last executing test programs: 6m25.141646923s ago: executing program 32 (id=188): r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r0, 0xf, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)="2e00000010008188040f80ec59acbc0413a181000b00000000010000000000000e000a000f000000028002002d1f", 0x2e}], 0x1}, 0x0) 6m8.804708165s ago: executing program 33 (id=283): r0 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) r2 = socket$packet(0x11, 0x3, 0x300) sendto$packet(r2, &(0x7f0000000180)='`', 0x500, 0x0, &(0x7f0000000240)={0x2f, 0x0, r1, 0x1, 0x0, 0x6, @local}, 0x14) 5m32.358704759s ago: executing program 34 (id=523): r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000001c0)=ANY=[@ANYBLOB="12010000351930404516080036cf000000010902120001000000000904"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000000)={0x44, &(0x7f0000000500)={0x40, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$printer(r0, 0x0, 0x0) 4m13.375948737s ago: executing program 35 (id=1094): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0xe, &(0x7f0000002240)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000f0ffffff7a0af0ff0020000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000000000006a0af2fe0000000085000000a3000000b700000000000000950000000000000000e154cd8445974b26ffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87867c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f86bb47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad91935a6ddfa8f90e79321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c1f860d050d694cc7806d294d3665016a7b29da0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d40887c58559b7dcb98a6273b8c651e57f727041c62cea5b7bd24d9f679e4fbe948dfb4cc4a389469608241630459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7b9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b83720eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb89872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d0000002000000000000000000000000928ee53595a779d243a48cea769470424d28804c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf3411718d6ee7aebed161980f2fde4f9ef679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da202274f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec780f535e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e9338c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc3600040543a34b195c6a8fc054282cd41b264906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b7e508e4bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d7fcd116bce9c764c714c9402c21d181aac59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af41000000000000007f5ab0d534b8d63e4ca3be71f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0e03280e09758bd445ab91d20baca005452b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92332af0be61e58c79d497247d278888901d442ad7f8536607a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733097f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a14dc4810f61ae96c18cc7130000000000002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42c0e8ebc62887aa46e820a74f91381dcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76bea3858f7f05b47d3e519f1634e8fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb560ae99e85b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a50ca0301f89c2ee627e949c68b3a4a426a996d503a26e9a714ee5f72d8805dd1bfbd081f6a5359dbdfbf31a562395020becaf3fd1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff428aade3f85714a1d3ef29acd4d49b62339c10c2ec0dac4b28288e78980c1184d8223edbc4bf9258b7374e79a1f8bf3fb73c8c6dbb7bbdfc399847a11921f97eba0ea14c4fed9a71eedb97c02461792e3a49dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc309353eea4cd8ab96bafda393276bdd8d32ead8db9e1b54d2d3d50e2815268fc1a6ec566981bc8ca2a4583f3d40e817433d0f4f25cfe6cc1897449ba5f26a9d66ac73e6f5c401376f23a314e0b9ff997d22f3e34b5524642c248aa813edaa626f0000000000000000000000000000000003ba5bac34b611569a451564d3a5400f9097ffe7a37e765bc652be71ee24250d6d9cf19878dd62c53062d6000c409de6a6135eae8a00000000008d797190a26c933f933aff5c521eeb7a84a62d148a846e74e76b515b6b8be29e8b69310fa130cf6d6b74f33205d3cc218ca554ed8085ae044f5bf2e89ad07963acbd4dd4dc5b4552591edde7a22ad06f7567e6fec2f65011b579bf609d61a3ff4d6f490824bb035995449fc34106ae6889f036d67b6aaee784f855ebc746ac871b5d2031ac0a252ac1f86e93e245f3793cea80b6de773899d49d11d3b1ed79163b111c976cf840a2ef6214a43338fba8c9edb6be26e68fcc5d47ed74a66ce8aba726ab955b9b32ab1890e84a5e2d7476252af25e5c95c5a8b2b1b5c8a2645b017d23c0f169d6ab529cc889bb07889d9e155114cf3e26a50c527ec6d4021cd2cacfea6d7e41e39e26b3967cad65c648b170f12ea9cc69dcee64be0c27b1f4f7f5ce3e62c35602c9d2921326891901661c85b9ee4a0a0b9636bef4c23788494f094abb91ed813b42828aa93105896e0aee851a8087e169a1d69e841257d9053d0cdc3a6ac4f12084cc6470abebe8b344b1f56690a2687b428686c854c21831da277e8b8a21b7b91a46d22ba083eca7b1f8268048cde7d6f237dca42035881b29ca9c8c2937971821b613894297ff6f7796053a4de1fd77e180cc22b205d43bb4a1b59962c1f605ea1b74587100e8d579f157cb45561c357f9976cec6a43388b3049a0d9c171ff6145266ba119d00000000001ef3794a930eb12f3a6215c510bf0bca70c127e9c70cc7bef921249a7f18a0034ce3264a9e96656b47233e2ed7c76520e649c3fd550bdafd77c5cd72b4446d3e157ddd97e7622a6891fb739acd3b2cdaf65ac78490f0641be6e8c6f55bf3d228786895ff5fd5970faacd8a5025aca0aa1931f477ba06aa60051298c8bf7f3b399194f98dc3f4e8513ad06da09dc393c1284515986b8c70ac69512f6c0c04f42edb3a097a11f2ab480e3e391abffae097752300576337c6dd24c4a98280684aa1fe8c7b43ee8bce05fe979b34da18cdb44dbb030b8009cd3b3b44fd8e7b534acd3f1839cb54817668ab446d3d47848429ea831a57f26c8b05dedddceb24483f8f998b05c3ddf85c3799c9000000000000000000000000001e57cf839eb3150d6a076fb7b86fae98dbb46014f483aecb4ec4f0877371bcae8912c78aff857c669760f0e55041563c5c3e8ee4a0eef885fd43fe34a1febc82370d1d07fdfe705ada4764320889000000000000000000000000000000a790af4fc17872b55b10db99e212d18193235659df45627da300959eafc8bfb44f70d250f8f2e86532700254c9a8b14999f59c8b9034c4bb2448eaeff5db21d4a7f3d974790d4c3cba7c402f50585b9289d86400679e5c2bcacb2841ca074d51fdb4a29e84d72b6c996cfbee06aa52cd632e82ba068e8e1572ef2eb414ba5fccfc3c03e64df6a9cc3936c604aa2c0e2ec7b777475023f29b146af003472ce146a5ff997ba53c51026c0096154f9280a34bbf21d66f57a250b5397766122fc86950ce5252e96868cd04df54764cf2082153d6cedd8aaf9700c734aa4a1cb33a2e0a13c5687be4de327511bff9816d13c3219dac1c1535f10243db6f96960ea6a621f5e1b7babbedf0a6bf0cf74123d2e78d01be2b048883a2459eec630fb0293d28d9799fd3a792caff693fd9f002f14c43fb5a1051cc686b7f114d7927eed559bdf2e8ddea3e61d5d942b63fe90230b2e1948fc563ef94d437281671d2fe5032d2a091fa842b0af2e116ba"], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffedf, 0x10, &(0x7f0000000040), 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000700)={r0, 0xe0, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000840)={r1}, 0x4) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r2, 0x2f00020b, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0xae5b, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 4m7.009654819s ago: executing program 36 (id=1131): r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='attr\x00') fchdir(r1) write$cgroup_int(r0, &(0x7f00000000c0)=0x1c3, 0x12) 2m56.795119157s ago: executing program 9 (id=1555): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000005c0)={r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x6, 0x11, &(0x7f0000000100)=@framed={{0x18, 0x2, 0x0, 0x0, 0xffffb963}, [@call={0x85, 0x0, 0x0, 0x41}, @snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50) 2m56.202695382s ago: executing program 9 (id=1558): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth1_macvtap\x00', 0x0}) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000002c0)=@newlink={0x44, 0x10, 0x503, 0x0, 0x4, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r1}, @IFLA_MASTER={0x8, 0xa, r1}]}, 0x44}}, 0x800) 2m54.928669735s ago: executing program 9 (id=1560): r0 = syz_io_uring_setup(0xe42, &(0x7f0000000140), &(0x7f0000000240)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_TIMEOUT={0xb, 0x10, 0x0, 0x0, 0x400000000006, &(0x7f00000003c0)={0x77359400}, 0x1, 0x1}) io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0) 2m54.41501173s ago: executing program 9 (id=1567): syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000980)='./file0\x00', 0x0, &(0x7f0000000340)={[{@nls={'nls', 0x3d, 'macroman'}}, {@nobarrier}, {@nobarrier}, {@force}, {@force}, {@umask={'umask', 0x3d, 0xde5}}]}, 0x3, 0x6b4, &(0x7f0000000f00)="$eJzs3U+InGcdB/DvO5nMZiKk2zZNowhdGijaYLKboSaC0CgiOQSJeul1STbNkklaNltJi5iJWgVPnqQHDxWJh55ERKgnsZ4FwYun3APePOSgrrzvvLM7OzvZ7Ca7mY39fOCd53nneZ/n+b2/vH/mT5YJ8Kl17o3s76XIuePnb5brd+90unfvdK4N6kmmkjSSZr9I0U6KT5Kz6S/5bPlkPVzxoHleu/dx0fzgo05/rVkv1faNzfptMHbLXnJgdWVfkpl+9d9bHnbDeNVSjXNxbbxHVKzGXSbs2CBxMGkrG/TWGhsP7b718xbYs27175sbTCcH07+7lq8DUl8dHn5lmLxNr029JxcHAAAA7Jax7+WHPXM/93Mzh55MOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPD029f/sfy6qJbGoD6TYvD7/62h39RvTTjkx/T+5ar4zjOTDgQAAAAAAAAAHstL93M/N3NosL5SVN/5v1ytHK4eP5N3ciMLWcqJ3Mx8lrOcpcwlmR4aqHVzfnl5aW5jz1+k7LmysnKr7nlqbM9T6+PqjQY67n8abNgIAAAAAAAAAD61fphza9//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAXlAk+/pFtRwe1KfTaCY5kKRVzKxu3pposDvgT5MOAAAAAHZfuy4PFf/tV1aK6j3/kep9/4G8k+tZzmKW081CLlWfBfTf9Tf+1ut0797pXCuXjQN/7Z/biqMaMf3PHsbPPFtt8cJqj3P5Zr6b45nJhSxlMd/LfJazkJl8o6rNp8h0/enF9N077Qxi3Rjv2XVrF0Zje2moXsZ3tIqknctZrGI7kYutQeiNerujQ7P9oZWMzHi7zE7xem2LObpUl+Ue/bwu94bpas/3r2Zkts59mY1nh/O+MffbPE5GZ5pLY2rQdnhtlnJ1dKZHyvnBuixz/ZPdzfk2P0pbn4nez8q1wdF3ZPOcJ1/8+58vXGlcv3rl8o3je+cwekSjx0RnKBMvbikT3TITvcfIxIHHiX/ntOps9K+i27tavlz1PZTFfCtv5VIWcjqzmcuZzOYrOZVOTg3l9YXN81qda43tnWvHvlBXynvST4fuTU/M1IMayrw+O5TX4SvddNU2/Mxalp7bQpaKVsZn6R9jQ2l+rq6Uc/xo6I4zeaOZmBvKxPObZ+JX/1lJcqN7/erSlfm3tzjfK3VZnrbvr782/3pHdmj76t0tj5fnyn+s9G8bw0dH2fb8oG0kX636G5dmPdi6tlaq87nf9rAztRzpyO1xI/XbXhw7S6dqOzrUtu5VTt5Kd/VVCAB72MFXD7ba99p/bX/Y/nH7Svv8ga9PnZn6fCv7/9L8477fNn7T+Grxaj7MD3Jo0pECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD/gxvvvnd1vttdWNqDlTR2eMDb891ukWR90yAV/Wdae2Pfn9bK1GZH1O+SbNK99VizF48WczvJnkhdmg84C3ZyrqmMaTq/+kw7aazGk+TqHvmBO2A3nFy+9vbJG+++96XFa/NvLry5cP3UmdOvn+58ee7WycuL3YXZ/uOkowR2w9rLgElHAgAAAAAAAAAAAGzVk/jzhjHTFr0J7CsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwdDr3Rvb3UmRu9sRsuX73TqdbLoP62pbNJI0kxfeT4pPkbPpLpoeGKx40z2v3Pv7lKx981FkbqznYvjHS7/f/WlkZ6f3t5c33olcvmUmyry4fbmpL410cGq+3pXFHFat7WCbs2CBxMGn/CwAA///00QYA") mkdir(&(0x7f0000000400)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x42, 0x0) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) 2m53.718281861s ago: executing program 9 (id=1569): syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000100)='./file1\x00', 0x1018852, &(0x7f00000003c0)={[{@nodiscard}, {}, {@acl}, {@fsync_mode_strict}, {@inline_xattr}, {@disable_roll_forward}, {@checkpoint_diasble}, {@background_gc_on}, {@noinline_xattr}, {@discard_unit_block}, {@fsync_mode_strict}, {@age_extent_cache}, {@extent_cache}, {@fault_injection={'fault_injection', 0x3d, 0xffffffffffffffff}}], [{@subj_type={'subj_type', 0x3d, 'disable_roll_forward'}}, {@flag='dirsync'}]}, 0x1, 0x551c, &(0x7f00000079c0)="$eJzs3M1rI/UbAPAn7Xbff/sr4sHbDixCC5uw6b6gt1V38QW7lFUPnjRN0pDdJFOaNK296MGjePDsPyEKnjz6N3jw7E08KJ4UVjIz0W1VEJom3e3nA5Nn5pvvPPN8Qyk8MyEBnFiLya8/l+JSnIuI+Yi4GJHtl4otczsPz0XE5YiYe2wrFeN/DpyOiPMRcenRh+PTS8Vbn10dXrn50xu/fPPdmVMXvvj6+5ksGDgWno+I7ma+v9PNY9rK44NivDZsZ7F7Y1jE/I3uw+I4zeNOcz3LsFMbz6tl8Xorn59ubvdHcaNTq49iq72RjW/28gv2h61xnuyEB7Wt7LjRXM9iu59msbWX17W7l/+/3OsP8jyNIt8HWfoYDMYxH2/uNvP1bD7MYr03KMbzvGmjuTuKwyIWl4t62mlkdawf5pM+3t5s97Z3k2Fzq99Oe8nNSvWFSvVWubqVNpqD5o1yrdu4dSNZanVG08qDZq17u5WmrU6zUk+7y8lSq14vV6vJ0p3mervWS6rVyvXKtfLN5WLvavLqvXeSTiNZGsWX273tQbvTTzbSrSQ/YzlZqVx/cTm5Uk3eWl1L1u7fvbu69vZ7d96999Lq668Uk/5WVrK0cm1lpVy9Vl6pLp+g9X9cFD3B9cOhlGZdAMCT5+j6/1HyPKf+Hzjo6Pr/rfsRR9//h/5/Ip6o/vek9/9HsH44FP0/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCJ9cPCl69lO4v58YVi/H/F0DPFcSki5iLi0T+Yj9P7cs4XeRb+Zf7CgRq+LUWWYXSNM8V2PiJuF9vv/z/qTwEAAACeXl99dPnTvFvPXxZnXRDTlN+0mbv4/oTylSJiYfHHCWWbG708O6Fk2d/3qdidULbsBtbZCSXLb7mdmlS2/2R+Xzj7WCjlYW6q5QAAAFOxvxOYbhcCAADANH0y6wKYjVKMH2WOnwVn37z/64HguX1HAAAAwLH3+W8HR0qzKQQAAACYoqz/9/t/AAAA8HTLf/8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiDnfvJVRqI4wD+a6HyR43EuPcq7uAYHsGlS8MBvAQHcIFX8AKcAXcewVBDpyIYFi+v0zbv5fNJyjBN+fZXAouZSQYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+vSz2m++f3n/tWvOqe5gEXWepwEAAADuOVb7TfNmlfov2/Ov21Nv234REWVE3Bu+T+LFTeakzan+Xf/t+vrqvxp+RDQJ53vM2mMZER/a4/ebvr8FAAAAeL4O2906jdbTy2rsghhSmrQpX33MlFdERLX6lSmtPOe9yxTW/L6n8TlTWjOBNc8UlqbcprnSHqT5u19m7eZXTZGa8u7HLkVme3YAAGBAk5tm2FEIAAAAQ/o0dgGMo4i/S5mXpcBZatrlvcVNDwAAAHiCirELAAAAAHrXjP8H2v+vtv8fAAAAjCPt/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECfjtV+c9ju1l1zTnU3j7vrsmvZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8If9eTmBEAiDMNi7vm8y+QcrDRqDB6tA+PgbDwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKf87i//J6bGmWTutbH0PJKsnRpbp8beuXH0h/H2awAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuNifkxQKgSCIgvkHJ3Ahff/DSoKeQYQIaHhUUYsGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDf6XC/fO36NI8m/08bU8Ugyd9VYumqsPWhsPRjJ/vSHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA42bmf1ziqOADgb2Z2trYqrlH2EBEFD3qx221t7U08KMGDf4IQ0m2N3fqjzcGWIubiTXLuRfQoIijx1v8h5wRyibcc9hDBszKzM9nJD3D9NbNJPh948747DPO+bxZCvvNeAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAORGb0/iJDt0xnFcnNvce7iU9VuH+szjte35rGVxVGfSJ8OL1Q9Rt7lEAAAAODuSsr4PIeyk6wtZH3fy+j8tr8lq/m+fHsdlPX+47i/7svbP2i8/7z6/P1BnPE5205vLw8Glo6m0/r9ZzrZn/vKKVv7k83cvSf6FxO+tPjdK8+cZfb2x8U47D8/VkS0A8E9cLPsiKH8fyvp+k4kBcGa0KoV3Wf8nnWZzAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKjDaDU8WcZRCGG+NYkzW3sPl47rH69tz5ft2qNHa+HLyT2zW6QhhJvLw8GlWmcz2+7df3B7cTgc3K0/eCmE0NTobxXTv/3BFBeH0MjzEfxHQVx82bOSz8kIGvyhBADAqZQWLavrd9L1hexcNBfCH98drP9frcRhyvp/98Nrm9WxqvV/v7YZzr7eyp1Pe/fuP3h9+c7ircGtwcdvXO6/2b9y/erV6738XUnPGxMAAAD+nXbRqvV/PHd0/f9CJQ5T1v+ffdP/ojpWov4/1mTRr+lMAAAAzrZnX/79t+iY81G7HT5fXFm52x8f9z9fHh8bSPVvO1e0av2fzDWdFQAAAFCH0Wp0YP3/RiUOU67/P/X9Cz9W75mEEM4X6/8Xlz4Z3qhvOjOtjj8nbnqOAAAANOt80arr/2m+/z/e3/IQhxBee2UcF/8GcKr6P3n3qx+qY1X3/1+pb4ozKe6On0fed0NodZvOCAAAgNPsiaJlxf6v6frCRz9deL9t/z8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA3f4MAAD//xAOP7U=") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_serviced\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000040)={[{0x2b, 'net'}]}, 0x5) write$UHID_INPUT(r0, &(0x7f0000001980)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa10100000009b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3591bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad7c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af801034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd6929bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bcddf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22ebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a", 0x1000}}, 0x1006) 2m52.836312381s ago: executing program 9 (id=1573): r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) ioctl$SNDCTL_SEQ_OUTOFBAND(r0, 0x40085112, &(0x7f00000003c0)=@x={0x94, 0x0, "99ff1fde6cd8"}) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) close_range(r1, 0xffffffffffffffff, 0x0) 2m52.432830631s ago: executing program 37 (id=1573): r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) ioctl$SNDCTL_SEQ_OUTOFBAND(r0, 0x40085112, &(0x7f00000003c0)=@x={0x94, 0x0, "99ff1fde6cd8"}) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) close_range(r1, 0xffffffffffffffff, 0x0) 2m38.950699195s ago: executing program 2 (id=1636): ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f0000000300)={0x52, 0x4a, 0x8, {0x7, 0x1}, {0x74, 0x2}, @const={0x0, {0x0, 0x3400}}}) r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x0, 0x822b01) ioctl$EVIOCSMASK(r0, 0x40104593, &(0x7f0000000000)={0x0, 0x0, 0x0}) write$char_usb(r0, &(0x7f0000000040)="e2", 0xff0f) 2m38.473235755s ago: executing program 2 (id=1640): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000100)=0x10000) ioctl$TCSETS(r0, 0x5402, &(0x7f00000000c0)={0xfffffffd, 0x0, 0x0, 0x10001, 0x7, "59c27c65a78308634e78299ef68057107ea354"}) ioctl$TIOCSSOFTCAR(r0, 0x541a, &(0x7f0000000000)) 2m37.878251138s ago: executing program 2 (id=1644): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000200)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_ctr_aes256\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) 2m37.667997751s ago: executing program 2 (id=1645): syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x400c84, &(0x7f0000000340), 0x1, 0x77c, &(0x7f0000001180)="$eJzs3c9rHFUcAPDvbJKmTauJIGg9BQQNlG5Mja2CYMWDCBYKerZdNttQs8mW7KY0IaBFBC+CigdBLz37o968+uOq/4UHsVRNixUPEpnNTrttdtNsmmSr+/nAJO/NzO6b776ZeW93HjMB9KzR9E8u4mBEfJBEDDfmJxExUE/1RxxfW+/GynIxnZJYXX3t96S+zvWV5WI0vSa1v5F5NCK+fzfiUG59udXFpZlCuVyab+THa7PnxquLS4fPzhamS9OluaMTk5NHjj1z7Oj2xfrnT0sHrnz48pNfHf/7nUcuv/9DEsfjQGNZcxzbZTRGG5/JQPoR3ual7S6sy5JubwBbkh6afWtHeRyM4eirpwCA/7O3ImIVAOgp/dp/AOg52e8A11eWi9nU3V8kdtfVFyNi71r82fXNtSX9jWt2e+vXQYeuJ7ddGUkiYmQbyh+NiM++eeOLdIodug4J0MrbFyPi9Mjo+vN/sm7MQqee2mDZnsb/0TvmO//B7vk27f8826r/l7vZ/4kW/Z/BFsfuVtz1+N+3DYVsIO3/Pd80tu1GU/wNI32N3AP1Pt9AcuZsuZSe2x6MiLEYGEzzE2vrthwGNXbtn2vtym/u//3x0Zufp+Wn/2+tkfu1f/D210wVaoV7jTtz9WLEY/2t4k9u1n/Spv97cpNlvPLce5+2W5bGn8abTevjj8bopJ2xeiniiZb1f6sqkw3HJ47Xd4fxbKdo4eufPxlqV35z/adTWn72XWA3pPU/tHH8I0nzeM1q52X8eGn4u3bL7h5/6/1/T/J6PZ31Iy4UarX5iYg9yavr5x+59dosn62fxj/2eOvjf6P9P/1OeHqT8fdf+e3Lrce/s9L4pzqq/84Tl2/M9LUrf3P1P1lPjTXmbOb8t9kNvJfPDgAAAAAAAAAAAAAAAAAAAAAAAAA2KxcRByLJ5W+mc7l8fu0Z3g/HUK5cqdYOnakszE1F/VnZIzGQy251Odx0P9SJxv3ws/yRO/JPR8RDEfHx4L4ku4/iVJdjBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDM/jbP/0/9MtjtrQMAdszebm8AALDrtP8A0Hu0/wDQe7T/ANB7tP8A0Hu0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOywkydOpNPqXyvLxTQ/dX5xYaZy/vBUqTqTn10o5ouV+XP56UplulzKFyuzd3u/cqVybjLmFi6M10rV2nh1cenUbGVhrnbq7GxhunSqNLArUQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAZ6qLSzOFcrk0L7GFxOr9sRndT/Q1dqc7FyUR0ekbvhBdD6ezRHJ/bMY2J7p8YgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4j/g3AAD//5EOHsI=") syz_mount_image$ext4(&(0x7f00000000c0)='ext3\x00', &(0x7f0000000380)='./file0\x00', 0x10e, &(0x7f0000000140)={[{@inlinecrypt}, {@nodelalloc}, {@jqfmt_vfsold}, {@bh}, {@block_validity}, {@quota}]}, 0x3, 0x460, &(0x7f0000001380)="$eJzs289vFFUcAPDvzLZg+WEr4g9+qFU0Nv5oaUHl4EGNJh40MfGCx9oWgizU0JoIIYrG4NGQeDceTfwLPOnFqCcTr3o3JMRwEU1M1szuDLs77C4U2i5lP59k4L2d17733Tdv9715nQAG1nj2TxKxLSJ+j4jRRra9wHjjvyuXz879c/nsXBK12tt/JfVyf18+O1cULX5ua56ZSCPSz5LY06HepdNnjs9Wqwun8vzU8on3p5ZOn3n22InZowtHF07OHDp08MD0C8/PPHeDkfxX63X2nqytuz9a3Lvr9XcuvDl3+MK7P3+bFPGX4lgl471OPlHr2dwNZ3tLOhnqY0NYkUpEZN01XB//o1GJZueNxmuf9rVxwJqq5bqcPlcD7mBJ9LsFQH8UX/TZ+rc41m/20X+XXm4sgLK4r+RH48xQpNFYGA2X1reraTwiDp/796vsiLW5DwEA0Ob7bP7zTKf5Xxr3t5S7O98bGsv3UnZExL0RsTMi7ouol30gIh5cYf3lTZJr5z/pxZsK7AZl878X872t9vlfWhQZq+S57fXMcHLkWHVhf/6eTMTw5iw/3aOOH1797Ytu51rnf9mR1V/MBfN2XBza3P4z87PLs7cSc6tLn0TsHuoUf3J1JyCJiF0Rsfsm6zj21Dd7u50rxT/SvvlY9lJ7dhX2mWpfRzzZ6P9zUYq/kPTen5y6K6oL+6eKq+Jav/x6/q1u9V+//9dW1v9bOl7/V+MfS1r3a5dWXsf5Pz7vuqaZXPH1vyk65T6cXV4+NR2xKXmj0ejW12ea5Yt8UT6Lf2Jf5/G/I5rvxJ6IyC7ihyLi4Yh4JO+7RyPisYjYVw4sbSZ/euXx95q59gv8duj/+VL/j7UXKfV/M7Epyq90TlSO//hd+29sJm/s8+9gPTWRv5J9/l1v97y1FUmPBt7auwcAAAAbQxoR2yJJJ6+m03RysvE3/DtjS1pdXFp++sjiByfnG88IjMVwWtzpatwPbtwPnc6X9UV+ppQ/kN83/rIyUs9Pzi1W5/sdPAy4rV3Gf+bPSr9bB6w5z2vB4DL+YXAZ/zC4jH8YXB3G/0g/2gGsv07f/x83k7XR9WwMsK5K49+2HwwQ638YXMY/DK7W8d/z+XvgTrI0Er0f3h+ARHp7NGODJSLtW+3pqv/mZI1Hwbb+99dKE/3+ZAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFgd/wcAAP//nHbk3g==") mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount(0x0, &(0x7f0000000040)='./file0/../file0\x00', 0x0, 0x20, &(0x7f0000000140)='usrjquota=') 2m36.843099235s ago: executing program 2 (id=1653): r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_ifreq(r0, 0x8990, &(0x7f0000000180)={'bond0\x00', @ifru_names='rose0\x00'}) r1 = syz_init_net_socket$rose(0xb, 0x5, 0x0) connect$rose(r1, &(0x7f0000000400)=@short={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, 0x1, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}}, 0x1c) 2m35.73469547s ago: executing program 2 (id=1665): r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000140)="890704faf3", 0x5) connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @remote}, 0x10) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x1a) 2m35.28703085s ago: executing program 38 (id=1665): r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000140)="890704faf3", 0x5) connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @remote}, 0x10) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x1a) 2m2.630704868s ago: executing program 6 (id=1846): bind$l2tp(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10) r0 = syz_io_uring_setup(0x1f87, &(0x7f0000000080)={0x0, 0x0, 0x13580}, &(0x7f0000000100), &(0x7f0000000280)) io_uring_enter(r0, 0x54, 0x4, 0xf, 0x0, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001100)='fdinfo/3\x00') preadv(r1, &(0x7f0000000840)=[{&(0x7f0000003440)=""/4086, 0xff6}], 0x1, 0x0, 0x0) 2m1.311843426s ago: executing program 6 (id=1851): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020641700000000002020007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_DEAUTHENTICATE(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x24, r2, 0xfc5, 0x0, 0x0, {{0x11}, {@val={0x8}, @void}}, [@NL80211_ATTR_IE={0x8, 0x2a, [@perr={0x84, 0xffffffffffffff21}]}]}, 0x24}}, 0x0) 2m0.625659325s ago: executing program 6 (id=1856): r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000040), 0xfea7) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r1, 0x0) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r0, 0xc0045540, &(0x7f0000000100)) 2m0.237240433s ago: executing program 6 (id=1859): syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000000)='./file0\x00', 0x400, &(0x7f0000000180)=ANY=[@ANYBLOB="6572726f72733d72656d6f756e742d726f2c757466383d302c757365667265652c646973636172642c757466383d312c756e695f786c6174653d302c73686f72746e616d653d77696e39352c756e695f786c6174653d302c756e695f786c6174653d302c0008442895b66131b4e4d54b2ba6ae54da0e13047e9f62fbb85ccc774b3ec4c81a1a985232d16d0d934460e920a59172e764c68194b9d9d0be76c595bac1fc5a0a8256a7b77e071e9bdd6100f9ae"], 0xfd, 0x28d, &(0x7f0000000480)="$eJzs3E1rE10UwPGTpK8pbbJ4eEBBPOhGN0Mbv4BBWhADSm1EXQhTO9GQMVNmxsqI2O7c+jmKS3eC+gW6cede3BRBcNNFMdJ5aach2CjGqc3/B2FOcu/JvTPDDGcCudu3Xz5qNTyjYfqSn1DJi2zIjkh5L4rl4m0+jMckbUMuTn37eObmnbvXqrXa/KLqQnXpUkVVZ86+ffLs1bn3/tSt1zNvxmWrfG/7a+XT1v9bp7a/LyXf7vhq6rLj+OaybelK02sZqjdsy/QsbbY9yz3U3rCd1dVAzfbKdHHVtTxPzXagLStQ31HfDdR8YDbbahiGThdl2BR+OaO+ubhoVgcyGWRhMnW57nPdqlmIGw+rb/6tiQEAgOMjq/r/YdPTpqfto+r/vFD/Dw71/zDYq/+L8fV7GPU/AAAAAAAAAAAAAAAAAAAAAAD/gp1Op9TpdErJNnmNi8iEiCTvs54nBuPn5z/H+T/hUn/cmxCxX6zV1+rRNmqvNqQptlgyOyqyG94PYlG8cLU2P6uhsryz1+P89bV6QcaT/ES5d/5clK9JfhDmj0oxPX5FSvJf7/xKV340/phcOJ/KN6QkH+6LI7ashPe1g/znc6pXrte68ifDfgAAAAAAnASG7ut6fs+NhO2GJsuGdLVHH4bP1zkRmZXSEb8PdD1fj8jpkQx3HAAAAACAIeIFT1umbVvubhJ4BP0EqUNHMJggLyIZjf5FRHo3Xc78sPQMJvvq/PlxdNX30znrOxMAAACAP+2g6M96JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADK9+FxhL+v/O+mSp4QrZ7CUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwPPwIAAD//2h5IPk=") mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0) mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x88700a, 0x0) 1m59.506757802s ago: executing program 6 (id=1863): mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x50032, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x801) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5}) ioctl$UFFDIO_CONTINUE(r0, 0xc020aa08, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}}) 1m58.436456376s ago: executing program 6 (id=1872): syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000410, &(0x7f0000000100)={[{@grpid}, {@grpquota}]}, 0x4, 