgH6eEayADXQka4DhJwPWSCGyAz3AhZICtkg+yQA3JCLrBA4IAhhtyQB5JwE+SFmyEf5IcCUBA8FILCcAsUgVuhKNwGxWD2QoA7oASUhFJQGu6EMnAXlIVyUB7uhgpQESpBZbgHqsC9UBXug2pwP1SHB6AGPAg14SGoBQ9DbXgE6sCjUBceg3pQHxpAQ2j0X8p/CTrBy9AZukBX6Abd4RXoAT2hF/SGPvAq9IXXoB+8Dv1hAAyEN2AQvAmD4S0YAkNhGLwNw2EEjIRRMBrGwFh4B8bBeJgA78JEmASTYQpMhWkwHd6DGTATZsH7MBs+gDkwF+bBfFgAH8JCWASL4SNYAh/DUlgGy2EFrIRVsBrWwFpYB+thA2yETbAZtsBW2AbbYQfshF2wG/aU2wufwD74FPbDZ3AAPv+/zD8Hf5/fHgEBFSo0aDANpsEUTMH0mB4zYAbMiBkxgQnMhJkwM2bGLJgFs2E2zIE50l1+4hASMjLmxtyYxCTmxbyYD/NhASyAHj0WxsJYBG/FolgUi2ExLI7FsQSWxJJYGktjGSyDZbEslr9jLgBWwEpYCe/Be/BerIpVsRpWw+pYHWtgDayJNbEW1sLaWBvrYB2si3WxHtbDBtgAG2EjbIyNsQk2wWbYDJtjc2yBLbAltsRW2ApbY2tsg22wLbbFdtgO22MH7IAv4Uv4Mr6MXbCC6obdsTv2wB7YC3tjb3wV++Jr+Bq+jv1xAA7EN/ANfBMH41kcgkNxGA7DMmoEjsRRyGoMjsWxOA7H4QScgBNxEk7CKTgVp+F0nI4zcCbOxPdxNn6AH+BcnIvzcQEuwIW4CBfjYlyC53ApLsPluAJX4ipciWtwLa7B9bgB1+Mm3IRbcAtuw224A3fgLtyFe3APfoKf4Kf4KfbHA3gAD+JBPISH8DAexiN4BI/i0W3XAOBxPI4n8ASexFN4Gk/hGTyDZ/EcnsfzeAEv4EV8IcdXtffkX9cf1GVGGZVGpVEpKkWlV+lVBpVBZVQZVUIlVCaVSWVWmVUWlUVlU9lUDpVD5VK5FClSrGKVW+VWSZVUeVVelU/lUwVUAeWVV4VVYVVEFVFFVVFVTN2uiqs7VAlVUjX1pVVpVUY182VVOVVelVcVVEVVSVVWlVUVVUVVVVVVNVVNVVfVVQ31oKqpumEvfFhdnkwdNQDrqoFYT9VXDVRD9SY+rhqrwdhENVXN1JNqKA7BFqqxb6meUa3USGytnlOj8HnVVo3BdupF1V51UB3VS6qTauI7qy5qInZT3dUU7KF6ql6qt5qBFdXliVVSr6v+aoAaqN5Q8/FNNVi9pYaooWqYelsNVyPUSDVKjVZj1Fj1jhqnxqsJ6l01UU1Sk9UUNVVNU9PVe2qGmqlmqffVbPWBmqPmqnlqvlqgPlQL1SK1WH2klqiP1VK1TC1XK9RKtUqtVmvUWrVOrVcb1Ea1SW1WW9RWtU1tVzvUTrVL7VZ71F71idqnPlX71WfqgPpcHVR/UYfUF+qw+lIdUV+po+prdUx9o46rb9UJ1UWdVKfUafW9OqN+UGfVOXVe/aguqJ/URfWzuqSCAo1aaa2NjnQanVan6HQ6vb5GZ9DX6oz6Op3Q1+tM+gadWd+os+isOpvOrnPonDqXtpq006xjnVvn0Ul9k86rb9b5dH5dQBfUXhfShfUtuoi+VRfVt+li+nZdXN+hS+iSupQure/UZfRduqwup8vru3UFXVFX0pX1PbqKvldX1ffpavp+XV0/oGvoB3VN/ZCupR/WtfUjuo5+VNfVj+l6ur5uoBvqRvpx3Vg/oZvoprqZflI310/pFvpp3VI/o1vpZ3Vr/Zxuo5/XbfULup1+UbfXHXRH/bO+pIPurLvorrqb7q5f0T10T91L99Z99Ku6r35N99Ov6/56gB6o39CD9Jt6sH5LD9FD9TD9th6uR+iRepQercfosfodPU6P1xP0u3qinqQn6yl6qp6me/1WadafyB//n+T3++Xet+itepvernfonXqX3q336L16r96n9+n9er8+oA/og/qgPqQP6cP6sD6ij+ij+qg+po/p4/q4PqFP6JP6lP5Rf6/P6B/0WX1On9M/6gv6gr7422MABo0y2hgTmTQmrUkx6Ux6c43JYK41Gc11JmGuN5nMDSazudFkMVlNNpPd5DA5TS5jDRln2MQmt8ljkuYmk9fcbPKZ/KaAKWi8KWQKm1v+6fx/0N+Kyb+evJhGppFpbBqbJqaJaWaameamuWlhWpiWpqVpZVqZ1qa1aWPamLamrWln2pn2pr3paDqaTqaT6Yxgupquprt5xfQwPU0v09v0Ma+avqav6Wf6mf6mvxloBppBZpAZbAabIWaIMQAw3Aw3I81IM9qMNmPNWDPOjDMTzAQz0Uw0k81kM9VMNdPNdDPDzDCzzCwz28w2c8wcM8/MMwvMArPQLDSLzWKzxCwxS80ys8ysMCvMKrPKrDFrzDqzzmwwG8wms8ksNVvNVrPdbDc7zU6z2+w2e81es8/sM/vNfnPAHDAHzUFzyBwyh81hc8QcMUfNUXPMHDPHzXFzwpwwJ81Jc9qcNmfMGXPWnDXnzXlzwVwwF81Fc8lcunzaF6lIRSYyUZooTZQSpUTpo/RRhihDlDHKGCWiRJQpyhRljm6MskRZo2xR9ihHlDPKFdmIIhdxFEe5ozxRMropyhvdHOWL8kcFooKRjwpFhaNboiLRrVHR6LaoWHR7VDy6IyoRlYxKRaWjO6My0V1R2ahcVD66O6oQVYwqRZWje6Iq0b1R1ei+qFp0f1Q9eiCqET0Y1YweimpFD0e1o0eiOtGjUd3osaheVD9qEDWMGv1L64dwNusTvrPtYtNCN9vdvmJ72J62l+1t+9hXbV/7mu1nX7f97QA70L5hB9k37WD7lh1ih9ph9m073I6wI+0oO9qOsWPtO3acHW8n2HftRDvJTrZT7FQ7zU6379kZdqadZd+3s+0Hdo6da+fZ+XaB/dAutIvsYvuRXWI/tkvtMrvcrrAr7Sq72q6xa+06u95usBvtJrvZbrFb7Ta73e6wO+0uu9vusXvtJ3af/dTut5/ZA/Zze9Cm/HZ+/6U9Yr+yR+3X9pj9xh6339oT9jt70p6yp+339oz9wZ615+x5+6O9YH+yF+3P9pINl0/uL7+8kyFDaSgNpVAKpaf0lIEyUEbKSAlKUCbKRJkpM2WhLJSNslEOykG5KBddxsSUm3JTkpKUl/JSPspHBagAefJUmApTESpCRakoFaNiVJyKUwkqQaWoFN1Jd9JddBeVo3J0N91NFakiVabKVIWqUFWqStWoGlWn6lSDalBNqkm1qBbVptpUh+pQXapL9ageNaAG1IgaUWNqTE2oCTWjZtScmlMLakEtqSW1olbUmlpTG2pDbakttaN21J7aU0fqSJ2oE3WmztSVulJ36k49qAf1ol7Uh/pQX+pL/agf9af+NJAG0iAaRINpMA2hoTSM3qbhNIJG0igaTWNoLI2lcTSOJtAEmkgTaTJNpqk0labTdJpBM2gWzaLZNJvm0ByaR/NoAS2ghbSQFtNiWkJLaCktpeW0nFbSSlpNq2ktraX1tJ420kbaTJtpK22l7bSddtJO2k27aS/tpX20j/bTfjpAB+ggHaRDdIgO02E6QkfoKB2lY3SMjtNxOkEn6CSdpNN0ms7QGTpLZ+k8nacL9BNdpJ/pEgVKcelceneNy+CudRndde5/j7O57C6Hy+lyOeuyuKx/F5NzLp/L7wq4gs67Qq6wu+V3cQlX0pVypd2droy7y5V1JVzda359vv4aV1m789dfRHf3u8ruHlfF3euquvtcNXe/q+4ecDXco66me8zVcvVdbdfQ1XGPurruMVfP1XcNXEPX3D3lWrinXUv3jGvlnv1dvNAtcmvdOrfebXD73KfuvPvRHXPfuAvuJ9fZdXF93Kuur3vN9XOvu/5uwO/iYe5tN9yNcCPdKDfajfldPNlNcVPdNDfdvedmuJm/ixe4D91st9jNcXPdPDf/l/hyT4vdR26J+9gtdcvccrfCrXSr3Gq35j96XeE2uc1ui9vrPnHb3Q630+1yu92eX+LLx7HffeYOuM/dUfe1O+S+cIfdcXfEffVLfPn4jrtv3Qn3nTvpTrnT7nt3xv3gzrpzvxz/5WP/3v3sLrnggJEVazYccRpOyymcjtPzNZyBr+WMfB0n+HrOxDdwZr6Rs3BWzsbZOQfn5Fxsmdgxc8y5OQ8n+SbOyzdzPs7PBbggey7EhfkWLsK3clG+jYvx7Vyc7+ASXJJLcWm+k8vwXVyWy3F5vpsrcEWuxJX5Hq7C93JVvo+r8f1cnR/gGvwg1+SHuBY/zLX5Ea7Dj3JdfozrcX1uwA25ET/OjfkJbsJNuRk/yc35KW7BT3NLfoZb8bPcmp/jNvw8t+UXuB2/yO25A3fkl7gTv8yduQt35W7cnV/hHtyTe3Fv7sOvcl9+jfvx69yfB/BAfoMH8Zs8mN/iITyUh/HbPJxH8EgexaN5DI/ld3gcj+cJ/C5P5Ek8mafwVJ7G0/k9nsEzeRa/z7P5A57Dc3kez+cF/CEv5EW8mD/iJfwxL+VlvJxX8Epexat5Da/ldbyeN/BG3sSbeQtv5W28nXcw8i7ezXt4L3/C+/hT3s+f8QH+nA/yX/gQf8GH+Us+wl/xUf6aj/E3fJy/5RP8HZ/kU3yav+cz/AOf5XN8nn/kC/wTX+Sf+RIHhhhjFevYxFGcJk4bp8Tp4vTxNXGG+No4Y3xdnIivjzPFN8SZ4xvjLHHWOFucPc4R54xzxTam2MUcx3HuOE+cjG+K88Y3x/ni/HGBuGDs40Jx4fiWuEh8a1w0vi0uFt8eF4/viEvEJeNH7y8d3xmXie+Ky8bl4vLx3XGFuGJcKa4c3xNXie+Nq8b3xdXi++Oi8QNxjfjBuGb8UFwrfjiuHT8S14kfjevGj8X14vpxg7hh3Ch+PG4cPxE3iZvGzeIn4+bxU3GL+Om4ZfxM3Cp+9g/3d427xd3jV+JX4hDu0/OS85MLkh8mFyYXJRcnP0ouSX6cXJpcllyeXJFcmVyVXJ1ck1ybXJdcn9yQ3JjclNyc3JIMoXJa8OiV1974yKfxaX2KT+fT+2t8Bn+tz+iv8wl/vc/kb/CZ/Y0+i8/qs/nsPofP6XN568k7zz72uX0en/Q3+bz+Zp/P5/cFfEHvfSFf2Df0jXwj39g/4Zv4pr6Zf9I/6Z/yT/mn/dP+Gd/KP+tb++d8G/+8b+tf8C/4F31738F39C/5Tv5l39l38V19V9/dd/c9fA/fy/fyfXwf39f39f18P9/f9/cD/UA/yA/yg/1gP8QP8cP8MD/cD/cj/Ug/2o/2Y/1YP86P8xP8BD/RT/ST/WQ/1U/10/10P8PP8LP8LD8732w/x8/x8/w8v8Av8Av9Qr/YL/ZL/BK/1C/1y/1yv9Kv9Kv9ar/Wr/Xr/Xq/0W/0m/1mv9Vv9dv9dr/T7/S7/W6/1+/1+/w+v9/v9wf8AX/QHzwf/CF/2H/pj/iv/FH/tT/mv/HH/bf+hP/On/Sn/Gn/vT/jf/Bn/Tl/3v/oL/if/EX/s7/kgx+beCcxLjE+MSHxbmJiYlJicmJKYmpiWmJ64r3EjMTMxKzE+4nZiQ8ScxJzE/MS8xMLEh8mFiYWJRYnPkosSXycWJpYllieWJFYmViVCCHn9jjkDnlCMtwU8oabQ76QPxQIBYMPhULhcEsoEm4NRcNtoVi4PRQPd4QSoWQoFR4L9UL90CA0DI3C46FxeCI0CU1Ds/BkaB6eCi3C06FleCa0Cs+G1uG50CY8H9qGF0K78GJoHzqEjuGl0Cm8HDoHHbqGbqF7eCX0CD1Dr9A79Amvhr7htdAvvB76hwFhYHgjDApvhsHhrTAkDA3DwttheBgRRoZRYXQYE8aGd8K4MD5MCO+GiWFSmBymhKlhWpge3gszwswwK7wfZocPwpwwN8wL88OC8GFYGBaFxeGjsCR8HJaGZWF5WBEgZVVYHdaEtWFdWB82hI1hU9gctoStYVvYHnaEnWFX2B32hL3hk7AvfBr2h8/CgfB5OBj+Eg6FL8Lh8GU4Er4KR8PX4Vj4JhwP34YT4btwMpwKp8P34Uz4IZwN58L58GO4EH4KF8PP4ZL8zZoQQgghxJ8y/g/2d/u7SP3HR/XbV7oDwLU7sh/521tpANiY5dd1T5WjeQIAnunS7uG/bhUqdO3a9bfbLtUQ5ZkLAIkr+WngSrwMmsFT0BKaQpH/tL+eqsMF/oP6ydsB0v9NTgpcia/Uv/Uf1B8x+w/rzwXIl+dKTjq4El+pX/R3taNf6mdt/Af1030xFqDJ3+RlgCvxlfqF4Ql4Flr+3S2FEEIIIYQQQohf9VSl2vzR+9vL789zmL9mlIC0cCX+o/fnQgghhBBCCCGEuPqe79Dx6cdbtmza5h8syv3jXbJILYs0/z3a+LdfAPy3aOPPLa72TyYhhBBCCCHEv9qVk/6r3YkQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCJF6/f/4d2JX+xiFEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEKIq+1/BQAA//9fYjFa") r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='net_prio.prioidx\x00', 0x275a, 0x0) write$binfmt_script(r3, &(0x7f0000000380), 0xfefc) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000004, 0x10012, r3, 0x0) readv(r2, &(0x7f0000001400)=[{0x0}], 0x1) 20.707944124s ago: executing program 0 (id=2347): io_uring_setup(0x2a0c, &(0x7f00000002c0)) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10) r4 = socket(0x1e, 0x1, 0x0) connect$tipc(r4, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff}, 0x0) r6 = dup(r4) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r6}}) ioctl$sock_FIOSETOWN(0xffffffffffffffff, 0x8901, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) mkdir(0x0, 0x0) clock_nanosleep(0x0, 0x0, 0x0, 0x0) open$dir(0x0, 0x0, 0x0) r7 = socket$alg(0x26, 0x5, 0x0) bind$alg(r7, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_sha256\x00'}, 0x58) setsockopt$ALG_SET_KEY(r7, 0x117, 0x1, 0x0, 0x0) 18.832123636s ago: executing program 0 (id=2351): r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r0, 0xc0189374, &(0x7f0000000040)={{0x1, 0x1, 0xffffffffffffff3a}, './file0\x00'}) 18.609318021s ago: executing program 0 (id=2353): syz_mount_image$hfs(&(0x7f0000000040), &(0x7f0000000080)='./file1\x00', 0x2, &(0x7f0000000100)=ANY=[], 0x51, 0x2b7, &(0x7f0000000140)="$eJzs3T1v00Acx/HfOWkbaFVcWoTEWKgEC4KyIJYglBfBhIAmSBVREVDEw1QQE0Kws/MWeBEsIN4ATEy8gDIZ3fkhcezYadTEpP1+pEaOfef7X/xw97dUWQCOrVutn5+v/bZ/RqqpJr27IXmSGlJd0hmdbTzb2d3e7XbaRTuquRr2zyisaTJltnY6eVVtPVcj4ttvdS31r8NkBEFw81fVQaBy7urP4UkL0dXptjemHlmx12PW2zvkOGaN2de+Xmi56jgAANWKxn8vGueX3Cojz5M2omH/vxz/x7VfdQATFxRu7Rv/XZYVGHt8T7lNvXzPpXB2uxdniaO0PDfwfV7hmZWaYJqyrNLF4p14sN3tXN561G17eqNmpK/Ymvtsh6durCTa9ZzctMAIfTf5M8pF14c524fNMP7nklLxr47Z4tjMV/Pd3DG+PqmdzP/qgbGHyR0pf+BIhfFfGb5H10vfllKU9jebTS9VZMU1ci5qIVLSy0Z+RqL4jFpR+gGBXxanq3V6oFbYu6sltVZza23G34bUWkvVsr1Jzubh7U2a+WBum3X90Re1+ub/no1vQ4VXZu+qMRvhUOB+8bA/8/nN1d0+/czIkb1ckl9xYVjof4vvaTiA97qv61p++vLVw1q323liF+7lLDxeStbMvZVyy1S8oL3emgUFTqZwPChNM7BLh7pDe/8oLWyvspxNtudVH6YjtND6Nt0TqYqFam9PmI70LQLHkJ13mTD/6+Ur9XCyZz/83Hn6iA8Coj0Gdo6dZHC9ukE4I5d08kAZ3OLwDC6bc2VyRpdznb8oXRi9RT+K84gwLf3QXZ7/AwAAAAAAAAAAAAAAAAAAzJpp/DtB1X0EAAAAAAAAAAAAAAAAAAAAAGDWJe//Vfz+X432/t/BV7Ec5vt/P+6I9/8Ck/cvAAD//zfYewA=") mkdir(&(0x7f0000000080)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') mkdir(&(0x7f0000000440)='./file0\x00', 0x0) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r0, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29}, './file0\x00'}) 18.380643627s ago: executing program 0 (id=2355): r0 = syz_io_uring_setup(0x10d, &(0x7f0000000140), &(0x7f00000004c0)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0}) io_uring_enter(r0, 0x47f9, 0x0, 0x0, 0x0, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0) clock_nanosleep(0x2, 0x0, &(0x7f00000000c0)={0x0, 0x989680}, 0x0) 15.169335364s ago: executing program 4 (id=2358): syz_mount_image$udf(&(0x7f0000000f00), &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xa00010, &(0x7f0000000080)={[{@iocharset={'iocharset', 0x3d, 'iso8859-1'}}, {@nostrict}, {@uid_forget}, {@utf8}, {@gid}, {@longad}, {@undelete}, {@rootdir={'rootdir', 0x3d, 0xfffffffffffffffc}}, {@unhide}]}, 0x1, 0xc43, &(0x7f0000001d00)="$eJzs3U9sHNd9B/DfGy3FldxWTOwqThoHm7ZIZcZy9S+mYhXuqqbZBpBlIhRzC8CVSKkLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBAhQIWMzsW3FJkbYskhIlfz429Z2deW/mvZn1jCzozQsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIOL3Xrl46nTaZsOhh9AYAOCBuDz21VNntnv+AwCPrSs7/f8/AAAAAAAAAAAAAABwUKQo4slIMXd5LU1Unzvql9p9t26PD49sX+1IqmoeqsqXP/XTZ86e+9ILQ+e7eak98wH199pn4rWxKxcbL8/enJufWliYmmyMz7SvzU5O3fMedlt/q8HqBDRuvn5r8vr1hcaZ589u2nx74P3+J44PXBh69uQz3bLjwyMjYxtF6r3la/fdkI6dRngcjiJORornvvfT1IqIInZ/LuoP9tpvdaTqxGDVifHhkaoj0+3WzGK5cbR7IoqIRk+lZvccbX8totb3QPuws2bEUtn8ssGDZffG5lrzravTU43R1vxie7E9OzOaOq0t+9OIIs6niOWIWO2/e3d9UUQtUnzn2Fq6mt/6UZ2HL1YDg3duR7GPfbwHZTsbfRHLxSNwzQ6w/iji1Ujxs3dOxLV8n6nuNV+IeLXMH0S8VeZLEan8YpyLeG+b7xGPploU8efl9b+wliar+0H3vnLpa42vzFyf7Snbva98xOfDXXeKh/R8OLIlH4wDfm+qRxGt6o6/lu7/NzsAAAAAAAAAAAAAAAAA7LUjUcSnI8Ur//ZH1bjiqMalH7sw9PsDv9w7ZvzpD9lPWfb5iFgq7m1M7uE8MHA0jab0kMcSf5zVo4g/zuP/vvWwGwMAAAAAAAAAAAAAAAAAAPCxVsRPIsWL755Iy9E7p3h75kbjSuvqdGdW2O7cv90509fX19cbqZPNnBM5l3Iu51zJuZozilw/ZzPnRM6lnMs5V3Ku5oxDuX7OZs6JnEs5l3Ou5FzNGbVcP2cz50TOpZzLOVdyruaMAzJ3LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA46SIIn4RKb79jbUUKSKaERPRyZX+h906AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDUn4r4fqRo/EHzzrpaRKTq344T5S/nonm4zE9Gc6jMl6J5MWerylrzWw+h/exOXyrix5Giv/72nQuer39f59Odr0G89c2NT5+pdfJQd+PA+/1PHD92YWjkc0/vtJy2a8DgpfbMrduN8eGRkbGe1bV89E/2rBvIxy32putExMIbb77emp6emr//hfIrsIvqj9BCqn1cemqhWojagWjGw+n7JvWHdYNiX5XP//cixW+/++/dB37n+V+PX+p8uvOEj5//ycbz/8WtO7rH539ta738/C+f6ds9/5/sWfdi/t1IXy2ivnhzru94RH3hjTdPtm+2bkzdmJo5d+rUl4eGvnz2VN/hiPr19vRUz9KenC4AAAAAAAAAAAAAAACABycV8buRovXjtdSIiNvVeK2BC0PPnnzmUByqxlttGrf92tiVi42XZ2/OzU8tLExNNsZn2tdmJ6fu9XD1arjX+PDIvnTmQx3Z5/Yfqb88O/fGfPvGHy5uu/1o/eLVhcX51rXtN8eRKCKavWsGqwaPD49UjZ5ut2aqqqPbDqb/6PpSEf8RKa6da6TP53V5/P/WEf6bxv8vbd3RHo7//9zRjfF/n+gpWh4zpSJ+Hil+6y+ejs9X7Twad52zXO5vIsXg+c/mcnG4LNdtQ+e9Ap2RgWXZ/4kU//CLzWW74yGf3Ch7+iOd3EdAef2PRYrv/9l349fzus3vf9j++h/duqN9ev/DUz3rjm56X8Guu06+/icjxUtPvh2/Ua35vw98/0f33RsnOoU33s+xT9f/V3vWDeTj/uZedR4AAAAAAAAAAOAR1peK+NtI8cORWnohr7uXv/83uXVH+/T3vz7Vs25yb+Yr+tCFXZ9UAAAAADgg+lIRP4kUNxbfvjOGevP4757xn7+zMf5zOG3ZWv05369U7w3Yyz//6zWQjzux+24DAAAAAAAAAAAAAAAAAADAgZJSES/k+dQnqvH8kzvOp74SKV75r+dyuXS8LNedB36g+rV+eXbm5MXp6dl6LLauTk81xuZa16bKuk9FirW//myuW1Tzq3fnm+/M8b4xF/t8pBj5u27Zzlzs3bnJn9ooe7os+4lI8Z9/v7lsnpo6zx1dlT1Tlv2rSPH1f9q+7PGNsmfLst+NFD/6eqNb9mhZtvt+1E9tlH3+2myxD1cFAAAAAAAAAAAAAAAAAACAj5u+VMSfRor/vrl8Zyx/nv+/r+dj5a1v9sz3v8Xtap7/gWr+/52W72f+/+q9Aks7HRUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB5PKYp4M1LMXV5LK/3l5476pfbMrdvjwyPbVzuSqpqHqvLlT/30mbPnvvTC0PlufnD9vfbpeG3sysXGy7M35+anFhamJhvjM+1rs5NT97yH3dbfarA6AY2br9+avH59oXHm+bObNt8eeL//ieMDF4aePflMt+z48MjIWE+ZWt99H/0uaYf1h6OIv4wUz33vp+mH/RFF7P5cfMh3Z78dqToxWHVifHik6sh0uzWzWG4c7Z6IIqLRU6nZPUcP4FrsSjNiqWx+2eDBsntjc6351tXpqcZoa36xvdienRlNndaW/WlEEedTxHJErPbfvbu+KOL1SPGdY2vpn/sjDnXPwxcvj3311Jmd21HsYx/vQdnORl/EcvEIXLMDrD+K+MdI8bN3TsS/9EfUovMTX4h4tcwfRLwVneudyi/GuYj3tvke8WiqRRH/W17/C2vpnf7yftC9r1z6WuMrM9dne8p27yuP/PPhQTrg96Z6FPGj6o6/lv7Vf9cAAAAAAAAAAAAAAAAAB0gRvxYpXnz3RKrGB98ZU9yeudG40ro63RnW1x371x0zvb6+vt5InWzmnMi5lHM550rO1ZxR5Po5m2XW19cn8uelnMs5V3Ku5oxDuX7OZs6JnEs5l3Ou5FzNGbVcP2cz50TOpZzLOVdyruaMAzJ2DwAAAAAAAAAAAAAAAAAAeLwU1T8pvv2NtbTe35lfeiI6uWI+0Mfe/wcAAP//dsP5HA==") r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) syz_usb_connect(0x0, 0x151, &(0x7f0000000040)=ANY=[@ANYBLOB="120100002a797a08950b2a175e210000000109023f0101000000000904"], 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0) r1 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0) r2 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0) r3 = syz_open_procfs(0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) r4 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_opts(r4, 0x0, 0xc, &(0x7f0000000000)="c1", 0x1) getsockopt$inet_opts(r4, 0x0, 0x9, &(0x7f0000000680)=""/23, &(0x7f00000000c0)=0x17) r5 = socket$alg(0x26, 0x5, 0x0) bind$alg(r5, &(0x7f0000000140)={0x26, 'hash\x00', 0x0, 0x0, 'cbcmac(des3_ede)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r5, 0x117, 0x6, 0x0, 0x0) pwritev2(r1, 0x0, 0x0, 0x7a00, 0x0, 0x3) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x2000480, &(0x7f0000000100), 0x5, 0x764, &(0x7f0000000f80)="$eJzs3c1rHGUYAPBnNknTptVEEbSeAoIGSjemxlbBQ8WDCBYKerZdNttQs8mW7KY0IVCLCF4EFQ+CXnr2o968+nHV/8KDtFRNixUPEpnNbLptdtNNm2TF/f1g2uedj7zz7My877s7w24APWs0/ScXcTAiPkwihrP5SUQM1KP+iONr691aWS6mUxKrq2/8ntTXubmyXIymbVL7s8ITEfHDexGHchvrrS4uzRTK5dJ8Vh6vzZ4bry4uHT47W5guTZfmjk5MTh459vyxo9uX6J8/Lx249tGrz3x9/O93H7/ywY9JHI8D2eLmPLbLaIxmr8lA+hLe4ZXtrqzLkm7vAPclvTT71q7yOBjD0VePAID/s4sRsQoA9JhE/w8APabxOcDNleViY+ruJxK76/rLEbF3Lf/G/c21Jf3ZPbu99fugQzeTO+6MJBExsg31j0bE59++9WU6xQ7dhwRo5Z1LEXF6ZHRj+59seGZhq57tYJ3Ru8raP9g936Xjnxdajf9y6+OfaDH+GWxx7d6Pe1//uavbUE1b6fjvpaZn22415Z8Z6ctKD9XHfAPJmbPlUtq2PRwRYzEwmJYnNqlj7MY/N9otax7//fHx21+k9af/314jd7V/8M5tpgq1woPk3Oz6pYgn+1vln6wf/6TN+Pdkh3W89uL7n2Xho3cvS/NP821MG/PfWauXI55uefxvP9GWbPp84nj9dBhvnBQtfPPLp0Pt6m8+/umU1t94L7Ab0uM/tHn+I0nz85rVrdfx0+Xh79stu3f+rc//Pcmb9XhPNu9CoVabn4jYk7y+cf6RerivqbwvsvXT/Meean39b3b+p+8JT3eYf/+13766//x3Vpr/1JaO/9aDK7dm+trV39nxn6xHY9mcTtq/TnfwQV47AAAAAAAAAAAAAAAAAAAAAAAAAOhULiIORJLLr8e5XD6/9hvej8VQrlyp1g6dqSzMTUX9t7JHYiDX+KrL4abvQ53Ivg+/UT5yV/m5iHgkIj4Z3Fcv54uV8lS3kwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAzP42v/+f+nWw23sHAOyYvd3eAQBg1+n/AaD36P8BoPfo/wGg9+j/AaD36P8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYYSdPnEin1b9Wlotpeer84sJM5fzhqVJ1Jj+7UMwXK/Pn8tOVynS5lC9WZm9vOdDy75UrlXOTMbdwYbxWqtbGq4tLp2YrC3O1U2dnC9OlU6XWWwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAd1UXl2YK5XJpXiAQCNaDtHW42O3mCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOA/798AAAD//+TuKn8=") r6 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0) r7 = open(&(0x7f0000000100)='./bus\x00', 0x0, 0x0) write$binfmt_script(r7, &(0x7f0000000240)={'#! ', './bus'}, 0x9) ioctl$FS_IOC_FIEMAP(r6, 0xc020660b, &(0x7f00000001c0)={0x0, 0x0, 0x6}) r8 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f00000002c0), &(0x7f0000000300)=0x4) syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r0) ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f00000001c0)={'wlan0\x00'}) r9 = syz_socket_connect_nvme_tcp() fsconfig$FSCONFIG_SET_FD(r3, 0x5, &(0x7f0000000340)='longad', 0x0, r1) recvfrom$inet_nvme(r9, &(0x7f00000003c0)=""/185, 0xb9, 0x40, &(0x7f0000000480)=@l2={0x1f, 0x1000, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7e09, 0x1}, 0x80) getdents(0xffffffffffffffff, &(0x7f0000000040)=""/104, 0x4d) 13.049987287s ago: executing program 2 (id=2361): r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r0, 0xc0189374, &(0x7f0000000040)={{0x1, 0x1, 0xffffffffffffff3a}, './file0\x00'}) 12.776542779s ago: executing program 2 (id=2363): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r4, 0x0, 0x0) wait4(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0) 11.571826757s ago: executing program 2 (id=2364): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6) r0 = syz_mount_image$f2fs(&(0x7f00000004c0), &(0x7f0000000040)='./bus\x00', 0x2008410, &(0x7f0000001f80)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461000000000000003b814e50a959736d65720f73ecea54b5e5be45ace9a88f723cb005aeff24212c651baef614d442ae89412ad3dcd0b7586d02002a6d6d65cacd4fc5002207ce994dda65c4b1d23a9bd5ba0f4ce5c2b5a5718c6aa918080002223d2753a5cac974110144cd0a1e368652324a41b31e1eb3b32dccbdf8f68bd96a45a75427a5f789d267fd92f6a5540200b81d5b9fa9b40fe4d7fbd50a6afc3a989c6d60045663c59cbdc4c700000000bc7f6b22df0191acf5912afdcc1c061835177068c40f757dd123d2600b1c544f1525aa8d00000000000000000000002e8b5c733d362417c17f527c0bfebec112d57fc69fabb9b31ef97b2147931ff60cdf666c25244218b1f1a6010000000100000020563b835d0e8e9a09070ef1691fcb2f37bda5d4e3d9d7a2d0ac82b45a53001057f321acc45d5e065a461de90100000077d200000000000040b78f0dd3836f5ab2f6a1a5b798bb7752f192c6b48e568973a59cd9c74bd9a14721856c5499cd8f93f8beaa9cf76718ce7244c8426803000000005c000208886b313bd01a22d576e414011a4f0a897515329f86d4585fa0ea17068f8af349696da4a2b3e24310ca52ec51bc23b57897cb55a2d513e6a00765ee3f58b471c54dd57f0af584afe4a21f92b515d7f2fa6fbb273ca0f751e684584320534667aea39ad7222c8ef531f514939177a47395e94c1723abb3fd44fd64fde4b45cc2f55f4ae05ff48648a4c998257856bcdcf2fa02010000001f54fb936570450e91c8d55abad76a7b7a000016f81ec9da9ccc1191c211632266d907e4d9b23496ae19bac24dc23c43f514f1b4af19988bbe61ee29a368a999435d6872d01b79c7821e875859dfbf3c57e4f1fb0be46cb5f7a0fa13516c0926d19dd2d5862085e1e4cb8279be17cba17ee4d06ad97b4ca282e73ea142b01b4a742fa11c0927ba811dd60903d575db449d775021b542db617086b3ed42e6e60fe043cff79b0c067c584bbf82657974c3736912b4b522052b9467d0da116ccc1652d861a420f09aaf67d3e9f6160100000001000000ae6335ad9896abd3cc00413638cb9bc62ab8054325d72e9144cf4f88702f586507e3147198e0bc4060a7c8f4dce73b653177ecf8228e6e6fae02510000000000000000000000000000f43739fdd2d24e50e0233acfe1c8639070fe00f40b0d01f8a0a35fcfe3ea10faf9c24b8488ed4ed83fb06a9a7c57442ede9e1fc2853b8f4d2241cff61d0125b7750e3fdae6a4ab9c776a191ed8098a780ea2bbaa64978cd3a6458fcc6b949bcbca0dceb7361f66e46731eba4f3aed335e7c8c541e82453218a19d39489e1525466ac93759787e767f601931d94c9c426489b741a6bc8abf475e4bf859e1ce7f7227069e9f51e25fa3d1b18dc565180a1af464a1dd697db85e2b27b90f6bd7cf1b6bc0bcd8ba552ced3d3cfbf9c9bc04f65b6f83cb40173b4bdc393d47e5da95b63a40ac18daf11e8d0706b47795fbe2b56d0ea7ffc5a59ede88621a08b25ca6ebe041317b62373a60951af33eb7954a9731aaa125add0913ed2435a207439e9122512d77096747a4b404459cebc8faff8f7a31758e630c75a1ff90402754d339dc21cf6b8e04e1aedf14df0b4aaf0e03194df3eb41ba066bc343b323a3162d7e7ba687633c2faa8f28b42364b72e3a457476fd6b2a54e670ba798172c44c4390f73fdab743a4cac88b2bd0545b8483f2e2f9846b138a4d8a7332978da70e9050417087c5ae034a735e8b448dd9701404", @ANYRESDEC], 0x1, 0x553b, &(0x7f000000ac00)="$eJzs3EtvG1UUAOA7TtPSJxFiwa4jVUiJVFt12lSwC9CKh0gV8ViwAsd2LLe2J4odJ2SFBEvEgn+CQGLFkt/AgjU7xALEDgnkuWNKKI9WduKk/T5pfGbujM+cO7ISnRnLAXhiLaS//pyES+FsCGEuhHAhCfl6Uiy51RieCyFcDiGU/rIkxfifA6dDCOdCCJdGyWPOpNj1+dXhlZWf3vjlm+/OnDr/xdffz27WwKw9H0LobsX13W6MWSvGu8V4bdjOY/fGsIhxR/desZ3FuNvcyDPs1sbH1fJ4vRWPz7Z2+qO42anVR7HV3szHt3rxhP1ha5wnf8Pd2na+3Whu5LHdz/LY2o917e3Hv237/UHM0yjyfZinD4PBOMbx5l4zzmfrXh7rvUExHvNmjebeKA6LWJwu1LNOI69jY5Irfby92e7t7KXD5na/nfXSlUr1hUr1Zrm6nTWag+aNcq3buHkjXWx1RoeVB81ad7WVZa1Os1LPukvpYqteL1er6eKt5ka71kur1cr1yrXyylKxdjV99c67aaeRLo7iy+3ezul2p59uZttpfMdSuly5/uJSeqWavr22nq6/dfv22vo77996785La6+/Uhz0QFnp4vK15eVy9Vp5ubp0DOY/+r/7kPMfTDL/T4qiH2H+yWSXB/6bDxjAI3ug/w/6f+DwnfT+P0yz/x+1VPr//+9/S5P3/xP1v8e1/z/B84eJ6P8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ5YP8x/+Vq+shC3zxfjF4uhZ4rtJIRQCiH8/g/mwukDOeeKPPP/cvz832r4Ngl5htE5zhTLuRDCarH89vRhXwUAAAB4fH310eXPYrceXxZmXRBHKd60KV34YEr5khDC/MKPU8pWGr08O6Vk+ef7VNibUrb8BtZTU0oWb7mdmla2hzI3Dh9fvD+YTyiJoXSk5QAAAEdi7kA42i4EAACAo/TprAtgNpIwfpQ5fhacf/P+/qPNswf2AQAAACdQMusCAAAAgEOX9/9+/w8AAAAeb/H3/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4g537uU0ciOIA/GwwsP+0aLX3bWVvUEZKyDHHQAFpghJIC2mAGsgtJUQQYY+QHIEUiXGsoO+TPM7Y0W9mgMsbSwYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6NJztZ4/3v97uDRnt79MntUAAAAAp2yr9bz+Y9r0f6Trv9KlP6lfREQZEadq90GMWpmDlFOd+f/q3RyeIuqEwxjjdHyPiP/peP3d9acAAAAA12uzXM2aar1ppn1PiM/UbNqUP28y5RURUU1fMqWVh+ZvprD69z2Mu0xp9QbWJFNYs+U2PH1vlGuQtkHrlFYyWdRfYt0ruxkXAADoU7sSOFOFAAAAcAVu+54A/SiOzfE547g5pQeC31o9AAAA4Asq+p4AAAAA0Lm6/vf+PwAAALhuzfv/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6NK2Ws83y9Xs3P3FB3N2+8vkWxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwBv7844CIRAGYbB3fWcy9z+sNGhobFIFwsffGAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXOzPSwqEQBBEwZzxv5O+/2ElQc8gQgQ0PKqoRQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXOzcP28cRRQA8Hd7t5c/gDAGuTCgIFFAQ+xLSEgJBcii4CMgWc45GC4EEhckskBuoEKu0yAoEUICmS7fIXUspQldChdGogbt3u5lkxhyiszuEv9+0uy8Pa9m3uydLD/P2gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAafedeCkp4m52mBnH5Wu39jZWsn7ngT5zY+v2fNayuPOoib55++CTb7eXqycn5ionX9WfDAAAAIdDt6zvI+JOur2U9clMXv+n5TVZzf/9M+O4rOcfrPt39jaOFl+aL+v/3369+8JkopnxPNmgq2uj4eLDqfT+oyW23rOPvKKX3/n8dy/d/A1J3t98fjfN72fn25s33+3n4ZE6sgUAHsfJsi+C8uehrB80mRgAh0avUniX9X93ptmcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOqwuxlPlXEnIuZ79+LMzt7Gyn79ja3b82U7e/36VnXMbIg0IlbXRsO0xrW03ZWr1z5ZHo2Gl+sPTkREc7MXwYdTXBPx79cUH89obhX/HHTakUajQVK8P23J5yCD8rN38CM39A0JAIAnVlq0rK6/k24vZa91ZiP++uH++v+1ShxT1v93Pzp7qzpXtf4f1LbC9ltYv/jZwpWr195Yu7h8YXhh+OmbpwZvDU6fO3Pm3EJ2rxYXViMZLjadJgAAAP9j/aJV6/9k9uH9/+OVOKas/z//bvBlda6u+n9f9zb9ms4EAADgMOpPoude+fOPzj5XdPr9+GJ5ff3yYHycnJ8aH2tN9zEdKVq1/u/ONp0VAAAAUIfdzc59+//nK3FMuf//9I8v/lwdsxsRxyIuRcTw5Mql0fn6ltNqdfyhcj5Rv+mVAgAA0JRjRavu/6f58//J5JGHJCJef3Ucl//rapr6v/ve1z9V56o+/3+6viW2UjI3vh95PxfRm2s6IwAAAJ5kR4uWFfu/p9tLH/9y/IO+5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6vZ3AAAA//+pzDYD") ioctl$F2FS_IOC_SET_PIN_FILE(0xffffffffffffffff, 0x4004f50d, &(0x7f0000000180)=0xfffffff9) sched_setscheduler(0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$igmp(0x2, 0x3, 0x2) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r3, 0x0, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a010400000000000000000100000008000240000000020900010073797a300000000014000000110001"], 0x50}}, 0x0) sendmsg$NFT_BATCH(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)={{0x14, 0x10, 0x9000, 0x6}, [@NFT_MSG_NEWSET={0x34, 0x9, 0xa, 0x605, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x5c}}, 0x0) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETSETELEM(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000039c0)=ANY=[@ANYBLOB="e01400000d0a010e0000000000000000010000000900010073797a30000000000900020073797a3200000000b4140380b00100804a000640c88f4c510a82528b929de19d65c82fd42ce9330ecd82199c061ba0f72a79157331d53b780fb223b35a2d17967e8ec3d8aa5c03c978f4211010d9baddb8d4ebfe5d6b09e490e200000c0004400000000000000002c20006406c05abdd8419c51367e06af178e84b79a1bc720ea82947e81e9820931aea6b2d2613dc9c8d16df283519c78ecae374a786938dbe71f6d334d9fa03450fb5812e516b072a73df64ac554194165369d15e8418b7ddcbfb071087070a1a4e408d60e34021d9789d21ce9cb2f01ead0451d47dbe1b10b2f2a401e63634fb2a7d3dd86121022e777ed01e35a21d5fe52626414ca6d37cda050c49be1b96443545dd846eb74b273284b870604abefcf7597ece2abed0230070b7b0f98bef731c06000090000b802c0001800c0001007061796c6f6164001c000280080005400000003d080007400000ffff08000340000000092800018008000100647570001c00028008000240000000170800024000000000080002400000000f2800018008000100647570001c000280080002400000000208000240000000090800024000000000100001800a0001006c696d6974000000001300800800034000000000ec010a80480002800900020073797a300000000008000180fffffffc0900020073797a310000000008000180ffffffff080003400000000508000340000000010900020073797a3100000000240002800900020073797a320000000008000180fffffffc0900020073797a3200000000200002800900020073797a320000000008000180fffffffe08000180ffffffff4800028008000340000007180900020073797a310000000008000340000000090900020073797a3200000000080001800000000608000340000000270900020073797a3100000000100002800900020073797a3100000000120001004051030a80cecc2a06fc745acf6e0000b3000100b51218367567f045a422154a91ef150e4e2463e55f8a8218bae278ede88f3f63df33d3ed114bde82bf800705b9423d14555bc89534ac4d45c5f867813b8ac1d0ee267f4af45e72578d850e8fb35daf44cb38c49b576202b2716492ea2160858a2015bb7e1145140d2e5df34e3f3845f53b6727f8fe4ee799e2fff8c273d562b28ed71d7f5e09bb9b3b849eaf2ed5fb15eb9e513c83b1786abd12cc3dbbfd76316bd1544255a8ad129c4b84c067eaf8002400028008000180fffffffd08000180fffffffe080001800000000308000180fffffffe17000100e974c2be55b319e2653ef93c884b18324b7338000811018004000280041001009b841135d4c97b540c588d449c533f8a89d6d49aead4f12cfe70e692a4518a294aeb8046dd9bafdc419e83caf6e114a2b2fc07c5840b35a37e5d762dede9b2a9dee8854db8701748681ca2d45891a016ce508deb84e73d042b6b4113d3806d11301035c53de8c372717a2ac8e90e7876f114a7f1739f2c7c85151df093fcf0b504173a0597a2f8b25131f54908a9f46a76c1f923495efca20c8993d6d5a9aa8e3fbff1e2d2134e58bcbcc55c2adac63b4ce89f4c2fbeee23428011fd970eeb063260ca9e02041c653fb48daa145604c53fc58ba63fd97166545db4b31642366bc083cea0e48137e786d8d545564a54739fc31e7ba21accd4392981b611acbb29de25b59191d8851e00f962fb4d1123e7f4b089119834e0896286ecbe16265db79dc09db687a76f760fe69089a5df3ad98db9f2c9c41ee1ff6b1108e1d9363217ad33cad4ef8b08a9fd4dcb129fc7fcc55994fb9e842dd7088d0c3eb81eea81b6241c74f0d0e472bf1ce64eb900bc0fad75104309b24f34a2f431fa32cea251b68a476f7087a74c7ac24a0e8571cf86b186f33eba508b006b0adeb703d9bc07a4ae42f9bdbea1c1fe557ded25c0f60a301960d4ad60e3586265ea19b8aa69120c30884fc7452e0dd6bd257f0abf0be34eb8c137e81e600ed8017b382b5a422b00db2a64dde2c38aead1127081f1d13fac9d2c5422e23a2ae4f923245a05be354d8814c32b351e98fbf1c52138fd8162f7c8a1cb97298fd8e08b38b744250094c19f2f8ae5adb22a1097ff227e2524f8e9360798355cf2d6310c725a609c4f32316f0751efb23bc70a2459812a1f3375b35c5d779c898fc75f30e03562ed8a85974a6bc9d0680082e4601b50db0b5e740a8cf9b75ec5c11071300378f30b8ae65a99f55620a4612b764078fbf113e34503b2920cf47cbd4acad73878fc6e2479659a0b40f72b68d36887adb3109579d2d5f43c2d7ea5fca5ec6a9690c1a62e083b404e2512952456cadd8fb202c723e00420d87ac26672aa92ebdb151307afc1e866f3c7ce8a16135f0af6c441d54eaca2c1d44dad3cde66967364e8452a9b607f6b8f0e27353192e6a0bf7f4e34cbf982352760f3ea2342da7b02c2b946e88895589340ce9b46f4189518e2cc9a2ac5d3862bd5cabe1f197e6d4cb338c15b90b86c04a87db793da5d09e2b8b0aaf1c3d1f48d83f40a7f0f0133a60f93d7db5d54d912ee09750faec75993dc827310727a48d37c62044889e46a4cd96701691511ca2ab03e0634382057c08c1dd2466473138bbf1b3e86619787495ad42846faf2367d66fb8084664718a24b18c36ae9d2f995aac52503706175c665d2fb162ff7f1682dfe6217bcc2d2b850907eb5db7e4b8457d861cac64bfbd7c181a518da6a4c9048026ab2ec6dddfa6087e38d6147dba4ae175a8b811e3ec1fa9dfedcf35be4bb920c4efdddbb13618aa93b34cc79df403c6e0b8e94f7d0ba772ab847d72a0a85efa522f8fafffffb0c81c529374156907b5e2faa1ef693cd443c0ec62ba0feea09b78e490aea90ddcea40a01082de5c1278ab8e278d3812e3cbe6edf3e4be6b8b9b812a27a00c655de0c1539d326f6a5a917984def39ff11d8018307d112a9d2b92a142e5821e48dcbff8bfa534c1963600c30dd654593b120296d0577d37b657b7256069086f108747a089ef9574fae19f08b47e497284d0538a24802343dc36512c5a7e7d17cc6a271306f20bcf0a9c7f2c07389ecc54aab5c1b640f7473a1a5fc3a8d4007c4f6c8d564ea1c8dfc5884c5bfb57cc3a556f6cfab5cf3fb531c9bd9802ef409cbf1d28f17d0b2e797123a3808f4ea4852a42230d7446f0dc80552d2936259718783bd3f4e984bf80285485517cd8ae6db140f133186129d351d5f0574420928ec570f1a8bba69ed754c984596f4e07d4f7822f8406a8174bcf3e95dbc4ac81892007d708a6861747346aca4dc547cf503880f25f59dce2bb93673455e8d658451e2dd732c48db583d7e9d784a2dadc66d97c68c5b1bb2c050c2e118a00b3b6f274b62cb1a30d76c61fe5a85f16507c32c009c4b5565f2d26a3eb78eff390f3d2b04d0784815c24b07ba256a5b4f8b521e562ea4da4681ebe7a1e7cd26f894e1ad52687ea27fd723ff33bce4829c25c7501ecbf11b5fdc530a6354054926fc9566f06eba3a952eed91fde1c0dcf1906ad031c3cda647c7a350c5109c50c4b6bd00a235a0e6b2c2bb9120ddb39c59ad544849046258280398884b87b208033a68e03c9bf2a192ceed42e335b991f66147eae7f50df77e164da90859e74373b0f4ded9225e2d0ce461b4f962f4eb504299d30a2b35b861926cf962ebce9dd6547bf00f09d44f2dde25bb3594a2ef7c83f852961eeb3a58e9d94346352cc254173da33c3cd08e64499882774d99fa18dfbc9e6409d1ab597cbd241bb66d286b66ce190b0db185288be977135650dcef720f4e030653801a276b1dc1e43998b47070e0e956ba9e2e929b4f48ad18aa8c3e2793ce7bd5841a5253897ba613ea132216cfc598d48f15b72c012353e04d2ebd25e26b2911023dc96cb1f610a768c4c30c3072a2f43dc703b84c18b8d110d9b17c07acff5005f627365c361c1841dc61714b111e684c74b500f00d10476784c6e0bed70c474f958e210adebcb5e785002d39bc760cdda966ae60e34162db2dbb0298010af9a39d19ac6606cbf55644c1ca1c904a79cd045a95f241b8029b28bc2f90ff233a5b61cb13421a3a09e5f9a4705061b0aaa6a3455f26db8ccb21a2d267b6c6347c3b0fd8058b6bd509e4c33171bc1bd493390dcdf003d1bf93c1a56069562831024e5454451feb59b4dd4273c4f12b76339c5c7264eabb392e67457ade08a676b1d551eee25d31604e23e5fc6572f59a96055b86b351e3019779f2d74f176b11ee3982e7216bb8b252195c6be829b3e47126c588d126d7616bf6f316e1635f167d3abfb2eb5934e6decaa4ba5ece702ba2d0dd1a266a191b9fb467a3b290170239c829c8bf6345125a6d641a2dd02d9147dc7d831f1feb9f99a778efd05efd8a1c53a54db7737180912792eabca5cda2f1ac6558abcc44ba684f04990a1321f2a2a2d09ce2e07af4c005d6909c6c2bf2c4cd294f0df678d4cc0046418e57456fa728bcf1ef677fc3cf3fd196b141d82462891f708cfeed60c05a275d047ce8508df5cc7ac753efa05d691621517960fc802f2d790f7ab38d4930613bc65a1016b08b8636b6ab1fe7fb837f831d1a447704161fe9715aaaca5b6602a19aca7cc646ef8119aace08512902dfc0f05b241d9616c56b5f35c1088f428c6cbaec2f07648b4d31a6920b11f91f6764f6cbba19b5accd5a0233074c906b08cb4d2d4a45afbc2330a3a2102c05b2d77d737728eb924e7f56c9e3b62560892a89fd98f93e9484a6ea34162f93075d6a85204301f1c8e3575d9acf2b42906ad80ef269a41ea7e7d39cb5e1e95dfc45b076e41c318a3f1758d08df0f1c15c45ccb64e747873415a5b4a59ecb32dbc5100737a4bce524d508f6a51d2a9e19ffdfbd32eb24cd2c800a2ccd792cae3b6051bf17994c7621e914f616d080bf13b852546b1509d9a57e2fa40bc2ab5bd7242d4d18b270ababc53d1e55c9238eb099e55e639e34fc1b214ee2474dc2fb4af1f97745eb59f0f0053bd721c7c8e9b12cf634917198c266beb6a0a8a4b8e76e6d1b5515de56262a4c0feb21b62cc3a783f9a456c9c426cef069ab0b83394556f76676e3e43c7e04b0a42d68287a3a7a5f88a2694df8816241436a0c18196093fbdf413b3b07c6b655a0d77100b779b89fb734be87f5a7e2c879642b7ceb50a0c342537dd629446ee8401fa06cefd891163e86206fc1f6b5269df1833d2024c2ec05ffa877b05bf50bfdd7b6a458c4cd53440d0d278d5eba6f29e46dec3523a0831e8b778fb543d7f2d594d991c4d3232ba9f26059b876a04ef2d3242e7fdccf71215c2b2dd4361688131083734fe81bdb9846328d197b2e37945c04ddb55072ada3406271208b24ad2847a23623cf00ed77c9cf147062c05ccce84c50c1cec0529f0b4c377150d5698657a843ed8d7a6470d7cab6dfc13ee2af6b45e3a4ac8bdf7c2b760b01447820eef0c0a62fef0bb72180238ba0a0dd0cd23eca58ad8ccaa85b97a81b9fc1f2dea7f96d5828a254bcc29aeffe2b8e1f6b38bb40a1b1c71bbf05f6917a2980f2af9e19976be1a46761500726427a8430211b5a59d16fb033be8e05cd92fe7b1bad1bfa9fbeaf863d5594a5c9280ba9a44f6a911919ad894a93fb96113d3699dcefd5038160a05e3a5e140da201c19fb2553c90e2f82794977e23084433625c7815cbfbb2233a85911c4c864362b5084bcc3cc8af5eb62bad2be2dfeaef724e40372e39693f6bdf40525ad63b873e5d0b2ed9e5c0dee46f3f62ac8f630b8a924bd552e3b8dd0fd57712a6fa10560126def51d921a43afb4b1a7b1899a4b627b867bf1053469626536613ddfc9bb072c65b703364e83a17ad0f53e677b7d7ca0a618d3f40683426eb9b0dcfd1930ee0680a98f409e164f970f7011d869462455da2f565a716d75694b05536cb06590e8715c5a999cc0b138abdde843eb52b08f34e44e8372c40bea0fbc60f753c61450cc5f172802a92f43820ca6cfd0d0fec1ff4516eba1d0935618f1d8aa1e06e51962465400806cb151217ca181d3db5630880274ed0dd2c0c8aac6045378062a278306175f38e2580d71971be4fdf3ceba143993f36d0813737ee138eff7684e2cad6a1b9c25ae630c626eddd265f0db165fe0b3b38785a2178ae9550cd91b822ad13eb8770228a9df56a86ed227f48c27aef205a1155a3bbb9049edf416a3b690b31ac805e2f9b9e502d9b19050fa462bc99e0ea56c7252b25848befd7bebd03cfd72f12044c85212b148cc29248a91b36006f127948ba3c9fb8047dc9f49076338799a9c4e260a0138c730d977c1ba0909605d1b4fccbfbcffcd6e0bcf8bf39d8c071318ec2040d6826b540902e398173f645874803b5b73f0549796cdfc6f1e3d2800679d6397af152ef87a244797d7c9006ffb7c621128b28173c7c45e6f8661935ccebe7d82f47738dbd1e6667145c4af00a70de8788553064cd51d09ad62f97ecabd0d0a816e176a774a2d2e022b1c727dacfcc60c9d6a766c8fe437909d6b8c81a6bbbf1a3995bdf199304b780a40ad3a6aaa4cbe3aeba32"], 0x14e0}}, 0x0) setsockopt$ARPT_SO_SET_REPLACE(r2, 0x0, 0x60, &(0x7f0000000000)={'filter\x00', 0xb001, 0x4, 0x3d0, 0x0, 0x0, 0x1d8, 0x2e8, 0x2e8, 0x2e8, 0x7fffffe, 0x0, {[{{@arp={@local, @empty, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@random="eaa334dd81ea"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'bond0\x00', 'bridge0\x00'}, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0x1d8}}, {{@arp={@private, @local, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'batadv0\x00', 'veth0_vlan\x00'}, 0xc0, 0xf0, 0x0, {0x0, 0x1e03}}, @unspec=@CONNMARK={0x30}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@multicast, @empty, @initdev={0xac, 0x1e, 0x0, 0x0}, @initdev={0xac, 0x1e, 0x0, 0x0}}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x420) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000440)={0x0, 0x0, 0x7fffffff, 0x8002}) set_mempolicy(0x3, 0x0, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x300000b, 0x4031, 0xffffffffffffffff, 0x0) r6 = getpid() process_vm_writev(r6, &(0x7f00000013c0)=[{&(0x7f0000000040)=""/263, 0x107}], 0x1, 0x0, 0x0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19) mremap(&(0x7f000090e000/0x4000)=nil, 0x4000, 0x4000, 0x0, &(0x7f0000139000/0x4000)=nil) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2) mmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x1000002, 0x10, r0, 0x0) 11.216516038s ago: executing program 4 (id=2365): r0 = socket$inet6(0xa, 0x0, 0x0) bind$inet6(r0, &(0x7f0000000380)={0xa, 0x14e24}, 0x1c) openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0) bpf$MAP_DELETE_ELEM(0x4, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) syz_genetlink_get_family_id$netlbl_unlabel(0x0, 0xffffffffffffffff) r2 = socket(0x2, 0x3, 0x100) connect$inet(r2, &(0x7f0000000280)={0x2, 0x0, @remote}, 0x10) sendmmsg$inet(r2, &(0x7f0000005240)=[{{0x0, 0xfffffdef, 0x0, 0x0, 0x0, 0x0, 0x10}, 0xfffffdef}], 0x4000095, 0xff00) r3 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581", @ANYRES16], 0x0) syz_usb_control_io$hid(r3, 0x0, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[@ANYBLOB="1300000065ffff010100dc060039503230303061c9b08f3b5a5a498e06111f016ad6d1da7664075ca688817fb6a1e66c97821edc52d19aafbcf9b8fa20584637e577b8aac9b985738061d02167b894ac39a21589eaea37fb41638b31ec4cdc144abe2e82e0cf47d920c050ba6a5a7d5087e0b4e4b1d1d3bfbd3cd5fd23e2fb8dc81f95f5b2146c8a4a688e10320127826fe3"], 0x13) syz_usb_control_io$hid(r3, &(0x7f0000001540)={0x24, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="00220f0000000b574e69620bf85edacab3"], 0x0}, 0x0) syz_usb_control_io(r3, 0x0, &(0x7f0000000c00)={0x84, &(0x7f0000005d00)=ANY=[@ANYBLOB="000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r4 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0) readv(r4, &(0x7f0000000480)=[{&(0x7f0000001580)=""/4091, 0x18}], 0x2) ioctl$HIDIOCSFLAG(r4, 0x5421, &(0x7f0000000000)=0x3) ioctl$HIDIOCGUSAGE(r4, 0xc018480b, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) 10.679886973s ago: executing program 3 (id=2367): syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x4000, &(0x7f0000000380)={[{@test_dummy_encryption}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x84}}, {@init_itable}, {@commit={'commit', 0x3d, 0x5}}, {@orlov}, {@barrier_val={'barrier', 0x3d, 0x5}}, {@max_batch_time}, {@data_err_abort}]}, 0xd, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=") syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x4800, 0x0, 0x0, 0x0, &(0x7f0000000000)) chdir(&(0x7f00000000c0)='./bus\x00') r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getdents64(r0, 0x0, 0x18) 3.790887151s ago: executing program 4 (id=2369): r0 = memfd_create(&(0x7f0000000080)='\b\x9dF\xd8\b\xb3~u\xa5\x81\xb1\x8aSpA\xd4\x98\x85D\x89>N\x8ar\x17\x00\x00\x00\x00\xe2{mn\xcc\xbf2\xc0\x90kn\xe8\xfe/\x9e\xee\xe7\xd7E\xe9\t\x83\xdeNX\xec\xe66\x1b\x97\xe7\xe6\x97\xf9\xb3\xf6\xb9\v\xb5$\xee\x84\x1cn,Bd8\x13<\xf0E\x86\xc0v\xd5?\xe5E:+Pm\x1d\xb4\xb8k\x11\x00', 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_script(0xffffffffffffffff, &(0x7f0000000100), 0xfecc) splice(r1, 0x0, r0, &(0x7f0000000140), 0x4, 0x0) write$FUSE_NOTIFY_POLL(r2, &(0x7f0000000200)={0x18}, 0x18) 3.745482292s ago: executing program 3 (id=2370): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x5e, &(0x7f00000000c0), 0x1, 0x45d, &(0x7f0000000580)="$eJzs3M9vFFUcAPDv7LYgILYY/MEPpYpGorGlBZWDBzCaeNDERA94rG0hyEINrYkQItUYPBoSE70Zjyb+BZ70YtSTiVe9GxJiuICexszuDN1ud7dsu2UL+/kkk76386bvfTvzuu/N29kA+tZIRHwWEfdHxJ8RMRQRSWOBkdqPm9cvTv17/eJUEmn69j9JtdyN6xeniqLFcduKzEItv6dJvXPnL5yerFRmzuX5sfkzH4zNnb/w/KkzkydnTs6cnThy5PCh8ZdenHihK3Fmbbqx++PZvbtef/fKm1PHr7z36/dJHl40xNElI+12Pt3lynpte106GehhQ+hIOSKy0zVY7f9DUY7FkzcUr33a08YB6ypN03Rz690LKXAPS6LXLQB6o3ijz+a/xXaHhh4bwrVjtQlQFvfNfKvtGYhSXmawYX7bTdls6/jCf99kW6zPfQgAgCV+PFb7uXz8V4qH68odzdeGhiNiR93ixs6IeCiiWvaRiHi0w/obF0mWj39KVzv8lR3Jxn8v52tbS8d/xegvhst5bns1/sHkxKnKzMGIeCAiDsTg5iw/3qaOn17944tW+0bqxn/ZltVfjAXzdlwdaLhBNz05P7mWmOtd+yRi90Cz+JNbKwFJROyKiN376g7cdPt1nHr2u72t9q0cfxtdWGdKv414pnb+F6Ih/kLSfn1y7L6ozBwcK66K5X77/fJbrervNP4dXy/O2bohO/9bm17/t+IfTst167Vznddx+a/PW85pVnv9b0reqaaLy/Cjyfn5c+MRm5I38tePLr4+sXhskS/KZ/Ef2N+8/z8Yi3+JPRGRXcSPRcTjEbEvb/sTEfFkROxvE/8vrzz1/urjX19Z/NMrnP+kfr1+FYny6Z9/WFLpcCfxZ+f/cDV1IH+l+v/vq/Zx3W4D1/4XBAAAgI2vVP3sf1IavZUulUZHa5+X3xlbS5XZufnnTsx+eHa69ozAcAyWijtdQ3X3Q8fzaX2Rn2jIH8rvG39Z3lLNj07NVqZ7HTz0uW0t+n/m73KvWwesO89rQf/S/6F/6f/Qv/R/6FvNnv/fslKZ1M1BuCc0e/+/1IN2AHee8T/0r077f21y0OZrw4C7hvd/6F/6P/SltTzXv8ZE8fWDTcsU6w+9aNiKiTRdqcxAu8MvNQ/5LktEaUM0Q2KdEr39vwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAt/wcAAP//spXqBA==") bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={0xffffffffffffffff, &(0x7f0000000140), &(0x7f0000000180)=@tcp6}, 0x20) socket(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) bind$alg(0xffffffffffffffff, 0x0, 0x0) accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) r3 = syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x0) fcntl$lock(r3, 0x24, &(0x7f0000000740)) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$wireguard(&(0x7f00000000c0), 0xffffffffffffffff) r4 = socket$caif_stream(0x25, 0x1, 0x0) setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000001700)='team_slave_1\x00', 0x10) connect$caif(r4, &(0x7f0000000080)=@rfm={0x25, 0x10001, "423e650059ef6c664b6dff801d261cd8"}, 0x18) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_wireguard(r5, 0x8933, &(0x7f0000000000)={'wg2\x00'}) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000240)={'ip6tnl0\x00', &(0x7f00000001c0)={'ip6_vti0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @private2, @ipv4={'\x00', '\xff\xff', @broadcast}, 0x0, 0x0, 0x1ff}}) r6 = socket$l2tp6(0xa, 0x2, 0x73) setsockopt$inet6_IPV6_IPSEC_POLICY(r6, 0x29, 0x22, &(0x7f0000000200)={{{@in=@empty, @in=@dev}}, {{@in=@empty}, 0x0, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3e7}}, 0xe8) 3.605416789s ago: executing program 4 (id=2371): r0 = socket(0x200000100000011, 0x3, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f00000000c0)={'batadv0\x00', 0x0}) bind$packet(r0, &(0x7f0000000040)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @multicast}, 0x14) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x800b, 0x4) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f00000001c0)={0x28, 0x0, 0x0, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r4}, @val={0xc}}}}, 0x28}}, 0x0) sendmsg$netlink(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="2c000000410000000700034000000000d96e6c8d6c8508"], 0x2c}], 0x1}, 0x0) 2.253560183s ago: executing program 3 (id=2372): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000080)={[{@mpol={'mpol', 0x3d, {'prefer', '=static', @void}}, 0x4e}], [], 0x9}) 2.176769379s ago: executing program 4 (id=2373): syz_mount_image$hfs(&(0x7f0000000040), &(0x7f0000000080)='./file1\x00', 0x2, &(0x7f0000000100)=ANY=[], 0x51, 0x2b7, &(0x7f0000000140)="$eJzs3T1v00Acx/HfOWkbaFVcWoTEWKgEC4KyIJYglBfBhIAmSBVREVDEw1QQE0Kws/MWeBEsIN4ATEy8gDIZ3fkhcezYadTEpP1+pEaOfef7X/xw97dUWQCOrVutn5+v/bZ/RqqpJr27IXmSGlJd0hmdbTzb2d3e7XbaRTuquRr2zyisaTJltnY6eVVtPVcj4ttvdS31r8NkBEFw81fVQaBy7urP4UkL0dXptjemHlmx12PW2zvkOGaN2de+Xmi56jgAANWKxn8vGueX3Cojz5M2omH/vxz/x7VfdQATFxRu7Rv/XZYVGHt8T7lNvXzPpXB2uxdniaO0PDfwfV7hmZWaYJqyrNLF4p14sN3tXN561G17eqNmpK/Ymvtsh6durCTa9ZzctMAIfTf5M8pF14c524fNMP7nklLxr47Z4tjMV/Pd3DG+PqmdzP/qgbGHyR0pf+BIhfFfGb5H10vfllKU9jebTS9VZMU1ci5qIVLSy0Z+RqL4jFpR+gGBXxanq3V6oFbYu6sltVZza23G34bUWkvVsr1Jzubh7U2a+WBum3X90Re1+ub/no1vQ4VXZu+qMRvhUOB+8bA/8/nN1d0+/czIkb1ckl9xYVjof4vvaTiA97qv61p++vLVw1q323liF+7lLDxeStbMvZVyy1S8oL3emgUFTqZwPChNM7BLh7pDe/8oLWyvspxNtudVH6YjtND6Nt0TqYqFam9PmI70LQLHkJ13mTD/6+Ur9XCyZz/83Hn6iA8Coj0Gdo6dZHC9ukE4I5d08kAZ3OLwDC6bc2VyRpdznb8oXRi9RT+K84gwLf3QXZ7/AwAAAAAAAAAAAAAAAAAAzJpp/DtB1X0EAAAAAAAAAAAAAAAAAAAAAGDWJe//Vfz+X432/t/BV7Ec5vt/P+6I9/8Ck/cvAAD//zfYewA=") mkdir(&(0x7f0000000080)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') mkdir(&(0x7f0000000440)='./file0\x00', 0x0) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r0, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29}, './file0\x00'}) 2.003728095s ago: executing program 3 (id=2374): syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYBLOB="040e0af90910"], 0xd) 1.928898564s ago: executing program 3 (id=2375): syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x2000006, &(0x7f0000000340)={[{@utf8}, {@utf8no}, {@shortname_lower}, {@uni_xlate}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'cp863'}}, {@fat=@nocase}, {@fat=@fmask={'fmask', 0x3d, 0x10}}, {@numtail}, {@iocharset={'iocharset', 0x3d, 'cp932'}}, {@rodir}, {@uni_xlate}, {@shortname_mixed}, {@shortname_win95}, {@shortname_mixed}]}, 0x25, 0x363, &(0x7f0000000440)="$eJzs3T9oXHUcAPDv9SW5NFgvg1B0Ot0EKU3EQaeEUqGYQSuH/xYPm/gndxZyeJAOuWRRipPiIujkVkFx6iwO4urgagWpiovdCg0+eXfv/l9sAl60+PkMx5fv7/d9v+97edy9G/K7V1uxeWk2Nm7duhnz84WYWTm3ErcLsRgn0sjttl8LMeL9udEMAHBPuJ2m8UfacffZHy50I5/9AHDvan/+v36qnygeofjqfdNoCQCYssnf/8e+3T87sfjyVFsDAKZk7PP/kaHhkQeBmUiOszkAYCqef+nlZ1bXIi6Wy/MR9fealWYlnuqPr27Em1GL9TgbpdiP6DwodJ4WstenL6ydP1vO/LIYlayiWYmot5qVzpPCatKuL8ZSlGIxr0979UlWv9SuL0fEbqu9ftQLzcpsLOTr/7gQ67EcpXhgrD7iwtr55XJ+gEq9W9+K2Iv57klk/Z+JUnz/WlyOWlyKrLbf/85SuXwuXRuqb14rtucBAAAAAAAAAAAAAAAAAAAAAMA0nCn3LPb2v0nrrea7F9vjn3d+/C+Gxtv7+3Tyqxtp9xcDSrGfFru781xNRvcHGt6fp1mZiRP/0jkDAAAAAAAAAAAAAAAAAADAf01jey6qtdr6VmP7yuZg0BrIvP3dF9+cjO7QTF76VtKvijw5dJzuxO0rC5EfOYneEmmvPE2yOZsjbSQR3cm71WvXex0Pzin2zmKsPAuKY0OFvKdqrXbq4Z8/mVT1ZxbstjNJjF2W4aCQrz8wVL8/S8xHxP5BVQcHy3eZcyNN04PKdz4er4pCxEwcuY1DBN/efOPBxxunn2hnvs43fXj0sdILNz767LfNai32OlemVpvbauynhzhy1uv4UBL9e6OQX+fChDthcrDXz+xtNbaryQ+/v/jQB1EYnpxMvn/Swcw7B6/15WhmrhMUIha7F+HvWp2dcPNPDl6507t7j/6HO/3pSvX6zk+/HrZq4E3iRMRX//g7DwAAAAAAAAAAAAAAAAAAMGrgf8WP4MnnptcRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABy//u//DwR7Y5nDBHdaMT5UXN9qHLj4yWM9VQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/sf+CgAA//9aS3J1") openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x6b142, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0, 