0x4fe, &(0x7f0000000a40)="$eJzs3U9vVF8ZAOD3Tju0vzJQUBZqVBBRNITpH6AhuBAWagghMRJXLqC2Q9N0hmk6LdDKoizdGyVxpR/BnQsTVi7cudOdG1yYoBINNXEx5t4Z2qHt0FHajp15nuTOvefcYd5zZjjnzD2X4QTQt85FxHpEHIuBLD3azE+aW9xsbOnz3r55NrPx5tlMEvX6vb8l2fk0L1r+TOp48zWHI+J734n4YbIzbm11bWG6XC4tNdNjy5XFsdrq2uX5XDNncmpiavz6lWuT+1bXs5Vfvf72/J3v/+bXX3j1+/Wv/ygtVuHHJ7JzrfXYT42q56PQkjcYEXcOIliXDGZ/fziK0tb2qYg4HxEPYjQGsk8TAOhl9fpo1Edb0wBAr0uv/wuR5IrNuYBC5HLFYmMO70yM5MrV2vKl0erKo9nI5rBORT73cL5cGm/OFZ6KfJKmJ7LjrfTktvSViDgdET8Z+iRLF2eq5dlufvEBgD52fNv4/8+hxvgPAPS44W4XAAA4dMZ/AOg/xn8A6D//xfjv14EA0CNc/wNA/zH+A0D/2XP8f94m390AADiKvnv3brrVN5r///Xs49WVbxQeX54t1RaKlZWZ4kx1abE4V63OlUvFmXp9r9crV6uLE1c3k7XVtfuV6sqj5fvzlem50v1S/oDrAwDs7fTZl39MImL9xifZFi1rORirobflul0AoGsGul0AoGvcwYP+1cE1vmkA6HG7LNH7nrb/ROiFxV/hqLr4WfP/0K/M/0P/+t/m/7+57+UADp/5f+hf9XpizX8A6DPm+IGPuv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfaqQbUmumK0Fvp4+5orFiBMRcSryycP5cmk8Ik5GxB+G8kNpeqLbhQYAPlLuL0lz/a+LoxcK288eS/41lO0j4snP7/3s6fTy8tJEmv/3zfzlF838yWPdqAAA0OrmzqzGON3ct1zIv33zbObddphFfH2rsbhoGnejuTXODMZgth+OfESM/CNpphvS7ysD+xB//XlEfGar/k9bIhSyOZDGyqfb46exTxxA/K33f3v83Hvxc9m5dJ/P3otPdxRtaB9KDL3j5a1GP9lse2kTa7a/XJzL9ru3/+Gsh/p47/q/jR39X26z/xvYET/J2vy5zfSHS/L66m9v78isjzbOPY/43OBu8ZPN+Emb/vdCh3X80+e/eL7dufovIi7G7vEbKlk3O7ZcWRyrra5dnq9Mz5XmSo8mJ6cmpsavX7k2OZbNUTcef7dbjL/euHSyXfy0/iNt4g/vUf+vdFj/X/77wQ++9IH4X/vy7p//mQ/ET8fEr3YYf3rkZtvlu9P4s23qv9fnf6nD+K/+vDbb4VMBgENQW11bmC6XS0t7HKTfNfd6joOjeRDr2W2cbhej84Nv3f7pk/+DYhzswbsW2q1idLdfAg7eVqPvdkkAAAAAAAAAAAAAAIB2aqtrC0NxsD8n6nYdAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6F3/CQAA//9rHMmx") syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x4800, 0x0, 0x0, 0x0, &(0x7f0000000000)) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) mkdirat(r0, &(0x7f0000000000)='./bus/file0\x00', 0x0) renameat2(r0, &(0x7f0000000240)='./file0\x00', r0, &(0x7f00000000c0)='./bus/file0\x00', 0x2) 1m57.751881745s ago: executing program 39 (id=1872): syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000410, &(0x7f0000000100)={[{@grpid}, {@grpquota}]}, 0x4, 0x4fe, &(0x7f0000000a40)="$eJzs3U9vVF8ZAOD3Tju0vzJQUBZqVBBRNITpH6AhuBAWagghMRJXLqC2Q9N0hmk6LdDKoizdGyVxpR/BnQsTVi7cudOdG1yYoBINNXEx5t4Z2qHt0FHajp15nuTOvefcYd5zZjjnzD2X4QTQt85FxHpEHIuBLD3azE+aW9xsbOnz3r55NrPx5tlMEvX6vb8l2fk0L1r+TOp48zWHI+J734n4YbIzbm11bWG6XC4tNdNjy5XFsdrq2uX5XDNncmpiavz6lWuT+1bXs5Vfvf72/J3v/+bXX3j1+/Wv/ygtVuHHJ7JzrfXYT42q56PQkjcYEXcOIliXDGZ/fziK0tb2qYg4HxEPYjQGsk8TAOhl9fpo1Edb0wBAr0uv/wuR5IrNuYBC5HLFYmMO70yM5MrV2vKl0erKo9nI5rBORT73cL5cGm/OFZ6KfJKmJ7LjrfTktvSViDgdET8Z+iRLF2eq5dlufvEBgD52fNv4/8+hxvgPAPS44W4XAAA4dMZ/AOg/xn8A6D//xfjv14EA0CNc/wNA/zH+A0D/2XP8f94m390AADiKvnv3brrVN5r///Xs49WVbxQeX54t1RaKlZWZ4kx1abE4V63OlUvFmXp9r9crV6uLE1c3k7XVtfuV6sqj5fvzlem50v1S/oDrAwDs7fTZl39MImL9xifZFi1rORirobflul0AoGsGul0AoGvcwYP+1cE1vmkA6HG7LNH7nrb/ROiFxV/hqLr4WfP/0K/M/0P/+t/m/7+57+UADp/5f+hf9XpizX8A6DPm+IGPuv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfaqQbUmumK0Fvp4+5orFiBMRcSryycP5cmk8Ik5GxB+G8kNpeqLbhQYAPlLuL0lz/a+LoxcK288eS/41lO0j4snP7/3s6fTy8tJEmv/3zfzlF838yWPdqAAA0OrmzqzGON3ct1zIv33zbObddphFfH2rsbhoGnejuTXODMZgth+OfESM/CNpphvS7ysD+xB//XlEfGar/k9bIhSyOZDGyqfb46exTxxA/K33f3v83Hvxc9m5dJ/P3otPdxRtaB9KDL3j5a1GP9lse2kTa7a/XJzL9ru3/+Gsh/p47/q/jR39X26z/xvYET/J2vy5zfSHS/L66m9v78isjzbOPY/43OBu8ZPN+Emb/vdCh3X80+e/eL7dufovIi7G7vEbKlk3O7ZcWRyrra5dnq9Mz5XmSo8mJ6cmpsavX7k2OZbNUTcef7dbjL/euHSyXfy0/iNt4g/vUf+vdFj/X/77wQ++9IH4X/vy7p//mQ/ET8fEr3YYf3rkZtvlu9P4s23qv9fnf6nD+K/+vDbb4VMBgENQW11bmC6XS0t7HKTfNfd6joOjeRDr2W2cbhej84Nv3f7pk/+DYhzswbsW2q1idLdfAg7eVqPvdkkAAAAAAAAAAAAAAIB2aqtrC0NxsD8n6nYdAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6F3/CQAA//9rHMmx") syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x4800, 0x0, 0x0, 0x0, &(0x7f0000000000)) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) mkdirat(r0, &(0x7f0000000000)='./bus/file0\x00', 0x0) renameat2(r0, &(0x7f0000000240)='./file0\x00', r0, &(0x7f00000000c0)='./bus/file0\x00', 0x2) 1m4.674873866s ago: executing program 3 (id=2161): mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0) symlinkat(&(0x7f00000001c0)='./file2\x00', 0xffffffffffffff9c, &(0x7f0000000200)='./file6\x00') execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file2\x00', 0x0, 0x0, 0x0) renameat2(0xffffffffffffff9c, 0x0, 0xffffffffffffff9c, 0x0, 0x0) renameat2(0xffffffffffffff9c, &(0x7f0000000b80)='./file6\x00', 0xffffffffffffff9c, &(0x7f0000000bc0)='./file7\x00', 0x0) 1m4.01409568s ago: executing program 3 (id=2165): r0 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/oss_mixer\x00', 0x2002, 0x0) readv(r0, &(0x7f0000000040)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1) write$proc_mixer(r0, &(0x7f0000000140)=ANY=[], 0xb0) r1 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card0/oss_mixer\x00', 0x0, 0x0) dup3(r1, r0, 0x0) 1m3.844249425s ago: executing program 3 (id=2167): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000059c0)='./bus\x00', 0x1400e, &(0x7f0000005a00), 0x1, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV") open(&(0x7f0000000080)='./file1\x00', 0x64842, 0x86) r0 = syz_io_uring_setup(0x279, &(0x7f0000000200)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=0x0, &(0x7f0000000000)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}) io_uring_enter(r0, 0x1ffe, 0x0, 0x0, 0x0, 0x0) 1m3.305563494s ago: executing program 3 (id=2171): mkdir(&(0x7f0000000100)='./file0\x00', 0x0) write$FUSE_NOTIFY_STORE(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB='/'], 0x2) mount$fuse(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0xa6d214, 0x0) chroot(&(0x7f0000000140)='./file0\x00') umount2(&(0x7f0000000040)='./file0\x00', 0x0) 1m2.678766531s ago: executing program 3 (id=2177): r0 = socket$can_raw(0x1d, 0x3, 0x1) r1 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt(r1, 0x65, 0x1, 0x0, 0x0) bind$can_raw(r1, &(0x7f0000000380), 0x10) dup3(r0, r1, 0x0) 1m0.238464314s ago: executing program 3 (id=2190): r0 = io_uring_setup(0x671a, &(0x7f00000003c0)) r1 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f0000000100)=0x80000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, &(0x7f0000000140)={@host, 0x1}) close_range(r0, 0xffffffffffffffff, 0x0) 59.528344967s ago: executing program 40 (id=2190): r0 = io_uring_setup(0x671a, &(0x7f00000003c0)) r1 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f0000000100)=0x80000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, &(0x7f0000000140)={@host, 0x1}) close_range(r0, 0xffffffffffffffff, 0x0) 41.075833591s ago: executing program 0 (id=2191): r0 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7fffffff, 0x400, 0x1, 0xd, 0x1, 0x6, 0x6}, 0x1c) recvmmsg$unix(r0, &(0x7f0000003100)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000480)=""/4096, 0x1000}], 0x1}}], 0x1, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xa, &(0x7f0000000080)=0x1, 0x4) sendmmsg(r0, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000) 37.190502177s ago: executing program 0 (id=2191): r0 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7fffffff, 0x400, 0x1, 0xd, 0x1, 0x6, 0x6}, 0x1c) recvmmsg$unix(r0, &(0x7f0000003100)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000480)=""/4096, 0x1000}], 0x1}}], 0x1, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xa, &(0x7f0000000080)=0x1, 0x4) sendmmsg(r0, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000) 35.344167446s ago: executing program 1 (id=2333): r0 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vcan0\x00', 0x0}) bind$can_j1939(r0, &(0x7f00000000c0)={0x1d, r1, 0x0, {0x1, 0x0, 0x4}, 0x2}, 0x18) connect$can_j1939(r0, &(0x7f0000000140)={0x1d, r1}, 0x18) sendmmsg(r0, &(0x7f0000003e40)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000001c0)="b8", 0x1}], 0x1}}], 0x1, 0x0) 35.007846906s ago: executing program 7 (id=2338): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0x1d, &(0x7f0000000100)=0x2, 0x4) 35.007600037s ago: executing program 4 (id=2339): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NFC_CMD_GET_TARGET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x0, 0x4}, 0x14}}, 0x0) syz_genetlink_get_family_id$nfc(&(0x7f0000000140), r0) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), r0) sendmsg$NL802154_CMD_NEW_INTERFACE(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="010000000000000000000f000000080001000000e6"], 0x1c}}, 0x0) 34.925575891s ago: executing program 4 (id=2340): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000026c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34665c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbccbddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e712a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd13f4cec49669e443dcb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ef8dba2f23b01a9ae44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af40000000000000005f58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef07000000000000006da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405a07feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09c0e5a3bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea10d3cfb41b92ecbb422a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f74562adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b4412331d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd100fcffff007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711c6529ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a22c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29008000000000000005ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc030ea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efd936b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800001f00000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351b9332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a138d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fce43d8c53a8031e64026e0d36b6401064c49a729f11ab377f7132c5232bb80195dd5d43d29646a9378eea0761b7ed9d2172e33ed87c7413c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828b07f1dc7df9c8e5da22dfb9dacbf5529e4e994128d835f85465173ea7bbcc519a0c9798ce8b1b07567e3e07169c8c3e4da8bf725c050000000000000000000000000000000000000000004775abdf0c62728eb55a9e2849a1ce05bed60dfe4cc9fa43f9684297c02382c0a35829be7a86305792a9d2e80ca9e8fc50f31f6e0fa810303da03d8b74b42c1ebaf16bb343256405a3a07229a54de09a97b269cd29e8b2f0b0d46c51a6a93eec37f4bc6e29a8e19120ae050ab682662e9b2cc3263a4aba62b63ca9123a53c0f4bf3c4463b8144c89bf058a0af0ae9fc2b7cdfc4817703e267cddc193637d7fd97646090da37093657643daae3840c7f5c10f93524f7ae4791ec6e9d9722e5f670ccb358e051a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f0000003880)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c9f4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75055df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83766b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b556381768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225c380fac12f8205d182f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42ddd5f393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05bea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d96ee1b84bb64b14aebc6b5194c55dd6890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b07838a3ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8dc0d472672286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8455029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a82a6ef09d0ed9829dec16ab67a4f59a504e09f55ab82bbd405087a17a229a149c53ee9145500db213cb36489a10957739e481a756e65bde579bbbfb404213f661eeaaffacbcfbfd60b1a715c366da2b37ac7e9e3033f8ec04db1c2412e02ccd0617d9fb646c4897750d068c936c3558a94b05d7c65c0d458c0d70d0aa864bc1e324d3f69b1b4061627da875a4b5c2668ab0990623fe6f3b54cd1c79da4baf256f88750c18486330589473e267fa44e220cf40db662b570c2a2fbba9a34a3dd7bbd8368fe506daa62b45797d4b397905a69e58eb436c08cc78963197adb1b16ad83a1a9b420e74c6bcdf1ed0b306141a83bf1268e954ad069257fbfaa1a7ea582badc1a7f2a5b0965f3535872d85c0bc3a233a3ea85df6a8ed76f0f803d54b7bef77d8ea71621f8a78dd17c3b58c5c7476ed6191acbb949e77f7cac81c543f7751e5e1000"/4545], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000001680)={@cgroup=r1, r0, 0x2f, 0x0, 0x0, @void, @value}, 0x20) bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000300)={0x8, 0x0}, 0x8) bpf$BPF_PROG_DETACH(0x9, &(0x7f00000008c0)={@cgroup=r0, r1, 0x2f, 0x2028, 0x4, @void, @void, @value=r2}, 0x20) 34.878753349s ago: executing program 1 (id=2341): r0 = syz_io_uring_setup(0x3332, &(0x7f0000000080)={0x0, 0x0, 0x10100, 0x2, 0x299}, &(0x7f0000000000)=0x0, &(0x7f0000000100)=0x0) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000600)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r4, 0x0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000019c0)=[{&(0x7f00000002c0)=""/183, 0xb7}], 0x1, 0x0, 0xffffffb1}, 0x0, 0x80002101}) io_uring_enter(r0, 0xd81, 0x0, 0x0, 0x0, 0x0) write(r3, &(0x7f0000000040)="f5", 0x1) 34.713081602s ago: executing program 0 (id=2191): r0 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7fffffff, 0x400, 0x1, 0xd, 0x1, 0x6, 0x6}, 0x1c) recvmmsg$unix(r0, &(0x7f0000003100)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000480)=""/4096, 0x1000}], 0x1}}], 0x1, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xa, &(0x7f0000000080)=0x1, 0x4) sendmmsg(r0, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000) 34.629680536s ago: executing program 5 (id=2342): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x50, &(0x7f00000000c0)={[{@data_journal}, {@init_itable_val={'init_itable', 0x3d, 0x81}}, {@dioread_nolock}, {@dax}, {@mblk_io_submit}, {@dioread_lock}, {@noblock_validity}, {@noblock_validity}]}, 0x1, 0x501, &(0x7f0000000ac0)="$eJzs3d9rW20dAPDvSZPZvm9f21e9eH3Bd1WUbeiSdnVb8WKbIHo1UOd9rW1aStOmNOm2liEdXosgoqI3euWN4B8gyP4EEQZ6P0SUodu88EKNnORkq1nSdpomW/v5wNPnOT9yvt8nJSd5zjnJCeDUmoqIGxExEhEXImIim5/LSuy1Srre0yf3FtOSRKNx669JJNm89raSrH47e9hoRHz9KxHfSpLWjH1qO7trC5VKeSubLtXXN0u1nd2Lq+sLK+WV8sbs7MyVuatzl+em+9bXa1/60w+/94svX/vN5+48mv/L+W+n+Y5ny/b3o59az0mh+Vy05SNi6ziCDVHhCOskA8gDAICDpZ/xPxIRn4qIZz8ZdjYAAADAcWhcH49/JhENAAAA4MTKNa+BTXLF7FqA8cjlisXWNbwfi+tRqdbqn12ubm8sta6VnYxCbnm1Up7OrhWejEKSTs802y+mL3VMz0bEuxHxg4mx5nRxsVpZGvbBDwAAADgl0nH+eK7VTqu/T7TG/wAAAMAJMznsBAAAAIBjZ/wPAAAAJ9/L4/+pVpXkOxeMDiQhAAAAoJ++evNmWhrt+18v3d7ZXqvevrhUrq0V17cXi4vVrc3iSrW60vzNvvXDtlepVjc/Hxvbd0v1cq1equ3szq9Xtzfq8837es+Xj3KfaAAAAKC/3j374A9JROx9YaxZUmeyZcbqcLLlXm315LjyAAZvZNgJAEPz0gW+wKlhjA8cNrD3vR8AAHjznfv48/P/Y7Hv/P87jxwbgJPuFc//AyeI8/9wenWc///ZsPIABs8YHzjsOEDP8/+/7X8uAADA8RhvliRXzMYA45HLFYuxF83bAhSS5dVKeToiPhwRv58ofCidnhl20gAAAAAAAAAAAAAAAAAAAAAAAADwhmk0kmgAAAAAJ1pE7s9JRCQxGjHx6fHO4wNnkn9MNOuIuPPTWz+6u1Cvb82k8//2fH79x9n8S8M4ggEAAAB0SsfpkW/VW27kBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECfPX1yb7FdBhn38RcjYrJb/HyMNuvRKETEW8+SyO97XBKjMdKH+Hv3Ix/vdYufpGnFZJZFZ/xcRIz1J378r/Hf7kN8OM0epPufG91ef7mYatbdX3/5rPy/Hk/12v/lnu//Rrru/yLeOWTbZ7L6/Ye/KvWMfz/i/Xz3/U87ftIj/lH3v9/8xu5ur2WNn0ec6/r+k/xXrFJ9fbNU29m9uLq+sFJeKW/Mzs5cmbs6d3luurS8Wilnf7vG+P4nfv3vg/r/Vo/4k736n7RyajS6b/Nsx/S/Ht598tFuKyYRj7+btbv8/9/rFT977j+TvQ+ky8+123ut9n4f/PJ3HxzU/6Ue/T/s/3++10Y7XPjad/7YahWO+AgA4DjVdnbXFiqV8tab3kg78xqk0cfG1OuRRh8bn2x9oozXJZ8BN6YGE2ukP9sZ8o4JAADouxcf+oedCQAAAAAAAAAAAAAAAAAAAJxe7e//t3/L+Th+lmx/vNF2I0kG3lcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIP8JwAA//8IPc1L") r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_int(r0, 0x0, 0xb, &(0x7f0000000040)=0x3, 0x4) setsockopt$IP_VS_SO_SET_STARTDAEMON(r0, 0x0, 0x1a, &(0x7f0000000200)={0x1, 'netdevsim0\x00'}, 0x18) syz_emit_ethernet(0xbe, &(0x7f0000000080)={@broadcast, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x0, 0x0, 0x3, 0x24, 0x0, {0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @local, @dev, {[@cipso={0x86, 0x71, 0x0, [{0x0, 0xc, "e256b28c599d1681fb52"}, {0x0, 0x9, "789607671442eb"}, {0x0, 0xe, "7434954373561de584b703c8"}, {0x0, 0x9, "e706d30bd224f8"}, {0x0, 0x7, "cfa11cab1a"}, {0x0, 0x10, "8475be675de6a70a05a0dc91e5c6"}, {0x0, 0xa, "6580a5e97612fe86"}, {0x0, 0x12, "73bc2300ad9d19a30000000000000000"}, {0x0, 0xc, "c8f46976e79e56c7a95e"}]}, @cipso={0x86, 0xc, 0x0, [{0x0, 0x6, "7f36c525"}]}]}}}}}}}, 0x0) 32.856127712s ago: executing program 8 (id=2344): r0 = socket$inet6(0xa, 0x2, 0x3a) r1 = dup(r0) bind$unix(r1, &(0x7f00000001c0)=@abs={0xa, 0x2}, 0x6e) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0xf5}]}, 0x10) syz_emit_ethernet(0x3e, &(0x7f0000000000)={@broadcast, @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "120008", 0x8, 0x3a, 0x0, @remote, @local, {[], @echo_reply={0x81, 0x0, 0x0, 0x200}}}}}}, 0x0) 32.854620447s ago: executing program 1 (id=2345): r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) recvmmsg(r0, &(0x7f00000043c0)=[{{0x0, 0x0, 0x0}, 0x7}], 0x1, 0x832b, 0x0) setsockopt$inet6_int(r0, 0x29, 0x4d, &(0x7f0000000180)=0x8, 0x4) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c) 32.854030315s ago: executing program 5 (id=2346): add_key$keyring(&(0x7f00000000c0), 0x0, 0x0, 0x0, 0xfffffffffffffffd) r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) r1 = fcntl$dupfd(r0, 0x0, r0) read(r1, 0x0, 0x58) read$rfkill(r1, 0x0, 0x0) 32.824918024s ago: executing program 7 (id=2347): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_NEW_STATION(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000300)={0x44, r1, 0xb97534d5fe9704cf, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_STA_SUPPORTED_RATES={0x4}, @NL80211_ATTR_STA_LISTEN_INTERVAL={0x6}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x185}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_STA_PLINK_ACTION={0x5}]}, 0x44}}, 0x0) 32.824485479s ago: executing program 4 (id=2348): capset(&(0x7f00000004c0)={0x20080522}, &(0x7f0000000500)) r0 = fanotify_init(0x200, 0x0) r1 = dup(r0) fanotify_mark(r0, 0x1, 0x4800107b, r1, 0x0) read$ptp(r1, &(0x7f0000000340)=""/269, 0x10d) 32.506001123s ago: executing program 8 (id=2349): r0 = syz_io_uring_setup(0x543c, &(0x7f00000008c0)={0x0, 0x0, 0x400, 0x0, 0x1000000}, &(0x7f0000000080)=0x0, &(0x7f0000000200)) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) io_uring_enter(r0, 0x5, 0x10a5, 0x3, 0x0, 0x0) io_uring_enter(r0, 0x81e, 0xfffffff9, 0x1, 0x0, 0x0) io_uring_enter(r0, 0xde5, 0x0, 0x0, 0x0, 0x0) 32.505329714s ago: executing program 1 (id=2350): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$netlink(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)=[{0x0, 0x10}], 0x1, 0x0, 0x0, 0x800}, 0x4000) getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x8f) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000100)=@newlink={0x5c, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x20305}, [@IFLA_LINKINFO={0x34, 0x12, 0x0, 0x1, @ip6gre={{0xb}, {0x24, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_FWMARK={0x8, 0x14, 0x5}, @IFLA_GRE_LOCAL={0x14, 0x6, @local}]}}}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x5c}, 0x1, 0x0, 0x0, 0x8000}, 0x80) 32.505169746s ago: executing program 5 (id=2351): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000100)='notify_on_release\x00', 0x2, 0x0) r2 = openat$cgroup_procs(r0, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0) sendfile(r2, r1, 0x0, 0x4) 32.315210928s ago: executing program 0 (id=2191): r0 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7fffffff, 0x400, 0x1, 0xd, 0x1, 0x6, 0x6}, 0x1c) recvmmsg$unix(r0, &(0x7f0000003100)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000480)=""/4096, 0x1000}], 0x1}}], 0x1, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xa, &(0x7f0000000080)=0x1, 0x4) sendmmsg(r0, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000) 30.775120731s ago: executing program 8 (id=2352): r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_INIT(r0, 0x0, 0xc8, &(0x7f0000000180), 0x4) r1 = socket(0x2, 0x3, 0xff) bind$inet(r1, &(0x7f0000000000)={0x2, 0xfffe, @dev={0xac, 0x14, 0x14, 0x27}}, 0x10) connect$inet(r1, &(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10) 30.774447258s ago: executing program 1 (id=2353): symlink(&(0x7f00000049c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f00000059c0)='./file0\x00') r0 = syz_io_uring_setup(0x10e, &(0x7f0000000140)={0x0, 0x8380, 0x10, 0x20000001, 0x801}, &(0x7f0000000340)=0x0, &(0x7f0000000300)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x29c780}) io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0xfffffdcf) 30.774236304s ago: executing program 5 (id=2354): r0 = socket$inet6(0xa, 0x2, 0x0) ioctl$SIOCGSTAMPNS(r0, 0x8907, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) recvmmsg(r0, &(0x7f0000001ec0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c) 30.774100438s ago: executing program 7 (id=2355): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuacct.usage_percpu_user\x00', 0x26e1, 0x0) close(r0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)=@in6={0xa, 0x4e22, 0x0, @mcast2, 0xfffffffd}, 0x80, 0x0, 0x0, 0x0, 0x10}, 0x40010) ioctl$SIOCSIFHWADDR(r0, 0x8b2b, &(0x7f0000000000)={'wlan1\x00'}) 30.773909692s ago: executing program 4 (id=2356): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005345c0f63cdc2e82818254950ee03568b8809a1f04c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab66c1aae9314d7381fcfeb970bea672010000000000000043144648a07a975bd89dc398712376610faa54f12495b4659be8673086f6f3543205d4bc4ce05b8b961103673dff7f158052e62bfbdcddde6985f3f1ac5d9a94cc53207899762a07282a1914452d11858e795a3ca30a101af5574f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5ed44039aab46419496362e54cfad05b4004ac71a003d7b85d07191bed4e5a8908263722d4146f7ed569985439baa355cf3d8731f5e7a237bc06d035a8d601f21746d880819f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c5b9f87d988c9fbd2b9d9b4e2d71753b1549fa734f0b2e5fcf9549804cddad721971637f9c9730a9cc384eed30345979db9c93e1c52f42cad0a4d4f9436d3f39b0ed09c395dc6e970366087a8e4daeeb1b017006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f710c490ecd085d2811a7555c53030000007f00000000bfa6478eb96b079c277e2910b7ccdc3d672ed34aa65278c549e2abb549ad954884289130bc71cee2b7de62bf48129ae1af052a2d46a6165eb0954dac7265f1f425735acf6377793946b3229e861d8ea49806b3b533345d36ecef9df700000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c000000aaae37f044bcadeb0f6846582b7653665aa336db9f0384d3c7ddf79c2e0000000000000000000000000000000000000000000000e154aa0d3e41986a668ee1e5ef93a8ceac75f44aae95e26742f895f287111f8ee86f7e3ffb63cfb0e345cf7fc63dd2b0d30977899c6f03640040af4db71f7452bfc79a05118d8bb42b63b195771e42f9942ec626bd4b5461b74324012164e8"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000240)={@cgroup=r1, r0, 0x2, 0x0, 0x4000, @void, @value}, 0x10) socket$inet_dccp(0x2, 0x6, 0x0) 30.390556131s ago: executing program 7 (id=2357): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000001600)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10) r1 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7c, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000140)={0x2, 0x1, 0x4}) ioctl$vim2m_VIDIOC_STREAMOFF(r1, 0x40045612, &(0x7f0000000040)=0x1) 30.390280535s ago: executing program 5 (id=2358): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000100)={0x26, 'skcipher\x00', 0x0, 0x0, 'cts(cbc(serpent))\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept4(r0, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$devlink(&(0x7f0000000040), r1) 30.390151251s ago: executing program 8 (id=2359): r0 = openat$cuse(0xffffff9c, &(0x7f0000000000), 0x2, 0x0) read$FUSE(r0, &(0x7f0000004bc0)={0x2020, 0x0, 0x0, 0x0, 0x0}, 0x2020) r4 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r0, &(0x7f0000000040)) write$FUSE_ATTR(r0, &(0x7f0000000080)={0x78, 0x0, r1, {0x18, 0xc099, 0x0, {0x3, 0x100, 0x91d, 0x7f, 0x8, 0x9, 0xd, 0x4, 0x0, 0x8000, 0x3, r2, r3, 0x5, 0x2}}}, 0x78) 30.386994141s ago: executing program 4 (id=2360): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe2, 0x1, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x4, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) 