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0) r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, "ef359f413bb90152f7d6d1ce5d29c3ee5e5ca9000f7c41499dc2aac63a01000000000000004faa2ad9c084a003ea00", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00"}) creat(&(0x7f0000000440)='./file0\x00', 0x0) 1.837809284s ago: executing program 2 (id=2376): r0 = socket(0x10, 0x803, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x24}}, 0x0) getsockname$packet(r2, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x48}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@getchain={0x24, 0x66, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r3}}, 0x24}}, 0x0) 1.764758424s ago: executing program 4 (id=2377): r0 = syz_io_uring_setup(0x10d, &(0x7f0000000140), &(0x7f00000004c0)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0}) io_uring_enter(r0, 0x47f9, 0x0, 0x0, 0x0, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0) clock_nanosleep(0x2, 0x0, &(0x7f00000000c0)={0x0, 0x989680}, 0x0) 1.220345246s ago: executing program 2 (id=2378): recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) socket$netlink(0x10, 0x3, 0x15) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) preadv(0xffffffffffffffff, &(0x7f00000031c0)=[{&(0x7f0000005e40)=""/4102, 0x1006}], 0x1, 0x0, 0x0) bind$l2tp(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @multicast2}, 0x10) r3 = syz_io_uring_setup(0x28f, &(0x7f0000000080)={0x0, 0xb96, 0x13f81, 0x0, 0x40}, &(0x7f0000000100), &(0x7f0000000280)) syz_io_uring_submit(0x0, 0x0, 0x0) io_uring_enter(r3, 0x54, 0x0, 0x1, 0x0, 0x0) sendmsg$BATADV_CMD_GET_MESH(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x32}}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) getsockname$packet(0xffffffffffffffff, &(0x7f0000000340)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000140)=0x14) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cpu.stat\x00', 0x275a, 0x0) mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="b7abfbc20f64cf5f927c11153ae231feb42be94f14762c32ca0a4b4680f0777698cf2d5ff7c1ebbdc4b8e050d4a0881da4691293fcc14e959da7c0273188e51ecc8abadf21e2c79386177ad4"]) chdir(&(0x7f00000000c0)='./file0\x00') write$UHID_INPUT(r4, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3591bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd6929bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bcddf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22ebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a", 0x1000}}, 0x1006) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1000001, 0x1010, 0xffffffffffffffff, 0x0) open(&(0x7f0000000300)='./file0\x00', 0x0, 0x2675a4efe3e0a723) 1.159972692s ago: executing program 3 (id=2379): r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0) write$dsp(r0, &(0x7f00000001c0)="5cba91a4", 0xffffffd9) ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000080)) r1 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, &(0x7f0000000100)) r2 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65) ioctl$SNDRV_PCM_IOCTL_DRAIN(r2, 0x4144, 0x0) ioctl$SNDRV_PCM_IOCTL_REWIND(r2, 0x40084146, &(0x7f0000000180)=0x4) ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000040)) 180.052754ms ago: executing program 2 (id=2380): syz_emit_vhci(0x0, 0x22) openat$uinput(0xffffff9c, &(0x7f0000000300), 0x2, 0x0) r0 = syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x0) ioctl$CEC_S_MODE(r0, 0x40046109, &(0x7f0000000a00)) ioctl$CEC_ADAP_S_LOG_ADDRS(r0, 0xc05c6104, 0x0) syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYBLOB="04040a00000000000054679202ce9eaa48b326b038d97544c8b681bad547412afab3663029531077c8c4fa2f7501610d4eae6214096ae92430cd63486f07b04d9c519ab15a6e842e1352398f95ff35f5115a2c6c50f63336179b5e6b1f774a63506e8cb76bba42c6bee078240ec871a2bcf7dd5691833ac53a02f3614eae3afb9549df1b77ce0baebc9f630664"], 0xd) syz_emit_vhci(&(0x7f0000000280)=ANY=[], 0x14) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r1, &(0x7f0000000240)=[{&(0x7f0000000b80)=""/102386, 0x18ff2}], 0x1, 0x400000, 0x81) syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="2d9d7ab861bd4d304d57ab9f4ed1108b1c6e2a9dc73e476201885496d59d8d3692555eb1d760a2048d6477942bf58cc712"], 0xe3) socket$inet6(0xa, 0x6, 0x0) syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYRES8=r0, @ANYRESDEC, @ANYRESOCT=r0], 0x1a) ioctl$TUNGETVNETBE(0xffffffffffffffff, 0x800454df, &(0x7f00000000c0)=0x1) syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x3, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x0, 0x4}, {0x0, 0x10}}}}, 0x11) ioctl$DRM_IOCTL_AGP_INFO(0xffffffffffffffff, 0x80386433, &(0x7f00000001c0)=""/2) connect$inet(0xffffffffffffffff, &(0x7f0000e5c000)={0x2, 0x4e20, @loopback=0x7f000002}, 0x10) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000007, 0x10, 0xffffffffffffffff, 0x0) clock_gettime(0x0, 0x0) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x19) r3 = syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00') writev(r3, &(0x7f0000000780)=[{&(0x7f00000004c0)='4', 0x1}], 0x1) r4 = socket(0x1, 0x2, 0x0) ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f0000000080)={'netdevsim0\x00', &(0x7f0000000000)=@ethtool_perm_addr={0x33}}) 0s ago: executing program 1 (id=2304): r0 = socket$alg(0x26, 0x5, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x3) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10) r5 = syz_open_dev$vim2m(&(0x7f0000000300), 0xfffffffffffffffc, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r5, 0xc0d05605, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-generic\x00'}, 0x58) r6 = creat(0x0, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000440)='\x00'/16, 0x10) execveat(r6, 0x0, 0x0, 0x0, 0x0) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, 0x0, 0xfffffffe}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000480)='ext4_es_remove_extent\x00', r7}, 0x10) r8 = accept4(r0, 0x0, 0x0, 0x80800) r9 = accept4(r8, 0x0, 0x0, 0x80800) sendmmsg$inet6(r9, &(0x7f0000003b80)=[{{0x0, 0xd, &(0x7f00000003c0)=[{&(0x7f00000000c0)="e6", 0x1}], 0x1, 0x0, 0x0, 0x7000000}}, {{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000440)='&', 0x23fff}], 0x1}, 0xff03}], 0x4000070, 0x8000) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) write$binfmt_script(r10, &(0x7f0000000100), 0xfecc) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r10, 0x0) getsockopt$bt_hci(0xffffffffffffffff, 0x84, 0x81, 0x0, &(0x7f0000000040)) kernel console output (not intermixed with test programs): ave_0: entered promiscuous mode [ 679.925830][T13239] hsr_slave_1: entered promiscuous mode [ 679.957107][T13362] F2FS-fs (loop2): Try to recover all the superblocks, ret: 0 [ 679.960049][T13239] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 679.973681][T13239] Cannot create hsr debugfs directory [ 680.141203][ T5245] Bluetooth: hci6: command tx timeout [ 680.178999][ T6676] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 680.333662][T13264] bridge0: port 1(bridge_slave_0) entered blocking state [ 680.340893][T13264] bridge0: port 1(bridge_slave_0) entered disabled state [ 680.365411][T13264] bridge_slave_0: entered allmulticast mode [ 680.385168][T13264] bridge_slave_0: entered promiscuous mode [ 680.406783][ T5287] plantronics 0003:047F:FFFF.000D: unknown main item tag 0xd [ 680.426539][ T5287] plantronics 0003:047F:FFFF.000D: No inputs registered, leaving [ 680.454532][ T6676] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 680.475892][ T5287] plantronics 0003:047F:FFFF.000D: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 680.574083][T13264] bridge0: port 2(bridge_slave_1) entered blocking state [ 680.592101][T13264] bridge0: port 2(bridge_slave_1) entered disabled state [ 680.613307][T13264] bridge_slave_1: entered allmulticast mode [ 680.630978][T13264] bridge_slave_1: entered promiscuous mode [ 680.724617][T13379] loop0: detected capacity change from 0 to 32768 [ 680.725438][T13379] XFS: noikeep mount option is deprecated. [ 680.728542][ T6676] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 680.753259][T13264] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 680.800880][ T5339] usb 4-1: USB disconnect, device number 30 [ 680.818108][T13379] XFS (loop0): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 680.865269][ T6676] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 680.894828][T13264] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 680.951699][T13379] XFS (loop0): Ending clean mount [ 680.971808][T13379] XFS (loop0): Quotacheck needed: Please wait. [ 681.064326][T13379] XFS (loop0): Quotacheck: Done. [ 681.085142][T13391] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2063'. [ 681.134731][T13264] team0: Port device team_slave_0 added [ 681.171125][T13264] team0: Port device team_slave_1 added [ 681.229983][T12039] XFS (loop0): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 681.507915][T13395] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.2066'. [ 681.613368][T13264] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 681.630526][T13264] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 681.694478][T13264] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 681.764650][ T6676] bridge_slave_1: left allmulticast mode [ 681.780355][ T6676] bridge_slave_1: left promiscuous mode [ 681.791588][ T6676] bridge0: port 2(bridge_slave_1) entered disabled state [ 681.814036][ T6676] bridge_slave_0: left allmulticast mode [ 681.826157][ T6676] bridge_slave_0: left promiscuous mode [ 681.844772][ T6676] bridge0: port 1(bridge_slave_0) entered disabled state [ 682.001647][T13401] loop0: detected capacity change from 0 to 2048 [ 683.423680][ T6676] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 683.436152][ T6676] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 683.447942][ T6676] bond0 (unregistering): Released all slaves [ 683.480463][T13264] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 683.488152][T13264] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 683.514267][ C0] vkms_vblank_simulate: vblank timer overrun [ 683.521871][T13264] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 683.991666][T13264] hsr_slave_0: entered promiscuous mode [ 684.045537][T13264] hsr_slave_1: entered promiscuous mode [ 684.062632][T13264] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 684.083753][T13264] Cannot create hsr debugfs directory [ 684.332526][T13424] loop0: detected capacity change from 0 to 4096 [ 684.845769][T13427] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 684.959597][ T29] kauditd_printk_skb: 63 callbacks suppressed [ 684.959617][ T29] audit: type=1800 audit(1721918551.139:435): pid=13424 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2074" name="bus" dev="loop0" ino=18 res=0 errno=0 [ 684.986166][ C0] vkms_vblank_simulate: vblank timer overrun [ 685.202844][ T29] audit: type=1800 audit(1721918551.379:436): pid=13424 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2074" name="bus" dev="loop0" ino=18 res=0 errno=0 [ 685.291733][ T6676] hsr_slave_0: left promiscuous mode [ 685.447575][ T6676] hsr_slave_1: left promiscuous mode [ 685.553237][T13432] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(9) [ 685.559806][T13432] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 685.584853][ T6676] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 685.591122][T13432] vhci_hcd vhci_hcd.0: Device attached [ 685.656963][T13436] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.2076'. [ 685.668155][ T6676] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 685.681732][ T29] audit: type=1800 audit(1721918551.857:437): pid=13432 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2074" name="bus" dev="loop0" ino=18 res=0 errno=0 [ 685.709777][ T6676] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 685.717240][T13433] vhci_hcd: connection closed [ 685.718369][ T6676] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 685.718864][ T6683] vhci_hcd: stop threads [ 685.747583][ T6683] vhci_hcd: release socket [ 685.766064][ T6683] vhci_hcd: disconnect device [ 685.785015][ T6676] veth1_macvtap: left promiscuous mode [ 685.798427][ T6676] veth0_macvtap: left promiscuous mode [ 685.804435][ T6676] veth1_vlan: left promiscuous mode [ 685.809848][ T6676] veth0_vlan: left promiscuous mode [ 685.818849][ T5280] vhci_hcd: vhci_device speed not set [ 686.483556][ T1269] ieee802154 phy0 wpan0: encryption failed: -22 [ 686.500043][ T1269] ieee802154 phy1 wpan1: encryption failed: -22 [ 687.795511][ T6676] team0 (unregistering): Port device team_slave_1 removed [ 687.906087][ T6676] team0 (unregistering): Port device team_slave_0 removed [ 688.291585][T13453] loop0: detected capacity change from 0 to 4096 [ 688.310835][T13453] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512). [ 688.433749][T13453] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 688.458341][T13453] ntfs3: loop0: mft corrupted [ 688.463161][T13453] ntfs3: loop0: Failed to load $Extend (-22). [ 688.487561][T13453] ntfs3: loop0: Failed to initialize $Extend. [ 689.544634][T13239] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 689.563822][T13465] loop3: detected capacity change from 0 to 4096 [ 689.595848][T13239] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 689.661031][T13239] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 689.671451][T13466] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 689.764717][ T29] audit: type=1800 audit(1721918555.928:438): pid=13465 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2086" name="bus" dev="loop3" ino=18 res=0 errno=0 [ 689.823061][ T29] audit: type=1800 audit(1721918555.978:439): pid=13465 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2086" name="bus" dev="loop3" ino=18 res=0 errno=0 [ 689.850368][T13239] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 689.916745][T13467] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(9) [ 689.923306][T13467] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 689.961103][T13458] loop0: detected capacity change from 0 to 32768 [ 689.970216][T13467] vhci_hcd vhci_hcd.0: Device attached [ 689.977286][T13458] XFS: noikeep mount option is deprecated. [ 690.066019][T13458] XFS (loop0): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 690.146857][ T29] audit: type=1800 audit(1721918556.307:440): pid=13470 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2086" name="bus" dev="loop3" ino=18 res=0 errno=0 [ 690.188605][ T8] vhci_hcd: vhci_device speed not set [ 690.197469][T13458] XFS (loop0): Ending clean mount [ 690.206416][T13458] XFS (loop0): Quotacheck needed: Please wait. [ 690.213202][T13468] vhci_hcd: connection closed [ 690.213654][ T6683] vhci_hcd: stop threads [ 690.223542][ T6683] vhci_hcd: release socket [ 690.228106][ T6683] vhci_hcd: disconnect device [ 690.260381][ T8] usb 15-1: new full-speed USB device number 3 using vhci_hcd [ 690.267944][ T8] usb 15-1: enqueue for inactive port 0 [ 690.330739][T13458] XFS (loop0): Quotacheck: Done. [ 690.388346][T13239] 8021q: adding VLAN 0 to HW filter on device bond0 [ 690.396453][ T8] vhci_hcd: vhci_device speed not set [ 690.428083][T13460] loop2: detected capacity change from 0 to 32768 [ 690.464499][T13239] 8021q: adding VLAN 0 to HW filter on device team0 [ 690.489191][T12039] XFS (loop0): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 690.526649][T13460] XFS (loop2): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 690.539130][ T5284] bridge0: port 1(bridge_slave_0) entered blocking state [ 690.546308][ T5284] bridge0: port 1(bridge_slave_0) entered forwarding state [ 690.556134][ T5284] bridge0: port 2(bridge_slave_1) entered blocking state [ 690.563256][ T5284] bridge0: port 2(bridge_slave_1) entered forwarding state [ 690.642307][T13460] XFS (loop2): Ending clean mount [ 690.778324][T13264] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 690.824741][T13264] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 690.857687][T13264] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 690.935635][T13264] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 690.996068][T12101] XFS (loop2): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 692.049331][ T11] bridge_slave_1: left allmulticast mode [ 692.075682][ T11] bridge_slave_1: left promiscuous mode [ 692.122510][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 692.190300][ T11] bridge_slave_0: left allmulticast mode [ 692.251188][ T11] bridge_slave_0: left promiscuous mode [ 692.293823][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 692.564663][T13509] tmpfs: Bad value for 'nr_inodes' [ 692.670717][T13515] loop2: detected capacity change from 0 to 512 [ 692.686516][T13515] EXT4-fs (loop2): blocks per group (71) and clusters per group (32768) inconsistent [ 695.239083][T13523] loop3: detected capacity change from 0 to 40427 [ 695.328682][T13523] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 695.336511][T13523] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 695.360424][T13523] F2FS-fs (loop3): invalid crc value [ 696.163681][T13523] F2FS-fs (loop3): Failed to initialize F2FS segment manager (-4) [ 697.055593][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 697.135096][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 697.191897][ T11] bond0 (unregistering): Released all slaves [ 697.321833][T13507] pimreg: entered allmulticast mode [ 698.564329][T13239] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 698.738201][T13264] 8021q: adding VLAN 0 to HW filter on device bond0 [ 698.835982][T13528] loop0: detected capacity change from 0 to 32768 [ 698.922572][T13264] 8021q: adding VLAN 0 to HW filter on device team0 [ 698.968832][T13528] XFS (loop0): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 699.020756][T13549] loop2: detected capacity change from 0 to 2048 [ 699.076076][T13528] XFS (loop0): Ending clean mount [ 699.084354][ T25] bridge0: port 1(bridge_slave_0) entered blocking state [ 699.091542][ T25] bridge0: port 1(bridge_slave_0) entered forwarding state [ 699.129487][T13553] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 699.222915][ T11] hsr_slave_0: left promiscuous mode [ 699.253818][ T11] hsr_slave_1: left promiscuous mode [ 699.262222][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 699.282227][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 699.303798][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 699.322072][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 699.398985][ T11] veth1_macvtap: left promiscuous mode [ 699.410536][ T11] veth0_macvtap: left promiscuous mode [ 699.425354][T12039] XFS (loop0): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 699.432594][ T11] veth1_vlan: left promiscuous mode [ 699.439291][ T11] veth0_vlan: left promiscuous mode [ 699.749063][T13542] loop3: detected capacity change from 0 to 40427 [ 699.777490][T13542] F2FS-fs (loop3): Fix alignment : internally, start(4096) end(16896) block(12288) [ 699.806003][T13542] F2FS-fs (loop3): heap/no_heap options were deprecated [ 699.828823][T13542] F2FS-fs (loop3): invalid crc value [ 699.836414][T13542] F2FS-fs (loop3): Found nat_bits in checkpoint [ 699.918164][T13542] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 699.963073][T13542] F2FS-fs (loop3): Try to recover all the superblocks, ret: 0 [ 701.007009][ T11] team0 (unregistering): Port device team_slave_1 removed [ 701.186753][ T11] team0 (unregistering): Port device team_slave_0 removed [ 702.271966][ T25] bridge0: port 2(bridge_slave_1) entered blocking state [ 702.279126][ T25] bridge0: port 2(bridge_slave_1) entered forwarding state [ 702.295008][T13568] netlink: 'syz.3.2108': attribute type 2 has an invalid length. [ 702.302761][T13568] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2108'. [ 702.347613][T13239] veth0_vlan: entered promiscuous mode [ 702.371826][T13239] veth1_vlan: entered promiscuous mode [ 702.577523][T13573] loop2: detected capacity change from 0 to 512 [ 702.616744][T13573] EXT4-fs (loop2): blocks per group (71) and clusters per group (32768) inconsistent [ 702.744414][T13264] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 702.755263][T13264] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 703.231196][T13239] veth0_macvtap: entered promiscuous mode [ 703.451978][T13239] veth1_macvtap: entered promiscuous mode [ 703.613061][T13239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 703.648828][T13239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 703.676208][T13239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 703.716182][T13239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 703.725437][T13585] loop2: detected capacity change from 0 to 512 [ 703.736210][T13239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 703.766220][T13239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 703.801939][T13239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 703.835163][T13585] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 703.850068][T13239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 703.886766][T13239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 703.919272][T13239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 703.932215][T13585] ext4 filesystem being mounted at /73/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 703.966370][T13239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 704.008070][T13239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 704.058415][T13239] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 704.122860][T13239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 704.148519][T13239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 704.189389][T13239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 704.204549][T13576] loop0: detected capacity change from 0 to 40427 [ 704.220586][T13239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 704.244590][T13576] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 704.266615][T13576] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 704.283841][T13239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 704.301539][T13585] EXT4-fs error (device loop2): ext4_add_entry:2435: inode #2: comm syz.2.2112: Directory hole found for htree leaf block 0 [ 704.314619][T13239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 704.314647][T13239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 704.338818][T13239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 704.352776][T13239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 704.365186][T13239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 704.382572][T13239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 704.387920][T13576] F2FS-fs (loop0): Found nat_bits in checkpoint [ 704.393942][T13239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 704.453313][T13239] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 704.481768][T13239] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 704.496488][T13239] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 704.512484][T13239] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 704.556955][T13239] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 704.600389][T12101] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 704.622377][T13576] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 704.638523][T13576] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 704.684744][T13264] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 705.164756][T13583] loop3: detected capacity change from 0 to 32768 [ 705.208787][T13583] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.2113 (13583) [ 705.248526][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 705.309179][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 705.419969][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 705.450416][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 705.519522][T13583] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 705.689844][T13583] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 705.706250][T13583] BTRFS info (device loop3): using free-space-tree [ 706.696878][T13583] BTRFS info (device loop3): setting incompat feature flag for SIMPLE_QUOTA (0x10000) [ 706.840015][T13264] veth0_vlan: entered promiscuous mode [ 706.861812][T13264] veth1_vlan: entered promiscuous mode [ 706.884801][T13630] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 706.917255][ T9137] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 706.947070][T13264] veth0_macvtap: entered promiscuous mode [ 706.974406][T13264] veth1_macvtap: entered promiscuous mode [ 707.081621][T13264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 707.118968][T13264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 707.498163][T13633] loop0: detected capacity change from 0 to 65536 [ 707.575396][T13264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 707.611309][T13633] XFS (loop0): Mounting V5 Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2 [ 707.642320][T13264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 707.663579][T13633] XFS (loop0): Ending clean mount [ 707.673124][T13633] XFS (loop0): Quotacheck needed: Please wait. [ 707.698302][T13264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 707.743320][T13634] loop2: detected capacity change from 0 to 1024 [ 707.766293][T13633] XFS (loop0): Quotacheck: Done. [ 707.767661][T13264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 707.839316][T13264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 707.880863][T13264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 707.919353][T13264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 707.941569][T13264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 708.133821][T13264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 708.762299][T13264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 708.789736][T13264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 708.800452][T13264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 708.828989][T13264] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 708.858242][T12039] XFS (loop0): Unmounting Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2 [ 708.977924][T13264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 709.000128][T13264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 709.010187][T13264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 709.021553][T13264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 709.038084][T13264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 709.050287][T13264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 709.062211][T13264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 709.074636][T13264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 709.095121][T13264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 709.106523][T13264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 709.116486][T13264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 709.139909][T13264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 709.149748][T13264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 709.162927][T13264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 709.188802][T13251] hfsplus: b-tree write err: -5, ino 4 [ 709.197706][T13264] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 709.233016][T13264] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 709.252610][T13264] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 709.273392][T13264] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 709.297477][T13264] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 709.437431][T13648] loop3: detected capacity change from 0 to 32768 [ 709.445439][T13648] XFS: attr2 mount option is deprecated. [ 709.451555][T13648] XFS (loop3): stripe width (220) must be a multiple of the stripe unit (155) [ 709.889520][T13666] loop2: detected capacity change from 0 to 2048 [ 709.908329][T13666] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 709.921024][T13666] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 709.969912][T13666] Process accounting resumed [ 710.722269][T13665] loop3: detected capacity change from 0 to 40427 [ 710.730221][T13665] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 710.740821][T13665] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 710.772408][T13665] F2FS-fs (loop3): Found nat_bits in checkpoint [ 710.866318][T13665] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 710.879139][T13665] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 712.179875][T13679] loop0: detected capacity change from 0 to 32768 [ 712.228021][T13679] JFS: metapage_get_blocks failed [ 712.246187][T13679] ERROR: (device loop0): release_metapage: metapage_write_one() failed [ 712.246187][T13679] [ 712.252815][T13685] ax25_connect(): syz.3.2128 uses autobind, please contact jreuter@yaina.de [ 712.257327][T13679] ERROR: (device loop0): remounting filesystem as read-only [ 712.342110][ T112] blkno = 5002c, nblocks = 1 [ 712.346778][ T112] ERROR: (device loop0): dbUpdatePMap: blocks are outside the map [ 712.346778][ T112] [ 713.098484][T13687] loop3: detected capacity change from 0 to 65536 [ 713.219311][T13687] XFS (loop3): Mounting V5 Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2 [ 713.272254][T13687] XFS (loop3): Ending clean mount [ 713.280509][T13687] XFS (loop3): Quotacheck needed: Please wait. [ 713.417125][T13687] XFS (loop3): Quotacheck: Done. [ 714.198658][ T5245] Bluetooth: hci5: command 0x0406 tx timeout [ 714.447489][ T9137] XFS (loop3): Unmounting Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2 [ 715.552960][ C0] DEBUG: waiting rtnl_mutex for 519 jiffies. [ 715.559081][ C0] task:syz.2.2126 state:D stack:27392 pid:13670 tgid:13667 ppid:12101 flags:0x00004006 [ 715.569315][ C0] Call Trace: [ 715.572601][ C0] [ 715.575554][ C0] __schedule+0x1800/0x4a60 [ 715.580083][ C0] ? __pfx___schedule+0x10/0x10 [ 715.584960][ C0] ? __pfx_lock_release+0x10/0x10 [ 715.589993][ C0] ? __mutex_trylock_common+0x92/0x2e0 [ 715.595494][ C0] ? schedule+0x90/0x320 [ 715.599755][ C0] schedule+0x14b/0x320 [ 715.603930][ C0] schedule_preempt_disabled+0x13/0x30 [ 715.609409][ C0] __mutex_lock+0x6a4/0xd70 [ 715.613949][ C0] ? __mutex_lock+0x527/0xd70 [ 715.618652][ C0] ? do_ip_setsockopt+0x127d/0x3cd0 [ 715.623893][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 715.628959][ C0] ? get_rtnl_holder+0x144/0x190 [ 715.633948][ C0] do_ip_setsockopt+0x127d/0x3cd0 [ 715.639023][ C0] ? __pfx_do_ip_setsockopt+0x10/0x10 [ 715.644430][ C0] ? aa_sk_perm+0x96d/0xab0 [ 715.648971][ C0] ? __pfx_aa_sk_perm+0x10/0x10 [ 715.653852][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 715.658880][ C0] ? aa_sock_opt_perm+0x79/0x120 [ 715.663850][ C0] ip_setsockopt+0x63/0x100 [ 715.668364][ C0] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 715.674364][ C0] do_sock_setsockopt+0x3af/0x720 [ 715.679394][ C0] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 715.684957][ C0] ? __fget_files+0x29/0x470 [ 715.689551][ C0] ? __fget_files+0x3f6/0x470 [ 715.694251][ C0] __sys_setsockopt+0x1ae/0x250 [ 715.699121][ C0] __x64_sys_setsockopt+0xb5/0xd0 [ 715.704196][ C0] do_syscall_64+0xf3/0x230 [ 715.708755][ C0] ? clear_bhb_loop+0x35/0x90 [ 715.713478][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 715.719399][ C0] RIP: 0033:0x7fd3bf975f19 [ 715.723827][ C0] RSP: 002b:00007fd3bf3ff048 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 715.732254][ C0] RAX: ffffffffffffffda RBX: 00007fd3bfb06110 RCX: 00007fd3bf975f19 [ 715.740244][ C0] RDX: 000000000000002a RSI: 0000000000000000 RDI: 0000000000000003 [ 715.748232][ C0] RBP: 00007fd3bf9e4e68 R08: 0000000000000088 R09: 0000000000000000 [ 715.756231][ C0] R10: 0000000020001180 R11: 0000000000000246 R12: 0000000000000000 [ 715.764215][ C0] R13: 000000000000006e R14: 00007fd3bfb06110 R15: 00007ffef6347b68 [ 715.772228][ C0] [ 715.775272][ C0] DEBUG: waiting rtnl_mutex for 536 jiffies. [ 715.781249][ C0] task:syz.2.2126 state:D stack:27392 pid:13671 tgid:13667 ppid:12101 flags:0x00000004 [ 715.791431][ C0] Call Trace: [ 715.794724][ C0] [ 715.797662][ C0] __schedule+0x1800/0x4a60 [ 715.802192][ C0] ? __pfx___schedule+0x10/0x10 [ 715.807082][ C0] ? __pfx_lock_release+0x10/0x10 [ 715.812150][ C0] ? __mutex_trylock_common+0x92/0x2e0 [ 715.817661][ C0] ? schedule+0x90/0x320 [ 715.821921][ C0] schedule+0x14b/0x320 [ 715.826105][ C0] schedule_preempt_disabled+0x13/0x30 [ 715.831582][ C0] __mutex_lock+0x6a4/0xd70 [ 715.836117][ C0] ? __mutex_lock+0x527/0xd70 [ 715.840811][ C0] ? do_ip_getsockopt+0x10f5/0x2940 [ 715.846043][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 715.851080][ C0] ? get_rtnl_holder+0x144/0x190 [ 715.856043][ C0] do_ip_getsockopt+0x10f5/0x2940 [ 715.861160][ C0] ? __lock_acquire+0x1384/0x2050 [ 715.866203][ C0] ? cgroup_rstat_updated+0x13b/0xc60 [ 715.871581][ C0] ? __pfx_do_ip_getsockopt+0x10/0x10 [ 715.876990][ C0] ? __pfx_aa_label_sk_perm+0x10/0x10 [ 715.882380][ C0] ? count_memcg_event_mm+0x94/0x420 [ 715.887697][ C0] ? __pfx___might_resched+0x10/0x10 [ 715.893122][ C0] ? __lock_acquire+0x1384/0x2050 [ 715.898178][ C0] ? aa_sk_perm+0x96d/0xab0 [ 715.902689][ C0] ip_getsockopt+0xed/0x2e0 [ 715.907223][ C0] ? __pfx_ip_getsockopt+0x10/0x10 [ 715.912354][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 715.917413][ C0] ? aa_sock_opt_perm+0x79/0x120 [ 715.922373][ C0] ? __pfx_sock_common_getsockopt+0x10/0x10 [ 715.928304][ C0] do_sock_getsockopt+0x373/0x850 [ 715.933357][ C0] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 715.938925][ C0] ? __fget_files+0x3f6/0x470 [ 715.943643][ C0] __sys_getsockopt+0x271/0x330 [ 715.948506][ C0] ? __pfx___sys_getsockopt+0x10/0x10 [ 715.953935][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 715.960305][ C0] ? exc_page_fault+0x590/0x8c0 [ 715.965226][ C0] __x64_sys_getsockopt+0xb5/0xd0 [ 715.970296][ C0] do_syscall_64+0xf3/0x230 [ 715.974828][ C0] ? clear_bhb_loop+0x35/0x90 [ 715.979511][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 715.985445][ C0] RIP: 0033:0x7fd3bf975f19 [ 715.989871][ C0] RSP: 002b:00007fd3bf3de048 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 715.998311][ C0] RAX: ffffffffffffffda RBX: 00007fd3bfb061e8 RCX: 00007fd3bf975f19 [ 716.006314][ C0] RDX: 0000000000000030 RSI: 0000000000000000 RDI: 0000000000000003 [ 716.014302][ C0] RBP: 00007fd3bf9e4e68 R08: 0000000020001000 R09: 0000000000000000 [ 716.022278][ C0] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000000 [ 716.030291][ C0] R13: 000000000000006e R14: 00007fd3bfb061e8 R15: 00007ffef6347b68 [ 716.038323][ C0] [ 716.041351][ C0] DEBUG: waiting rtnl_mutex for 651 jiffies. [ 716.047350][ C0] task:syz-executor state:D stack:20080 pid:13264 tgid:13264 ppid:13238 flags:0x00004000 [ 716.057541][ C0] Call Trace: [ 716.060839][ C0] [ 716.063823][ C0] __schedule+0x1800/0x4a60 [ 716.068381][ C0] ? __pfx___schedule+0x10/0x10 [ 716.073276][ C0] ? __pfx_lock_release+0x10/0x10 [ 716.078345][ C0] ? __mutex_trylock_common+0x92/0x2e0 [ 716.083851][ C0] ? schedule+0x90/0x320 [ 716.088121][ C0] schedule+0x14b/0x320 [ 716.092285][ C0] schedule_preempt_disabled+0x13/0x30 [ 716.097795][ C0] __mutex_lock+0x6a4/0xd70 [ 716.102315][ C0] ? __mutex_lock+0x527/0xd70 [ 716.107025][ C0] ? ieee80211_register_hw+0x2c4e/0x3e10 [ 716.112669][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 716.117748][ C0] ? get_rtnl_holder+0x144/0x190 [ 716.122728][ C0] ieee80211_register_hw+0x2c4e/0x3e10 [ 716.128222][ C0] ? ieee80211_register_hw+0x1581/0x3e10 [ 716.133880][ C0] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 716.139697][ C0] ? __asan_memset+0x23/0x50 [ 716.144313][ C0] ? __hrtimer_init+0x170/0x250 [ 716.149177][ C0] mac80211_hwsim_new_radio+0x2a9f/0x4a90 [ 716.154955][ C0] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 716.161037][ C0] hwsim_new_radio_nl+0xece/0x2290 [ 716.166189][ C0] ? __pfx___nla_validate_parse+0x10/0x10 [ 716.171929][ C0] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 716.177544][ C0] ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290 [ 716.183938][ C0] genl_rcv_msg+0xb14/0xec0 [ 716.188472][ C0] ? mark_lock+0x9a/0x360 [ 716.192816][ C0] ? __pfx_genl_rcv_msg+0x10/0x10 [ 716.197880][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 716.202918][ C0] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 716.208514][ C0] ? __pfx___might_resched+0x10/0x10 [ 716.213828][ C0] netlink_rcv_skb+0x1e3/0x430 [ 716.218688][ C0] ? __pfx_genl_rcv_msg+0x10/0x10 [ 716.223736][ C0] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 716.229033][ C0] ? __netlink_deliver_tap+0x77e/0x7c0 [ 716.234522][ C0] genl_rcv+0x28/0x40 [ 716.238514][ C0] netlink_unicast+0x7f6/0x990 [ 716.243326][ C0] ? __pfx_netlink_unicast+0x10/0x10 [ 716.248619][ C0] ? __virt_addr_valid+0x183/0x530 [ 716.253750][ C0] ? __check_object_size+0x49c/0x900 [ 716.259032][ C0] ? bpf_lsm_netlink_send+0x9/0x10 [ 716.264235][ C0] netlink_sendmsg+0x8e4/0xcb0 [ 716.269061][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 716.274388][ C0] ? aa_sock_msg_perm+0x91/0x160 [ 716.279336][ C0] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 716.284661][ C0] ? security_socket_sendmsg+0x87/0xb0 [ 716.290137][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 716.295452][ C0] __sock_sendmsg+0x221/0x270 [ 716.300137][ C0] __sys_sendto+0x3a4/0x4f0 [ 716.304664][ C0] ? __pfx___sys_sendto+0x10/0x10 [ 716.309703][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 716.315737][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 716.322070][ C0] __x64_sys_sendto+0xde/0x100 [ 716.326855][ C0] do_syscall_64+0xf3/0x230 [ 716.331380][ C0] ? clear_bhb_loop+0x35/0x90 [ 716.336084][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 716.341972][ C0] RIP: 0033:0x7f6bfc577cac [ 716.346403][ C0] RSP: 002b:00007ffff8c4c1d0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 716.354854][ C0] RAX: ffffffffffffffda RBX: 00007f6bfd234620 RCX: 00007f6bfc577cac [ 716.362851][ C0] RDX: 0000000000000024 RSI: 00007f6bfd234670 RDI: 0000000000000003 [ 716.370838][ C0] RBP: 0000000000000000 R08: 00007ffff8c4c224 R09: 000000000000000c [ 716.378834][ C0] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 716.386818][ C0] R13: 0000000000000000 R14: 00007f6bfd234670 R15: 0000000000000000 [ 716.394831][ C0] [ 716.397853][ C0] DEBUG: waiting rtnl_mutex for 685 jiffies. [ 716.403864][ C0] task:kworker/u8:19 state:D stack:20464 pid:6697 tgid:6697 ppid:2 flags:0x00004000 [ 716.414074][ C0] Workqueue: ipv6_addrconf addrconf_dad_work [ 716.420074][ C0] Call Trace: [ 716.423383][ C0] [ 716.426358][ C0] __schedule+0x1800/0x4a60 [ 716.430913][ C0] ? __pfx___schedule+0x10/0x10 [ 716.435806][ C0] ? __pfx_lock_release+0x10/0x10 [ 716.440843][ C0] ? __mutex_trylock_common+0x92/0x2e0 [ 716.446320][ C0] ? kthread_data+0x52/0xd0 [ 716.450826][ C0] ? schedule+0x90/0x320 [ 716.455083][ C0] ? wq_worker_sleeping+0x66/0x240 [ 716.460197][ C0] ? schedule+0x90/0x320 [ 716.464482][ C0] schedule+0x14b/0x320 [ 716.468647][ C0] schedule_preempt_disabled+0x13/0x30 [ 716.474123][ C0] __mutex_lock+0x6a4/0xd70 [ 716.478639][ C0] ? __mutex_lock+0x527/0xd70 [ 716.483356][ C0] ? addrconf_dad_work+0xd0/0x16f0 [ 716.488488][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 716.493535][ C0] ? get_rtnl_holder+0x144/0x190 [ 716.498497][ C0] addrconf_dad_work+0xd0/0x16f0 [ 716.503482][ C0] ? __pfx_addrconf_dad_work+0x10/0x10 [ 716.508997][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 716.515387][ C0] ? process_scheduled_works+0x945/0x1830 [ 716.521150][ C0] process_scheduled_works+0xa2c/0x1830 [ 716.526757][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 716.532762][ C0] ? assign_work+0x364/0x3d0 [ 716.537398][ C0] worker_thread+0x86d/0xd40 [ 716.542011][ C0] ? __kthread_parkme+0x169/0x1d0 [ 716.547067][ C0] ? __pfx_worker_thread+0x10/0x10 [ 716.552190][ C0] kthread+0x2f0/0x390 [ 716.556280][ C0] ? __pfx_worker_thread+0x10/0x10 [ 716.561481][ C0] ? __pfx_kthread+0x10/0x10 [ 716.566089][ C0] ret_from_fork+0x4b/0x80 [ 716.570593][ C0] ? __pfx_kthread+0x10/0x10 [ 716.575200][ C0] ret_from_fork_asm+0x1a/0x30 [ 716.579986][ C0] [ 716.583004][ C0] DEBUG: holding rtnl_mutex for 697 jiffies. [ 716.589041][ C0] task:syz.1.2122 state:D stack:24672 pid:13654 tgid:13654 ppid:13239 flags:0x00004006 [ 716.599258][ C0] Call Trace: [ 716.602535][ C0] [ 716.605501][ C0] __schedule+0x1800/0x4a60 [ 716.610034][ C0] ? __pfx___schedule+0x10/0x10 [ 716.614917][ C0] ? __pfx_lock_release+0x10/0x10 [ 716.619948][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 716.625877][ C0] ? schedule+0x90/0x320 [ 716.630145][ C0] schedule+0x14b/0x320 [ 716.634364][ C0] synchronize_rcu_expedited+0x684/0x830 [ 716.640009][ C0] ? __pfx_synchronize_rcu_expedited+0x10/0x10 [ 716.646199][ C0] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 716.651501][ C0] ? __pfx___might_resched+0x10/0x10 [ 716.656812][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 716.662803][ C0] ? __pfx_autoremove_wake_function+0x10/0x10 [ 716.668921][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 716.675305][ C0] synchronize_rcu+0x11b/0x360 [ 716.680085][ C0] ? __pfx_synchronize_rcu+0x10/0x10 [ 716.685416][ C0] lockdep_unregister_key+0x4b7/0x540 [ 716.690805][ C0] ? __pfx_lockdep_unregister_key+0x10/0x10 [ 716.696725][ C0] ? lockdep_hardirqs_on+0x99/0x150 [ 716.701935][ C0] ? __qdisc_destroy+0x150/0x410 [ 716.706955][ C0] ? kfree+0x149/0x360 [ 716.711027][ C0] ? __pfx_pfifo_fast_destroy+0x10/0x10 [ 716.716603][ C0] __qdisc_destroy+0x165/0x410 [ 716.721382][ C0] dev_shutdown+0x9b/0x450 [ 716.725817][ C0] unregister_netdevice_many_notify+0x97b/0x1c40 [ 716.732164][ C0] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 716.738972][ C0] ? __asan_memset+0x23/0x50 [ 716.743599][ C0] ? skb_queue_purge_reason+0x2de/0x500 [ 716.749191][ C0] ? __asan_memset+0x23/0x50 [ 716.753829][ C0] ? skb_queue_purge_reason+0x2de/0x500 [ 716.759418][ C0] ? do_raw_spin_unlock+0x13c/0x8b0 [ 716.764657][ C0] unregister_netdevice_queue+0x303/0x370 [ 716.770395][ C0] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 716.776675][ C0] __tun_detach+0x6b9/0x1600 [ 716.781290][ C0] tun_chr_close+0x108/0x1b0 [ 716.785900][ C0] ? __pfx_tun_chr_close+0x10/0x10 [ 716.791027][ C0] __fput+0x24a/0x8a0 [ 716.795058][ C0] task_work_run+0x24f/0x310 [ 716.799665][ C0] ? __pfx_task_work_run+0x10/0x10 [ 716.804837][ C0] ? syscall_exit_to_user_mode+0xa3/0x370 [ 716.810587][ C0] syscall_exit_to_user_mode+0x168/0x370 [ 716.816267][ C0] do_syscall_64+0x100/0x230 [ 716.820878][ C0] ? clear_bhb_loop+0x35/0x90 [ 716.825602][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 716.831500][ C0] RIP: 0033:0x7fc45df75f19 [ 716.835948][ C0] RSP: 002b:00007ffcfc8b6ba8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 716.844433][ C0] RAX: 0000000000000000 RBX: 00007fc45e107a60 RCX: 00007fc45df75f19 [ 716.852444][ C0] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 716.860619][ C0] RBP: 00007fc45e107a60 R08: 00007fc45e0f2000 R09: 00000008fc8b6ecf [ 716.868657][ C0] R10: 00000000003ffd54 R11: 0000000000000246 R12: 00000000000ad2d3 [ 716.876669][ C0] R13: 0000000000000032 R14: 00007fc45e107a60 R15: 00007fc45e1061e8 [ 716.884675][ C0] [ 716.887696][ C0] DEBUG: waiting rtnl_mutex for 