30.3133243s ago: executing program 0 (id=2191): r0 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7fffffff, 0x400, 0x1, 0xd, 0x1, 0x6, 0x6}, 0x1c) recvmmsg$unix(r0, &(0x7f0000003100)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000480)=""/4096, 0x1000}], 0x1}}], 0x1, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xa, &(0x7f0000000080)=0x1, 0x4) sendmmsg(r0, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000) 29.361816665s ago: executing program 8 (id=2361): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000000)={@in6={{0xa, 0x4e24, 0x1ff, @dev={0xfe, 0x80, '\x00', 0x3c}, 0x1}}, 0x0, 0x0, 0xd, 0x0, "2fd7f2f48f04e3c998457a8139182990ccdc36e69bd7820f6278cca631154f0f2c99808dd5307b27c1e10aa94a3ca49bd784dba8d807627a76d07cef6e5f8c04ece00499e14123163b1a2b826803db13"}, 0xd8) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r0, 0xfff) syz_emit_ethernet(0x92, &(0x7f0000000140)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd600a8435005c0600fe8000000000000000000000000000bbfe8000000000000000000000000000aa00004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="7002"], 0x0) 29.361280409s ago: executing program 1 (id=2362): r0 = socket$inet(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) connect$netlink(r0, &(0x7f0000000000)=@unspec, 0xc) sendto$inet(r0, 0x0, 0x0, 0x20044810, &(0x7f0000000040)={0x2, 0x4e23, @local}, 0x10) 29.360764018s ago: executing program 5 (id=2363): socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$packet(0x11, 0x3, 0x300) socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) getpeername$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmmsg(r0, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0xdd86, r2, 0x36}, 0x80, &(0x7f0000000140)=[{&(0x7f00000000c0)='O', 0x1}], 0x1, 0x0, 0x0, 0x2f00}}], 0x1, 0x0) 29.360639165s ago: executing program 7 (id=2364): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000001c0)={{r0}, &(0x7f0000000140), &(0x7f0000000180)='%pi6 \x00'}, 0x20) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r0, 0xffffffffffffffff}, 0x4) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x18, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r2}, 0xc) 29.360238661s ago: executing program 4 (id=2365): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) setsockopt$bt_BT_SECURITY(r0, 0x112, 0x4, &(0x7f0000003000)={0x2}, 0x2) sendmsg$inet(r0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0) 29.112483927s ago: executing program 7 (id=2366): r0 = socket(0x2, 0x80805, 0x0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) fadvise64(r0, 0x7, 0xe, 0x3) 5.988064061s ago: executing program 8 (id=2367): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000180)=0x400000001, 0xc2) setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) sendto$inet6(r0, 0x0, 0x2, 0x0, 0x0, 0x0) 0s ago: executing program 0 (id=2191): r0 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7fffffff, 0x400, 0x1, 0xd, 0x1, 0x6, 0x6}, 0x1c) recvmmsg$unix(r0, &(0x7f0000003100)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000480)=""/4096, 0x1000}], 0x1}}], 0x1, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xa, &(0x7f0000000080)=0x1, 0x4) sendmmsg(r0, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000) kernel console output (not intermixed with test programs): be with driver spca561 failed with error -22 [ 353.903691][ T5955] usb 4-1: Quirk or no altset; falling back to MIDI 1.0 [ 353.925385][T11861] EXT4-fs (loop2): 1 truncate cleaned up [ 353.985057][ T5955] usb 4-1: MIDIStreaming interface descriptor not found [ 353.993374][T11861] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 354.129932][T11861] EXT4-fs (loop2): shut down requested (0) [ 354.146165][ T5955] usb 4-1: USB disconnect, device number 4 [ 354.336651][T11874] loop6: detected capacity change from 0 to 1024 [ 354.630243][ T6216] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 355.114963][ T81] hfsplus: b-tree write err: -5, ino 4 [ 355.279992][T11901] loop8: detected capacity change from 0 to 512 [ 355.298212][T11901] EXT4-fs: Ignoring removed mblk_io_submit option [ 355.303998][T11898] loop7: detected capacity change from 0 to 4096 [ 355.357408][T11901] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode [ 355.368223][T11898] ntfs3(loop7): Different NTFS sector size (2048) and media sector size (512). [ 355.414842][T11898] ntfs3(loop7): Mark volume as dirty due to NTFS errors [ 355.478314][T11901] EXT4-fs error (device loop8): ext4_xattr_ibody_find:2240: inode #15: comm syz.8.1651: corrupted in-inode xattr: e_value out of bounds [ 355.605290][T11901] EXT4-fs error (device loop8): ext4_orphan_get:1392: comm syz.8.1651: couldn't read orphan inode 15 (err -117) [ 355.950431][T11901] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 356.164149][T11921] loop2: detected capacity change from 0 to 2048 [ 356.297198][ T7763] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 356.329488][T11921] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 356.498072][T11921] EXT4-fs: Ignoring removed bh option [ 356.623468][T11921] EXT4-fs (loop2): can't disable delalloc during remount [ 356.640857][T11938] loop8: detected capacity change from 0 to 512 [ 356.806399][ T6216] EXT4-fs error (device loop2): ext4_free_inode:354: comm syz-executor: bit already cleared for inode 11 [ 356.845431][T11938] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 356.873107][ T6216] EXT4-fs error (device loop2) in ext4_free_inode:361: Corrupt filesystem [ 356.881390][T11938] ext4 filesystem being mounted at /209/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 356.894633][ T6216] EXT4-fs error (device loop2) in ext4_free_inode:361: Corrupt filesystem [ 356.952337][ T6216] EXT4-fs error (device loop2) in ext4_free_inode:361: Corrupt filesystem [ 356.970823][ T6216] EXT4-fs error (device loop2) in ext4_free_inode:361: Corrupt filesystem [ 357.004370][ T6216] EXT4-fs error (device loop2) in ext4_free_inode:361: Corrupt filesystem [ 357.196727][T11958] loop4: detected capacity change from 0 to 1024 [ 357.321972][T11958] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 357.391085][ T7763] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 357.740685][ T6216] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 357.793515][T11572] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 358.072767][ T35] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 358.222610][ T35] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 358.557085][T11989] loop6: detected capacity change from 0 to 1024 [ 358.587864][T11984] loop4: detected capacity change from 0 to 2048 [ 358.641353][T11989] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 358.689662][ T35] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 358.714092][T11984] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 358.722056][T11989] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 359.452436][T12010] loop7: detected capacity change from 0 to 16 [ 359.484975][T12010] erofs (device loop7): mounted with root inode @ nid 36. [ 359.590613][T11572] UDF-fs: warning (device loop4): udf_evict_inode: Inode 1367 (mode 120777) has inode size 333 different from extent length 512. Filesystem need not be standards compliant. [ 359.908715][ T35] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 359.945347][ T5137] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 359.971312][ T5137] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 359.980718][ T5137] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 359.992950][ T5137] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 360.011023][ T5137] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 360.018801][ T5137] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 360.420997][T11992] loop8: detected capacity change from 0 to 32768 [ 360.428703][T11992] XFS: ikeep mount option is deprecated. [ 360.676566][T11992] XFS (loop8): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 360.767929][ T5922] kernel write not supported for file /sg0 (pid: 5922 comm: kworker/1:5) [ 360.902000][ T35] team0: left allmulticast mode [ 360.906970][ T35] team_slave_1: left allmulticast mode [ 360.914711][T12049] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1681'. [ 360.941844][ T35] team0: left promiscuous mode [ 360.963747][ T35] team_slave_0: left promiscuous mode [ 360.990692][ T35] team_slave_1: left promiscuous mode [ 361.033919][ T35] bridge0: port 3(team0) entered disabled state [ 361.077561][T11992] XFS (loop8): Ending clean mount [ 361.085521][T11992] XFS (loop8): Quotacheck needed: Please wait. [ 361.093316][ T35] bridge_slave_1: left allmulticast mode [ 361.131046][ T35] bridge_slave_1: left promiscuous mode [ 361.139668][ T35] bridge0: port 2(bridge_slave_1) entered disabled state [ 361.150889][T11992] XFS (loop8): Quotacheck: Done. [ 361.233220][T12056] netlink: 224 bytes leftover after parsing attributes in process `syz.6.1683'. [ 361.272328][ T35] bridge_slave_0: left allmulticast mode [ 361.311200][ T35] bridge_slave_0: left promiscuous mode [ 361.342017][ T35] bridge0: port 1(bridge_slave_0) entered disabled state [ 361.766358][T12024] loop7: detected capacity change from 0 to 32768 [ 361.859004][T12024] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 361.882029][T12024] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 361.954134][T12024] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 0ms [ 362.179288][ T5839] Bluetooth: hci3: command tx timeout [ 362.265739][ T5894] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 362.276694][ T5894] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 362.366820][T11992] syz.8.1667 (11992): drop_caches: 2 [ 362.492633][ T7763] XFS (loop8): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 362.627055][ T5894] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 350ms [ 362.634952][ T5894] gfs2: fsid=syz:syz.0: jid=0: Done [ 362.649829][T12024] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 362.909060][T12024] gfs2: fsid=syz:syz.0: gfs2_check_dirent: gfs2_dirent too small (not first in block) [ 362.951350][T12024] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error - inode = 12 2341, function = gfs2_dirent_scan, file = fs/gfs2/dir.c, line = 589 [ 362.976896][T12024] gfs2: fsid=syz:syz.0: G: s:SH n:2/925 f:aqob t:SH d:EX/0 a:0 v:0 r:2 m:20 p:1 [ 363.000048][T12024] gfs2: fsid=syz:syz.0: H: s:SH f:H e:0 p:12024 [syz.7.1677] iterate_dir+0x532/0xb40 [ 363.015069][T12024] gfs2: fsid=syz:syz.0: I: n:12/2341 t:4 f:0x00 d:0x00000001 s:3864 p:0 [ 363.070081][T12024] gfs2: fsid=syz:syz.0: about to withdraw this file system [ 363.084618][T12087] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1690'. [ 363.093077][T12024] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount. [ 363.102670][T12024] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0 [ 363.109335][T12024] gfs2: fsid=syz:syz.0: File system withdrawn [ 363.150116][T12024] CPU: 1 UID: 0 PID: 12024 Comm: syz.7.1677 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0 [ 363.160995][T12024] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 363.171111][T12024] Call Trace: [ 363.174508][T12024] [ 363.177468][T12024] dump_stack_lvl+0x16c/0x1f0 [ 363.182210][T12024] gfs2_withdraw+0xaa3/0x1280 [ 363.186955][T12024] ? __pfx_gfs2_withdraw+0x10/0x10 [ 363.192134][T12024] ? srso_alias_return_thunk+0x5/0xfbef5 [ 363.197841][T12024] gfs2_dirent_scan+0x352/0x400 [ 363.202746][T12024] ? __pfx_gfs2_dirent_gather+0x10/0x10 [ 363.208352][T12024] gfs2_dir_read+0x36a/0x14d0 [ 363.213086][T12024] ? srso_alias_return_thunk+0x5/0xfbef5 [ 363.218787][T12024] ? inode_go_held+0x151/0x210 [ 363.223600][T12024] ? __pfx_inode_go_held+0x10/0x10 [ 363.228760][T12024] ? gfs2_instantiate+0x1eb/0x250 [ 363.233849][T12024] ? srso_alias_return_thunk+0x5/0xfbef5 [ 363.239549][T12024] ? gfs2_glock_wait+0x1e0/0x330 [ 363.244525][T12024] ? __pfx_gfs2_dir_read+0x10/0x10 [ 363.249689][T12024] ? srso_alias_return_thunk+0x5/0xfbef5 [ 363.255393][T12024] ? srso_alias_return_thunk+0x5/0xfbef5 [ 363.261093][T12024] ? gfs2_glock_nq+0xc77/0x1a30 [ 363.265999][T12024] ? do_raw_spin_unlock+0x172/0x230 [ 363.271254][T12024] ? srso_alias_return_thunk+0x5/0xfbef5 [ 363.276956][T12024] gfs2_readdir+0x137/0x1d0 [ 363.281509][T12024] ? iterate_dir+0x424/0xb40 [ 363.286167][T12024] ? __pfx_gfs2_readdir+0x10/0x10 [ 363.291247][T12024] ? iterate_dir+0x532/0xb40 [ 363.295896][T12024] ? srso_alias_return_thunk+0x5/0xfbef5 [ 363.301590][T12024] ? apparmor_file_permission+0x251/0x400 [ 363.307383][T12024] iterate_dir+0x532/0xb40 [ 363.311861][T12024] __x64_sys_getdents+0x148/0x2c0 [ 363.316940][T12024] ? __x64_sys_futex+0x1ea/0x4c0 [ 363.321919][T12024] ? __pfx___x64_sys_getdents+0x10/0x10 [ 363.327519][T12024] ? srso_alias_return_thunk+0x5/0xfbef5 [ 363.333217][T12024] ? xfd_validate_state+0x5d/0x180 [ 363.338370][T12024] ? __pfx_filldir+0x10/0x10 [ 363.343016][T12024] ? srso_alias_return_thunk+0x5/0xfbef5 [ 363.348726][T12024] do_syscall_64+0xcd/0x250 [ 363.353288][T12024] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 363.359239][T12024] RIP: 0033:0x7fb0dad85d19 [ 363.363686][T12024] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 363.383353][T12024] RSP: 002b:00007fb0dbb2f038 EFLAGS: 00000246 ORIG_RAX: 000000000000004e [ 363.391824][T12024] RAX: ffffffffffffffda RBX: 00007fb0daf75fa0 RCX: 00007fb0dad85d19 [ 363.399836][T12024] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 363.407857][T12024] RBP: 00007fb0dae01a20 R08: 0000000000000000 R09: 0000000000000000 [ 363.415868][T12024] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 363.423877][T12024] R13: 0000000000000000 R14: 00007fb0daf75fa0 R15: 00007ffc187ac6f8 [ 363.431917][T12024] [ 363.435054][ C1] vkms_vblank_simulate: vblank timer overrun [ 363.728448][T12073] loop6: detected capacity change from 0 to 32768 [ 363.781039][T12073] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.1686 (12073) [ 363.824189][T12073] BTRFS info (device loop6): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 363.835481][T12073] BTRFS info (device loop6): using sha256 (sha256-ni) checksum algorithm [ 363.865355][T12073] BTRFS info (device loop6): using free-space-tree [ 364.055615][ T29] audit: type=1800 audit(2002660275.349:59): pid=12073 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1686" name="bus" dev="loop6" ino=263 res=0 errno=0 [ 364.204731][ T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 364.207052][ T9464] BTRFS info (device loop6): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 364.240033][ T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 364.257092][ T5137] Bluetooth: hci3: command tx timeout [ 364.284499][ T35] bond0 (unregistering): Released all slaves [ 364.369635][T12017] chnl_net:caif_netlink_parms(): no params data found [ 364.613327][T12110] netlink: 332 bytes leftover after parsing attributes in process `syz.4.1694'. [ 364.698785][T12110] netlink: 196 bytes leftover after parsing attributes in process `syz.4.1694'. [ 364.874859][T12114] loop3: detected capacity change from 0 to 2048 [ 364.928807][T12118] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 365.453366][T12118] NILFS (loop3): vblocknr = 18 has abnormal lifetime: start cno (= 504403158265495554) > current cno (= 3) [ 365.465698][T12118] NILFS error (device loop3): nilfs_bmap_propagate: broken bmap (inode number=2) [ 365.488856][T12118] Remounting filesystem read-only [ 365.527955][ T9859] NILFS (loop3): disposed unprocessed dirty file(s) when stopping log writer [ 365.828122][T12146] loop3: detected capacity change from 0 to 512 [ 365.867718][T12146] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 365.960950][T12146] EXT4-fs (loop3): 1 truncate cleaned up [ 366.022308][T12146] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 366.126627][ T35] hsr_slave_0: left promiscuous mode [ 366.134393][T12146] EXT4-fs (loop3): shut down requested (0) [ 366.182205][ T35] hsr_slave_1: left promiscuous mode [ 366.288478][ T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 366.296146][ T35] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 366.317277][ T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 366.332037][ T5137] Bluetooth: hci3: command tx timeout [ 366.360106][ T35] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 366.404545][ T9859] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 366.471940][ T35] batadv0: left promiscuous mode [ 366.477602][ T35] veth1_macvtap: left promiscuous mode [ 366.521513][ T35] veth0_macvtap: left promiscuous mode [ 366.533506][ T35] veth1_vlan: left promiscuous mode [ 366.559676][ T35] veth0_vlan: left promiscuous mode [ 367.016253][T12167] loop3: detected capacity change from 0 to 1024 [ 367.191521][T12167] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 367.354662][ T9859] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 368.154450][T12170] loop7: detected capacity change from 0 to 32768 [ 368.167416][T12172] loop3: detected capacity change from 0 to 32768 [ 368.180824][T12170] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.1716 (12170) [ 368.348196][T12183] loop4: detected capacity change from 0 to 512 [ 368.356274][T12183] EXT4-fs: Ignoring removed mblk_io_submit option [ 368.365493][T12183] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 368.369861][T12172] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1717 (12172) [ 368.412505][ T5137] Bluetooth: hci3: command tx timeout [ 368.419479][T12170] BTRFS info (device loop7): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 368.433788][T12172] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 368.471275][T12170] BTRFS info (device loop7): using crc32c (crc32c-intel) checksum algorithm [ 368.480281][T12172] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm [ 368.510092][T12170] BTRFS info (device loop7): using free-space-tree [ 368.517508][T12183] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.1721: corrupted in-inode xattr: e_value out of bounds [ 368.543404][T12172] BTRFS info (device loop3): using free-space-tree [ 368.545568][T12183] EXT4-fs error (device loop4): ext4_orphan_get:1392: comm syz.4.1721: couldn't read orphan inode 15 (err -117) [ 368.693476][T12183] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 368.804500][T11572] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 368.903458][ T35] team0 (unregistering): Port device team_slave_1 removed [ 368.944364][T12172] BTRFS info (device loop3): rebuilding free space tree [ 369.104838][ T35] team0 (unregistering): Port device team_slave_0 removed [ 369.119356][T12172] BTRFS info (device loop3): checking UUID tree [ 369.166840][ T6917] BTRFS info (device loop7): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 369.571045][ T9859] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 369.780300][T12225] loop7: detected capacity change from 0 to 512 [ 369.789828][T12225] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 369.829863][T12225] EXT4-fs (loop7): orphan cleanup on readonly fs [ 369.862349][T12225] EXT4-fs error (device loop7): ext4_validate_block_bitmap:440: comm syz.7.1725: bg 0: block 248: padding at end of block bitmap is not set [ 369.896004][T12225] Quota error (device loop7): write_blk: dquota write failed [ 369.903819][T12225] Quota error (device loop7): qtree_write_dquot: Error -117 occurred while creating quota [ 369.915505][T12225] EXT4-fs error (device loop7): ext4_acquire_dquot:6936: comm syz.7.1725: Failed to acquire dquot type 1 [ 369.943157][T12225] EXT4-fs (loop7): 1 truncate cleaned up [ 369.993358][T12225] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 370.049973][T12225] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 370.078224][T12225] EXT4-fs (loop7): warning: mounting fs with errors, running e2fsck is recommended [ 370.143158][T12225] EXT4-fs error (device loop7): __ext4_remount:6749: comm syz.7.1725: Abort forced by user [ 370.164192][T12225] EXT4-fs (loop7): Remounting filesystem read-only [ 370.170786][T12225] EXT4-fs (loop7): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 370.190879][T12225] ext4 filesystem being remounted at /251/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 370.316570][ T6917] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 370.429823][ T29] audit: type=1326 audit(2002660281.719:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12231 comm="syz.7.1726" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb0dad85d19 code=0x0 [ 370.484336][T12017] bridge0: port 1(bridge_slave_0) entered blocking state [ 370.492740][T12017] bridge0: port 1(bridge_slave_0) entered disabled state [ 370.500089][T12017] bridge_slave_0: entered allmulticast mode [ 370.508147][T12017] bridge_slave_0: entered promiscuous mode [ 370.528592][T12017] bridge0: port 2(bridge_slave_1) entered blocking state [ 370.541866][T12017] bridge0: port 2(bridge_slave_1) entered disabled state [ 370.550763][T12017] bridge_slave_1: entered allmulticast mode [ 370.569520][T12017] bridge_slave_1: entered promiscuous mode [ 370.737603][T12017] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 370.803137][T12017] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 370.997740][T12017] team0: Port device team_slave_0 added [ 371.092836][T12248] netlink: 'syz.6.1732': attribute type 18 has an invalid length. [ 371.099522][T12017] team0: Port device team_slave_1 added [ 371.260103][T12248] netdevsim netdevsim6 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 371.269315][T12248] netdevsim netdevsim6 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 371.278578][T12248] netdevsim netdevsim6 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 371.287315][T12248] netdevsim netdevsim6 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 371.843139][T12017] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 371.850153][T12017] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 371.885607][T12259] loop7: detected capacity change from 0 to 40427 [ 371.906165][T12259] F2FS-fs (loop7): invalid crc value [ 371.961266][T12017] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 372.016740][T12259] F2FS-fs (loop7): Found nat_bits in checkpoint [ 372.182192][T12017] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 372.190272][T12017] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 372.281307][T12017] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 372.301995][T12259] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e4 [ 372.362468][ T5922] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 372.449487][ T29] audit: type=1800 audit(2002660283.739:61): pid=12259 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.1735" name="file1" dev="loop7" ino=10 res=0 errno=0 [ 372.497771][T12287] loop6: detected capacity change from 0 to 1024 [ 372.547407][ T6917] syz-executor: attempt to access beyond end of device [ 372.547407][ T6917] loop7: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 372.582768][T12288] tap0: tun_chr_ioctl cmd 1074025677 [ 372.593875][T12287] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 372.609927][ T5922] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 372.636964][T12288] tap0: linktype set to 804 [ 372.645799][ T5922] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 372.656158][ T6917] F2FS-fs (loop7): Stopped filesystem due to reason: 3 [ 372.701197][ T5922] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00 [ 372.710331][ T5922] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 372.771050][ T5922] usb 5-1: config 0 descriptor?? [ 372.788517][T12017] hsr_slave_0: entered promiscuous mode [ 372.789964][T12287] EXT4-fs error (device loop6): ext4_xattr_inode_iget:440: inode #11: comm syz.6.1742: missing EA_INODE flag [ 372.808133][T12293] loop3: detected capacity change from 0 to 512 [ 372.840353][T12017] hsr_slave_1: entered promiscuous mode [ 372.846606][T12287] EXT4-fs (loop6): Remounting filesystem read-only [ 372.869406][T12017] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 372.878246][T12017] Cannot create hsr debugfs directory [ 372.888185][T12293] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 372.892745][T12287] EXT4-fs warning (device loop6): ext4_xattr_inode_dec_ref_all:1228: inode #18: comm syz.6.1742: ea_inode dec ref err=-5 [ 372.915409][T12293] ext4 filesystem being mounted at /84/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 372.962687][T12287] EXT4-fs warning (device loop6): ext4_evict_inode:276: xattr delete (err -5) [ 373.124904][ T9464] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 373.147418][ T9859] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 373.260205][ T5922] pyra 0003:1E7D:2CF6.000C: unknown main item tag 0x0 [ 373.269322][ T5922] pyra 0003:1E7D:2CF6.000C: unknown main item tag 0x0 [ 373.298184][ T5922] pyra 0003:1E7D:2CF6.000C: unknown main item tag 0x0 [ 373.340914][ T5922] pyra 0003:1E7D:2CF6.000C: unknown main item tag 0x0 [ 373.368699][ T5922] pyra 0003:1E7D:2CF6.000C: unknown main item tag 0x0 [ 373.402494][ T5922] pyra 0003:1E7D:2CF6.000C: unknown main item tag 0x0 [ 373.433444][ T5922] pyra 0003:1E7D:2CF6.000C: unknown main item tag 0x0 [ 373.471552][ T5922] pyra 0003:1E7D:2CF6.000C: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.4-1/input0 [ 373.701503][ T5922] pyra 0003:1E7D:2CF6.000C: couldn't init struct pyra_device [ 373.711316][ T5922] pyra 0003:1E7D:2CF6.000C: couldn't install mouse [ 373.725036][ T5922] pyra 0003:1E7D:2CF6.000C: probe with driver pyra failed with error -71 [ 373.749872][ T5922] usb 5-1: USB disconnect, device number 2 [ 374.112363][T12311] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 374.418593][T12323] ptrace attach of "./syz-executor exec"[9464] was attempted by "./syz-executor exec"[12323] [ 374.935266][T12334] loop6: detected capacity change from 0 to 4096 [ 375.226782][T12332] loop7: detected capacity change from 0 to 32768 [ 375.244692][T12334] ntfs3(loop6): Different NTFS sector size (1024) and media sector size (512). [ 375.323207][T12332] XFS (loop7): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 375.819386][T12332] XFS (loop7): Ending clean mount [ 376.162170][T12332] XFS (loop7): Quotacheck needed: Please wait. [ 376.197771][T12360] loop3: detected capacity change from 0 to 128 [ 376.228249][T12330] loop8: detected capacity change from 0 to 32768 [ 376.806633][T12332] XFS (loop7): Quotacheck: Done. [ 376.853543][T12339] loop4: detected capacity change from 0 to 32768 [ 377.240902][T12017] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 377.328795][T12017] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 377.396668][T12017] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 377.445037][T12017] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 377.874679][T12360] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 377.875557][T12017] 8021q: adding VLAN 0 to HW filter on device bond0 [ 377.895131][T12330] XFS (loop8): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 377.906550][T12360] ext4 filesystem being mounted at /89/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 377.932833][ T6917] XFS (loop7): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 377.942033][T12330] workqueue: Failed to create a rescuer kthread for wq "xfs-log/loop8": -EINTR [ 377.942633][T12330] XFS (loop8): log mount failed [ 378.001760][T12339] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 378.046908][T12017] 8021q: adding VLAN 0 to HW filter on device team0 [ 378.325195][T12375] loop6: detected capacity change from 0 to 32768 [ 378.334833][ T1151] bridge0: port 1(bridge_slave_0) entered blocking state [ 378.342005][ T1151] bridge0: port 1(bridge_slave_0) entered forwarding state [ 378.570719][T12339] XFS (loop4): Ending clean mount [ 378.583889][ T9859] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 378.615900][T12339] XFS (loop4): Quotacheck needed: Please wait. [ 378.623366][T12398] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 378.661884][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 378.669048][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 378.768348][T12017] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 378.778904][T12017] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 378.783068][T12375] XFS (loop6): DAX unsupported by block device. Turning off DAX. [ 378.879320][T12375] XFS (loop6): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 378.883251][T12339] XFS (loop4): Quotacheck: Done. [ 379.141565][T11572] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 379.164706][T12418] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1766'. [ 379.286029][T12375] XFS (loop6): Ending clean mount [ 379.297128][T12375] XFS (loop6): Quotacheck needed: Please wait. [ 379.380588][T12375] XFS (loop6): Quotacheck: Done. [ 379.500727][T12017] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 379.749487][T12017] veth0_vlan: entered promiscuous mode [ 379.786783][ T9464] XFS (loop6): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 379.881520][T12017] veth1_vlan: entered promiscuous mode [ 379.903891][T12017] veth0_macvtap: entered promiscuous mode [ 379.913039][T12017] veth1_macvtap: entered promiscuous mode [ 379.928248][T12017] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 379.939398][T12017] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 379.949378][T12017] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 379.960009][T12017] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 379.970866][T12017] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 379.982042][T12017] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 379.991993][T12017] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 380.002614][T12017] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 380.012761][T12017] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 380.031222][T12017] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 380.045909][T12017] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 380.056601][T12017] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 380.067173][T12017] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 380.077624][T12017] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 380.088817][T12017] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 380.099127][T12017] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 380.110117][T12017] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 380.120069][T12017] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 380.130958][T12017] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 380.141417][T12017] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 380.152006][T12017] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 380.163112][T12017] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 380.174687][T12017] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 380.183542][T12017] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 380.192361][T12017] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 380.201265][T12017] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 380.629350][ T1090] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 380.652376][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 380.663910][ T1090] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 380.699515][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 381.832268][T12448] loop6: detected capacity change from 0 to 32768 [ 381.951502][T12469] loop3: detected capacity change from 0 to 256 [ 383.032721][T12507] netlink: 132 bytes leftover after parsing attributes in process `syz.7.1793'. [ 383.214293][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 383.221153][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 383.422962][T12519] loop6: detected capacity change from 0 to 4096 [ 383.626942][T12519] ntfs3(loop6): Failed to initialize $Extend/$ObjId. [ 383.656737][T12521] loop3: detected capacity change from 0 to 512 [ 383.677916][T12521] EXT4-fs: Ignoring removed i_version option [ 383.699780][T12521] EXT4-fs (loop3): Test dummy encryption mode enabled [ 383.741017][T12521] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 383.826474][T12521] EXT4-fs (loop3): 1 truncate cleaned up [ 383.853233][T12521] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 384.239040][T12538] loop1: detected capacity change from 0 to 2048 [ 384.333109][T12544] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 384.433322][T12546] loop6: detected capacity change from 0 to 512 [ 384.528949][T12546] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 384.571715][T12546] ext4 filesystem being mounted at /104/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 384.981898][T12521] fscrypt: AES-256-CBC-CTS using implementation "cts-cbc-aes-aesni" [ 385.111043][ T9464] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 385.126447][T12553] loop7: detected capacity change from 0 to 32768 [ 385.209434][T12540] loop8: detected capacity change from 0 to 32768 [ 385.220575][T12553] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.1808 (12553) [ 385.259392][T12540] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop8 (7:8) scanned by syz.8.1806 (12540) [ 385.275427][T12553] BTRFS info (device loop7): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6 [ 385.313363][T12540] BTRFS info (device loop8): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 385.335268][T12553] BTRFS info (device loop7): using blake2b (blake2b-256-generic) checksum algorithm [ 385.391251][T12540] BTRFS info (device loop8): using sha256 (sha256-ni) checksum algorithm [ 385.400869][ T9859] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 385.432815][T12540] BTRFS info (device loop8): using free-space-tree [ 385.451752][T12553] BTRFS info (device loop7): using free-space-tree [ 386.201870][T12554] loop1: detected capacity change from 0 to 40427 [ 386.267170][T12557] loop4: detected capacity change from 0 to 32768 [ 386.322710][T12554] F2FS-fs (loop1): heap/no_heap options were deprecated [ 386.341920][T12554] F2FS-fs (loop1): invalid crc value [ 386.351470][T12554] F2FS-fs (loop1): Found nat_bits in checkpoint [ 386.385627][T12557] JBD2: Ignoring recovery information on journal [ 386.425345][ T29] audit: type=1800 audit(2002660297.719:62): pid=12540 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.1806" name="bus" dev="loop8" ino=263 res=0 errno=0 [ 386.488109][T12599] loop3: detected capacity change from 0 to 4096 [ 386.712348][T12557] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 386.722546][ T6917] BTRFS info (device loop7): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6 [ 386.747994][T12554] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 386.813907][ T7763] BTRFS info (device loop8): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 386.848724][ T29] audit: type=1800 audit(2002660298.139:63): pid=12599 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1814" name="bus" dev="loop3" ino=0 res=0 errno=0 [ 387.000637][T12608] OCFS2: ERROR (device loop4): ocfs2_validate_inode_block: Invalid dinode #65: signature = [ 387.028842][T12608] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 387.039505][T12608] OCFS2: File system is now read-only. [ 387.046199][T12608] (syz.4.1810,12608,1):ocfs2_find_entry_id:407 ERROR: status = -30 [ 387.081296][T12608] OCFS2: ERROR (device loop4): ocfs2_validate_inode_block: Invalid dinode #65: signature = [ 387.131265][T12608] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 387.142797][T12554] syz.1.1807: attempt to access beyond end of device [ 387.142797][T12554] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 387.248780][T12608] (syz.4.1810,12608,0):ocfs2_assign_bh:2416 ERROR: status = -30 [ 387.263454][T12614] loop3: detected capacity change from 0 to 1024 [ 387.310840][T12608] (syz.4.1810,12608,0):ocfs2_inode_lock_full_nested:2511 ERROR: status = -30 [ 387.331420][T12614] EXT4-fs (loop3): Test dummy encryption mode enabled [ 387.342204][T12608] (syz.4.1810,12608,1):ocfs2_mknod:272 ERROR: status = -30 [ 387.349480][T12608] (syz.4.1810,12608,1):ocfs2_create:676 ERROR: status = -30 [ 387.352941][T12614] EXT4-fs (loop3): stripe (7) is not aligned with cluster size (16), stripe is disabled [ 387.442099][T12017] syz-executor: attempt to access beyond end of device [ 387.442099][T12017] loop1: rw=2049, sector=45104, nr_sectors = 8 limit=40427 [ 387.477302][T12609] OCFS2: ERROR (device loop4): ocfs2_validate_inode_block: Invalid dinode #65: signature = [ 387.489832][T12017] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 387.497521][T12609] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 387.531262][T12609] (syz.4.1810,12609,1):ocfs2_find_entry_id:407 ERROR: status = -30 [ 387.718164][T12614] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 387.867250][T11572] ocfs2: Unmounting device (7,4) on (node local) [ 388.560450][ T9859] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 389.642350][T12663] block nbd6: server does not support multiple connections per device. [ 389.671931][T12662] block nbd6: shutting down sockets [ 389.931505][T12671] hugetlbfs: syz.6.1838 (12671): Using mlock ulimits for SHM_HUGETLB is obsolete [ 389.980565][T12637] loop8: detected capacity change from 0 to 32768 [ 390.149710][T12637] XFS (loop8): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 390.172624][T12684] netlink: 'syz.1.1839': attribute type 29 has an invalid length. [ 390.225605][T12684] netlink: 'syz.1.1839': attribute type 29 has an invalid length. [ 390.284039][T12691] netlink: 'syz.1.1839': attribute type 29 has an invalid length. [ 390.363423][T12684] netlink: 'syz.1.1839': attribute type 29 has an invalid length. [ 390.477157][T12637] XFS (loop8): Ending clean mount [ 390.527841][T12637] XFS (loop8): Quotacheck needed: Please wait. [ 390.730240][T12649] loop4: detected capacity change from 0 to 32768 [ 390.751050][T12637] XFS (loop8): Quotacheck: Done. [ 390.778894][T12649] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 390.787843][T12649] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 390.841441][T12649] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 3ms [ 390.914937][ T5921] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 390.944286][ T5921] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 391.112531][ T7763] XFS (loop8): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 391.152760][ T5921] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 208ms [ 391.175325][ T5921] gfs2: fsid=syz:syz.0: jid=0: Done [ 391.256425][T12649] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 391.287049][T12649] gfs2: fsid=syz:syz.0: gfs2_check_dirent: gfs2_dirent too small (not first in block) [ 391.352097][T12649] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error - inode = 12 2341, function = gfs2_dirent_scan, file = fs/gfs2/dir.c, line = 589 [ 391.419939][T12649] gfs2: fsid=syz:syz.0: G: s:SH n:2/925 f:aqob t:SH d:EX/0 a:0 v:0 r:2 m:20 p:1 [ 391.532092][T12649] gfs2: fsid=syz:syz.0: H: s:SH f:H e:0 p:12649 [syz.4.1831] iterate_dir+0x532/0xb40 [ 391.623747][T12649] gfs2: fsid=syz:syz.0: I: n:12/2341 t:4 f:0x00 d:0x00000001 s:3864 p:0 [ 391.701198][T12649] gfs2: fsid=syz:syz.0: about to withdraw this file system [ 391.708647][T12649] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount. [ 391.735566][T12649] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0 [ 391.758655][T12649] gfs2: fsid=syz:syz.0: File system withdrawn [ 391.771485][T12649] CPU: 0 UID: 0 PID: 12649 Comm: syz.4.1831 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0 [ 391.782345][T12649] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 391.792457][T12649] Call Trace: [ 391.795776][T12649] [ 391.798752][T12649] dump_stack_lvl+0x16c/0x1f0 [ 391.803517][T12649] gfs2_withdraw+0xaa3/0x1280 [ 391.808289][T12649] ? __pfx_gfs2_withdraw+0x10/0x10 [ 391.813490][T12649] ? srso_alias_return_thunk+0x5/0xfbef5 [ 391.819223][T12649] gfs2_dirent_scan+0x352/0x400 [ 391.824152][T12649] ? __pfx_gfs2_dirent_gather+0x10/0x10 [ 391.829782][T12649] gfs2_dir_read+0x36a/0x14d0 [ 391.834631][T12649] ? srso_alias_return_thunk+0x5/0xfbef5 [ 391.840346][T12649] ? inode_go_held+0x151/0x210 [ 391.845173][T12649] ? __pfx_inode_go_held+0x10/0x10 [ 391.850356][T12649] ? gfs2_instantiate+0x1eb/0x250 [ 391.855461][T12649] ? srso_alias_return_thunk+0x5/0xfbef5 [ 391.861188][T12649] ? gfs2_glock_wait+0x1e0/0x330 [ 391.866192][T12649] ? __pfx_gfs2_dir_read+0x10/0x10 [ 391.871383][T12649] ? srso_alias_return_thunk+0x5/0xfbef5 [ 391.877109][T12649] ? srso_alias_return_thunk+0x5/0xfbef5 [ 391.882829][T12649] ? gfs2_glock_nq+0xc77/0x1a30 [ 391.887753][T12649] ? do_raw_spin_unlock+0x172/0x230 [ 391.893036][T12649] ? srso_alias_return_thunk+0x5/0xfbef5 [ 391.898759][T12649] gfs2_readdir+0x137/0x1d0 [ 391.903321][T12649] ? iterate_dir+0x424/0xb40 [ 391.907979][T12649] ? __pfx_gfs2_readdir+0x10/0x10 [ 391.913071][T12649] ? iterate_dir+0x532/0xb40 [ 391.917734][T12649] ? srso_alias_return_thunk+0x5/0xfbef5 [ 391.923537][T12649] ? apparmor_file_permission+0x251/0x400 [ 391.929365][T12649] iterate_dir+0x532/0xb40 [ 391.933864][T12649] __x64_sys_getdents+0x148/0x2c0 [ 391.938958][T12649] ? __x64_sys_futex+0x1ea/0x4c0 [ 391.943954][T12649] ? __pfx___x64_sys_getdents+0x10/0x10 [ 391.949571][T12649] ? srso_alias_return_thunk+0x5/0xfbef5 [ 391.955298][T12649] ? __pfx_filldir+0x10/0x10 [ 391.960486][T12649] ? srso_alias_return_thunk+0x5/0xfbef5 [ 391.966228][T12649] do_syscall_64+0xcd/0x250 [ 391.970816][T12649] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 391.976798][T12649] RIP: 0033:0x7f28a9f85d19 [ 391.981264][T12649] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 392.001033][T12649] RSP: 002b:00007f28aada3038 EFLAGS: 00000246 ORIG_RAX: 000000000000004e [ 392.009614][T12649] RAX: ffffffffffffffda RBX: 00007f28aa175fa0 RCX: 00007f28a9f85d19 [ 392.017646][T12649] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 392.025665][T12649] RBP: 00007f28aa001a20 R08: 0000000000000000 R09: 0000000000000000 [ 392.033865][T12649] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 392.041966][T12649] R13: 0000000000000000 R14: 00007f28aa175fa0 R15: 00007ffd65838378 [ 392.050007][T12649] [ 392.053079][ C0] vkms_vblank_simulate: vblank timer overrun [ 393.189228][T12751] loop1: detected capacity change from 0 to 2048 [ 393.235008][T12751] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 393.593242][T12760] loop6: detected capacity change from 0 to 128 [ 393.609104][T12762] loop4: detected capacity change from 0 to 512 [ 393.688278][T12762] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 393.822649][T12762] EXT4-fs error (device loop4): ext4_validate_block_bitmap:440: comm syz.4.1852: bg 0: block 425: padding at end of block bitmap is not set [ 393.956709][T12762] EXT4-fs (loop4): Remounting filesystem read-only [ 393.989930][T12773] loop8: detected capacity change from 0 to 1024 [ 393.998277][T12762] EXT4-fs (loop4): error restoring inline_data for inode -- potential data loss! (inode 15, error -5) [ 394.003903][T12769] loop1: detected capacity change from 0 to 2048 [ 394.024973][ T9464] FAT-fs (loop6): error, invalid access to FAT (entry 0xffff0000) [ 394.100761][T12773] EXT4-fs (loop8): Test dummy encryption mode enabled [ 394.107867][ T9464] FAT-fs (loop6): Filesystem has been set read-only [ 394.151322][T12773] EXT4-fs (loop8): stripe (7) is not aligned with cluster size (16), stripe is disabled [ 394.155904][T12769] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 394.259024][T10521] udevd[10521]: incorrect nilfs2 checksum on /dev/loop1 [ 394.286221][T12773] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 394.307602][ T9464] FAT-fs (loop6): error, corrupted directory (invalid entries) [ 394.321436][ T9464] FAT-fs (loop6): error, corrupted directory (invalid entries) [ 394.481903][T12769] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=15) [ 394.513230][T12781] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 394.552313][ T29] audit: type=1800 audit(2002660305.749:64): pid=12769 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1860" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 394.573158][ T29] audit: type=1800 audit(2002660305.749:65): pid=12769 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1860" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 394.745904][T12769] Remounting filesystem read-only [ 394.754914][T11572] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 394.765411][T12769] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=15) [ 394.854569][T12769] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=15) [ 395.045284][ T7763] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 395.069571][T12017] NILFS (loop1): disposed unprocessed dirty file(s) when detaching log writer [ 395.447015][ T67] netdevsim netdevsim6 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 395.466495][ T67] netdevsim netdevsim6 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 395.504188][T12801] netlink: 132 bytes leftover after parsing attributes in process `syz.8.1869'. [ 395.654992][ T67] netdevsim netdevsim6 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 395.701636][ T67] netdevsim netdevsim6 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 395.806070][ T67] netdevsim netdevsim6 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 395.872112][ T67] netdevsim netdevsim6 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 396.025194][ T67] netdevsim netdevsim6 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 396.072128][ T67] netdevsim netdevsim6 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 396.442104][T12822] loop7: detected capacity change from 0 to 128 [ 396.494198][T12822] FAT-fs (loop7): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 396.518221][ T67] bridge_slave_1: left allmulticast mode [ 396.551221][ T67] bridge_slave_1: left promiscuous mode [ 396.557107][ T67] bridge0: port 2(bridge_slave_1) entered disabled state [ 396.663933][ T67] bridge_slave_0: left allmulticast mode [ 396.669651][ T67] bridge_slave_0: left promiscuous mode [ 396.711357][ T67] bridge0: port 1(bridge_slave_0) entered disabled state [ 396.761531][ T5925] usb 9-1: new high-speed USB device number 11 using dummy_hcd [ 396.836654][T12794] loop3: detected capacity change from 0 to 32768 [ 396.922889][T12794] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 396.961311][T12794] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 397.016854][ T5925] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 397.040107][T12794] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 0ms [ 397.057839][ T5925] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 397.082162][ T5894] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 397.089063][ T5894] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 397.102817][ T5925] usb 9-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 397.133560][T12834] syz.7.1880 uses obsolete (PF_INET,SOCK_PACKET) [ 397.149247][ T5925] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 397.185237][ T5925] usb 9-1: SerialNumber: syz [ 397.199745][ T5839] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 397.251491][ T5839] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 397.268241][ T5839] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 397.284967][ T5839] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 397.304218][ T5839] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 397.312990][ T5839] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 397.334758][ T5894] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 245ms [ 397.348903][ T5894] gfs2: fsid=syz:syz.0: jid=0: Done [ 397.370466][T12794] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 397.430879][ T5925] usb 9-1: 0:2 : does not exist [ 397.474416][ T5925] usb 9-1: 5:0: failed to get current value for ch 0 (-22) [ 397.527650][T12794] gfs2: fsid=syz:syz.0: gfs2_check_dirent: gfs2_dirent too small (not first in block) [ 397.554097][ T5925] usb 9-1: 5:0: cannot get min/max values for control 2 (id 5) [ 397.569273][T12794] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error - inode = 12 2341, function = gfs2_dirent_scan, file = fs/gfs2/dir.c, line = 589 [ 397.651278][T12794] gfs2: fsid=syz:syz.0: G: s:SH n:2/925 f:aqob t:SH d:EX/0 a:0 v:0 r:2 m:20 p:1 [ 397.679745][ T5925] usb 9-1: USB disconnect, device number 11 [ 397.731387][T12794] gfs2: fsid=syz:syz.0: H: s:SH f:H e:0 p:12794 [syz.3.1866] iterate_dir+0x532/0xb40 [ 397.749245][T12812] loop1: detected capacity change from 0 to 32768 [ 397.771841][T12794] gfs2: fsid=syz:syz.0: I: n:12/2341 t:4 f:0x00 d:0x00000001 s:3864 p:0 [ 397.780358][T12794] gfs2: fsid=syz:syz.0: about to withdraw this file system [ 397.832771][T12794] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount. [ 397.883367][T12812] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 397.911636][T12794] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0 [ 397.918755][T12794] gfs2: fsid=syz:syz.0: File system withdrawn [ 397.940432][T10521] udevd[10521]: error opening ATTR{/sys/devices/platform/dummy_hcd.8/usb9/9-1/9-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 397.967400][T12794] CPU: 1 UID: 0 PID: 12794 Comm: syz.3.1866 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0 [ 397.978241][T12794] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 397.988344][T12794] Call Trace: [ 397.991664][T12794] [ 397.994636][T12794] dump_stack_lvl+0x16c/0x1f0 [ 397.999395][T12794] gfs2_withdraw+0xaa3/0x1280 [ 398.004150][T12794] ? __pfx_gfs2_withdraw+0x10/0x10 [ 398.009334][T12794] ? srso_alias_return_thunk+0x5/0xfbef5 [ 398.015035][T12794] gfs2_dirent_scan+0x352/0x400 [ 398.019936][T12794] ? __pfx_gfs2_dirent_gather+0x10/0x10 [ 398.025539][T12794] gfs2_dir_read+0x36a/0x14d0 [ 398.030441][T12794] ? srso_alias_return_thunk+0x5/0xfbef5 [ 398.036133][T12794] ? inode_go_held+0x151/0x210 [ 398.040937][T12794] ? __pfx_inode_go_held+0x10/0x10 [ 398.046093][T12794] ? gfs2_instantiate+0x1eb/0x250 [ 398.051180][T12794] ? srso_alias_return_thunk+0x5/0xfbef5 [ 398.056869][T12794] ? gfs2_glock_wait+0x1e0/0x330 [ 398.061845][T12794] ? __pfx_gfs2_dir_read+0x10/0x10 [ 398.067008][T12794] ? srso_alias_return_thunk+0x5/0xfbef5 [ 398.072707][T12794] ? srso_alias_return_thunk+0x5/0xfbef5 [ 398.078398][T12794] ? gfs2_glock_nq+0xc77/0x1a30 [ 398.083294][T12794] ? do_raw_spin_unlock+0x172/0x230 [ 398.088547][T12794] ? srso_alias_return_thunk+0x5/0xfbef5 [ 398.094250][T12794] gfs2_readdir+0x137/0x1d0 [ 398.098797][T12794] ? iterate_dir+0x424/0xb40 [ 398.103440][T12794] ? __pfx_gfs2_readdir+0x10/0x10 [ 398.108513][T12794] ? iterate_dir+0x532/0xb40 [ 398.113157][T12794] ? srso_alias_return_thunk+0x5/0xfbef5 [ 398.118850][T12794] ? apparmor_file_permission+0x251/0x400 [ 398.124662][T12794] iterate_dir+0x532/0xb40 [ 398.129144][T12794] __x64_sys_getdents+0x148/0x2c0 [ 398.134305][T12794] ? __x64_sys_futex+0x1ea/0x4c0 [ 398.139282][T12794] ? __pfx___x64_sys_getdents+0x10/0x10 [ 398.144882][T12794] ? srso_alias_return_thunk+0x5/0xfbef5 [ 398.150576][T12794] ? xfd_validate_state+0x5d/0x180 [ 398.155729][T12794] ? __pfx_filldir+0x10/0x10 [ 398.160371][T12794] ? srso_alias_return_thunk+0x5/0xfbef5 [ 398.166079][T12794] do_syscall_64+0xcd/0x250 [ 398.170640][T12794] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 398.176590][T12794] RIP: 0033:0x7f9196d85d19 [ 398.181037][T12794] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 398.200703][T12794] RSP: 002b:00007f9197afb038 EFLAGS: 00000246 ORIG_RAX: 000000000000004e [ 398.209173][T12794] RAX: ffffffffffffffda RBX: 00007f9196f75fa0 RCX: 00007f9196d85d19 [ 398.217270][T12794] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 398.225275][T12794] RBP: 00007f9196e01a20 R08: 0000000000000000 R09: 0000000000000000 [ 398.233277][T12794] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 398.241275][T12794] R13: 0000000000000000 R14: 00007f9196f75fa0 R15: 00007ffc18a16518 [ 398.249300][T12794] [ 398.393448][T12816] loop4: detected capacity change from 0 to 40427 [ 398.420390][T12816] F2FS-fs (loop4): Invalid segment/section count (31, 24 x 1) [ 398.449707][T12812] XFS (loop1): Ending clean mount [ 398.459277][T12812] XFS (loop1): Quotacheck needed: Please wait. [ 398.465932][T12816] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock [ 398.495844][T12816] F2FS-fs (loop4): build fault injection attr: rate: 0, type: 0x4 [ 398.511489][T12816] F2FS-fs (loop4): invalid crc value [ 398.554451][T12812] XFS (loop1): Quotacheck: Done. [ 398.560789][T12816] F2FS-fs (loop4): Found nat_bits in checkpoint [ 398.841942][T12812] XFS (loop1): User initiated shutdown received. [ 398.878824][T12812] XFS (loop1): Log I/O Error (0x6) detected at xfs_fs_goingdown+0x160/0x190 (fs/xfs/xfs_fsops.c:452). Shutting down filesystem. [ 398.943038][T12812] XFS (loop1): Please unmount the filesystem and rectify the problem(s) [ 399.214692][T12017] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 399.381230][ T5137] Bluetooth: hci4: command tx timeout [ 399.722485][ T67] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 399.805001][ T67] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 399.829281][T12870] loop1: detected capacity change from 0 to 256 [ 399.850250][ T67] bond0 (unregistering): Released all slaves [ 400.859174][T12898] loop8: detected capacity change from 0 to 512 [ 400.951705][T12898] EXT4-fs: Ignoring removed i_version option [ 400.971390][T12898] EXT4-fs (loop8): Test dummy encryption mode enabled [ 400.978211][T12898] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode [ 401.184298][T12898] EXT4-fs (loop8): 1 truncate cleaned up [ 401.197092][T12898] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 401.216758][T12906] loop4: detected capacity change from 0 to 256 [ 401.256149][T12906] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 401.261063][ T67] hsr_slave_0: left promiscuous mode [ 401.341161][ T67] hsr_slave_1: left promiscuous mode [ 401.401253][ T67] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 401.408724][ T67] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 401.442096][ T67] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 401.449529][ T67] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 401.456810][ T5137] Bluetooth: hci4: command tx timeout [ 401.577090][ T7763] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 401.671662][ T67] veth1_macvtap: left promiscuous mode [ 401.678081][ T67] veth0_macvtap: left promiscuous mode [ 401.691306][ T67] veth1_vlan: left promiscuous mode [ 401.696653][ T67] veth0_vlan: left promiscuous mode [ 401.803413][T12922] loop7: detected capacity change from 0 to 64 [ 401.902866][T12922] hfs: get root inode failed [ 402.582731][ T29] audit: type=1326 audit(2002660313.879:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12938 comm="syz.8.1904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24e7b85d19 code=0x7ffc0000 [ 402.672340][ T29] audit: type=1326 audit(2002660313.879:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12938 comm="syz.8.1904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24e7b85d19 code=0x7ffc0000 [ 402.795204][ T29] audit: type=1326 audit(2002660314.029:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12938 comm="syz.8.1904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f24e7b85d19 code=0x7ffc0000 [ 402.830626][T12930] loop4: detected capacity change from 0 to 32768 [ 402.971209][ T29] audit: type=1326 audit(2002660314.029:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12938 comm="syz.8.1904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24e7b85d19 code=0x7ffc0000 [ 403.010427][ T5199] loop4: p1 p9 p11 [ 403.112365][ T29] audit: type=1326 audit(2002660314.029:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12938 comm="syz.8.1904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24e7b85d19 code=0x7ffc0000 [ 403.146608][ T29] audit: type=1326 audit(2002660314.039:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12938 comm="syz.8.1904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f24e7b85d19 code=0x7ffc0000 [ 403.169031][ T29] audit: type=1326 audit(2002660314.039:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12938 comm="syz.8.1904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24e7b85d19 code=0x7ffc0000 [ 403.191530][ T29] audit: type=1326 audit(2002660314.039:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12938 comm="syz.8.1904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24e7b85d19 code=0x7ffc0000 [ 403.223286][ T29] audit: type=1326 audit(2002660314.109:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12938 comm="syz.8.1904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f24e7b85d19 code=0x7ffc0000 [ 403.261213][ T29] audit: type=1326 audit(2002660314.109:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12938 comm="syz.8.1904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24e7b85d19 code=0x7ffc0000 [ 403.404332][T12958] loop3: detected capacity change from 0 to 2048 [ 403.533752][ T5137] Bluetooth: hci4: command tx timeout [ 403.587744][ T5954] udevd[5954]: inotify_add_watch(7, /dev/loop4p11, 10) failed: No such file or directory [ 403.598208][ T5950] udevd[5950]: inotify_add_watch(7, /dev/loop4p9, 10) failed: No such file or directory [ 403.615109][T10521] udevd[10521]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 403.627009][T12966] loop7: detected capacity change from 0 to 512 [ 403.682128][T12966] EXT4-fs: Ignoring removed i_version option [ 403.688792][T12958] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 403.748452][T12966] EXT4-fs (loop7): Test dummy encryption mode enabled [ 403.796802][T12966] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode [ 403.938958][T12966] EXT4-fs (loop7): 1 truncate cleaned up [ 403.962383][T12966] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 404.184311][ T6917] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 404.242060][ T968] usb 9-1: new high-speed USB device number 12 using dummy_hcd [ 404.371835][ T8] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 404.446364][ T968] usb 9-1: Using ep0 maxpacket: 8 [ 404.455491][ T968] usb 9-1: unable to get BOS descriptor or descriptor too short [ 404.469095][ T67] team0 (unregistering): Port device team_slave_1 removed [ 404.480331][ T968] usb 9-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 404.499754][ T968] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 404.525749][ T968] usb 9-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 404.535277][ T8] usb 5-1: Using ep0 maxpacket: 8 [ 404.551422][ T968] usb 9-1: config 1 has no interface number 1 [ 404.562296][ T968] usb 9-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 404.579811][ T67] team0 (unregistering): Port device team_slave_0 removed [ 404.589071][ T968] usb 9-1: config 1 interface 2 altsetting 1 has an endpoint descriptor with address 0x1E, changing to 0xE [ 404.602180][ T8] usb 5-1: New USB device found, idVendor=0ccd, idProduct=10a3, bcdDevice=23.a2 [ 404.621035][ T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 404.634703][ T968] usb 9-1: config 1 interface 2 altsetting 1 endpoint 0xE has an invalid bInterval 0, changing to 7 [ 404.645679][ T8] usb 5-1: Product: syz [ 404.650607][ T8] usb 5-1: Manufacturer: syz [ 404.664680][ T8] usb 5-1: SerialNumber: syz [ 404.676077][ T968] usb 9-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 404.686308][ T968] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 404.706365][ T8] usb 5-1: config 0 descriptor?? [ 404.711691][ T968] usb 9-1: Product: syz [ 404.715982][ T968] usb 9-1: Manufacturer: syz [ 404.728066][ T968] usb 9-1: SerialNumber: syz [ 404.935116][ T8] usb 5-1: dvb_usb_v2: found a 'Terratec H7' in warm state [ 404.981993][ T968] usb 9-1: 2:1 : no or invalid class specific endpoint descriptor [ 404.994465][ T968] usb 9-1: 2:1 : unknown format tag 0x5 is detected. processed as MPEG. [ 405.003078][ T968] usb 9-1: found format II with max.bitrate = 0, frame size=39301 [ 405.011041][ T968] usb 9-1: 2:1 : no or invalid class specific endpoint descriptor [ 405.020846][ T968] usb 9-1: 2:1 : unknown format tag 0x5 is detected. processed as MPEG. [ 405.029371][ T968] usb 9-1: found format II with max.bitrate = 0, frame size=39301 [ 405.163747][ T968] usb 9-1: USB disconnect, device number 12 [ 405.441663][T10520] udevd[10520]: error opening ATTR{/sys/devices/platform/dummy_hcd.8/usb9/9-1/9-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 405.562349][T12991] loop3: detected capacity change from 0 to 128 [ 405.611446][ T5137] Bluetooth: hci4: command tx timeout [ 405.704396][T12991] VFS: Found a Xenix FS (block size = 512) on device loop3 [ 405.728523][T12991] capability: warning: `syz.3.1918' uses deprecated v2 capabilities in a way that may be insecure [ 405.775387][ T8] usb write operation failed. (-71) [ 405.804448][ T8] usb 5-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 405.816126][T12991] syz.3.1918: attempt to access beyond end of device [ 405.816126][T12991] loop3: rw=2049, sector=2066843070, nr_sectors = 1 limit=128 [ 405.861496][ T8] dvbdev: DVB: registering new adapter (Terratec H7) [ 405.868256][ T8] usb 5-1: media controller created [ 405.941664][ T8] usb read operation failed. (-71) [ 405.963619][ T8] usb write operation failed. (-71) [ 405.978960][T13001] loop8: detected capacity change from 0 to 2048 [ 405.983668][ T8] dvb_usb_az6007 5-1:0.0: probe with driver dvb_usb_az6007 failed with error -5 [ 406.041410][ T8] usb 5-1: USB disconnect, device number 3 [ 406.076785][ T9859] sysv_free_block: trying to free block not in datazone [ 406.096926][ T9859] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 406.146077][T13001] UDF-fs: warning (device loop8): udf_load_vrs: No anchor found [ 406.165482][T13001] UDF-fs: Scanning with blocksize 512 failed [ 406.177637][T13001] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 406.199956][T12835] chnl_net:caif_netlink_parms(): no params data found [ 406.731671][ T7763] UDF-fs: warning (device loop8): udf_evict_inode: Inode 830 (mode 120777) has inode size 14 different from extent length 1024. Filesystem need not be standards compliant. [ 406.927377][T13032] loop3: detected capacity change from 0 to 4096 [ 407.005198][T13032] NILFS (loop3): invalid segment: Checksum error in segment payload [ 407.054770][T13032] NILFS (loop3): trying rollback from an earlier position [ 407.112658][T12835] bridge0: port 1(bridge_slave_0) entered blocking state [ 407.121895][T13032] NILFS (loop3): recovery complete [ 407.140054][T13039] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 407.157762][T12835] bridge0: port 1(bridge_slave_0) entered disabled state [ 407.201456][T12835] bridge_slave_0: entered allmulticast mode [ 407.290782][T12835] bridge_slave_0: entered promiscuous mode [ 407.325327][T12835] bridge0: port 2(bridge_slave_1) entered blocking state [ 407.363036][T12835] bridge0: port 2(bridge_slave_1) entered disabled state [ 407.370427][T12835] bridge_slave_1: entered allmulticast mode [ 407.424991][T12835] bridge_slave_1: entered promiscuous mode [ 407.585822][T13051] loop4: detected capacity change from 0 to 128 [ 407.625928][T12835] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 407.766349][T12835] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 407.983285][T12835] team0: Port device team_slave_0 added [ 408.052147][T12835] team0: Port device team_slave_1 added [ 408.237050][T12835] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 408.285087][T12835] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 408.311081][ C0] vkms_vblank_simulate: vblank timer overrun [ 408.496311][T12835] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 408.513937][T13028] loop1: detected capacity change from 0 to 32768 [ 408.740419][T12835] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 408.783604][T13028] XFS (loop1): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 408.791279][T12835] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 408.824185][T12835] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 408.987839][T12835] hsr_slave_0: entered promiscuous mode [ 408.997319][T12835] hsr_slave_1: entered promiscuous mode [ 409.000322][T13028] XFS (loop1): Ending clean mount [ 409.009267][T12835] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 409.012007][T13028] XFS (loop1): Quotacheck needed: Please wait. [ 409.017372][T12835] Cannot create hsr debugfs directory [ 409.094038][T13028] XFS (loop1): Quotacheck: Done. [ 409.257947][T12017] XFS (loop1): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 409.459104][T13104] loop3: detected capacity change from 0 to 512 [ 409.667654][T13102] loop4: detected capacity change from 0 to 4096 [ 409.677604][T13104] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 409.706824][T13102] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 409.758272][T13104] ext4 filesystem being mounted at /130/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 410.103303][T13102] ntfs3(loop4): Inode r=19 is not in use! [ 410.125028][T13123] loop8: detected capacity change from 0 to 1024 [ 410.132335][T13123] EXT4-fs: Ignoring removed i_version option [ 410.138389][T13123] EXT4-fs: Ignoring removed bh option [ 410.161646][T13102] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 410.241497][T13102] ntfs3(loop4): Failed to initialize $Extend/$Reparse. [ 410.295044][T13123] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 410.416366][T13102] ntfs3(loop4): ino=5, "/" attr_set_size [ 410.458478][ T9859] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 410.870779][T13138] loop7: detected capacity change from 0 to 2048 [ 410.928420][T13138] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 410.984014][T13145] loop3: detected capacity change from 0 to 64 [ 411.083509][T13145] Trying to free block not in datazone [ 411.102792][T13145] Trying to free block not in datazone [ 411.105089][ T7763] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 411.134895][T13145] Trying to free block not in datazone [ 411.145065][T13145] Trying to free block not in datazone [ 411.169652][T13145] minix_free_block (loop3:6): bit already cleared [ 411.214606][T13145] Trying to free block not in datazone [ 411.242529][ T5891] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 411.251577][T13145] Trying to free block not in datazone [ 411.521257][ T5891] usb 5-1: Using ep0 maxpacket: 32 [ 411.564100][ T5891] usb 5-1: config 0 has an invalid interface number: 51 but max is 0 [ 411.572336][ T5891] usb 5-1: config 0 has no interface number 0 [ 411.616080][ T5891] usb 5-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 411.620261][T13124] loop1: detected capacity change from 0 to 32768 [ 411.634835][ T5891] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 411.689811][ T5891] usb 5-1: Product: syz [ 411.694203][ T5891] usb 5-1: Manufacturer: syz [ 411.699006][T13124] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 411.707530][ T5891] usb 5-1: SerialNumber: syz [ 411.713182][ T5891] usb 5-1: config 0 descriptor?? [ 411.733059][ T5891] quatech2 5-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 411.778351][T13124] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 411.888028][T13124] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 0ms [ 411.897501][ T5925] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 411.905894][ T5925] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 411.922331][T13161] netlink: 188 bytes leftover after parsing attributes in process `syz.7.1955'. [ 412.002459][ T5891] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 412.037232][T13161] netlink: 'syz.7.1955': attribute type 1 has an invalid length. [ 412.066536][ T5925] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 160ms [ 412.096598][ T5925] gfs2: fsid=syz:syz.0: jid=0: Done [ 412.104894][ T5891] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 412.163532][T13124] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 412.242228][T13144] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 412.309913][T13144] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 412.321581][T13124] gfs2: fsid=syz:syz.0: gfs2_check_dirent: gfs2_dirent too small (not first in block) [ 412.384314][T13124] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error - inode = 12 2341, function = gfs2_dirent_scan, file = fs/gfs2/dir.c, line = 589 [ 412.412709][T13124] gfs2: fsid=syz:syz.0: G: s:SH n:2/925 f:aqob t:SH d:EX/0 a:0 v:0 r:2 m:20 p:1 [ 412.494481][T13124] gfs2: fsid=syz:syz.0: H: s:SH f:H e:0 p:13124 [syz.1.1940] iterate_dir+0x532/0xb40 [ 412.526671][T13124] gfs2: fsid=syz:syz.0: I: n:12/2341 t:4 f:0x00 d:0x00000001 s:3864 p:0 [ 412.556953][T13124] gfs2: fsid=syz:syz.0: about to withdraw this file system [ 412.579918][T13124] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount. [ 412.615475][ C0] usb 5-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 412.616746][ T5925] usb 5-1: USB disconnect, device number 4 [ 412.645895][T13124] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0 [ 412.662729][T13124] gfs2: fsid=syz:syz.0: File system withdrawn [ 412.668844][T13124] CPU: 1 UID: 0 PID: 13124 Comm: syz.1.1940 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0 [ 412.679664][T13124] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 412.689758][T13124] Call Trace: [ 412.693063][T13124] [ 412.696023][T13124] dump_stack_lvl+0x16c/0x1f0 [ 412.700767][T13124] gfs2_withdraw+0xaa3/0x1280 [ 412.705514][T13124] ? __pfx_gfs2_withdraw+0x10/0x10 [ 412.710701][T13124] ? srso_alias_return_thunk+0x5/0xfbef5 [ 412.716417][T13124] gfs2_dirent_scan+0x352/0x400 [ 412.721330][T13124] ? __pfx_gfs2_dirent_gather+0x10/0x10 [ 412.727117][T13124] gfs2_dir_read+0x36a/0x14d0 [ 412.731860][T13124] ? srso_alias_return_thunk+0x5/0xfbef5 [ 412.737562][T13124] ? inode_go_held+0x151/0x210 [ 412.742381][T13124] ? __pfx_inode_go_held+0x10/0x10 [ 412.747548][T13124] ? gfs2_instantiate+0x1eb/0x250 [ 412.752640][T13124] ? srso_alias_return_thunk+0x5/0xfbef5 [ 412.758329][T13124] ? gfs2_glock_wait+0x1e0/0x330 [ 412.763302][T13124] ? __pfx_gfs2_dir_read+0x10/0x10 [ 412.768464][T13124] ? srso_alias_return_thunk+0x5/0xfbef5 [ 412.774334][T13124] ? srso_alias_return_thunk+0x5/0xfbef5 [ 412.780029][T13124] ? gfs2_glock_nq+0xc77/0x1a30 [ 412.784930][T13124] ? do_raw_spin_unlock+0x172/0x230 [ 412.790181][T13124] ? srso_alias_return_thunk+0x5/0xfbef5 [ 412.795880][T13124] gfs2_readdir+0x137/0x1d0 [ 412.800424][T13124] ? iterate_dir+0x424/0xb40 [ 412.805064][T13124] ? __pfx_gfs2_readdir+0x10/0x10 [ 412.810135][T13124] ? iterate_dir+0x532/0xb40 [ 412.814775][T13124] ? srso_alias_return_thunk+0x5/0xfbef5 [ 412.820466][T13124] ? apparmor_file_permission+0x251/0x400 [ 412.826255][T13124] iterate_dir+0x532/0xb40 [ 412.830725][T13124] __x64_sys_getdents+0x148/0x2c0 [ 412.835805][T13124] ? __x64_sys_futex+0x1ea/0x4c0 [ 412.840789][T13124] ? __pfx___x64_sys_getdents+0x10/0x10 [ 412.846390][T13124] ? srso_alias_return_thunk+0x5/0xfbef5 [ 412.852085][T13124] ? xfd_validate_state+0x5d/0x180 [ 412.857248][T13124] ? __pfx_filldir+0x10/0x10 [ 412.861910][T13124] ? srso_alias_return_thunk+0x5/0xfbef5 [ 412.867616][T13124] do_syscall_64+0xcd/0x250 [ 412.872178][T13124] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 412.878122][T13124] RIP: 0033:0x7f437e385d19 [ 412.882566][T13124] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 412.902214][T13124] RSP: 002b:00007f437f1e3038 EFLAGS: 00000246 ORIG_RAX: 000000000000004e [ 412.910666][T13124] RAX: ffffffffffffffda RBX: 00007f437e575fa0 RCX: 00007f437e385d19 [ 412.918668][T13124] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 412.926666][T13124] RBP: 00007f437e401a20 R08: 0000000000000000 R09: 0000000000000000 [ 412.934668][T13124] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 412.942668][T13124] R13: 0000000000000000 R14: 00007f437e575fa0 R15: 00007ffd300a80a8 [ 412.950689][T13124] [ 413.002330][ T5925] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 413.031947][ T5925] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 413.053508][ T5925] quatech2 5-1:0.51: device disconnected [ 413.137691][T13183] loop8: detected capacity change from 0 to 1024 [ 413.168185][T13183] EXT4-fs: Ignoring removed orlov option [ 413.210777][T13183] EXT4-fs: Ignoring removed nomblk_io_submit option [ 413.324978][T13183] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 413.429011][T13188] loop3: detected capacity change from 0 to 2048 [ 413.458986][T12835] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 413.553973][T12835] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 413.605539][T13188] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 413.664704][T12835] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 413.713360][T13188] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1217: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 413.744246][ T7763] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 413.783515][T12835] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 413.811195][T13188] EXT4-fs (loop3): Remounting filesystem read-only [ 413.859693][T13196] loop4: detected capacity change from 0 to 2048 [ 413.995445][T12835] 8021q: adding VLAN 0 to HW filter on device bond0 [ 414.012971][T12835] 8021q: adding VLAN 0 to HW filter on device team0 [ 414.025620][ T1151] bridge0: port 1(bridge_slave_0) entered blocking state [ 414.032792][ T1151] bridge0: port 1(bridge_slave_0) entered forwarding state [ 414.073443][T13196] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 414.131784][ T67] bridge0: port 2(bridge_slave_1) entered blocking state [ 414.138952][ T67] bridge0: port 2(bridge_slave_1) entered forwarding state [ 414.233018][ T9859] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 414.799985][T13221] loop7: detected capacity change from 0 to 1024 [ 414.865166][T13221] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 415.262776][T12835] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 415.271445][T13204] loop8: detected capacity change from 0 to 32768 [ 415.351617][T13204] ocfs2: Mounting device (7,8) on (node local, slot 0) with ordered data mode. [ 415.453831][ T6917] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 415.799964][T12835] veth0_vlan: entered promiscuous mode [ 415.833202][T12835] veth1_vlan: entered promiscuous mode [ 415.903140][T12835] veth0_macvtap: entered promiscuous mode [ 415.909481][ T7763] ocfs2: Unmounting device (7,8) on (node local) [ 415.939683][T12835] veth1_macvtap: entered promiscuous mode [ 416.029987][T12835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 416.051710][T12835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 416.063723][T12835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 416.075313][T12835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 416.085560][T12835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 416.106127][T12835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 416.138456][T12835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 416.149409][T12835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 416.171405][T12835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 416.208481][T12835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 416.223085][T12835] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 416.249709][T12835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 416.261382][T12835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 416.271933][T12835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 416.282730][T12835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 416.293055][T12835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 416.316544][T12835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 416.331596][T12835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 416.350318][T12835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 416.360449][T12835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 416.372024][T12835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 416.383436][T12835] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 416.402843][T12835] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 416.419185][T12835] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 416.439379][T12835] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 416.448553][T12835] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 416.611396][ T67] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 416.619280][ T67] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 416.651966][ T67] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 416.659837][ T67] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 416.936388][T13282] loop1: detected capacity change from 0 to 256 [ 417.207056][T13282] FAT-fs (loop1): Directory bread(block 64) failed [ 417.214113][T13282] FAT-fs (loop1): Directory bread(block 65) failed [ 417.220762][T13282] FAT-fs (loop1): Directory bread(block 66) failed [ 417.228574][T13282] FAT-fs (loop1): Directory bread(block 67) failed [ 417.235670][T13282] FAT-fs (loop1): Directory bread(block 68) failed [ 417.243587][T13282] FAT-fs (loop1): Directory bread(block 69) failed [ 417.250219][T13282] FAT-fs (loop1): Directory bread(block 70) failed [ 417.257486][T13282] FAT-fs (loop1): Directory bread(block 71) failed [ 417.264404][T13282] FAT-fs (loop1): Directory bread(block 72) failed [ 417.271060][T13282] FAT-fs (loop1): Directory bread(block 73) failed [ 417.419674][T13287] loop5: detected capacity change from 0 to 32768 [ 417.516906][T13287] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 417.530000][T13287] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 417.794478][T13287] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 0ms [ 417.817607][ T968] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 417.838162][ T968] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 417.979276][T13289] loop7: detected capacity change from 0 to 32768 [ 417.991608][ T5891] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 418.170106][T13289] XFS (loop7): DAX unsupported by block device. Turning off DAX. [ 418.181354][ T968] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 343ms [ 418.189509][ T968] gfs2: fsid=syz:syz.0: jid=0: Done [ 418.197355][T13287] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 418.206991][T13289] XFS (loop7): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 418.233001][ T5891] usb 4-1: New USB device found, idVendor=093a, idProduct=2601, bcdDevice= 8.8f [ 418.242472][ T5891] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 418.254301][ T5891] usb 4-1: config 0 descriptor?? [ 418.464804][T13287] gfs2: fsid=syz:syz.0: gfs2_check_dirent: gfs2_dirent too small (not first in block) [ 418.511386][T13287] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error - inode = 12 2341, function = gfs2_dirent_scan, file = fs/gfs2/dir.c, line = 589 [ 418.649658][T13287] gfs2: fsid=syz:syz.0: G: s:SH n:2/925 f:aqob t:SH d:EX/0 a:0 v:0 r:2 m:20 p:1 [ 418.664147][T13287] gfs2: fsid=syz:syz.0: H: s:SH f:H e:0 p:13287 [syz.5.1975] iterate_dir+0x532/0xb40 [ 418.692531][T13287] gfs2: fsid=syz:syz.0: I: n:12/2341 t:4 f:0x00 d:0x00000001 s:3864 p:0 [ 418.709057][ T5891] usb 4-1: string descriptor 0 read error: -22 [ 418.716043][T13289] XFS (loop7): Ending clean mount [ 418.718218][ T5891] gspca_main: pac7311-2.14.0 probing 093a:2601 [ 418.744397][T13287] gfs2: fsid=syz:syz.0: about to withdraw this file system [ 418.773051][T13289] XFS (loop7): Quotacheck needed: Please wait. [ 418.808556][T13287] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount. [ 418.818405][T13287] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0 [ 418.841453][T13287] gfs2: fsid=syz:syz.0: File system withdrawn [ 418.847600][T13287] CPU: 0 UID: 0 PID: 13287 Comm: syz.5.1975 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0 [ 418.858417][T13287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 418.868528][T13287] Call Trace: [ 418.871838][T13287] [ 418.874794][T13287] dump_stack_lvl+0x16c/0x1f0 [ 418.879530][T13287] gfs2_withdraw+0xaa3/0x1280 [ 418.884285][T13287] ? __pfx_gfs2_withdraw+0x10/0x10 [ 418.889464][T13287] ? srso_alias_return_thunk+0x5/0xfbef5 [ 418.895167][T13287] gfs2_dirent_scan+0x352/0x400 [ 418.900070][T13287] ? __pfx_gfs2_dirent_gather+0x10/0x10 [ 418.905684][T13287] gfs2_dir_read+0x36a/0x14d0 [ 418.910420][T13287] ? srso_alias_return_thunk+0x5/0xfbef5 [ 418.916291][T13287] ? inode_go_held+0x151/0x210 [ 418.921099][T13287] ? __pfx_inode_go_held+0x10/0x10 [ 418.926263][T13287] ? gfs2_instantiate+0x1eb/0x250 [ 418.931348][T13287] ? srso_alias_return_thunk+0x5/0xfbef5 [ 418.937042][T13287] ? gfs2_glock_wait+0x1e0/0x330 [ 418.942015][T13287] ? __pfx_gfs2_dir_read+0x10/0x10 [ 418.947178][T13287] ? srso_alias_return_thunk+0x5/0xfbef5 [ 418.952882][T13287] ? srso_alias_return_thunk+0x5/0xfbef5 [ 418.958578][T13287] ? gfs2_glock_nq+0xc77/0x1a30 [ 418.963487][T13287] ? do_raw_spin_unlock+0x172/0x230 [ 418.968738][T13287] ? srso_alias_return_thunk+0x5/0xfbef5 [ 418.974439][T13287] gfs2_readdir+0x137/0x1d0 [ 418.978987][T13287] ? iterate_dir+0x424/0xb40 [ 418.983721][T13287] ? __pfx_gfs2_readdir+0x10/0x10 [ 418.988805][T13287] ? iterate_dir+0x532/0xb40 [ 418.993452][T13287] ? srso_alias_return_thunk+0x5/0xfbef5 [ 418.999144][T13287] ? apparmor_file_permission+0x251/0x400 [ 419.004940][T13287] iterate_dir+0x532/0xb40 [ 419.009415][T13287] __x64_sys_getdents+0x148/0x2c0 [ 419.014492][T13287] ? __x64_sys_futex+0x1ea/0x4c0 [ 419.019469][T13287] ? __pfx___x64_sys_getdents+0x10/0x10 [ 419.025068][T13287] ? srso_alias_return_thunk+0x5/0xfbef5 [ 419.030764][T13287] ? xfd_validate_state+0x5d/0x180 [ 419.035920][T13287] ? __pfx_filldir+0x10/0x10 [ 419.040565][T13287] ? srso_alias_return_thunk+0x5/0xfbef5 [ 419.046278][T13287] do_syscall_64+0xcd/0x250 [ 419.050840][T13287] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 419.056814][T13287] RIP: 0033:0x7eff8b785d19 [ 419.061266][T13287] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 419.080939][T13287] RSP: 002b:00007eff8c62f038 EFLAGS: 00000246 ORIG_RAX: 000000000000004e [ 419.089405][T13287] RAX: ffffffffffffffda RBX: 00007eff8b975fa0 RCX: 00007eff8b785d19 [ 419.097419][T13287] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 419.105425][T13287] RBP: 00007eff8b801a20 R08: 0000000000000000 R09: 0000000000000000 [ 419.113428][T13287] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 419.121430][T13287] R13: 0000000000000000 R14: 00007eff8b975fa0 R15: 00007fff40214fd8 [ 419.129454][T13287] [ 419.191253][ T5891] gspca_pac7311: reg_w() failed index 0xff, value 0x01, error -71 [ 419.199208][ T5891] pac7311 4-1:0.0: probe with driver pac7311 failed with error -71 [ 419.206826][T13289] XFS (loop7): Quotacheck: Done. [ 419.294801][ T5891] usb 4-1: USB disconnect, device number 5 [ 419.558291][T13322] loop8: detected capacity change from 0 to 32768 [ 419.651378][T13322] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop8 (7:8) scanned by syz.8.1983 (13322) [ 419.924674][T13343] xt_CT: You must specify a L4 protocol and not use inversions on it [ 420.034822][T13322] BTRFS info (device loop8): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 420.071459][T13322] BTRFS info (device loop8): using crc32c (crc32c-intel) checksum algorithm [ 420.080251][T13322] BTRFS info (device loop8): disk space caching is enabled [ 420.138907][ T6917] XFS (loop7): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 420.165585][T13322] BTRFS warning (device loop8): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 420.399130][T13354] loop3: detected capacity change from 0 to 2048 [ 420.542006][T13354] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 421.009564][T13375] loop5: detected capacity change from 0 to 1024 [ 421.017185][T13375] EXT4-fs: Ignoring removed oldalloc option [ 421.356566][T13322] BTRFS info (device loop8): rebuilding free space tree [ 421.412216][T13375] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 421.464090][T13322] BTRFS info (device loop8): disabling free space tree [ 421.471092][T13322] BTRFS info (device loop8): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 421.541166][T13322] BTRFS info (device loop8): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 421.771084][T12835] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 421.881363][ T7763] BTRFS info (device loop8): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 422.608011][T13421] loop7: detected capacity change from 0 to 1024 [ 422.812591][T13421] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 422.941668][T13421] ext4 filesystem being mounted at /303/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 423.123011][T13428] loop8: detected capacity change from 0 to 32768 [ 423.297772][ T5891] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 423.308353][T13428] ocfs2: Mounting device (7,8) on (node local, slot 0) with ordered data mode. [ 423.421638][ T6917] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 423.805198][T13411] loop5: detected capacity change from 0 to 32768 [ 423.875107][T13411] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.2003 (13411) [ 423.979338][T13443] netlink: 40 bytes leftover after parsing attributes in process `syz.7.2013'. [ 424.152905][T13411] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 424.194403][ T5891] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 424.211354][ T5891] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 424.220233][T13411] BTRFS info (device loop5): using sha256 (sha256-ni) checksum algorithm [ 424.247195][T13425] loop4: detected capacity change from 0 to 32768 [ 424.252566][ T5891] usb 2-1: config 0 descriptor?? [ 424.263338][ T5891] cp210x 2-1:0.0: cp210x converter detected [ 424.281276][T13411] BTRFS info (device loop5): using free-space-tree [ 424.299568][ T7763] ocfs2: Unmounting device (7,8) on (node local) [ 424.409769][T13433] loop3: detected capacity change from 0 to 32768 [ 424.783949][ T29] kauditd_printk_skb: 5 callbacks suppressed [ 424.783977][ T29] audit: type=1800 audit(2002660336.079:81): pid=13433 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2012" name="file1" dev="loop3" ino=4 res=0 errno=0 [ 424.811642][ T5891] cp210x 2-1:0.0: failed to get vendor val 0x0010 size 3: -32 [ 424.834407][ T5891] usb 2-1: cp210x converter now attached to ttyUSB0 [ 424.854086][T13425] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.2009 (13425) [ 424.915443][ T29] audit: type=1800 audit(2002660336.129:82): pid=13433 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2012" name="file1" dev="loop3" ino=4 res=0 errno=0 [ 425.044468][ T5925] usb 2-1: USB disconnect, device number 7 [ 425.053650][ T5925] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 425.153646][T13425] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 425.171260][T13425] BTRFS info (device loop4): using sha256 (sha256-ni) checksum algorithm [ 425.226852][T13474] loop8: detected capacity change from 0 to 2048 [ 425.308673][T13474] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 425.510827][T13476] tmpfs: Unknown parameter './bus' [ 425.625508][T12835] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 425.633396][T13425] workqueue: Failed to create a rescuer kthread for wq "btrfs-cache": -EINTR [ 425.927950][T13490] IPVS: dh: UDP 224.0.0.2:0 - no destination available [ 426.004415][ T5925] cp210x 2-1:0.0: device disconnected [ 426.089895][T13425] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR [ 426.090178][T13425] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR [ 426.151451][ T5922] IPVS: starting estimator thread 0... [ 426.180418][T13425] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR [ 426.180717][T13425] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR [ 426.191631][T13425] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR [ 426.280770][T13425] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR [ 426.291204][T13425] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR [ 426.292078][T13496] IPVS: using max 17 ests per chain, 40800 per kthread [ 426.301441][T13425] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR [ 426.529428][T13425] BTRFS error (device loop4): open_ctree failed [ 426.768461][ T5925] kernel write not supported for file /audio1 (pid: 5925 comm: kworker/1:6) [ 428.361535][T13556] loop1: detected capacity change from 0 to 128 [ 428.493365][T13563] loop4: detected capacity change from 0 to 1024 [ 428.535527][T13563] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 428.644168][ T29] audit: type=1800 audit(2002660339.939:83): pid=13563 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2036" name="bus" dev="loop4" ino=18 res=0 errno=0 [ 428.919627][T13532] loop5: detected capacity change from 0 to 32768 [ 428.972471][T13578] loop8: detected capacity change from 0 to 64 [ 428.981049][T13532] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.2018 (13532) [ 429.023824][T13532] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 429.036046][T11572] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 429.046253][T13532] BTRFS info (device loop5): using crc32c (crc32c-intel) checksum algorithm [ 429.063150][T13532] BTRFS info (device loop5): using free-space-tree [ 429.074618][T13580] Trying to free block not in datazone [ 429.083974][T13580] Trying to free block not in datazone [ 429.089561][T13580] Trying to free block not in datazone [ 429.125148][T13580] Trying to free block not in datazone [ 429.160947][T13580] minix_free_block (loop8:6): bit already cleared [ 429.172413][T13580] Trying to free block not in datazone [ 429.288048][T13580] Trying to free block not in datazone [ 429.441648][T13607] netlink: 'syz.1.2041': attribute type 10 has an invalid length. [ 429.727232][T13607] team0: Port device netdevsim0 added [ 429.935352][T12835] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 429.992339][ T5922] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 430.174038][ T5922] usb 5-1: Using ep0 maxpacket: 16 [ 430.204386][ T5922] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 430.241288][ T5922] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 430.291492][ T5922] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 430.343138][ T5922] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 430.387495][ T5922] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 430.489787][ T5922] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 430.517255][ T5922] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 430.561513][ T5922] usb 5-1: Manufacturer: syz [ 430.574535][ T5922] usb 5-1: config 0 descriptor?? [ 431.041242][ T5922] rc_core: IR keymap rc-hauppauge not found [ 431.062520][ T5922] Registered IR keymap rc-empty [ 431.082169][ T5922] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 431.131420][ T5922] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 431.191914][ T5922] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0 [ 431.214002][T13656] loop1: detected capacity change from 0 to 512 [ 431.252624][ T5922] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input18 [ 431.262909][T13656] EXT4-fs: Ignoring removed mblk_io_submit option [ 431.297333][ T5922] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 431.321304][T13656] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 431.351733][ T5922] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 431.371893][ T5922] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 431.392671][T13656] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b042c118, mo2=0002] [ 431.401300][ T5922] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 431.441489][ T5922] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 431.447102][T13656] System zones: 1-12 [ 431.474585][ T5922] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 431.487328][T13656] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #15: comm syz.1.2057: corrupted in-inode xattr: e_value size too large [ 431.501615][ T5922] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 431.521291][ T5922] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 431.554281][T13656] EXT4-fs error (device loop1): ext4_orphan_get:1392: comm syz.1.2057: couldn't read orphan inode 15 (err -117) [ 431.561379][ T5922] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 431.629610][ T5922] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 431.638446][T13656] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 431.673803][ T5922] mceusb 5-1:0.0: Registered 424242424242 with mce emulator interface version 1 [ 431.721223][ T5922] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 431.898909][T13656] EXT4-fs warning (device loop1): dx_probe:832: inode #2: comm syz.1.2057: Unrecognised inode hash code 4 [ 432.015647][T13656] EXT4-fs warning (device loop1): dx_probe:965: inode #2: comm syz.1.2057: Corrupt directory, running e2fsck is recommended [ 432.095884][T13678] ALSA: mixer_oss: invalid OSS volume '' [ 432.482755][T12017] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 432.702734][ T5922] usb 5-1: USB disconnect, device number 5 [ 432.766932][T13683] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 432.796481][T13686] loop7: detected capacity change from 0 to 1024 [ 432.985693][T13650] loop3: detected capacity change from 0 to 40427 [ 433.045916][T13650] F2FS-fs (loop3): Small segment_count (9 < 1 * 24) [ 433.053959][T13650] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 433.063385][T13674] loop5: detected capacity change from 0 to 131072 [ 433.082744][T13674] F2FS-fs (loop5): Segment count (31) mismatch with total segments from devices (0) [ 433.092264][T13674] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 433.189713][T13674] F2FS-fs (loop5): invalid crc value [ 433.263750][T13674] F2FS-fs (loop5): Found nat_bits in checkpoint [ 433.326365][T13686] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 433.344715][T13674] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0 [ 433.347628][T13650] F2FS-fs (loop3): Found nat_bits in checkpoint [ 433.352057][T13674] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e4 [ 433.404165][T13674] F2FS-fs (loop5): f2fs_fill_dentries: corrupted namelen=24152, run fsck to fix. [ 433.458952][T13686] EXT4-fs (loop7): shut down requested (0) [ 433.513448][ T8] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 