695 jiffies. [ 716.893703][ C0] task:kworker/0:1 state:D stack:20216 pid:9 tgid:9 ppid:2 flags:0x00004000 [ 716.903887][ C0] Workqueue: events linkwatch_event [ 716.909089][ C0] Call Trace: [ 716.912363][ C0] [ 716.915310][ C0] __schedule+0x1800/0x4a60 [ 716.919844][ C0] ? __pfx___schedule+0x10/0x10 [ 716.924969][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 716.930993][ C0] ? __pfx_lock_release+0x10/0x10 [ 716.936047][ C0] ? kick_pool+0x1bd/0x620 [ 716.940480][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 716.945706][ C0] ? lockdep_hardirqs_on+0x99/0x150 [ 716.950913][ C0] ? schedule+0x90/0x320 [ 716.955212][ C0] schedule+0x14b/0x320 [ 716.959409][ C0] schedule_preempt_disabled+0x13/0x30 [ 716.964907][ C0] __mutex_lock+0x6a4/0xd70 [ 716.969427][ C0] ? __mutex_lock+0x527/0xd70 [ 716.974147][ C0] ? linkwatch_event+0xe/0x60 [ 716.978863][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 716.983924][ C0] ? get_rtnl_holder+0x144/0x190 [ 716.988878][ C0] ? process_scheduled_works+0x945/0x1830 [ 716.994642][ C0] linkwatch_event+0xe/0x60 [ 716.999153][ C0] process_scheduled_works+0xa2c/0x1830 [ 717.004778][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 717.010790][ C0] ? assign_work+0x364/0x3d0 [ 717.015436][ C0] worker_thread+0x86d/0xd40 [ 717.020066][ C0] ? __kthread_parkme+0x169/0x1d0 [ 717.025169][ C0] ? __pfx_worker_thread+0x10/0x10 [ 717.030314][ C0] kthread+0x2f0/0x390 [ 717.034426][ C0] ? __pfx_worker_thread+0x10/0x10 [ 717.039572][ C0] ? __pfx_kthread+0x10/0x10 [ 717.044216][ C0] ret_from_fork+0x4b/0x80 [ 717.048670][ C0] ? __pfx_kthread+0x10/0x10 [ 717.053262][ C0] ret_from_fork_asm+0x1a/0x30 [ 717.058069][ C0] [ 717.061088][ C0] DEBUG: waiting rtnl_mutex for 681 jiffies. [ 717.067086][ C0] task:syz.2.2126 state:D stack:26816 pid:13668 tgid:13667 ppid:12101 flags:0x00000004 [ 717.077278][ C0] Call Trace: [ 717.080561][ C0] [ 717.083539][ C0] __schedule+0x1800/0x4a60 [ 717.088085][ C0] ? __pfx___schedule+0x10/0x10 [ 717.092948][ C0] ? __pfx_lock_release+0x10/0x10 [ 717.098006][ C0] ? __mutex_trylock_common+0x92/0x2e0 [ 717.103517][ C0] ? schedule+0x90/0x320 [ 717.107789][ C0] schedule+0x14b/0x320 [ 717.111958][ C0] schedule_preempt_disabled+0x13/0x30 [ 717.117445][ C0] __mutex_lock+0x6a4/0xd70 [ 717.121961][ C0] ? __mutex_lock+0x527/0xd70 [ 717.126670][ C0] ? do_ip_setsockopt+0x127d/0x3cd0 [ 717.131879][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 717.136942][ C0] ? get_rtnl_holder+0x144/0x190 [ 717.141903][ C0] do_ip_setsockopt+0x127d/0x3cd0 [ 717.146992][ C0] ? __pfx_do_ip_setsockopt+0x10/0x10 [ 717.152380][ C0] ? aa_sk_perm+0x96d/0xab0 [ 717.156924][ C0] ? __pfx_aa_sk_perm+0x10/0x10 [ 717.161813][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 717.166899][ C0] ? aa_sock_opt_perm+0x79/0x120 [ 717.171879][ C0] ip_setsockopt+0x63/0x100 [ 717.176408][ C0] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 717.182307][ C0] do_sock_setsockopt+0x3af/0x720 [ 717.187368][ C0] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 717.192913][ C0] ? __fget_files+0x29/0x470 [ 717.197527][ C0] ? __fget_files+0x3f6/0x470 [ 717.202215][ C0] __sys_setsockopt+0x1ae/0x250 [ 717.207088][ C0] __x64_sys_setsockopt+0xb5/0xd0 [ 717.212122][ C0] do_syscall_64+0xf3/0x230 [ 717.216650][ C0] ? clear_bhb_loop+0x35/0x90 [ 717.221334][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 717.227264][ C0] RIP: 0033:0x7fd3bf975f19 [ 717.231684][ C0] RSP: 002b:00007fd3c0682048 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 717.240114][ C0] RAX: ffffffffffffffda RBX: 00007fd3bfb05f60 RCX: 00007fd3bf975f19 [ 717.248144][ C0] RDX: 000000000000002a RSI: 0000000000000000 RDI: 0000000000000003 [ 717.256154][ C0] RBP: 00007fd3bf9e4e68 R08: 0000000000000088 R09: 0000000000000000 [ 717.264149][ C0] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000000 [ 717.272134][ C0] R13: 000000000000000b R14: 00007fd3bfb05f60 R15: 00007ffef6347b68 [ 717.280139][ C0] [ 717.283156][ C0] DEBUG: waiting rtnl_mutex for 697 jiffies. [ 717.289155][ C0] task:syz.2.2126 state:D stack:27392 pid:13669 tgid:13667 ppid:12101 flags:0x00000004 [ 717.299344][ C0] Call Trace: [ 717.302628][ C0] [ 717.305591][ C0] __schedule+0x1800/0x4a60 [ 717.310150][ C0] ? __pfx___schedule+0x10/0x10 [ 717.315067][ C0] ? __pfx_lock_release+0x10/0x10 [ 717.320101][ C0] ? __mutex_trylock_common+0x92/0x2e0 [ 717.325589][ C0] ? schedule+0x90/0x320 [ 717.329830][ C0] schedule+0x14b/0x320 [ 717.334003][ C0] schedule_preempt_disabled+0x13/0x30 [ 717.339456][ C0] __mutex_lock+0x6a4/0xd70 [ 717.344094][ C0] ? __mutex_lock+0x527/0xd70 [ 717.348803][ C0] ? do_ip_setsockopt+0x127d/0x3cd0 [ 717.354055][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 717.359095][ C0] ? get_rtnl_holder+0x144/0x190 [ 717.364097][ C0] do_ip_setsockopt+0x127d/0x3cd0 [ 717.369135][ C0] ? __pfx_do_ip_setsockopt+0x10/0x10 [ 717.374526][ C0] ? aa_sk_perm+0x96d/0xab0 [ 717.379033][ C0] ? __pfx_aa_sk_perm+0x10/0x10 [ 717.383926][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 717.388983][ C0] ? aa_sock_opt_perm+0x79/0x120 [ 717.393961][ C0] ip_setsockopt+0x63/0x100 [ 717.398576][ C0] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 717.404494][ C0] do_sock_setsockopt+0x3af/0x720 [ 717.409524][ C0] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 717.415087][ C0] ? __fget_files+0x29/0x470 [ 717.419673][ C0] ? __fget_files+0x3f6/0x470 [ 717.424376][ C0] __sys_setsockopt+0x1ae/0x250 [ 717.429249][ C0] __x64_sys_setsockopt+0xb5/0xd0 [ 717.434296][ C0] do_syscall_64+0xf3/0x230 [ 717.438808][ C0] ? clear_bhb_loop+0x35/0x90 [ 717.443497][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 717.449421][ C0] RIP: 0033:0x7fd3bf975f19 [ 717.453876][ C0] RSP: 002b:00007fd3c0661048 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 717.462290][ C0] RAX: ffffffffffffffda RBX: 00007fd3bfb06038 RCX: 00007fd3bf975f19 [ 717.470286][ C0] RDX: 000000000000002a RSI: 0000000000000000 RDI: 0000000000000003 [ 717.478268][ C0] RBP: 00007fd3bf9e4e68 R08: 0000000000000088 R09: 0000000000000000 [ 717.486248][ C0] R10: 0000000020001040 R11: 0000000000000246 R12: 0000000000000000 [ 717.494248][ C0] R13: 000000000000006e R14: 00007fd3bfb06038 R15: 00007ffef6347b68 [ 717.502251][ C0] [ 717.505323][ C0] [ 717.505323][ C0] Showing all locks held in the system: [ 717.513047][ C0] 3 locks held by kworker/0:1/9: [ 717.518001][ C0] #0: ffff888015880948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 717.529033][ C0] #1: ffffc900000e7d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 717.540037][ C0] #2: ffffffff8fc82688 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60 [ 717.549048][ C0] 2 locks held by getty/4979: [ 717.553751][ C0] #0: ffff88802f6310a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 717.563713][ C0] #1: ffffc900031232f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10 [ 717.573861][ C0] 3 locks held by kworker/u8:19/6697: [ 717.579240][ C0] #0: ffff88802a990148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 717.590835][ C0] #1: ffffc90003bdfd00 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 717.603687][ C0] #2: ffffffff8fc82688 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_dad_work+0xd0/0x16f0 [ 717.613167][ C0] 3 locks held by syz-executor/13264: [ 717.618560][ C0] #0: ffffffff8fce80d0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40 [ 717.626764][ C0] #1: ffffffff8fce7f88 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg+0x121/0xec0 [ 717.635763][ C0] #2: ffffffff8fc82688 (rtnl_mutex){+.+.}-{3:3}, at: ieee80211_register_hw+0x2c4e/0x3e10 [ 717.645723][ C0] 2 locks held by syz.1.2122/13654: [ 717.650914][ C0] #0: ffffffff8fc82688 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3e/0x1b0 [ 717.659914][ C0] #1: ffffffff8e93ce38 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x381/0x830 [ 717.670857][ C0] 1 lock held by syz.2.2126/13668: [ 717.675972][ C0] #0: ffffffff8fc82688 (rtnl_mutex){+.+.}-{3:3}, at: do_ip_setsockopt+0x127d/0x3cd0 [ 717.685486][ C0] 1 lock held by syz.2.2126/13669: [ 717.690589][ C0] #0: ffffffff8fc82688 (rtnl_mutex){+.+.}-{3:3}, at: do_ip_setsockopt+0x127d/0x3cd0 [ 717.700117][ C0] 1 lock held by syz.2.2126/13670: [ 717.705246][ C0] #0: ffffffff8fc82688 (rtnl_mutex){+.+.}-{3:3}, at: do_ip_setsockopt+0x127d/0x3cd0 [ 717.714772][ C0] 1 lock held by syz.2.2126/13671: [ 717.719908][ C0] #0: ffffffff8fc82688 (rtnl_mutex){+.+.}-{3:3}, at: do_ip_getsockopt+0x10f5/0x2940 [ 717.729433][ C0] 2 locks held by syz.0.2131/13703: [ 717.734633][ C0] #0: ffffffff8fc75b10 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x4c6/0x7b0 [ 717.744080][ C0] #1: ffffffff8fc82688 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 717.754112][ C0] 1 lock held by syz.3.2132/13707: [ 717.759235][ C0] #0: ffffffff8fc82688 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00 [ 717.768712][ C0] 1 lock held by syz.3.2132/13708: [ 717.773894][ C0] #0: ffffffff8fc82688 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00 [ 717.783309][ C0] [ 717.785643][ C0] ============================================= [ 717.785643][ C0] [ 718.399529][ T6697] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 718.453183][ T6697] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 718.464033][T13713] loop3: detected capacity change from 0 to 128 [ 718.502305][ T6688] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 718.518399][ T6688] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 718.573334][ T9137] sysv_free_block: flc_count > flc_size [ 718.603111][ T9137] sysv_free_block: flc_count > flc_size [ 718.624822][ T9137] sysv_free_block: flc_count > flc_size [ 718.630410][ T9137] sysv_free_block: flc_count > flc_size [ 718.653172][ T9137] sysv_free_block: flc_count > flc_size [ 718.685081][ T9137] sysv_free_block: flc_count > flc_size [ 718.690660][ T9137] sysv_free_block: flc_count > flc_size [ 718.722130][ T9137] sysv_free_block: flc_count > flc_size [ 718.739789][ T9137] sysv_free_block: flc_count > flc_size [ 718.751117][T13721] netlink: 'syz.4.2023': attribute type 2 has an invalid length. [ 718.758542][ T9137] sysv_free_block: flc_count > flc_size [ 718.758876][T13721] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2023'. [ 718.770690][T13718] loop1: detected capacity change from 0 to 1024 [ 718.780605][T13722] loop0: detected capacity change from 0 to 512 [ 718.789120][T13724] netlink: 'syz.2.2139': attribute type 1 has an invalid length. [ 718.798261][T13718] EXT4-fs: Ignoring removed mblk_io_submit option [ 718.798855][ T9137] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 718.803303][T13722] ext4: Unknown parameter 'noacl' [ 718.805404][T13724] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2139'. [ 718.927980][T13718] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 718.935153][T13729] loop3: detected capacity change from 0 to 128 [ 719.049167][T13239] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 719.058245][T13729] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 719.058558][T13729] ext4 filesystem being mounted at /320/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 719.260314][ T9137] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 719.611508][T13758] netlink: 'syz.0.2150': attribute type 1 has an invalid length. [ 719.612343][T13759] loop3: detected capacity change from 0 to 2048 [ 719.650965][T13758] netlink: 224 bytes leftover after parsing attributes in process `syz.0.2150'. [ 719.660625][T13761] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 719.934052][ T5229] Bluetooth: hci4: unexpected event for opcode 0x0c6d [ 719.952926][T13766] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 719.970830][T13767] loop0: detected capacity change from 0 to 512 [ 720.066776][T13768] loop2: detected capacity change from 0 to 4096 [ 720.075367][T13767] EXT4-fs (loop0): orphan cleanup on readonly fs [ 720.081822][T13767] Quota error (device loop0): v2_read_header: Failed header read: expected=8 got=0 [ 720.084997][T13768] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512). [ 720.094065][T13767] EXT4-fs warning (device loop0): ext4_enable_quotas:7066: Failed to enable quota tracking (type=0, err=-22, ino=3). Please run e2fsck to fix. [ 720.116987][T13767] EXT4-fs (loop0): Cannot turn on quotas: error -22 [ 720.127690][T13767] EXT4-fs (loop0): 1 truncate cleaned up [ 720.134598][T13767] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 720.143201][T13774] bridge0: entered promiscuous mode [ 720.245996][T12039] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 720.382194][T13770] block device autoloading is deprecated and will be removed. [ 720.460624][T13769] bridge0: left promiscuous mode [ 720.508855][T13768] ntfs3: loop2: ino=1d, "file0" attr_set_size [ 720.609855][T13791] tmpfs: Bad value for 'mpol' [ 720.631013][T13789] loop1: detected capacity change from 0 to 2048 [ 720.658407][T13791] vlan2: entered promiscuous mode [ 720.678488][T13791] bond0: entered promiscuous mode [ 720.693449][T13791] bond_slave_0: entered promiscuous mode [ 720.714358][T13791] bond_slave_1: entered promiscuous mode [ 720.725133][T13797] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 720.746638][T13791] bond0: left promiscuous mode [ 720.754909][T13791] bond_slave_0: left promiscuous mode [ 720.760665][T13791] bond_slave_1: left promiscuous mode [ 721.132842][T13811] loop3: detected capacity change from 0 to 512 [ 721.164292][T13811] EXT4-fs (loop3): orphan cleanup on readonly fs [ 721.181174][T13811] Quota error (device loop3): v2_read_header: Failed header read: expected=8 got=0 [ 721.241688][T13811] EXT4-fs warning (device loop3): ext4_enable_quotas:7066: Failed to enable quota tracking (type=0, err=-22, ino=3). Please run e2fsck to fix. [ 721.292588][T13811] EXT4-fs (loop3): Cannot turn on quotas: error -22 [ 721.310685][T13811] EXT4-fs (loop3): 1 truncate cleaned up [ 721.320886][T13811] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 721.392631][ T9137] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 721.428502][ T52] usb 1-1: new high-speed USB device number 24 using dummy_hcd [ 721.479202][T13824] netlink: 'syz.2.2174': attribute type 7 has an invalid length. [ 721.555973][T13824] Êü: entered promiscuous mode [ 721.655050][ T5280] usb 5-1: new high-speed USB device number 19 using dummy_hcd [ 721.735222][ T52] usb 1-1: Using ep0 maxpacket: 8 [ 721.783046][ T52] usb 1-1: config 0 has no interfaces? [ 721.879594][ T52] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 721.935168][ T5280] usb 5-1: Using ep0 maxpacket: 32 [ 721.991751][ T5280] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 32 [ 722.010728][ T52] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 722.229578][ T52] usb 1-1: Product: syz [ 722.233799][ T52] usb 1-1: Manufacturer: syz [ 722.239078][ T52] usb 1-1: SerialNumber: syz [ 722.247756][ T5280] usb 5-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 722.266467][ T5229] Bluetooth: hci4: command 0x0406 tx timeout [ 722.281091][ T52] usb 1-1: config 0 descriptor?? [ 722.287078][ T5280] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 722.305278][ T5280] usb 5-1: Product: syz [ 722.311998][ T5280] usb 5-1: Manufacturer: syz [ 722.316844][ T5280] usb 5-1: SerialNumber: syz [ 722.324299][ T5280] usb 5-1: config 0 descriptor?? [ 722.331738][T13820] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 722.359149][ T5280] hub 5-1:0.0: bad descriptor, ignoring hub [ 722.370401][ T5280] hub 5-1:0.0: probe with driver hub failed with error -5 [ 722.385391][ T5280] input: syz syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input25 [ 722.711828][ T5280] usb 5-1: USB disconnect, device number 19 [ 722.717753][ C1] usbtouchscreen 5-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19 [ 722.935023][ T9255] usb 1-1: USB disconnect, device number 24 [ 722.959131][T13844] loop1: detected capacity change from 0 to 256 [ 723.038438][T13842] loop2: detected capacity change from 0 to 8192 [ 723.069298][T13842] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 723.314635][T13854] loop1: detected capacity change from 0 to 256 [ 723.338649][T13854] FAT-fs (loop1): bogus sectors per cluster 223 [ 723.345894][T13850] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 723.379731][T13854] FAT-fs (loop1): Can't find a valid FAT filesystem [ 723.424700][T13854] loop1: detected capacity change from 0 to 8 [ 723.776698][T13870] loop0: detected capacity change from 0 to 1024 [ 723.795721][ T5287] usb 2-1: new high-speed USB device number 32 using dummy_hcd [ 724.004174][ T5229] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0 [ 724.014754][ T5229] Bluetooth: hci4: Injecting HCI hardware error event [ 724.026075][ T5229] Bluetooth: hci4: hardware error 0x00 [ 724.153742][ T5287] usb 2-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 725.944924][ T5246] Bluetooth: hci2: command 0x0406 tx timeout [ 725.972551][ T5287] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 726.021212][ T5287] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 726.039793][ T5287] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 726.049097][ T5287] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 726.059424][ T5287] usb 2-1: Product: syz [ 726.063625][ T5287] usb 2-1: Manufacturer: syz [ 726.070298][ T5287] usb 2-1: SerialNumber: syz [ 726.127100][ T5287] cdc_ncm 2-1:1.0: CDC Union missing and no IAD found [ 726.136458][ T5287] cdc_ncm 2-1:1.0: bind() failure [ 726.388190][ T5287] usb 2-1: USB disconnect, device number 32 [ 727.321407][T13886] loop2: detected capacity change from 0 to 2048 [ 727.374710][T13894] loop0: detected capacity change from 0 to 2048 [ 727.411452][T13886] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 727.461702][T13886] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 727.490955][T13897] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 727.511918][T13891] loop1: detected capacity change from 0 to 8192 [ 727.547425][T13891] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 727.625391][T13886] Process accounting resumed [ 728.026714][ T5229] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 728.071907][T13913] loop0: detected capacity change from 0 to 256 [ 728.097509][T13913] exFAT-fs (loop0): failed to load upcase table (idx : 0x00011a37, chksum : 0xd675b107, utbl_chksum : 0xe619d30d) [ 728.620414][T13921] loop1: detected capacity change from 0 to 32768 [ 728.635469][T13927] netlink: 'syz.2.2208': attribute type 7 has an invalid length. [ 728.644894][T13927] openvswitch: Êü: Dropping previously announced user features [ 728.774507][T13921] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 728.893530][ T9255] usb 4-1: new high-speed USB device number 31 using dummy_hcd [ 728.915982][T13921] XFS (loop1): Ending clean mount [ 728.930601][T13921] XFS (loop1): Quotacheck needed: Please wait. [ 729.066360][T13940] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 729.110248][T13921] XFS (loop1): Quotacheck: Done. [ 729.188666][ T9255] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 729.360045][ T9255] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 729.432650][ T9255] usb 4-1: config 0 descriptor?? [ 729.510511][ T9255] cp210x 4-1:0.0: cp210x converter detected [ 729.600531][T13944] loop2: detected capacity change from 0 to 128 [ 729.903545][T13239] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 729.974811][T13952] syz.4.2213[13952] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 729.974983][T13952] syz.4.2213[13952] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 730.181580][T13944] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 730.812024][ T9255] cp210x 4-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 730.847418][T13944] ext4 filesystem being mounted at /99/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 731.054858][ T9255] usb 4-1: cp210x converter now attached to ttyUSB0 [ 731.191502][T12101] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 731.212805][T13961] loop0: detected capacity change from 0 to 512 [ 731.220181][T13961] EXT4-fs: Ignoring removed nomblk_io_submit option [ 731.239580][T13961] EXT4-fs: old and new quota format mixing [ 731.292938][ T9] usb 4-1: USB disconnect, device number 31 [ 731.324305][ T9] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 731.383037][ T9] cp210x 4-1:0.0: device disconnected [ 731.445164][T13961] loop0: detected capacity change from 0 to 4096 [ 731.517941][T13969] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 731.545997][ T29] audit: type=1800 audit(1721918597.679:441): pid=13961 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2218" name="file1" dev="loop0" ino=15 res=0 errno=0 [ 731.800780][T13982] loop1: detected capacity change from 0 to 256 [ 731.819299][T13982] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011a37, chksum : 0xd675b107, utbl_chksum : 0xe619d30d) [ 732.059269][T13987] loop2: detected capacity change from 0 to 512 [ 732.077662][T13987] EXT4-fs (loop2): blocks per group (71) and clusters per group (32768) inconsistent [ 732.132943][T13991] loop1: detected capacity change from 0 to 128 [ 732.205196][T13991] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 732.226736][T13991] ext4 filesystem being mounted at /24/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 732.349494][T13993] loop0: detected capacity change from 0 to 512 [ 732.371810][T13993] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 732.408705][T13239] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 732.563506][T13997] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 732.770670][T13993] EXT4-fs (loop0): warning: checktime reached, running e2fsck is recommended [ 733.107010][T13993] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c01c, mo2=0002] [ 733.130419][T13993] System zones: 0-2, 18-18, 34-34 [ 733.170922][T13993] EXT4-fs error (device loop0): ext4_orphan_get:1417: comm syz.0.2226: bad orphan inode 15 [ 733.229202][T13993] ext4_test_bit(bit=14, block=18) = 1 [ 733.234655][T13993] is_bad_inode(inode)=0 [ 733.239762][T13993] NEXT_ORPHAN(inode)=2264924160 [ 733.244829][T13993] max_ino=32 [ 733.248347][T13993] i_nlink=0 [ 733.251673][T13993] EXT4-fs warning (device loop0): ext4_update_dynamic_rev:1137: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 733.270798][T13993] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.2226: bg 0: block 80: padding at end of block bitmap is not set [ 733.285599][T13993] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6551: Corrupt filesystem [ 733.296431][T13993] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 733.889824][T14001] loop1: detected capacity change from 0 to 65536 [ 734.608710][T14001] XFS (loop1): Mounting V5 Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2 [ 734.664919][T12039] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 734.666232][T14005] syzkaller1: entered promiscuous mode [ 734.686939][T14005] syzkaller1: entered allmulticast mode [ 734.717760][T14001] XFS (loop1): Ending clean mount [ 734.724440][T14001] XFS (loop1): Quotacheck needed: Please wait. [ 734.856368][T14001] XFS (loop1): Quotacheck: Done. [ 734.934419][T14024] loop0: detected capacity change from 0 to 512 [ 736.142701][T14024] EXT4-fs: Ignoring removed nomblk_io_submit option [ 736.196431][T14024] EXT4-fs: old and new quota format mixing [ 736.436598][T13239] XFS (loop1): Unmounting Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2 [ 736.460388][T14039] loop3: detected capacity change from 0 to 512 [ 736.522323][T14024] loop0: detected capacity change from 0 to 4096 [ 736.554795][T14043] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 736.577471][ T5280] usb 3-1: new high-speed USB device number 30 using dummy_hcd [ 736.587284][T14039] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 736.607640][T14039] ext4 filesystem being mounted at /334/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 736.649256][ T29] audit: type=1800 audit(1721918602.798:442): pid=14024 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2237" name="file1" dev="loop0" ino=15 res=0 errno=0 [ 736.669785][ C1] vkms_vblank_simulate: vblank timer overrun [ 736.813800][T14049] loop4: detected capacity change from 0 to 512 [ 736.828945][ T5280] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 736.850763][ T5280] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 736.895804][ T5280] usb 3-1: config 0 descriptor?? [ 736.914427][T14049] loop4: detected capacity change from 0 to 128 [ 736.929458][ T5280] cp210x 3-1:0.0: cp210x converter detected [ 736.973404][ T9137] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 737.247958][T14053] loop0: detected capacity change from 0 to 512 [ 737.278776][T14053] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 737.347878][T14053] EXT4-fs (loop0): warning: checktime reached, running e2fsck is recommended [ 737.395347][ T5280] cp210x 3-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 737.616851][T14053] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c01c, mo2=0002] [ 737.878562][ T5280] usb 3-1: cp210x converter now attached to ttyUSB0 [ 737.887709][T14053] System zones: 0-2, 18-18, 34-34 [ 737.902280][T14048] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 737.913996][T14053] EXT4-fs error (device loop0): ext4_orphan_get:1417: comm syz.0.2245: bad orphan inode 15 [ 737.975997][T14053] ext4_test_bit(bit=14, block=18) = 1 [ 737.998686][T14053] is_bad_inode(inode)=0 [ 738.002897][T14053] NEXT_ORPHAN(inode)=2264924160 [ 738.056382][ T52] usb 3-1: USB disconnect, device number 30 [ 738.064701][T14053] max_ino=32 [ 738.075421][ T52] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 738.083455][T14053] i_nlink=0 [ 738.086848][T14053] EXT4-fs warning (device loop0): ext4_update_dynamic_rev:1137: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 738.108853][ T52] cp210x 3-1:0.0: device disconnected [ 738.149222][T14053] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.2245: bg 0: block 80: padding at end of block bitmap is not set [ 738.211108][T14053] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6551: Corrupt filesystem [ 738.247915][T14053] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 739.602992][T12039] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 739.740156][T14076] syzkaller1: entered promiscuous mode [ 739.746795][T14076] syzkaller1: entered allmulticast mode [ 739.950778][ C1] eth0: bad gso: type: 1, size: 1408 [ 740.159192][ T52] usb 5-1: new high-speed USB device number 20 using dummy_hcd [ 740.203086][T14096] loop2: detected capacity change from 0 to 8192 [ 740.268412][ T29] audit: type=1800 audit(1721918606.408:443): pid=14096 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2260" name="bus" dev="loop2" ino=1048801 res=0 errno=0 [ 740.348026][ T52] usb 5-1: Using ep0 maxpacket: 32 [ 740.368498][T14098] loop0: detected capacity change from 0 to 64 [ 740.376238][ T52] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 32 [ 740.403025][ T52] usb 5-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 740.416159][ T52] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 740.446933][ T52] usb 5-1: Product: syz [ 740.457067][ T52] usb 5-1: Manufacturer: syz [ 740.472434][ T52] usb 5-1: SerialNumber: syz [ 740.487210][ T52] usb 5-1: config 0 descriptor?? [ 740.505417][T14084] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 740.514353][ T52] hub 5-1:0.0: bad descriptor, ignoring hub [ 740.534542][ T52] hub 5-1:0.0: probe with driver hub failed with error -5 [ 740.565137][ T52] input: syz syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input26 [ 740.810313][ T5280] usb 5-1: USB disconnect, device number 20 [ 740.816363][ C1] usbtouchscreen 5-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19 [ 740.829022][T12101] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 740.837578][T12101] FAT-fs (loop2): Filesystem has been set read-only [ 740.865029][T12101] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 740.897895][ T9] usb 1-1: new high-speed USB device number 25 using dummy_hcd [ 741.022043][T14100] loop1: detected capacity change from 0 to 32768 [ 741.043553][T14100] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.2262 (14100) [ 741.076863][T12101] syz_tun (unregistering): left promiscuous mode [ 741.093416][T14100] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 741.134316][T14100] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 741.148551][T14100] BTRFS info (device loop1): using free-space-tree [ 741.159419][ T9] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 741.197514][ T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 741.218014][ T9] usb 1-1: config 0 descriptor?? [ 741.244735][ T9] cp210x 1-1:0.0: cp210x converter detected [ 741.443080][ T3335] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 741.479608][ T8] usb 4-1: new high-speed USB device number 32 using dummy_hcd [ 741.659686][T13239] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 741.689968][ T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 741.711117][ T9] cp210x 1-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 741.745459][ T8] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 741.864207][ T8] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 741.901200][ T3335] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 741.904211][ T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 742.027233][ T8] usb 4-1: config 0 descriptor?? [ 742.036055][ T9] usb 1-1: cp210x converter now attached to ttyUSB0 [ 742.163058][ T3335] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 742.334496][ T9] usb 1-1: USB disconnect, device number 25 [ 742.368846][ T9] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 742.413496][ T9] cp210x 1-1:0.0: device disconnected [ 742.506711][ T8] plantronics 0003:047F:FFFF.000E: No inputs registered, leaving [ 742.513388][ T3335] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 742.543391][ T8] plantronics 0003:047F:FFFF.000E: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 742.682289][ T5245] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 742.738568][ T5245] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 742.751507][ T5245] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 742.767542][ T5245] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 742.776906][ T5245] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 742.784397][ T5245] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 743.242334][ T3335] bridge_slave_1: left allmulticast mode [ 743.253529][ T3335] bridge_slave_1: left promiscuous mode [ 743.283669][ T3335] bridge0: port 2(bridge_slave_1) entered disabled state [ 743.335574][ T3335] bridge_slave_0: left allmulticast mode [ 743.358217][ T3335] bridge_slave_0: left promiscuous mode [ 743.426711][ T3335] bridge0: port 1(bridge_slave_0) entered disabled state [ 743.493551][T14150] loop0: detected capacity change from 0 to 1024 [ 743.578778][T14148] loop1: detected capacity change from 0 to 8192 [ 743.608396][T14148] vfat: Unknown parameter '' [ 743.872026][T14151] input: syz0 as /devices/virtual/input/input27 [ 744.027220][T14142] loop4: detected capacity change from 0 to 40427 [ 744.043057][T14142] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 744.052934][T14142] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 744.107057][T14142] F2FS-fs (loop4): Found nat_bits in checkpoint [ 744.288377][T14142] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 744.301798][T14142] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 744.399469][ T6697] hfsplus: b-tree write err: -5, ino 4 [ 744.463816][T14148] loop1: detected capacity change from 0 to 512 [ 744.666656][ T940] usb 4-1: USB disconnect, device number 32 [ 744.748848][T14148] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.2275: bg 0: block 248: padding at end of block bitmap is not set [ 744.809090][T14148] Quota error (device loop1): write_blk: dquota write failed [ 744.823419][T14148] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 744.840327][ T5245] Bluetooth: hci5: command tx timeout [ 744.861895][T14148] EXT4-fs error (device loop1): ext4_acquire_dquot:6848: comm syz.1.2275: Failed to acquire dquot type 1 [ 744.930137][T14148] EXT4-fs (loop1): 1 truncate cleaned up [ 744.948223][T14148] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 745.001222][T14148] ext4 filesystem being mounted at /35/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 745.468496][T13264] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix. [ 745.498069][T13264] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix. [ 745.526049][T13264] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix. [ 745.548769][ T3335] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 745.554073][T13264] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix. [ 745.588079][T13264] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix. [ 745.595687][T13264] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix. [ 745.604064][ T3335] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 745.626172][T13264] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix. [ 745.654113][ T3335] bond0 (unregistering): Released all slaves [ 745.744319][T14168] loop3: detected capacity change from 0 to 32768 [ 745.798438][T14168] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.2279 (14168) [ 745.814947][ T3335] Êü: left promiscuous mode [ 745.867573][T13239] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 745.893390][T14168] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 745.903923][T14168] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 745.930663][T14168] BTRFS info (device loop3): using free-space-tree [ 746.908333][ T5245] Bluetooth: hci5: command tx timeout [ 747.241268][T14138] chnl_net:caif_netlink_parms(): no params data found [ 747.443227][ T9137] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 747.464876][ T3335] batadv_slave_0: left promiscuous mode [ 747.490854][ T3335] hsr_slave_0: left promiscuous mode [ 747.559047][ T3335] hsr_slave_1: left promiscuous mode [ 747.608394][ T3335] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 747.626569][ T3335] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 747.660459][ T3335] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 747.677170][ T3335] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 747.804253][ T3335] veth1_macvtap: left promiscuous mode [ 747.825562][ T3335] veth0_macvtap: left promiscuous mode [ 747.840116][ T3335] veth1_vlan: left promiscuous mode [ 747.934593][T14279] loop1: detected capacity change from 0 to 8192 [ 747.976805][ T1269] ieee802154 phy0 wpan0: encryption failed: -22 [ 747.984209][ T1269] ieee802154 phy1 wpan1: encryption failed: -22 [ 748.000143][ T3335] veth0_vlan: left promiscuous mode [ 748.331950][ T29] audit: type=1800 audit(1721918614.287:444): pid=14279 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2289" name="bus" dev="loop1" ino=1048828 res=0 errno=0 [ 748.741693][ T29] audit: type=1804 audit(1721918614.447:445): pid=14287 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.2289" name="/newroot/38/bus/bus" dev="loop1" ino=1048828 res=1 errno=0 [ 748.823809][T13239] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 748.840202][T13239] FAT-fs (loop1): Filesystem has been set read-only [ 748.849968][T13239] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 748.990594][ T5245] Bluetooth: hci5: command tx timeout [ 749.006848][ T3335] pimreg (unregistering): left allmulticast mode [ 749.183562][T14295] loop3: detected capacity change from 0 to 256 [ 749.265291][T14295] FAT-fs (loop3): Directory bread(block 64) failed [ 749.277641][T14295] FAT-fs (loop3): Directory bread(block 65) failed [ 749.291119][T14295] FAT-fs (loop3): Directory bread(block 66) failed [ 749.311901][T14295] FAT-fs (loop3): Directory bread(block 67) failed [ 749.318993][T14295] FAT-fs (loop3): Directory bread(block 68) failed [ 749.325662][T14295] FAT-fs (loop3): Directory bread(block 69) failed [ 749.332535][T14295] FAT-fs (loop3): Directory bread(block 70) failed [ 749.339276][T14295] FAT-fs (loop3): Directory bread(block 71) failed [ 749.345958][T14295] FAT-fs (loop3): Directory bread(block 72) failed [ 749.356299][T14295] FAT-fs (loop3): Directory bread(block 73) failed [ 749.393665][T14295] syz.3.2292: attempt to access beyond end of device [ 749.393665][T14295] loop3: rw=524288, sector=1160, nr_sectors = 4 limit=256 [ 749.425651][T14295] syz.3.2292: attempt to access beyond end of device [ 749.425651][T14295] loop3: rw=0, sector=1160, nr_sectors = 4 limit=256 [ 749.450378][ T29] audit: type=1800 audit(1721918615.587:446): pid=14295 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2292" name="file0" dev="loop3" ino=1048855 res=0 errno=0 [ 749.852267][ T3335] team0 (unregistering): Port device team_slave_1 removed [ 749.940594][ T3335] team0 (unregistering): Port device team_slave_0 removed [ 750.737751][T14138] bridge0: port 1(bridge_slave_0) entered blocking state [ 750.768958][T14138] bridge0: port 1(bridge_slave_0) entered disabled state [ 750.776257][T14138] bridge_slave_0: entered allmulticast mode [ 750.804657][T14138] bridge_slave_0: entered promiscuous mode [ 750.813974][T14138] bridge0: port 2(bridge_slave_1) entered blocking state [ 750.824638][T14138] bridge0: port 2(bridge_slave_1) entered disabled state [ 750.839473][T14138] bridge_slave_1: entered allmulticast mode [ 750.849976][T14138] bridge_slave_1: entered promiscuous mode [ 750.918703][T14299] netlink: 'syz.3.2294': attribute type 12 has an invalid length. [ 751.054598][T14138] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 751.070628][ T5245] Bluetooth: hci5: command tx timeout [ 751.073430][T14138] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 751.286842][T14138] team0: Port device team_slave_0 added [ 751.331937][T14138] team0: Port device team_slave_1 added [ 751.435884][T14138] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 751.455707][T14138] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 751.499149][T14138] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 751.512049][T14138] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 751.519160][T14138] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 751.545235][T14138] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 751.846989][T14138] hsr_slave_0: entered promiscuous mode [ 751.909165][T14329] program syz.3.2308 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 751.932039][T14138] hsr_slave_1: entered promiscuous mode [ 752.746775][T14138] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 752.764790][T14138] Cannot create hsr debugfs directory [ 753.200326][ T5287] usb 4-1: new high-speed USB device number 33 using dummy_hcd [ 753.212142][ T29] audit: type=1804 audit(1721918619.347:447): pid=14345 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.2313" name="/newroot/144/bus/bus" dev="overlay" ino=809 res=1 errno=0 [ 753.218645][T14345] Invalid ELF header magic: != ELF [ 753.240842][ T5229] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 753.258871][ T5229] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 753.270600][ T5229] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 753.280844][ T5229] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 753.289756][ T5229] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 753.298846][ T5229] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 753.352351][T14349] loop4: detected capacity change from 0 to 256 [ 753.388375][ T3335] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 753.432527][T14349] FAT-fs (loop4): Directory bread(block 64) failed [ 753.441295][ T5287] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 753.455052][ T5287] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 753.457138][T14349] FAT-fs (loop4): Directory bread(block 65) failed [ 753.475118][ T5287] usb 4-1: config 0 descriptor?? [ 753.476277][T14349] FAT-fs (loop4): Directory bread(block 66) failed [ 753.486746][T14349] FAT-fs (loop4): Directory bread(block 67) failed [ 753.494938][T14349] FAT-fs (loop4): Directory bread(block 68) failed [ 753.504059][T14349] FAT-fs (loop4): Directory bread(block 69) failed [ 753.512297][T14349] FAT-fs (loop4): Directory bread(block 70) failed [ 753.513176][ T5287] cp210x 4-1:0.0: cp210x converter detected [ 753.519018][T14349] FAT-fs (loop4): Directory bread(block 71) failed [ 753.519128][T14349] FAT-fs (loop4): Directory bread(block 72) failed [ 753.519162][T14349] FAT-fs (loop4): Directory bread(block 73) failed [ 753.548009][T14349] syz.4.2314: attempt to access beyond end of device [ 753.548009][T14349] loop4: rw=524288, sector=1160, nr_sectors = 4 limit=256 [ 753.580470][T14349] syz.4.2314: attempt to access beyond end of device [ 753.580470][T14349] loop4: rw=0, sector=1160, nr_sectors = 4 limit=256 [ 753.600534][ T29] audit: type=1800 audit(1721918619.727:448): pid=14349 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2314" name="file0" dev="loop4" ino=1048856 res=0 errno=0 [ 753.690677][ T3335] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 753.752667][T14356] loop0: detected capacity change from 0 to 128 [ 753.784474][T14356] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 753.802171][T14356] ext4 filesystem being mounted at /147/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 753.882025][ T3335] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 753.916352][T14358] netlink: 'syz.4.2317': attribute type 21 has an invalid length. [ 753.930597][T14358] netlink: 156 bytes leftover after parsing attributes in process `syz.4.2317'. [ 753.955849][ T5287] cp210x 4-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 753.973151][T12039] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 754.006773][ T3335] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 754.335676][T14365] program syz.4.2320 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 754.349767][ T5287] usb 4-1: cp210x converter now attached to ttyUSB0 [ 755.229685][ T9] usb 4-1: USB disconnect, device number 33 [ 755.270463][ T9] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 755.316224][ T9] cp210x 4-1:0.0: device disconnected [ 755.375796][T14372] loop0: detected capacity change from 0 to 128 [ 755.399156][ T5245] Bluetooth: hci0: command tx timeout [ 755.422860][T14369] loop4: detected capacity change from 0 to 32768 [ 755.442940][T14372] ufs: ufs_fill_super(): fragment size 3263967611 is not a power of 2 [ 755.509423][T14369] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 755.525527][ T3335] bridge_slave_1: left allmulticast mode [ 755.525556][ T3335] bridge_slave_1: left promiscuous mode [ 755.525803][ T3335] bridge0: port 2(bridge_slave_1) entered disabled state [ 755.534369][ T3335] bridge_slave_0: left allmulticast mode [ 755.534401][ T3335] bridge_slave_0: left promiscuous mode [ 755.534591][ T3335] bridge0: port 1(bridge_slave_0) entered disabled state [ 755.609352][T14369] XFS (loop4): Ending clean mount [ 755.618282][T14369] XFS (loop4): Quotacheck needed: Please wait. [ 755.718931][T14369] XFS (loop4): Quotacheck: Done. [ 756.378741][ T29] audit: type=1804 audit(1721918622.517:449): pid=14387 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.2324" name="/newroot/349/bus/bus" dev="overlay" ino=1963 res=1 errno=0 [ 756.406492][T14385] loop0: detected capacity change from 0 to 40427 [ 756.414738][T14385] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 756.422614][T14385] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 756.445502][T14387] Invalid ELF header magic: != ELF [ 756.453856][T13264] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 756.465997][T14385] F2FS-fs (loop0): Found nat_bits in checkpoint [ 756.520202][T14385] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 756.527356][T14385] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 756.873041][T14392] cannot load conntrack support for proto=3 [ 757.469206][ T5245] Bluetooth: hci0: command tx timeout [ 759.548945][ T5245] Bluetooth: hci0: command tx timeout [ 759.588134][ T3335] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 759.689341][ T3335] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 759.734773][ T3335] bond0 (unregistering): Released all slaves [ 759.820506][T14408] loop4: detected capacity change from 0 to 32768 [ 759.830535][T14408] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.2331 (14408) [ 759.884356][T14408] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 759.918234][T14408] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 759.935158][T14419] loop0: detected capacity change from 0 to 512 [ 759.972683][T14408] BTRFS info (device loop4): using free-space-tree [ 760.056799][T14419] EXT4-fs: Ignoring removed nobh option [ 760.159280][T14419] fscrypt (loop0, inode 2): Error -61 getting encryption context [ 760.220931][T14419] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -61 [ 760.271265][T14419] EXT4-fs error (device loop0): ext4_orphan_get:1391: inode #13: comm syz.0.2334: casefold flag without casefold feature [ 760.331789][T14346] chnl_net:caif_netlink_parms(): no params data found [ 760.362067][T14419] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.2334: couldn't read orphan inode 13 (err -117) [ 760.443563][T14419] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 760.447832][T14138] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 760.613060][T13264] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 760.720843][T14138] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 760.784498][T14138] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 760.900383][ T3335] hsr_slave_0: left promiscuous mode [ 760.937904][ T3335] hsr_slave_1: left promiscuous mode [ 761.004444][ T3335] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 761.038664][ T3335] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 761.049277][T12039] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 761.058991][ T3335] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 761.088647][ T3335] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 761.207322][ T3335] veth1_macvtap: left promiscuous mode [ 761.213945][ T3335] veth0_macvtap: left promiscuous mode [ 761.228663][ T3335] veth1_vlan: left promiscuous mode [ 761.234248][ T3335] veth0_vlan: left promiscuous mode [ 761.610393][T14446] syz.0.2336: attempt to access beyond end of device [ 761.610393][T14446] nbd0: rw=0, sector=0, nr_sectors = 1 limit=0 [ 762.749559][ T5245] Bluetooth: hci0: command tx timeout [ 763.526862][T14453] loop0: detected capacity change from 0 to 40427 [ 763.536289][T14453] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 763.544097][T14453] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 763.584380][T14453] F2FS-fs (loop0): Found nat_bits in checkpoint [ 763.681842][T14453] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 763.688970][T14453] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 763.917104][T14465] cannot load conntrack support for proto=3 [ 764.554089][T14467] loop0: detected capacity change from 0 to 128 [ 764.604873][T14467] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 764.628011][T14467] ext4 filesystem being mounted at /157/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 764.810488][T12039] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 764.821888][ T3335] team0 (unregistering): Port device team_slave_1 removed [ 764.916674][T14471] loop0: detected capacity change from 0 to 512 [ 764.926925][ T3335] team0 (unregistering): Port device team_slave_0 removed [ 764.990830][T14471] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 765.007232][T14471] ext4 filesystem being mounted at /158/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 765.203688][T12039] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 765.519313][T14480] loop0: detected capacity change from 0 to 16 [ 765.532579][T14480] erofs: (device loop0): mounted with root inode @ nid 36. [ 766.412430][T14138] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 766.715471][T14346] bridge0: port 1(bridge_slave_0) entered blocking state [ 766.740552][T14346] bridge0: port 1(bridge_slave_0) entered disabled state [ 766.747847][T14346] bridge_slave_0: entered allmulticast mode [ 766.753884][T14487] loop0: detected capacity change from 0 to 256 [ 766.754666][T14487] exfat: Deprecated parameter 'utf8' [ 766.761161][T14455] netdevsim netdevsim3: Direct firmware load for ng failed with error -2 [ 766.782174][T14455] netdevsim netdevsim3: Falling back to sysfs fallback for: ng [ 766.796314][T14346] bridge_slave_0: entered promiscuous mode [ 766.798131][T14487] exfat: Unknown parameter 'dmaskW†”Mmô|' [ 766.824383][T14346] bridge0: port 2(bridge_slave_1) entered blocking state [ 766.878596][T14346] bridge0: port 2(bridge_slave_1) entered disabled state [ 766.886122][T14346] bridge_slave_1: entered allmulticast mode [ 766.894139][T14346] bridge_slave_1: entered promiscuous mode [ 767.894608][T14346] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 767.934292][T14346] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 768.182469][T14346] team0: Port device team_slave_0 added [ 768.218978][T14346] team0: Port device team_slave_1 added [ 769.073608][T14504] netlink: 'syz.3.2350': attribute type 3 has an invalid length. [ 769.158860][T14346] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 769.165936][T14346] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 769.204615][T14346] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 769.226068][T14346] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 769.234622][T14346] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 769.277039][T14510] loop0: detected capacity change from 0 to 64 [ 769.289437][T14346] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 769.438437][T14512] loop3: detected capacity change from 0 to 16 [ 769.451788][T14346] hsr_slave_0: entered promiscuous mode [ 769.460362][T14346] hsr_slave_1: entered promiscuous mode [ 769.468232][T14346] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 769.478353][T14512] erofs: (device loop3): mounted with root inode @ nid 36. [ 769.491291][T12039] hfs: walked past end of dir [ 769.506876][T14346] Cannot create hsr debugfs directory [ 769.779853][T14138] 8021q: adding VLAN 0 to HW filter on device bond0 [ 770.510377][T14497] loop4: detected capacity change from 0 to 40427 [ 770.522177][T14497] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 770.546134][T14497] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 770.561644][T14138] 8021q: adding VLAN 0 to HW filter on device team0 [ 770.579074][T14497] F2FS-fs (loop4): invalid crc value [ 770.623274][T14497] F2FS-fs (loop4): Found nat_bits in checkpoint [ 770.633024][ T52] bridge0: port 1(bridge_slave_0) entered blocking state [ 770.640206][ T52] bridge0: port 1(bridge_slave_0) entered forwarding state [ 770.661336][ T52] bridge0: port 2(bridge_slave_1) entered blocking state [ 770.668494][ T52] bridge0: port 2(bridge_slave_1) entered forwarding state [ 770.795858][T14497] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 770.827741][T14497] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 771.269417][T14138] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 771.471501][T14138] veth0_vlan: entered promiscuous mode [ 771.519413][T14138] veth1_vlan: entered promiscuous mode [ 771.567615][T14346] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 771.601120][T14346] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 771.612887][T14346] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 771.666398][T14138] veth0_macvtap: entered promiscuous mode [ 771.703381][T14346] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 771.796603][T14138] veth1_macvtap: entered promiscuous mode [ 772.277986][T14138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 772.548433][T14138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 772.578890][T14138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 772.609115][T14138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 772.650939][T14138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 772.677715][T14138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 772.728777][T14138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 772.744446][T14138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 772.755660][T14138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 772.766357][T14138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 772.776519][T14138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 772.787234][T14138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 772.802906][T14138] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 772.814295][T14138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 772.833434][T14534] loop4: detected capacity change from 0 to 2048 [ 772.840347][T14138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 772.850324][T14138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 772.863067][T14534] udf: Bad value for 'rootdir' [ 772.868755][T14138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 772.887458][T14138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 772.908306][T14138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 772.927201][T14138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 772.937817][T14138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 772.947768][T14138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 772.960199][T14138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 772.970210][T14138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 772.980824][T14138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 772.994523][T14138] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 773.054542][T14138] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 773.069317][T14138] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 773.088794][T14138] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 773.097570][T14138] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 773.189004][ T5339] usb 5-1: new high-speed USB device number 21 using dummy_hcd [ 773.298192][T14209] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 773.330982][T14209] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 773.397886][T14346] 8021q: adding VLAN 0 to HW filter on device bond0 [ 773.404638][ T5339] usb 5-1: Using ep0 maxpacket: 8 [ 773.412389][T14249] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 773.422012][ T5339] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 773.425345][T14249] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 773.432711][ T5339] usb 5-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=21.5e [ 773.473157][ T5339] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 773.476243][T14346] 8021q: adding VLAN 0 to HW filter on device team0 [ 773.497387][ T5339] usb 5-1: config 0 descriptor?? [ 773.504933][ T5339] asix 5-1:0.0: probe with driver asix failed with error -22 [ 773.515974][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 773.523159][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 773.551974][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 773.559239][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 773.796157][T14541] loop2: detected capacity change from 0 to 1024 [ 773.819881][T14534] 9pnet_fd: Insufficient options for proto=fd [ 773.836443][T14541] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 773.919182][T14541] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 774.008122][T14547] loop4: detected capacity change from 0 to 2048 [ 774.437573][T14547] /dev/loop4: Can't open blockdev [ 774.809747][T14138] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 774.892885][ T9] usb 5-1: USB disconnect, device number 21 [ 775.084686][T14346] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 775.195822][T14346] veth0_vlan: entered promiscuous mode [ 776.632566][T14346] veth1_vlan: entered promiscuous mode [ 776.918242][T14346] veth0_macvtap: entered promiscuous mode [ 776.995029][T14346] veth1_macvtap: entered promiscuous mode [ 777.045512][T14569] loop2: detected capacity change from 0 to 40427 [ 777.055120][T14569] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 777.062890][T14569] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 777.117356][T14569] F2FS-fs (loop2): Found nat_bits in checkpoint [ 777.190788][T14346] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 777.202313][T14569] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 777.209510][T14569] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 777.262562][T14346] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 777.371561][T14584] cannot load conntrack support for proto=3 [ 777.410227][T14582] loop3: detected capacity change from 0 to 1024 [ 777.417795][T14582] EXT4-fs: Ignoring removed orlov option [ 777.423793][T14346] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 777.434454][T14346] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 777.518310][T14582] EXT4-fs (loop3): Test dummy encryption mode enabled [ 777.773944][T14346] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 782.268786][ C0] DEBUG: holding rtnl_mutex for 508 jiffies. [ 782.274820][ C0] task:syz-executor state:R running task stack:20432 pid:14346 tgid:14346 ppid:14321 flags:0x00004002 [ 782.286608][ C0] Call Trace: [ 782.289911][ C0] [ 782.292838][ C0] __schedule+0x1800/0x4a60 [ 782.297363][ C0] ? __pfx___schedule+0x10/0x10 [ 782.302235][ C0] ? prb_read_valid+0xa9/0xf0 [ 782.306921][ C0] ? preempt_schedule+0xe1/0xf0 [ 782.311824][ C0] preempt_schedule_common+0x84/0xd0 [ 782.317117][ C0] preempt_schedule+0xe1/0xf0 [ 782.321819][ C0] ? __pfx_preempt_schedule+0x10/0x10 [ 782.327190][ C0] ? _printk+0xd5/0x120 [ 782.331393][ C0] ? _printk+0xd5/0x120 [ 782.335546][ C0] ? __pfx___down_trylock_console_sem+0x10/0x10 [ 782.341801][ C0] preempt_schedule_thunk+0x1a/0x30 [ 782.347003][ C0] ? vprintk_emit+0x7bb/0x900 [ 782.351691][ C0] ? vprintk_emit+0x828/0x900 [ 782.356361][ C0] vprintk_emit+0x82d/0x900 [ 782.360886][ C0] ? __pfx_vprintk_emit+0x10/0x10 [ 782.365916][ C0] _printk+0xd5/0x120 [ 782.369916][ C0] ? batadv_check_known_mac_addr+0x237/0x410 [ 782.375918][ C0] ? __pfx__printk+0x10/0x10 [ 782.380547][ C0] ? batadv_hardif_get_by_netdev+0x49b/0x4e0 [ 782.386545][ C0] ? batadv_hardif_get_by_netdev+0x7f/0x4e0 [ 782.392467][ C0] batadv_check_known_mac_addr+0x2b1/0x410 [ 782.398280][ C0] ? batadv_check_known_mac_addr+0x24/0x410 [ 782.404224][ C0] batadv_hard_if_event+0x3a5/0x1620 [ 782.409537][ C0] ? smc_pnet_netdev_event+0x38f/0x690 [ 782.414992][ C0] ? lockdep_rtnl_is_held+0x26/0x40 [ 782.420203][ C0] notifier_call_chain+0x19f/0x3e0 [ 782.425337][ C0] dev_set_mac_address+0x3d9/0x510 [ 782.430484][ C0] ? __pfx_dev_set_mac_address+0x10/0x10 [ 782.436112][ C0] ? down_write+0x18c/0x220 [ 782.440632][ C0] ? do_setlink+0x7ff/0x41f0 [ 782.445309][ C0] ? do_setlink+0x7ff/0x41f0 [ 782.449915][ C0] ? do_setlink+0x7ff/0x41f0 [ 782.454512][ C0] ? do_setlink+0x7ff/0x41f0 [ 782.459125][ C0] ? trace_kmalloc+0x1f/0xd0 [ 782.463732][ C0] dev_set_mac_address_user+0x31/0x50 [ 782.469122][ C0] do_setlink+0x8b6/0x41f0 [ 782.473542][ C0] ? stack_trace_save+0x118/0x1d0 [ 782.478580][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 782.484012][ C0] ? __pfx_do_setlink+0x10/0x10 [ 782.488895][ C0] ? __nla_validate_parse+0x26ce/0x3090 [ 782.494463][ C0] ? __kmalloc_cache_noprof+0x19c/0x2c0 [ 782.500042][ C0] ? rtnl_newlink+0xe9/0x2070 [ 782.504736][ C0] ? __pfx___nla_validate_parse+0x10/0x10 [ 782.510491][ C0] ? validate_linkmsg+0x71e/0x900 [ 782.515522][ C0] rtnl_newlink+0x17a9/0x2070 [ 782.520240][ C0] ? __pfx_rtnl_newlink+0x10/0x10 [ 782.525261][ C0] ? __pfx___mutex_trylock_common+0x10/0x10 [ 782.531197][ C0] ? rcu_is_watching+0x15/0xb0 [ 782.535956][ C0] ? trace_contention_end+0x3c/0x120 [ 782.541274][ C0] ? __mutex_lock+0x2ef/0xd70 [ 782.545960][ C0] ? __pfx_lock_release+0x10/0x10 [ 782.551036][ C0] ? __pfx_rtnl_newlink+0x10/0x10 [ 782.556067][ C0] rtnetlink_rcv_msg+0x744/0xd00 [ 782.561043][ C0] ? rtnetlink_rcv_msg+0x1a7/0xd00 [ 782.566156][ C0] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 782.571630][ C0] ? ref_tracker_free+0x643/0x7e0 [ 782.576654][ C0] netlink_rcv_skb+0x1e3/0x430 [ 782.581452][ C0] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 782.586959][ C0] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 782.592290][ C0] ? netlink_deliver_tap+0x2e/0x1b0 [ 782.597492][ C0] netlink_unicast+0x7f6/0x990 [ 782.602284][ C0] ? __pfx_netlink_unicast+0x10/0x10 [ 782.607569][ C0] ? __virt_addr_valid+0x183/0x530 [ 782.612711][ C0] ? __check_object_size+0x49c/0x900 [ 782.617996][ C0] ? bpf_lsm_netlink_send+0x9/0x10 [ 782.623132][ C0] netlink_sendmsg+0x8e4/0xcb0 [ 782.627911][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 782.633214][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 782.639222][ C0] ? aa_sock_msg_perm+0x91/0x160 [ 782.644165][ C0] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 782.649461][ C0] ? security_socket_sendmsg+0x87/0xb0 [ 782.654914][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 782.660216][ C0] __sock_sendmsg+0x221/0x270 [ 782.664909][ C0] __sys_sendto+0x3a4/0x4f0 [ 782.669431][ C0] ? __pfx___sys_sendto+0x10/0x10 [ 782.674461][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 782.680464][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 782.686800][ C0] __x64_sys_sendto+0xde/0x100 [ 782.691583][ C0] do_syscall_64+0xf3/0x230 [ 782.696085][ C0] ? clear_bhb_loop+0x35/0x90 [ 782.700776][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 782.706662][ C0] RIP: 0033:0x7fda27d77cac [ 782.711097][ C0] RSP: 002b:00007ffcb931a230 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 782.719529][ C0] RAX: ffffffffffffffda RBX: 00007fda28a34620 RCX: 00007fda27d77cac [ 782.727501][ C0] RDX: 000000000000002c RSI: 00007fda28a34670 RDI: 0000000000000003 [ 782.735482][ C0] RBP: 0000000000000000 R08: 00007ffcb931a284 R09: 000000000000000c [ 782.743463][ C0] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 782.751441][ C0] R13: 0000000000000000 R14: 00007fda28a34670 R15: 0000000000000000 [ 782.759438][ C0] [ 782.762450][ C0] DEBUG: waiting rtnl_mutex for 538 jiffies. [ 782.768410][ C0] task:kworker/u8:7 state:D stack:19984 pid:3335 tgid:3335 ppid:2 flags:0x00004000 [ 782.778611][ C0] Workqueue: ipv6_addrconf addrconf_dad_work [ 782.784635][ C0] Call Trace: [ 782.787926][ C0] [ 782.790892][ C0] __schedule+0x1800/0x4a60 [ 782.795424][ C0] ? __pfx___schedule+0x10/0x10 [ 782.800298][ C0] ? __pfx_lock_release+0x10/0x10 [ 782.805331][ C0] ? __mutex_trylock_common+0x92/0x2e0 [ 782.810824][ C0] ? kthread_data+0x52/0xd0 [ 782.815339][ C0] ? schedule+0x90/0x320 [ 782.819622][ C0] ? wq_worker_sleeping+0x66/0x240 [ 782.824745][ C0] ? schedule+0x90/0x320 [ 782.829006][ C0] schedule+0x14b/0x320 [ 782.833169][ C0] schedule_preempt_disabled+0x13/0x30 [ 782.838635][ C0] __mutex_lock+0x6a4/0xd70 [ 782.843168][ C0] ? mark_lock+0x9a/0x360 [ 782.847508][ C0] ? __mutex_lock+0x527/0xd70 [ 782.852216][ C0] ? addrconf_dad_work+0xd0/0x16f0 [ 782.857334][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 782.862408][ C0] ? get_rtnl_holder+0x144/0x190 [ 782.867357][ C0] addrconf_dad_work+0xd0/0x16f0 [ 782.872347][ C0] ? __pfx_addrconf_dad_work+0x10/0x10 [ 782.877805][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 782.884163][ C0] ? process_scheduled_works+0x945/0x1830 [ 782.889901][ C0] process_scheduled_works+0xa2c/0x1830 [ 782.895468][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 782.901498][ C0] ? assign_work+0x364/0x3d0 [ 782.906095][ C0] worker_thread+0x86d/0xd40 [ 782.910705][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 782.916598][ C0] ? __kthread_parkme+0x169/0x1d0 [ 782.921639][ C0] ? __pfx_worker_thread+0x10/0x10 [ 782.926750][ C0] kthread+0x2f0/0x390 [ 782.930834][ C0] ? __pfx_worker_thread+0x10/0x10 [ 782.935942][ C0] ? __pfx_kthread+0x10/0x10 [ 782.940551][ C0] ret_from_fork+0x4b/0x80 [ 782.944994][ C0] ? __pfx_kthread+0x10/0x10 [ 782.949617][ C0] ret_from_fork_asm+0x1a/0x30 [ 782.954401][ C0] [ 782.957415][ C0] DEBUG: waiting rtnl_mutex for 535 jiffies. [ 782.963418][ C0] task:kworker/1:2 state:D stack:20560 pid:1173 tgid:1173 ppid:2 flags:0x00004000 [ 782.973588][ C0] Workqueue: events linkwatch_event [ 782.978823][ C0] Call Trace: [ 782.982102][ C0] [ 782.985027][ C0] __schedule+0x1800/0x4a60 [ 782.989557][ C0] ? __pfx___schedule+0x10/0x10 [ 782.994435][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 783.000488][ C0] ? __pfx_lock_release+0x10/0x10 [ 783.005527][ C0] ? kick_pool+0x45c/0x620 [ 783.009967][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 783.015157][ C0] ? lockdep_hardirqs_on+0x99/0x150 [ 783.020367][ C0] ? schedule+0x90/0x320 [ 783.024625][ C0] schedule+0x14b/0x320 [ 783.028812][ C0] schedule_preempt_disabled+0x13/0x30 [ 783.034266][ C0] __mutex_lock+0x6a4/0xd70 [ 783.038831][ C0] ? __mutex_lock+0x527/0xd70 [ 783.043554][ C0] ? linkwatch_event+0xe/0x60 [ 783.048221][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 783.053267][ C0] ? get_rtnl_holder+0x144/0x190 [ 783.058205][ C0] ? process_scheduled_works+0x945/0x1830 [ 783.063937][ C0] linkwatch_event+0xe/0x60 [ 783.068431][ C0] process_scheduled_works+0xa2c/0x1830 [ 783.074007][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 783.080021][ C0] ? assign_work+0x364/0x3d0 [ 783.084611][ C0] worker_thread+0x86d/0xd40 [ 783.089219][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 783.095113][ C0] ? __kthread_parkme+0x169/0x1d0 [ 783.100245][ C0] ? __pfx_worker_thread+0x10/0x10 [ 783.105357][ C0] kthread+0x2f0/0x390 [ 783.109458][ C0] ? __pfx_worker_thread+0x10/0x10 [ 783.114586][ C0] ? __pfx_kthread+0x10/0x10 [ 783.119202][ C0] ret_from_fork+0x4b/0x80 [ 783.123650][ C0] ? __pfx_kthread+0x10/0x10 [ 783.128233][ C0] ret_from_fork_asm+0x1a/0x30 [ 783.133029][ C0] [ 783.136066][ C0] [ 783.136066][ C0] Showing all locks held in the system: [ 783.143791][ C0] 3 locks held by kworker/1:0/25: [ 783.148852][ C0] 3 locks held by kworker/1:2/1173: [ 783.154039][ C0] #0: ffff888015880948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 783.165031][ C0] #1: ffffc900049f7d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 783.176014][ C0] #2: ffffffff8fc82688 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60 [ 783.185005][ C0] 3 locks held by kworker/u8:7/3335: [ 783.190290][ C0] #0: ffff88802a990148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 783.201886][ C0] #1: ffffc9000aa57d00 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 783.214703][ C0] #2: ffffffff8fc82688 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_dad_work+0xd0/0x16f0 [ 783.224127][ C0] 2 locks held by getty/4979: [ 783.228899][ C0] #0: ffff88802f6310a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 783.238649][ C0] #1: ffffc900031232f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10 [ 783.248789][ C0] 2 locks held by syz-executor/5215: [ 783.254091][ C0] 4 locks held by kworker/1:4/5280: [ 783.259294][ C0] 3 locks held by kworker/1:8/5339: [ 783.264481][ C0] 3 locks held by kworker/0:9/9255: [ 783.269689][ C0] 3 locks held by kworker/u8:11/14229: [ 783.275134][ C0] 3 locks held by syz-executor/14346: [ 783.280512][ C0] 3 locks held by syz.2.2364/14568: [ 783.285694][ C0] #0: ffff88805f775008 (&sb->s_type->i_mutex_key#10){+.+.}-{3:3}, at: sock_close+0x90/0x240 [ 783.295905][ C0] #1: ffffffff8fce6230 ((netlink_chain).rwsem){++++}-{3:3}, at: blocking_notifier_call_chain+0x53/0x90 [ 783.307079][ C0] #2: ffff88802af400b8 (&nft_net->commit_mutex){+.+.}-{3:3}, at: nft_rcv_nl_event+0x120/0x6b0 [ 783.317482][ C0] 3 locks held by syz.2.2364/14569: [ 783.322690][ C0] #0: ffffffff8f144328 (reading_mutex){+.+.}-{3:3}, at: rng_dev_read+0x171/0x6d0 [ 783.331934][ C0] #1: ffffc90000007c00 (net/core/rtnetlink.c:83){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650 [ 783.342047][ C0] #2: ffffffff8e937a60 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 783.351903][ C0] 2 locks held by syz.2.2364/14583: [ 783.357091][ C0] #0: ffff88802af400b8 (&nft_net->commit_mutex){+.+.}-{3:3}, at: nf_tables_valid_genid+0x32/0x100 [ 783.367833][ C0] #1: ffffffff8e93ce38 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x381/0x830 [ 783.378807][ C0] 1 lock held by syz.2.2364/14584: [ 783.383923][ C0] #0: ffffffff8e93ce38 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x451/0x830 [ 783.394824][ C0] 1 lock held by syz.4.2365/14575: [ 783.399993][ C0] 1 lock held by syz.4.2365/14586: [ 783.405117][ C0] 1 lock held by syz.3.2367/14582: [ 783.410261][ C0] #0: ffff8880617220e0 (&type->s_umount_key#28/1){+.+.}-{3:3}, at: alloc_super+0x221/0x9d0 [ 783.420396][ C0] [ 783.422711][ C0] ============================================= [ 783.422711][ C0] [ 783.989500][T14582] workqueue: Failed to create a rescuer kthread for wq "ext4-rsv-conversion": -EINTR [ 783.990030][T14582] EXT4-fs: failed to create workqueue [ 784.022713][T14582] EXT4-fs (loop3): mount failed [ 784.041630][T14346] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 784.063521][T14346] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 784.077396][T14346] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 784.100888][T14346] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 784.128847][T14346] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 784.144062][T14346] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 784.154780][T14346] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 784.164764][T14346] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 784.175471][T14346] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 784.187535][T14346] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 784.254765][T14594] loop3: detected capacity change from 0 to 512 [ 784.291230][T14346] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 784.344994][T14594] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.2370: bg 0: block 131: padding at end of block bitmap is not set [ 784.368837][T14346] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 784.426687][T14346] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 784.468603][T14594] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6551: Corrupt filesystem [ 784.499150][T14346] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 784.499337][T14594] EXT4-fs (loop3): 1 truncate cleaned up [ 784.539760][T14594] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 784.548819][T14346] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 784.588801][T14346] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 784.634139][T14346] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 784.826526][T14346] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 784.863454][T14346] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 784.969359][T14346] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 785.102324][T14346] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 785.178283][T14346] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 785.267350][T14346] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 785.364408][T14346] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 785.509865][T14346] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 785.647846][ T5229] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 785.670234][ T5229] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 785.681828][ T5229] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 785.707743][ T5229] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 785.708975][ T9137] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 785.732602][ T5229] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 785.740032][ T5229] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 785.837543][T14604] tmpfs: Bad value for 'mpol' [ 785.930662][T14606] loop4: detected capacity change from 0 to 64 [ 785.984528][T14346] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 786.029392][T14346] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 786.042182][T14346] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 786.045165][T14610] loop3: detected capacity change from 0 to 256 [ 786.053161][T14346] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 786.126762][T13264] hfs: walked past end of dir [ 786.139510][T14610] FAT-fs (loop3): Directory bread(block 64) failed [ 786.149149][T14610] FAT-fs (loop3): Directory bread(block 65) failed [ 786.155796][T14610] FAT-fs (loop3): Directory bread(block 66) failed [ 786.190059][T14610] FAT-fs (loop3): Directory bread(block 67) failed [ 786.196741][T14610] FAT-fs (loop3): Directory bread(block 68) failed [ 786.217306][ T35] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 786.228952][T14610] FAT-fs (loop3): Directory bread(block 69) failed [ 786.235604][T14610] FAT-fs (loop3): Directory bread(block 70) failed [ 786.249936][T14610] FAT-fs (loop3): Directory bread(block 71) failed [ 786.256561][T14610] FAT-fs (loop3): Directory bread(block 72) failed [ 786.300993][T14610] FAT-fs (loop3): Directory bread(block 73) failed [ 786.419623][T14610] syz.3.2375: attempt to access beyond end of device [ 786.419623][T14610] loop3: rw=524288, sector=1160, nr_sectors = 4 limit=256 [ 786.449149][T14610] syz.3.2375: attempt to access beyond end of device [ 786.449149][T14610] loop3: rw=0, sector=1160, nr_sectors = 4 limit=256 [ 786.493367][ T29] audit: type=1800 audit(1721918652.637:450): pid=14610 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2375" name="file0" dev="loop3" ino=1048861 res=0 errno=0 [ 786.496089][ T35] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 786.520151][T14612] loop3: detected capacity change from 256 to 0 [ 786.540378][ T29] audit: type=1804 audit(1721918652.677:451): pid=14610 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.2375" name="/newroot/367/file0/file0" dev="loop3" ino=1048861 res=1 errno=0 [ 786.550323][T14610] syz.3.2375: attempt to access beyond end of device [ 786.550323][T14610] loop3: rw=0, sector=4, nr_sectors = 4 limit=0 [ 786.668640][ T9137] syz-executor: attempt to access beyond end of device [ 786.668640][ T9137] loop3: rw=0, sector=20, nr_sectors = 4 limit=0 [ 786.701326][ T9137] syz-executor: attempt to access beyond end of device [ 786.701326][ T9137] loop3: rw=0, sector=24, nr_sectors = 4 limit=0 [ 786.722847][ T9137] syz-executor: attempt to access beyond end of device [ 786.722847][ T9137] loop3: rw=0, sector=28, nr_sectors = 4 limit=0 [ 786.736154][ T9137] syz-executor: attempt to access beyond end of device [ 786.736154][ T9137] loop3: rw=0, sector=32, nr_sectors = 4 limit=0 [ 786.788924][ T9137] syz-executor: attempt to access beyond end of device [ 786.788924][ T9137] loop3: rw=0, sector=36, nr_sectors = 4 limit=0 [ 786.811926][ T35] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 786.828940][ T9137] syz-executor: attempt to access beyond end of device [ 786.828940][ T9137] loop3: rw=0, sector=40, nr_sectors = 4 limit=0 [ 786.873346][ T9137] syz-executor: attempt to access beyond end of device [ 786.873346][ T9137] loop3: rw=0, sector=44, nr_sectors = 4 limit=0 [ 786.899908][T14229] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 786.907752][T14229] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 787.060178][T14618] afs: Unknown parameter '·«ûÂdÏ_’|:â1þ´+éOv' [ 787.549209][ T35] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 787.608177][T14238] FAT-fs (loop3): unable to read inode block for updating (i_pos 899) [ 787.624942][ T9137] FAT-fs (loop3): unable to read boot sector to mark fs as dirty [ 787.663330][ T3335] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 787.736934][ T3335] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 787.790722][ T5245] Bluetooth: hci3: command tx timeout [ 787.871539][ T5245] Bluetooth: hci5: unexpected event 0x31 length: 23 > 6 [ 788.092195][T14601] chnl_net:caif_netlink_parms(): no params data found [ 788.130238][ T35] bridge_slave_0: left allmulticast mode [ 788.140238][T14621] netdevsim netdevsim2: Direct firmware load for ng failed with error -2 [ 788.311881][T14628] ================================================================== [ 788.313717][ T35] bridge_slave_0: left promiscuous mode [ 788.320059][T14628] BUG: KASAN: slab-use-after-free in uprobe_mmap+0xb9a/0x11a0 [ 788.320091][T14628] Read of size 8 at addr ffff88802f1442b0 by task syz.1.2304/14628 [ 788.320109][T14628] [ 788.320125][T14628] CPU: 0 UID: 0 PID: 14628 Comm: syz.1.2304 Not tainted 6.10.0-next-20240725-syzkaller #0 [ 788.320151][T14628] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 788.320165][T14628] Call Trace: [ 788.320174][T14628] [ 788.320183][T14628] dump_stack_lvl+0x241/0x360 [ 788.320216][T14628] ? __pfx_dump_stack_lvl+0x10/0x10 [ 788.320246][T14628] ? __pfx__printk+0x10/0x10 [ 788.320273][T14628] ? _printk+0xd5/0x120 [ 788.320299][T14628] ? __virt_addr_valid+0x183/0x530 [ 788.320319][T14628] ? __virt_addr_valid+0x183/0x530 [ 788.320340][T14628] print_report+0x169/0x550 [ 788.320362][T14628] ? __virt_addr_valid+0x183/0x530 [ 788.320382][T14628] ? __virt_addr_valid+0x183/0x530 [ 788.320401][T14628] ? __virt_addr_valid+0x45f/0x530 [ 788.320420][T14628] ? __phys_addr+0xba/0x170 [ 788.320440][T14628] ? uprobe_mmap+0xb9a/0x11a0 [ 788.320464][T14628] kasan_report+0x143/0x180 [ 788.320488][T14628] ? uprobe_mmap+0xb9a/0x11a0 [ 788.320517][T14628] uprobe_mmap+0xb9a/0x11a0 [ 788.320550][T14628] ? __pfx_uprobe_mmap+0x10/0x10 [ 788.320581][T14628] mmap_region+0x1891/0x2090 [ 788.320615][T14628] ? __pfx_mmap_region+0x10/0x10 [ 788.320636][T14628] ? irqentry_exit+0x63/0x90 [ 788.320662][T14628] ? lockdep_hardirqs_on+0x99/0x150 [ 788.320695][T14628] ? do_mmap+0xb6b/0x1010 [ 788.320716][T14628] ? path_noexec+0x44/0xe0 [ 788.320751][T14628] do_mmap+0x8f9/0x1010 [ 788.320779][T14628] ? __pfx_do_mmap+0x10/0x10 [ 788.320799][T14628] ? __pfx_down_write_killable+0x10/0x10 [ 788.320820][T14628] ? __pfx_ima_file_mmap+0x10/0x10 [ 788.320847][T14628] ? security_mmap_file+0x178/0x1a0 [ 788.320874][T14628] vm_mmap_pgoff+0x1dd/0x3d0 [ 788.320901][T14628] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 788.320922][T14628] ? __fget_files+0x29/0x470 [ 788.320943][T14628] ? __fget_files+0x3f6/0x470 [ 788.320968][T14628] ksys_mmap_pgoff+0x4f1/0x720 [ 788.320990][T14628] ? __x64_sys_mmap+0x7f/0x140 [ 788.321023][T14628] do_syscall_64+0xf3/0x230 [ 788.321052][T14628] ? clear_bhb_loop+0x35/0x90 [ 788.321077][T14628] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 788.321098][T14628] RIP: 0033:0x7fda27d75f19 [ 788.321116][T14628] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 788.321135][T14628] RSP: 002b:00007fda28b09048 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 788.321158][T14628] RAX: ffffffffffffffda RBX: 00007fda27f06110 RCX: 00007fda27d75f19 [ 788.321175][T14628] RDX: 0000000000000001 RSI: 0000000000003000 RDI: 0000000020000000 [ 788.321189][T14628] RBP: 00007fda27de4e68 R08: 000000000000000a R09: 0000000000000000 [ 788.321203][T14628] R10: 0000000000000012 R11: 0000000000000246 R12: 0000000000000000 [ 788.321216][T14628] R13: 000000000000006e R14: 00007fda27f06110 R15: 00007ffcb931a678 [ 788.321240][T14628] [ 788.321248][T14628] [ 788.321253][T14628] Allocated by task 14497: [ 788.321264][T14628] kasan_save_track+0x3f/0x80 [ 788.321283][T14628] __kasan_kmalloc+0x98/0xb0 [ 788.321300][T14628] __kmalloc_node_noprof+0x22a/0x440 [ 788.638931][T14628] __kvmalloc_node_noprof+0x72/0x190 [ 788.644224][T14628] f2fs_build_node_manager+0x1385/0x2870 [ 788.649853][T14628] f2fs_fill_super+0x5328/0x7b80 [ 788.654793][T14628] mount_bdev+0x20a/0x2d0 [ 788.659133][T14628] legacy_get_tree+0xee/0x190 [ 788.663806][T14628] vfs_get_tree+0x90/0x2a0 [ 788.668214][T14628] do_new_mount+0x2be/0xb40 [ 788.672711][T14628] __se_sys_mount+0x2d6/0x3c0 [ 788.677381][T14628] do_syscall_64+0xf3/0x230 [ 788.681893][T14628] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 788.687785][T14628] [ 788.690109][T14628] Freed by task 13264: [ 788.694166][T14628] kasan_save_track+0x3f/0x80 [ 788.698868][T14628] kasan_save_free_info+0x40/0x50 [ 788.703889][T14628] poison_slab_object+0xe0/0x150 [ 788.708824][T14628] __kasan_slab_free+0x37/0x60 [ 788.713578][T14628] kfree+0x149/0x360 [ 788.717472][T14628] f2fs_destroy_node_manager+0xad1/0xd20 [ 788.723108][T14628] f2fs_put_super+0xad9/0x1150 [ 788.727882][T14628] generic_shutdown_super+0x136/0x2d0 [ 788.733268][T14628] kill_block_super+0x44/0x90 [ 788.737944][T14628] kill_f2fs_super+0x344/0x690 [ 788.742715][T14628] deactivate_locked_super+0xc4/0x130 [ 788.748103][T14628] cleanup_mnt+0x41f/0x4b0 [ 788.752528][T14628] task_work_run+0x24f/0x310 [ 788.757114][T14628] syscall_exit_to_user_mode+0x168/0x370 [ 788.762761][T14628] do_syscall_64+0x100/0x230 [ 788.767353][T14628] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 788.773246][T14628] [ 788.775563][T14628] The buggy address belongs to the object at ffff88802f144280 [ 788.775563][T14628] which belongs to the cache kmalloc-64 of size 64 [ 788.789443][T14628] The buggy address is located 48 bytes inside of [ 788.789443][T14628] freed 64-byte region [ffff88802f144280, ffff88802f1442c0) [ 788.803064][T14628] [ 788.805382][T14628] The buggy address belongs to the physical page: [ 788.811813][T14628] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2f144 [ 788.820583][T14628] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 788.827698][T14628] page_type: 0xfdffffff(slab) [ 788.832394][T14628] raw: 00fff00000000000 ffff8880158418c0 ffffea0000af37c0 dead000000000004 [ 788.840988][T14628] raw: 0000000000000000 0000000000200020 00000001fdffffff 0000000000000000 [ 788.849562][T14628] page dumped because: kasan: bad access detected [ 788.855971][T14628] page_owner tracks the page as allocated [ 788.861684][T14628] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 62, tgid 62 (kworker/u8:4), ts 20060180773, free_ts 0 [ 788.879742][T14628] post_alloc_hook+0x1f3/0x230 [ 788.884510][T14628] get_page_from_freelist+0x2e4c/0x2f10 [ 788.890055][T14628] __alloc_pages_noprof+0x256/0x6c0 [ 788.895249][T14628] alloc_slab_page+0x5f/0x120 [ 788.899919][T14628] allocate_slab+0x5a/0x2f0 [ 788.904417][T14628] ___slab_alloc+0xcd1/0x14b0 [ 788.909099][T14628] __slab_alloc+0x58/0xa0 [ 788.913457][T14628] __kmalloc_noprof+0x25a/0x400 [ 788.918316][T14628] security_task_alloc+0x43/0x130 [ 788.923361][T14628] copy_process+0x1692/0x3d90 [ 788.928052][T14628] kernel_clone+0x226/0x8f0 [ 788.932574][T14628] user_mode_thread+0x132/0x1a0 [ 788.937438][T14628] call_usermodehelper_exec_work+0x5c/0x230 [ 788.943340][T14628] process_scheduled_works+0xa2c/0x1830 [ 788.948887][T14628] worker_thread+0x86d/0xd40 [ 788.953478][T14628] kthread+0x2f0/0x390 [ 788.957541][T14628] page_owner free stack trace missing [ 788.962901][T14628] [ 788.965227][T14628] Memory state around the buggy address: [ 788.970849][T14628] ffff88802f144180: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 788.978911][T14628] ffff88802f144200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 788.986989][T14628] >ffff88802f144280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 788.995045][T14628] ^ [ 789.000664][T14628] ffff88802f144300: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 789.008716][T14628] ffff88802f144380: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 789.016773][T14628] ================================================================== [ 789.027889][T14628] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 789.035203][T14628] CPU: 0 UID: 0 PID: 14628 Comm: syz.1.2304 Not tainted 6.10.0-next-20240725-syzkaller #0 [ 789.045110][T14628] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 789.055182][T14628] Call Trace: [ 789.058456][T14628] [ 789.061379][T14628] dump_stack_lvl+0x241/0x360 [ 789.066063][T14628] ? __pfx_dump_stack_lvl+0x10/0x10 [ 789.071273][T14628] ? __pfx__printk+0x10/0x10 [ 789.075890][T14628] ? preempt_schedule+0xe1/0xf0 [ 789.080771][T14628] ? vscnprintf+0x5d/0x90 [ 789.085125][T14628] panic+0x349/0x870 [ 789.089049][T14628] ? check_panic_on_warn+0x21/0xb0 [ 789.094179][T14628] ? __pfx_panic+0x10/0x10 [ 789.098619][T14628] ? _raw_spin_unlock_irqrestore+0x130/0x140 [ 789.104619][T14628] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 789.110972][T14628] ? print_report+0x502/0x550 [ 789.115675][T14628] check_panic_on_warn+0x86/0xb0 [ 789.120635][T14628] ? uprobe_mmap+0xb9a/0x11a0 [ 789.125341][T14628] end_report+0x77/0x160 [ 789.129603][T14628] kasan_report+0x154/0x180 [ 789.134124][T14628] ? uprobe_mmap+0xb9a/0x11a0 [ 789.138828][T14628] uprobe_mmap+0xb9a/0x11a0 [ 789.143366][T14628] ? __pfx_uprobe_mmap+0x10/0x10 [ 789.148338][T14628] mmap_region+0x1891/0x2090 [ 789.152959][T14628] ? __pfx_mmap_region+0x10/0x10 [ 789.157924][T14628] ? irqentry_exit+0x63/0x90 [ 789.162549][T14628] ? lockdep_hardirqs_on+0x99/0x150 [ 789.167786][T14628] ? do_mmap+0xb6b/0x1010 [ 789.172144][T14628] ? path_noexec+0x44/0xe0 [ 789.176588][T14628] do_mmap+0x8f9/0x1010 [ 789.180765][T14628] ? __pfx_do_mmap+0x10/0x10 [ 789.185366][T14628] ? __pfx_down_write_killable+0x10/0x10 [ 789.191015][T14628] ? __pfx_ima_file_mmap+0x10/0x10 [ 789.196146][T14628] ? security_mmap_file+0x178/0x1a0 [ 789.201368][T14628] vm_mmap_pgoff+0x1dd/0x3d0 [ 789.205981][T14628] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 789.211109][T14628] ? __fget_files+0x29/0x470 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 789.215733][T14628] ? __fget_files+0x3f6/0x470 [ 789.220422][T14628] ksys_mmap_pgoff+0x4f1/0x720 [ 789.225177][T14628] ? __x64_sys_mmap+0x7f/0x140 [ 789.229953][T14628] do_syscall_64+0xf3/0x230 [ 789.234659][T14628] ? clear_bhb_loop+0x35/0x90 [ 789.239365][T14628] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 789.245295][T14628] RIP: 0033:0x7fda27d75f19 [ 789.249724][T14628] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 789.269356][T14628] RSP: 002b:00007fda28b09048 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 789.277803][T14628] RAX: ffffffffffffffda RBX: 00007fda27f06110 RCX: 00007fda27d75f19 [ 789.285800][T14628] RDX: 0000000000000001 RSI: 0000000000003000 RDI: 0000000020000000 [ 789.293782][T14628] RBP: 00007fda27de4e68 R08: 000000000000000a R09: 0000000000000000 [ 789.301774][T14628] R10: 0000000000000012 R11: 0000000000000246 R12: 0000000000000000 [ 789.309763][T14628] R13: 000000000000006e R14: 00007fda27f06110 R15: 00007ffcb931a678 [ 789.317772][T14628] [ 789.321151][T14628] Kernel Offset: disabled [ 789.325473][T14628] Rebooting in 86400 seconds..