433.562040][T13707] EXT4-fs error (device loop7): ext4_expand_extra_isize_ea:2793: inode #15: comm syz.7.2065: corrupted in-inode xattr: bad magic number in in-inode xattr [ 433.650550][T13707] EXT4-fs (loop7): Remounting filesystem read-only [ 433.811727][ T8] usb 2-1: Using ep0 maxpacket: 8 [ 433.819071][T13650] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 433.819113][ T8] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 433.837027][ T8] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 433.847472][ T8] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 433.857750][ T8] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 433.870916][ T8] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 433.872753][T13650] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 433.880111][ T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 433.937057][ T6917] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 433.939314][T13650] syz.3.2055: attempt to access beyond end of device [ 433.939314][T13650] loop3: rw=2049, sector=53248, nr_sectors = 112 limit=40427 [ 434.053174][ T9859] syz-executor: attempt to access beyond end of device [ 434.053174][ T9859] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 434.071243][ T9859] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 434.205864][ T8] usb 2-1: GET_CAPABILITIES returned 0 [ 434.212467][ T8] usbtmc 2-1:16.0: can't read capabilities [ 434.612073][T13720] loop4: detected capacity change from 0 to 32768 [ 434.730219][T13722] loop7: detected capacity change from 0 to 32768 [ 434.737907][T13722] XFS: ikeep mount option is deprecated. [ 435.023595][T13720] JBD2: Ignoring recovery information on journal [ 435.120760][T13720] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 435.144080][ T5922] usb 2-1: USB disconnect, device number 8 [ 435.212114][T13722] XFS (loop7): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 435.319340][ T29] audit: type=1800 audit(2002660346.609:84): pid=13720 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2074" name="file1" dev="loop4" ino=17058 res=0 errno=0 [ 435.411353][ T8] usb 9-1: new full-speed USB device number 13 using dummy_hcd [ 435.733205][T13722] XFS (loop7): Ending clean mount [ 435.740915][T13722] XFS (loop7): Quotacheck needed: Please wait. [ 435.830959][T13746] loop5: detected capacity change from 0 to 32768 [ 435.890596][T13746] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.2076 (13746) [ 435.969179][T13753] syzkaller1: entered promiscuous mode [ 435.973970][T11572] ocfs2: Unmounting device (7,4) on (node local) [ 435.987317][T13753] syzkaller1: entered allmulticast mode [ 436.041955][ T8] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 436.061276][ T8] usb 9-1: config 1 interface 1 altsetting 1 endpoint 0x3 has an invalid bInterval 0, changing to 10 [ 436.111062][ T8] usb 9-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 512, setting to 64 [ 436.141605][T13722] XFS (loop7): Quotacheck: Done. [ 436.355658][T13746] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 436.430359][T13746] BTRFS info (device loop5): using sha256 (sha256-ni) checksum algorithm [ 436.475411][ T8] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 436.484877][ T8] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 436.494186][ T8] usb 9-1: Product: syz [ 436.498779][ T8] usb 9-1: Manufacturer: syz [ 436.525280][T13746] BTRFS info (device loop5): using free-space-tree [ 436.540407][ T8] usb 9-1: SerialNumber: syz [ 436.589504][T13762] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2077'. [ 436.613188][ T6917] XFS (loop7): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 436.775856][ T5894] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 436.802895][T13725] raw-gadget.1 gadget.8: fail, usb_ep_enable returned -22 [ 436.974310][ T5894] usb 4-1: Using ep0 maxpacket: 8 [ 436.984468][ T5894] usb 4-1: config index 0 descriptor too short (expected 301, got 45) [ 436.993159][ T5894] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 437.070605][ T5894] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 437.111080][ T5894] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 437.185639][ T5894] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 437.228968][ T5894] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 437.271748][ T5894] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 437.421917][T13725] raw-gadget.1 gadget.8: fail, usb_ep_enable returned -22 [ 437.560371][ T5894] usb 4-1: usb_control_msg returned -32 [ 437.601795][T12835] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 437.621296][ T5894] usbtmc 4-1:16.0: can't read capabilities [ 437.635941][ T8] cdc_ncm 9-1:1.0: bind() failure [ 437.673962][ T8] cdc_ncm 9-1:1.1: probe with driver cdc_ncm failed with error -71 [ 437.723294][ T8] cdc_mbim 9-1:1.1: probe with driver cdc_mbim failed with error -71 [ 437.776176][ T8] usbtest 9-1:1.1: probe with driver usbtest failed with error -71 [ 437.818525][T13804] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2086'. [ 437.873251][ T8] usb 9-1: USB disconnect, device number 13 [ 438.005556][T13810] loop4: detected capacity change from 0 to 512 [ 438.025302][T13807] usbtmc 4-1:16.0: INITIATE_ABORT_BULK_IN returned 0 [ 438.134160][T13810] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 438.227784][ T5925] usb 4-1: USB disconnect, device number 6 [ 438.240072][T13810] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 438.292048][T13810] ext4 filesystem being mounted at /82/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 438.592587][T13823] input: syz1 as /devices/virtual/input/input19 [ 438.728058][T11572] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 439.215931][T13846] loop8: detected capacity change from 0 to 64 [ 439.370027][T13847] loop1: detected capacity change from 0 to 2048 [ 439.473448][T13847] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 439.541219][ T29] audit: type=1326 audit(2002660350.829:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13856 comm="syz.7.2104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0dad85d19 code=0x7ffc0000 [ 439.610265][ T29] audit: type=1326 audit(2002660350.829:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13856 comm="syz.7.2104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0dad85d19 code=0x7ffc0000 [ 439.632917][ T29] audit: type=1326 audit(2002660350.829:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13856 comm="syz.7.2104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=52 compat=0 ip=0x7fb0dad85d19 code=0x7ffc0000 [ 439.655273][ C0] vkms_vblank_simulate: vblank timer overrun [ 439.661580][ T29] audit: type=1326 audit(2002660350.829:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13856 comm="syz.7.2104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0dad85d19 code=0x7ffc0000 [ 439.844461][T12017] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 440.351616][ T5921] kernel read not supported for file /sequencer2 (pid: 5921 comm: kworker/1:4) [ 441.277378][T13885] loop3: detected capacity change from 0 to 40427 [ 441.336359][T13839] loop5: detected capacity change from 0 to 40427 [ 441.458153][T13839] F2FS-fs (loop5): build fault injection attr: rate: 771, type: 0x1fffff [ 441.529391][T13839] F2FS-fs (loop5): invalid crc value [ 441.549368][T13885] F2FS-fs (loop3): Invalid Fs Meta Ino: node(1) meta(262146) root(3) [ 441.557872][T13885] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock [ 441.580203][T13839] F2FS-fs (loop5): Found nat_bits in checkpoint [ 441.778271][T13923] syzkaller1: entered promiscuous mode [ 441.784152][T13923] syzkaller1: entered allmulticast mode [ 441.795235][T13885] F2FS-fs (loop3): Found nat_bits in checkpoint [ 441.935701][T13914] loop7: detected capacity change from 0 to 4096 [ 441.946050][ T968] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 442.061750][T13885] F2FS-fs (loop3): Try to recover 2th superblock, ret: 0 [ 442.071251][T13885] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 442.110694][T13932] loop1: detected capacity change from 0 to 128 [ 442.121408][T13919] f2fs_ckpt-7:3: attempt to access beyond end of device [ 442.121408][T13919] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 442.172408][ T968] usb 5-1: config index 0 descriptor too short (expected 45, got 36) [ 442.182401][ T968] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 442.183258][T13919] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 442.194112][ T968] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 442.211692][T13839] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 442.211745][ T968] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 442.231288][ T968] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 442.245117][ T968] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 442.254419][ T968] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 442.308875][T13932] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 442.315481][ T968] usb 5-1: config 0 descriptor?? [ 442.355716][T13932] ext4 filesystem being mounted at /63/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 442.363619][T13912] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 442.818787][T12017] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 442.901259][ T5137] Bluetooth: hci0: command 0x0406 tx timeout [ 443.017347][T13953] loop7: detected capacity change from 0 to 2048 [ 443.053600][ T968] plantronics 0003:047F:FFFF.000D: unknown main item tag 0xd [ 443.068226][ T968] plantronics 0003:047F:FFFF.000D: No inputs registered, leaving [ 443.118609][T13953] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 443.175315][ T968] plantronics 0003:047F:FFFF.000D: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 443.351023][ T5921] usb 5-1: USB disconnect, device number 6 [ 443.782847][T13967] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 444.293583][T13962] loop8: detected capacity change from 0 to 32768 [ 444.341660][T13962] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop8 (7:8) scanned by syz.8.2137 (13962) [ 444.357507][T13962] BTRFS info (device loop8): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 444.369153][T13962] BTRFS info (device loop8): using crc32c (crc32c-intel) checksum algorithm [ 444.383607][T13962] BTRFS info (device loop8): using free-space-tree [ 444.653740][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 444.662904][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 445.004841][ T29] audit: type=1800 audit(2002660356.219:89): pid=13962 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.2137" name="file1" dev="loop8" ino=260 res=0 errno=0 [ 445.179424][T13982] loop4: detected capacity change from 0 to 32768 [ 445.187227][T13982] XFS: attr2 mount option is deprecated. [ 445.261925][T13982] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 445.372884][T13982] XFS (loop4): Ending clean mount [ 445.410910][T13982] XFS (loop4): Quotacheck needed: Please wait. [ 445.519238][T13982] XFS (loop4): Quotacheck: Done. [ 445.687281][ T7763] BTRFS info (device loop8): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 445.841414][ T8] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 445.888468][T13969] loop5: detected capacity change from 0 to 32768 [ 445.936140][ T5921] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 445.948743][T13969] BTRFS: device /dev/loop5 (7:5) using temp-fsid 1520f0c5-21ce-4392-bdc6-b4752d281a31 [ 446.012570][T13969] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.2131 (13969) [ 446.106249][ T5921] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 446.133431][ T5921] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 446.161514][T13969] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 446.186988][ T8] usb 4-1: config 0 has no interfaces? [ 446.190129][T13969] BTRFS info (device loop5): using crc32c (crc32c-intel) checksum algorithm [ 446.202726][ T5921] usb 2-1: config 1 has no interface number 0 [ 446.224104][ T5921] usb 2-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 446.258284][T13969] BTRFS info (device loop5): using free-space-tree [ 446.296975][T11572] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 446.331342][ T5921] usb 2-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping [ 446.340556][ T5921] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 446.350897][ T5921] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0 [ 446.360816][ T5921] usb 2-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 446.380050][ T5921] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 446.389568][ T5921] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 446.449286][ T5921] usb 2-1: Product: syz [ 446.475608][ T5921] usb 2-1: Manufacturer: syz [ 446.480323][ T5921] usb 2-1: SerialNumber: syz [ 446.485936][ T8] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 446.496908][ T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 446.505304][ T8] usb 4-1: Product: syz [ 446.509506][ T8] usb 4-1: Manufacturer: syz [ 446.514481][ T8] usb 4-1: SerialNumber: syz [ 446.757815][T13969] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR [ 446.758134][T13969] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR [ 446.769737][ T8] usb 4-1: config 0 descriptor?? [ 446.801484][T13969] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR [ 446.877974][T13969] BTRFS error (device loop5): open_ctree failed [ 447.050375][ T8] usb 4-1: USB disconnect, device number 7 [ 447.058865][ T7021] tipc: Subscription rejected, illegal request [ 447.219181][T14083] loop7: detected capacity change from 0 to 64 [ 447.592587][T14088] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2149'. [ 447.622178][T14086] loop8: detected capacity change from 0 to 32768 [ 447.669884][T14086] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop8 (7:8) scanned by syz.8.2152 (14086) [ 447.747554][T14086] BTRFS info (device loop8): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 447.863124][T14086] BTRFS info (device loop8): using crc32c (crc32c-intel) checksum algorithm [ 447.868581][ T5921] cdc_ncm 2-1:1.1: bind() failure [ 447.979237][T14086] BTRFS info (device loop8): using free-space-tree [ 448.311747][T14110] loop3: detected capacity change from 0 to 512 [ 448.332422][T14110] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 448.475157][ T8] usb 2-1: USB disconnect, device number 9 [ 448.509884][T14110] EXT4-fs (loop3): 1 truncate cleaned up [ 448.536581][T14110] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 448.618585][T14110] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1217: group 0, block bitmap and bg descriptor inconsistent: 213 vs 220 free clusters [ 448.916970][ T9859] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 449.326679][ T7763] BTRFS info (device loop8): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 449.374990][T14148] loop1: detected capacity change from 0 to 128 [ 449.686255][T14153] ALSA: mixer_oss: invalid OSS volume '' [ 449.793649][T14158] loop3: detected capacity change from 0 to 512 [ 449.831574][T14158] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 449.993205][T14158] EXT4-fs (loop3): 1 truncate cleaned up [ 449.999950][T14158] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 450.102150][ T29] audit: type=1800 audit(2002660361.369:90): pid=14158 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2167" name="file1" dev="loop3" ino=15 res=0 errno=0 [ 450.381855][ T9859] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 450.809760][T14182] sctp: [Deprecated]: syz.5.2173 (pid 14182) Use of struct sctp_assoc_value in delayed_ack socket option. [ 450.809760][T14182] Use struct sctp_sack_info instead [ 451.031597][T14193] loop1: detected capacity change from 0 to 256 [ 451.251382][T14193] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 451.422328][ T29] audit: type=1800 audit(2002660362.689:91): pid=14193 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2176" name="file1" dev="loop1" ino=1048715 res=0 errno=0 [ 451.443247][ C0] vkms_vblank_simulate: vblank timer overrun [ 451.498726][ T8] kernel write not supported for file /audio1 (pid: 8 comm: kworker/0:0) [ 451.771376][T14206] loop4: detected capacity change from 0 to 32768 [ 451.790083][T14206] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.2180 (14206) [ 451.887844][T14206] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 451.898935][T14206] BTRFS info (device loop4): using sha256 (sha256-ni) checksum algorithm [ 451.907543][T14206] BTRFS info (device loop4): using free-space-tree [ 452.505341][T14221] block nbd5: shutting down sockets [ 452.632744][T10521] udevd[10521]: inotify_add_watch(7, /dev/loop4, 10) failed: No such file or directory [ 453.118485][T11572] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 453.294631][T14251] batadv0: entered promiscuous mode [ 453.346732][T14251] batadv_slave_0: entered promiscuous mode [ 453.359305][T14251] batadv_slave_0: left promiscuous mode [ 453.401513][T14251] batadv0: left promiscuous mode [ 453.972366][ T1151] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 455.105309][ T1151] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 455.684855][ T1151] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 455.972953][ T1151] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 456.404413][ T1151] bridge_slave_1: left allmulticast mode [ 456.410135][ T1151] bridge_slave_1: left promiscuous mode [ 456.453675][ T1151] bridge0: port 2(bridge_slave_1) entered disabled state [ 457.021916][ T1151] bridge_slave_0: left allmulticast mode [ 457.027647][ T1151] bridge_slave_0: left promiscuous mode [ 457.052426][ T1151] bridge0: port 1(bridge_slave_0) entered disabled state [ 459.144004][ T1151] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 459.156645][ T1151] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 459.167341][ T1151] bond0 (unregistering): Released all slaves [ 459.793683][ T5921] IPVS: starting estimator thread 0... [ 459.801536][T14364] IPVS: dh: UDP 224.0.0.2:0 - no destination available [ 459.920702][T14372] IPVS: using max 17 ests per chain, 40800 per kthread [ 460.904161][ T1151] hsr_slave_0: left promiscuous mode [ 461.060365][ T1151] hsr_slave_1: left promiscuous mode [ 461.104584][ T1151] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 461.112280][ T1151] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 461.173244][ T1151] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 461.209289][ T1151] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 461.294631][ T1151] veth1_macvtap: left promiscuous mode [ 461.300234][ T1151] veth0_macvtap: left promiscuous mode [ 461.341293][ T1151] veth1_vlan: left promiscuous mode [ 461.361383][ T1151] veth0_vlan: left promiscuous mode [ 462.808215][ T1151] team0 (unregistering): Port device team_slave_1 removed [ 462.868989][ T1151] team0 (unregistering): Port device team_slave_0 removed [ 463.334701][T14430] IPVS: dh: UDP 224.0.0.2:0 - no destination available [ 463.342103][ T8] IPVS: starting estimator thread 0... [ 463.451349][T14433] IPVS: using max 16 ests per chain, 38400 per kthread [ 464.440211][ T1151] IPVS: stop unused estimator thread 0... [ 465.123924][T14476] vlan2: entered promiscuous mode [ 465.129035][T14476] vlan2: entered allmulticast mode [ 465.151919][T14476] vlan0: entered allmulticast mode [ 465.261263][T14476] veth0_vlan: entered allmulticast mode [ 465.281494][T14476] vlan0: entered promiscuous mode [ 465.310968][T14476] team0: Port device vlan2 added [ 467.233707][ T5137] Bluetooth: hci2: command 0x0406 tx timeout [ 472.430254][T14748] netlink: 32 bytes leftover after parsing attributes in process `syz.8.2308'. [ 472.491615][T14748] netlink: 32 bytes leftover after parsing attributes in process `syz.8.2308'. [ 478.008339][T14895] netlink: 16178 bytes leftover after parsing attributes in process `syz.1.2327'. [ 484.004747][ T53] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 484.137104][ T53] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 490.171174][ T5137] Bluetooth: hci3: command 0x0406 tx timeout [ 507.661130][ C0] sched: DL replenish lagged too much [ 508.454675][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 508.470276][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 543.538972][ T5847] Bluetooth: hci4: command 0x0406 tx timeout [ 620.450001][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 620.548404][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 629.883101][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 630.103012][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 657.851274][ T30] INFO: task kworker/u8:4:67 blocked for more than 143 seconds. [ 657.858985][ T30] Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0 [ 657.971223][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 657.979966][ T30] task:kworker/u8:4 state:D stack:20944 pid:67 tgid:67 ppid:2 flags:0x00004000 [ 658.117422][ T30] Workqueue: events_unbound linkwatch_event [ 658.208550][ T30] Call Trace: [ 658.226209][ T30] [ 658.229301][ T30] __schedule+0xe58/0x5ad0 [ 658.292769][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 658.298114][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 658.391237][ T30] ? __pfx___schedule+0x10/0x10 [ 658.397020][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 658.507771][ T30] ? schedule+0x298/0x350 [ 658.691291][ T30] ? __pfx_lock_release+0x10/0x10 [ 658.696422][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 658.781466][ T30] ? __mutex_trylock_common+0x78/0x250 [ 658.787033][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 658.795569][ T89] ================================================================== [ 658.803653][ T89] BUG: KASAN: slab-use-after-free in folio_evictable+0x7b/0x270 [ 658.811333][ T89] Read of size 8 at addr ffff8880251f59b0 by task kswapd1/89 [ 658.818731][ T89] [ 658.821071][ T89] CPU: 0 UID: 0 PID: 89 Comm: kswapd1 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0 [ 658.831355][ T89] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 658.841439][ T89] Call Trace: [ 658.844735][ T89] [ 658.847685][ T89] dump_stack_lvl+0x116/0x1f0 [ 658.852417][ T89] print_report+0xc3/0x620 [ 658.856883][ T89] ? srso_alias_return_thunk+0x5/0xfbef5 [ 658.862580][ T89] ? srso_alias_return_thunk+0x5/0xfbef5 [ 658.868280][ T89] ? __phys_addr+0xc6/0x150 [ 658.872840][ T89] kasan_report+0xd9/0x110 [ 658.877298][ T89] ? folio_evictable+0x7b/0x270 [ 658.882198][ T89] ? folio_evictable+0x7b/0x270 [ 658.887116][ T89] kasan_check_range+0xef/0x1a0 [ 658.892025][ T89] folio_evictable+0x7b/0x270 [ 658.896747][ T89] isolate_folios+0x546/0x3830 [ 658.901584][ T89] ? __pfx_isolate_folios+0x10/0x10 [ 658.906829][ T89] ? srso_alias_return_thunk+0x5/0xfbef5 [ 658.912527][ T89] ? lock_acquire.part.0+0x11b/0x380 [ 658.917859][ T89] ? srso_alias_return_thunk+0x5/0xfbef5 [ 658.923555][ T89] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 658.929234][ T89] ? srso_alias_return_thunk+0x5/0xfbef5 [ 658.934930][ T89] ? rcu_is_watching+0x12/0xc0 [ 658.939750][ T89] ? do_raw_spin_lock+0x12d/0x2c0 [ 658.944828][ T89] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 658.950255][ T89] ? lock_acquire+0x2f/0xb0 [ 658.954801][ T89] ? evict_folios+0x167/0x19c0 [ 658.959618][ T89] evict_folios+0x187/0x19c0 [ 658.964254][ T89] ? srso_alias_return_thunk+0x5/0xfbef5 [ 658.969951][ T89] ? hlock_class+0x4e/0x130 [ 658.974509][ T89] ? srso_alias_return_thunk+0x5/0xfbef5 [ 658.980202][ T89] ? mark_lock+0xb5/0xc60 [ 658.984569][ T89] ? hlock_class+0x4e/0x130 [ 658.989125][ T89] ? srso_alias_return_thunk+0x5/0xfbef5 [ 658.994822][ T89] ? __lock_acquire+0x15a9/0x3c40 [ 658.999897][ T89] ? __pfx_mark_lock+0x10/0x10 [ 659.004704][ T89] ? __pfx_evict_folios+0x10/0x10 [ 659.009780][ T89] ? hlock_class+0x4e/0x130 [ 659.014341][ T89] ? srso_alias_return_thunk+0x5/0xfbef5 [ 659.020039][ T89] ? __lock_acquire+0x15a9/0x3c40 [ 659.025119][ T89] ? srso_alias_return_thunk+0x5/0xfbef5 [ 659.030829][ T89] ? mem_cgroup_get_nr_swap_pages+0x20/0x120 [ 659.036865][ T89] ? srso_alias_return_thunk+0x5/0xfbef5 [ 659.042646][ T89] ? sc_swappiness+0xd4/0x190 [ 659.047374][ T89] try_to_shrink_lruvec+0x61e/0xa80 [ 659.052724][ T89] ? find_held_lock+0x2d/0x110 [ 659.057547][ T89] ? __pfx_try_to_shrink_lruvec+0x10/0x10 [ 659.063324][ T89] ? shrink_node+0x2743/0x3e60 [ 659.068144][ T89] shrink_one+0x3e3/0x7b0 [ 659.072524][ T89] ? srso_alias_return_thunk+0x5/0xfbef5 [ 659.078224][ T89] ? shrink_node+0x2743/0x3e60 [ 659.083040][ T89] shrink_node+0x2763/0x3e60 [ 659.087689][ T89] ? shrink_node+0x24b0/0x3e60 [ 659.092510][ T89] ? __pfx_shrink_node+0x10/0x10 [ 659.097499][ T89] ? __pfx_lock_release+0x10/0x10 [ 659.102564][ T89] ? percpu_ref_put_many.constprop.0+0x1b/0x150 [ 659.108873][ T89] ? balance_pgdat+0xc1f/0x18f0 [ 659.113778][ T89] ? srso_alias_return_thunk+0x5/0xfbef5 [ 659.119472][ T89] balance_pgdat+0xc1f/0x18f0 [ 659.124303][ T89] ? __entry_text_end+0x1020c6/0x1020c9 [ 659.129927][ T89] ? __pfx_balance_pgdat+0x10/0x10 [ 659.135097][ T89] ? __pfx___lock_acquire+0x10/0x10 [ 659.140346][ T89] ? srso_alias_return_thunk+0x5/0xfbef5 [ 659.146041][ T89] ? __schedule+0xe60/0x5ad0 [ 659.150675][ T89] ? __pfx___lock_acquire+0x10/0x10 [ 659.155922][ T89] ? srso_alias_return_thunk+0x5/0xfbef5 [ 659.161617][ T89] ? lock_acquire.part.0+0x11b/0x380 [ 659.166948][ T89] ? srso_alias_return_thunk+0x5/0xfbef5 [ 659.172655][ T89] ? srso_alias_return_thunk+0x5/0xfbef5 [ 659.178353][ T89] ? __pfx___might_resched+0x10/0x10 [ 659.183696][ T89] kswapd+0x605/0xc00 [ 659.187741][ T89] ? __pfx_kswapd+0x10/0x10 [ 659.192299][ T89] ? __pfx_autoremove_wake_function+0x10/0x10 [ 659.198410][ T89] ? lockdep_hardirqs_on+0x7c/0x110 [ 659.203669][ T89] ? srso_alias_return_thunk+0x5/0xfbef5 [ 659.209369][ T89] ? srso_alias_return_thunk+0x5/0xfbef5 [ 659.215167][ T89] ? __kthread_parkme+0x148/0x220 [ 659.220251][ T89] ? __pfx_kswapd+0x10/0x10 [ 659.224817][ T89] kthread+0x2c4/0x3a0 [ 659.228942][ T89] ? _raw_spin_unlock_irq+0x23/0x50 [ 659.234191][ T89] ? __pfx_kthread+0x10/0x10 [ 659.238838][ T89] ret_from_fork+0x48/0x80 [ 659.243296][ T89] ? __pfx_kthread+0x10/0x10 [ 659.247938][ T89] ret_from_fork_asm+0x1a/0x30 [ 659.252770][ T89] [ 659.255811][ T89] [ 659.258172][ T89] Allocated by task 27: [ 659.262346][ T89] kasan_save_stack+0x33/0x60 [ 659.267087][ T89] kasan_save_track+0x14/0x30 [ 659.271824][ T89] __kasan_slab_alloc+0x89/0x90 [ 659.276706][ T89] kmem_cache_alloc_lru_noprof+0x226/0x3d0 [ 659.282551][ T89] shmem_alloc_inode+0x25/0x50 [ 659.287349][ T89] alloc_inode+0x60/0x230 [ 659.291712][ T89] new_inode+0x22/0x210 [ 659.295900][ T89] shmem_get_inode+0x194/0xf00 [ 659.300701][ T89] shmem_mknod+0x1a8/0x450 [ 659.305154][ T89] vfs_mknod+0x5da/0x8e0 [ 659.309443][ T89] devtmpfs_work_loop+0x1a8/0x7d0 [ 659.314514][ T89] devtmpfsd+0x4c/0x50 [ 659.318630][ T89] kthread+0x2c4/0x3a0 [ 659.322751][ T89] ret_from_fork+0x48/0x80 [ 659.327204][ T89] ret_from_fork_asm+0x1a/0x30 [ 659.332024][ T89] [ 659.334360][ T89] Freed by task 14220: [ 659.338444][ T89] kasan_save_stack+0x33/0x60 [ 659.343266][ T89] kasan_save_track+0x14/0x30 [ 659.348000][ T89] kasan_save_free_info+0x3b/0x60 [ 659.353077][ T89] __kasan_slab_free+0x51/0x70 [ 659.357872][ T89] kmem_cache_free+0x152/0x4c0 [ 659.362699][ T89] i_callback+0x46/0x70 [ 659.366905][ T89] rcu_core+0x7a0/0x14d0 [ 659.371201][ T89] handle_softirqs+0x216/0x8f0 [ 659.376009][ T89] __irq_exit_rcu+0x109/0x170 [ 659.380726][ T89] irq_exit_rcu+0x9/0x30 [ 659.385188][ T89] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 659.390864][ T89] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 659.396903][ T89] [ 659.399243][ T89] Last potentially related work creation: [ 659.404975][ T89] kasan_save_stack+0x33/0x60 [ 659.409710][ T89] __kasan_record_aux_stack+0xba/0xd0 [ 659.415129][ T89] __call_rcu_common.constprop.0+0x99/0x7a0 [ 659.421072][ T89] destroy_inode+0x12c/0x1b0 [ 659.425702][ T89] evict+0x5ed/0x960 [ 659.429632][ T89] iput+0x52a/0x890 [ 659.433477][ T89] do_unlinkat+0x5c3/0x760 [ 659.437951][ T89] __x64_sys_unlink+0xc5/0x110 [ 659.442747][ T89] do_syscall_64+0xcd/0x250 [ 659.447301][ T89] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 659.453246][ T89] [ 659.455582][ T89] The buggy address belongs to the object at ffff8880251f54e8 [ 659.455582][ T89] which belongs to the cache shmem_inode_cache of size 1544 [ 659.470284][ T89] The buggy address is located 1224 bytes inside of [ 659.470284][ T89] freed 1544-byte region [ffff8880251f54e8, ffff8880251f5af0) [ 659.484311][ T89] [ 659.486652][ T89] The buggy address belongs to the physical page: [ 659.493077][ T89] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff8880251f7590 pfn:0x251f0 [ 659.503178][ T89] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 659.511712][ T89] flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff) [ 659.520244][ T89] page_type: f5(slab) [ 659.524257][ T89] raw: 00fff00000000240 ffff888140aea280 ffffea000094ca10 ffffea0000ca0010 [ 659.532875][ T89] raw: ffff8880251f7590 0000000000130001 00000001f5000000 0000000000000000 [ 659.541497][ T89] head: 00fff00000000240 ffff888140aea280 ffffea000094ca10 ffffea0000ca0010 [ 659.550203][ T89] head: ffff8880251f7590 0000000000130001 00000001f5000000 0000000000000000 [ 659.558909][ T89] head: 00fff00000000003 ffffea0000947c01 ffffffffffffffff 0000000000000000 [ 659.567618][ T89] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 659.576310][ T89] page dumped because: kasan: bad access detected [ 659.582740][ T89] page_owner tracks the page as allocated [ 659.588467][ T89] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 27, tgid 27 (kdevtmpfs), ts 13448348220, free_ts 0 [ 659.608414][ T89] post_alloc_hook+0x2d1/0x350 [ 659.613242][ T89] get_page_from_freelist+0xfce/0x2f80 [ 659.618735][ T89] __alloc_pages_noprof+0x223/0x25b0 [ 659.624063][ T89] alloc_pages_mpol_noprof+0x2c9/0x610 [ 659.629572][ T89] new_slab+0x2c9/0x410 [ 659.633779][ T89] ___slab_alloc+0xd7d/0x17a0 [ 659.638505][ T89] __slab_alloc.constprop.0+0x56/0xb0 [ 659.643955][ T89] kmem_cache_alloc_lru_noprof+0xff/0x3d0 [ 659.649795][ T89] shmem_alloc_inode+0x25/0x50 [ 659.654592][ T89] alloc_inode+0x60/0x230 [ 659.658960][ T89] new_inode+0x22/0x210 [ 659.663151][ T89] shmem_get_inode+0x194/0xf00 [ 659.667957][ T89] shmem_mknod+0x1a8/0x450 [ 659.672409][ T89] vfs_mknod+0x5da/0x8e0 [ 659.676694][ T89] devtmpfs_work_loop+0x1a8/0x7d0 [ 659.681762][ T89] devtmpfsd+0x4c/0x50 [ 659.685868][ T89] page_owner free stack trace missing [ 659.691251][ T89] [ 659.693585][ T89] Memory state around the buggy address: [ 659.699232][ T89] ffff8880251f5880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 659.707410][ T89] ffff8880251f5900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 659.715497][ T89] >ffff8880251f5980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 659.723580][ T89] ^ [ 659.729229][ T89] ffff8880251f5a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 659.737317][ T89] ffff8880251f5a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc [ 659.745400][ T89] ================================================================== [ 659.753472][ T89] Disabling lock debugging due to kernel taint [ 659.759718][ T89] ================================================================== [ 659.768154][ T89] BUG: KASAN: slab-use-after-free in folio_evictable+0x24f/0x270 [ 659.775923][ T89] Read of size 8 at addr ffff8880251f59b0 by task kswapd1/89 [ 659.783320][ T89] [ 659.785663][ T89] CPU: 0 UID: 0 PID: 89 Comm: kswapd1 Tainted: G B 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0 [ 659.797514][ T89] Tainted: [B]=BAD_PAGE [ 659.801680][ T89] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 659.811758][ T89] Call Trace: [ 659.815055][ T89] [ 659.818008][ T89] dump_stack_lvl+0x116/0x1f0 [ 659.822742][ T89] print_report+0xc3/0x620 [ 659.827283][ T89] ? srso_alias_return_thunk+0x5/0xfbef5 [ 659.833015][ T89] ? srso_alias_return_thunk+0x5/0xfbef5 [ 659.838711][ T89] ? __phys_addr+0xc6/0x150 [ 659.843579][ T89] kasan_report+0xd9/0x110 [ 659.848035][ T89] ? folio_evictable+0x24f/0x270 [ 659.853017][ T89] ? folio_evictable+0x24f/0x270 [ 659.858004][ T89] folio_evictable+0x24f/0x270 [ 659.862812][ T89] isolate_folios+0x546/0x3830 [ 659.867641][ T89] ? __pfx_isolate_folios+0x10/0x10 [ 659.872906][ T89] ? srso_alias_return_thunk+0x5/0xfbef5 [ 659.878621][ T89] ? lock_acquire.part.0+0x11b/0x380 [ 659.883964][ T89] ? srso_alias_return_thunk+0x5/0xfbef5 [ 659.889677][ T89] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 659.895405][ T89] ? srso_alias_return_thunk+0x5/0xfbef5 [ 659.901226][ T89] ? rcu_is_watching+0x12/0xc0 [ 659.906048][ T89] ? do_raw_spin_lock+0x12d/0x2c0 [ 659.911126][ T89] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 659.916550][ T89] ? lock_acquire+0x2f/0xb0 [ 659.921097][ T89] ? evict_folios+0x167/0x19c0 [ 659.925927][ T89] evict_folios+0x187/0x19c0 [ 659.930562][ T89] ? srso_alias_return_thunk+0x5/0xfbef5 [ 659.936256][ T89] ? hlock_class+0x4e/0x130 [ 659.940812][ T89] ? srso_alias_return_thunk+0x5/0xfbef5 [ 659.946504][ T89] ? mark_lock+0xb5/0xc60 [ 659.950959][ T89] ? hlock_class+0x4e/0x130 [ 659.955515][ T89] ? srso_alias_return_thunk+0x5/0xfbef5 [ 659.961207][ T89] ? __lock_acquire+0x15a9/0x3c40 [ 659.966272][ T89] ? __pfx_mark_lock+0x10/0x10 [ 659.971082][ T89] ? __pfx_evict_folios+0x10/0x10 [ 659.976157][ T89] ? hlock_class+0x4e/0x130 [ 659.980713][ T89] ? srso_alias_return_thunk+0x5/0xfbef5 [ 659.986407][ T89] ? __lock_acquire+0x15a9/0x3c40 [ 659.991482][ T89] ? srso_alias_return_thunk+0x5/0xfbef5 [ 659.997173][ T89] ? mem_cgroup_get_nr_swap_pages+0x20/0x120 [ 660.003200][ T89] ? srso_alias_return_thunk+0x5/0xfbef5 [ 660.008893][ T89] ? sc_swappiness+0xd4/0x190 [ 660.013709][ T89] try_to_shrink_lruvec+0x61e/0xa80 [ 660.018970][ T89] ? find_held_lock+0x2d/0x110 [ 660.023787][ T89] ? __pfx_try_to_shrink_lruvec+0x10/0x10 [ 660.029564][ T89] ? shrink_node+0x2743/0x3e60 [ 660.034383][ T89] shrink_one+0x3e3/0x7b0 [ 660.038760][ T89] ? srso_alias_return_thunk+0x5/0xfbef5 [ 660.044455][ T89] ? shrink_node+0x2743/0x3e60 [ 660.049269][ T89] shrink_node+0x2763/0x3e60 [ 660.054011][ T89] ? shrink_node+0x24b0/0x3e60 [ 660.058830][ T89] ? __pfx_shrink_node+0x10/0x10 [ 660.063825][ T89] ? __pfx_lock_release+0x10/0x10 [ 660.068889][ T89] ? percpu_ref_put_many.constprop.0+0x1b/0x150 [ 660.075200][ T89] ? balance_pgdat+0xc1f/0x18f0 [ 660.080114][ T89] ? srso_alias_return_thunk+0x5/0xfbef5 [ 660.085893][ T89] balance_pgdat+0xc1f/0x18f0 [ 660.090626][ T89] ? __entry_text_end+0x1020c6/0x1020c9 [ 660.096244][ T89] ? __pfx_balance_pgdat+0x10/0x10 [ 660.101415][ T89] ? __pfx___lock_acquire+0x10/0x10 [ 660.106654][ T89] ? srso_alias_return_thunk+0x5/0xfbef5 [ 660.112351][ T89] ? __schedule+0xe60/0x5ad0 [ 660.116986][ T89] ? __pfx___lock_acquire+0x10/0x10 [ 660.122239][ T89] ? srso_alias_return_thunk+0x5/0xfbef5 [ 660.127938][ T89] ? lock_acquire.part.0+0x11b/0x380 [ 660.133266][ T89] ? srso_alias_return_thunk+0x5/0xfbef5 [ 660.138974][ T89] ? srso_alias_return_thunk+0x5/0xfbef5 [ 660.144670][ T89] ? __pfx___might_resched+0x10/0x10 [ 660.150012][ T89] kswapd+0x605/0xc00 [ 660.154053][ T89] ? __pfx_kswapd+0x10/0x10 [ 660.158614][ T89] ? __pfx_autoremove_wake_function+0x10/0x10 [ 660.164814][ T89] ? lockdep_hardirqs_on+0x7c/0x110 [ 660.170059][ T89] ? srso_alias_return_thunk+0x5/0xfbef5 [ 660.175751][ T89] ? srso_alias_return_thunk+0x5/0xfbef5 [ 660.181462][ T89] ? __kthread_parkme+0x148/0x220 [ 660.186547][ T89] ? __pfx_kswapd+0x10/0x10 [ 660.191102][ T89] kthread+0x2c4/0x3a0 [ 660.195224][ T89] ? _raw_spin_unlock_irq+0x23/0x50 [ 660.200463][ T89] ? __pfx_kthread+0x10/0x10 [ 660.205368][ T89] ret_from_fork+0x48/0x80 [ 660.209821][ T89] ? __pfx_kthread+0x10/0x10 [ 660.214466][ T89] ret_from_fork_asm+0x1a/0x30 [ 660.219305][ T89] [ 660.222343][ T89] [ 660.224677][ T89] Allocated by task 27: [ 660.228846][ T89] kasan_save_stack+0x33/0x60 [ 660.233585][ T89] kasan_save_track+0x14/0x30 [ 660.238318][ T89] __kasan_slab_alloc+0x89/0x90 [ 660.243221][ T89] kmem_cache_alloc_lru_noprof+0x226/0x3d0 [ 660.249085][ T89] shmem_alloc_inode+0x25/0x50 [ 660.253886][ T89] alloc_inode+0x60/0x230 [ 660.258252][ T89] new_inode+0x22/0x210 [ 660.262445][ T89] shmem_get_inode+0x194/0xf00 [ 660.267252][ T89] shmem_mknod+0x1a8/0x450 [ 660.271707][ T89] vfs_mknod+0x5da/0x8e0 [ 660.275999][ T89] devtmpfs_work_loop+0x1a8/0x7d0 [ 660.281185][ T89] devtmpfsd+0x4c/0x50 [ 660.285304][ T89] kthread+0x2c4/0x3a0 [ 660.289427][ T89] ret_from_fork+0x48/0x80 [ 660.293880][ T89] ret_from_fork_asm+0x1a/0x30 [ 660.298701][ T89] [ 660.301038][ T89] Freed by task 14220: [ 660.305127][ T89] kasan_save_stack+0x33/0x60 [ 660.309867][ T89] kasan_save_track+0x14/0x30 [ 660.314609][ T89] kasan_save_free_info+0x3b/0x60 [ 660.319686][ T89] __kasan_slab_free+0x51/0x70 [ 660.324590][ T89] kmem_cache_free+0x152/0x4c0 [ 660.329413][ T89] i_callback+0x46/0x70 [ 660.333622][ T89] rcu_core+0x7a0/0x14d0 [ 660.337911][ T89] handle_softirqs+0x216/0x8f0 [ 660.342721][ T89] __irq_exit_rcu+0x109/0x170 [ 660.347442][ T89] irq_exit_rcu+0x9/0x30 [ 660.351738][ T89] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 660.357415][ T89] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 660.363449][ T89] [ 660.365786][ T89] Last potentially related work creation: [ 660.371598][ T89] kasan_save_stack+0x33/0x60 [ 660.376346][ T89] __kasan_record_aux_stack+0xba/0xd0 [ 660.381770][ T89] __call_rcu_common.constprop.0+0x99/0x7a0 [ 660.387716][ T89] destroy_inode+0x12c/0x1b0 [ 660.392352][ T89] evict+0x5ed/0x960 [ 660.396287][ T89] iput+0x52a/0x890 [ 660.400133][ T89] do_unlinkat+0x5c3/0x760 [ 660.404608][ T89] __x64_sys_unlink+0xc5/0x110 [ 660.409407][ T89] do_syscall_64+0xcd/0x250 [ 660.413963][ T89] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 660.419918][ T89] [ 660.422257][ T89] The buggy address belongs to the object at ffff8880251f54e8 [ 660.422257][ T89] which belongs to the cache shmem_inode_cache of size 1544 [ 660.437051][ T89] The buggy address is located 1224 bytes inside of [ 660.437051][ T89] freed 1544-byte region [ffff8880251f54e8, ffff8880251f5af0) [ 660.451073][ T89] [ 660.453589][ T89] The buggy address belongs to the physical page: [ 660.460021][ T89] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff8880251f7590 pfn:0x251f0 [ 660.470125][ T89] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 660.478661][ T89] flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff) [ 660.487193][ T89] page_type: f5(slab) [ 660.491208][ T89] raw: 00fff00000000240 ffff888140aea280 ffffea000094ca10 ffffea0000ca0010 [ 660.499832][ T89] raw: ffff8880251f7590 0000000000130001 00000001f5000000 0000000000000000 [ 660.508457][ T89] head: 00fff00000000240 ffff888140aea280 ffffea000094ca10 ffffea0000ca0010 [ 660.517172][ T89] head: ffff8880251f7590 0000000000130001 00000001f5000000 0000000000000000 [ 660.525890][ T89] head: 00fff00000000003 ffffea0000947c01 ffffffffffffffff 0000000000000000 [ 660.534606][ T89] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 660.543311][ T89] page dumped because: kasan: bad access detected [ 660.549744][ T89] page_owner tracks the page as allocated [ 660.555475][ T89] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 27, tgid 27 (kdevtmpfs), ts 13448348220, free_ts 0 [ 660.575778][ T89] post_alloc_hook+0x2d1/0x350 [ 660.580631][ T89] get_page_from_freelist+0xfce/0x2f80 [ 660.586135][ T89] __alloc_pages_noprof+0x223/0x25b0 [ 660.591470][ T89] alloc_pages_mpol_noprof+0x2c9/0x610 [ 660.596986][ T89] new_slab+0x2c9/0x410 [ 660.601205][ T89] ___slab_alloc+0xd7d/0x17a0 [ 660.605942][ T89] __slab_alloc.constprop.0+0x56/0xb0 [ 660.611379][ T89] kmem_cache_alloc_lru_noprof+0xff/0x3d0 [ 660.617141][ T89] shmem_alloc_inode+0x25/0x50 [ 660.621942][ T89] alloc_inode+0x60/0x230 [ 660.626310][ T89] new_inode+0x22/0x210 [ 660.630500][ T89] shmem_get_inode+0x194/0xf00 [ 660.635307][ T89] shmem_mknod+0x1a8/0x450 [ 660.639762][ T89] vfs_mknod+0x5da/0x8e0 [ 660.644055][ T89] devtmpfs_work_loop+0x1a8/0x7d0 [ 660.649133][ T89] devtmpfsd+0x4c/0x50 [ 660.653245][ T89] page_owner free stack trace missing [ 660.658631][ T89] [ 660.660967][ T89] Memory state around the buggy address: [ 660.666616][ T89] ffff8880251f5880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 660.674714][ T89] ffff8880251f5900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 660.682813][ T89] >ffff8880251f5980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 660.690896][ T89] ^ [ 660.696549][ T89] ffff8880251f5a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 660.704648][ T89] ffff8880251f5a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc [ 660.712740][ T89] ================================================================== [ 660.781189][ T30] ? lock_acquire+0x2f/0xb0 [ 660.785790][ T30] ? schedule+0x1fd/0x350 [ 660.790178][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 660.861291][ T30] schedule+0xe7/0x350 [ 660.865456][ T30] schedule_preempt_disabled+0x13/0x30 [ 660.870972][ T30] __mutex_lock+0x62b/0xa60 [ 660.941177][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 660.946467][ T30] ? linkwatch_event+0x51/0xc0 [ 661.011180][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 661.016311][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 661.081209][ T30] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 661.086947][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 661.135730][ T30] ? linkwatch_event+0x51/0xc0 [ 661.140597][ T30] ? rtnl_lock+0x9/0x20 [ 661.181214][ T30] linkwatch_event+0x51/0xc0 [ 661.186075][ T30] ? __pfx_linkwatch_event+0x10/0x10 [ 661.221159][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 661.226894][ T30] ? rcu_is_watching+0x12/0xc0 [ 661.261492][ T30] process_one_work+0x9c8/0x1ba0 [ 661.266516][ T30] ? __pfx_nsim_dev_trap_report_work+0x10/0x10 [ 661.311180][ T30] ? __pfx_process_one_work+0x10/0x10 [ 661.316646][ T30] ? rcu_is_watching+0x12/0xc0 [ 661.351260][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 661.357000][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 661.391158][ T30] ? assign_work+0x1a0/0x250 [ 661.395867][ T30] worker_thread+0x6c8/0xf00 [ 661.400518][ T30] ? __pfx_worker_thread+0x10/0x10 [ 661.451190][ T30] kthread+0x2c4/0x3a0 [ 661.455360][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 661.460609][ T30] ? __pfx_kthread+0x10/0x10 [ 661.509140][ T30] ret_from_fork+0x48/0x80 [ 661.521181][ T30] ? __pfx_kthread+0x10/0x10 [ 661.525897][ T30] ret_from_fork_asm+0x1a/0x30 [ 661.530833][ T30] [ 661.561234][ T30] INFO: task kworker/R-ipv6_:3161 blocked for more than 147 seconds. [ 661.570043][ T30] Tainted: G B 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0 [ 661.621142][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 661.629875][ T30] task:kworker/R-ipv6_ state:D stack:29808 pid:3161 tgid:3161 ppid:2 flags:0x00004000 [ 661.681160][ T30] Workqueue: ipv6_addrconf addrconf_verify_work [ 661.687500][ T30] Call Trace: [ 661.690803][ T30] [ 661.711194][ T30] __schedule+0xe58/0x5ad0 [ 661.715702][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 661.720950][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 661.761185][ T30] ? __pfx___schedule+0x10/0x10 [ 661.766130][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 661.811150][ T30] ? schedule+0x298/0x350 [ 661.815570][ T30] ? __pfx_lock_release+0x10/0x10 [ 661.820637][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 661.881166][ T30] ? __mutex_trylock_common+0x78/0x250 [ 661.886813][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 662.153011][ T30] ? lock_acquire+0x2f/0xb0 [ 662.157608][ T30] ? schedule+0x1fd/0x350 [ 662.191179][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 662.196935][ T30] schedule+0xe7/0x350 [ 662.201056][ T30] schedule_preempt_disabled+0x13/0x30 [ 662.236669][ T30] __mutex_lock+0x62b/0xa60 [ 662.271188][ T30] ? addrconf_verify_work+0x12/0x30 [ 662.276478][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 662.311219][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 662.316982][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 662.371193][ T30] ? trace_lock_acquire+0x14e/0x1f0 [ 662.376510][ T30] ? process_one_work+0x921/0x1ba0 [ 662.411230][ T30] ? addrconf_verify_work+0x12/0x30 [ 662.416523][ T30] ? rtnl_lock+0x9/0x20 [ 662.420727][ T30] addrconf_verify_work+0x12/0x30 [ 662.461195][ T30] process_one_work+0x9c8/0x1ba0 [ 662.466239][ T30] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 662.484572][ T30] ? __pfx_process_one_work+0x10/0x10 [ 662.490804][ T30] ? rcu_is_watching+0x12/0xc0 [ 662.521237][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 662.527005][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 662.561141][ T30] ? assign_work+0x1a0/0x250 [ 662.565824][ T30] rescuer_thread+0x628/0xe20 [ 662.570557][ T30] ? __pfx_rescuer_thread+0x10/0x10 [ 662.611193][ T30] ? lockdep_hardirqs_on+0x7c/0x110 [ 662.616493][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 662.661161][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 662.666908][ T30] ? __kthread_parkme+0x148/0x220 [ 662.691300][ T30] ? __pfx_rescuer_thread+0x10/0x10 [ 662.697296][ T30] kthread+0x2c4/0x3a0 [ 662.731253][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 662.736633][ T30] ? __pfx_kthread+0x10/0x10 [ 662.771190][ T30] ret_from_fork+0x48/0x80 [ 662.775710][ T30] ? __pfx_kthread+0x10/0x10 [ 662.780369][ T30] ret_from_fork_asm+0x1a/0x30 [ 662.831153][ T30] [ 662.834293][ T30] INFO: lockdep is turned off. [ 662.839070][ T30] NMI backtrace for cpu 0 [ 662.843418][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Tainted: G B 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0 [ 662.855443][ T30] Tainted: [B]=BAD_PAGE [ 662.859609][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 662.869686][ T30] Call Trace: [ 662.873067][ T30] [ 662.876016][ T30] dump_stack_lvl+0x116/0x1f0 [ 662.880744][ T30] nmi_cpu_backtrace+0x27b/0x390 [ 662.885724][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 662.891771][ T30] nmi_trigger_cpumask_backtrace+0x29c/0x300 [ 662.897796][ T30] watchdog+0xf14/0x1240 [ 662.902095][ T30] ? __pfx_watchdog+0x10/0x10 [ 662.906814][ T30] ? lockdep_hardirqs_on+0x7c/0x110 [ 662.912062][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 662.917755][ T30] ? __kthread_parkme+0x148/0x220 [ 662.922841][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 662.928538][ T30] ? __pfx_watchdog+0x10/0x10 [ 662.933264][ T30] kthread+0x2c4/0x3a0 [ 662.937385][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 662.942625][ T30] ? __pfx_kthread+0x10/0x10 [ 662.947272][ T30] ret_from_fork+0x48/0x80 [ 662.951759][ T30] ? __pfx_kthread+0x10/0x10 [ 662.956398][ T30] ret_from_fork_asm+0x1a/0x30 [ 662.961318][ T30] [ 662.964977][ T30] Sending NMI from CPU 0 to CPUs 1: [ 662.970212][ C1] NMI backtrace for cpu 1 [ 662.970235][ C1] CPU: 1 UID: 0 PID: 5892 Comm: kworker/1:3 Tainted: G B 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0 [ 662.970290][ C1] Tainted: [B]=BAD_PAGE [ 662.970302][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 662.970327][ C1] Workqueue: events_power_efficient neigh_periodic_work [ 662.970369][ C1] RIP: 0010:arch_stack_walk+0x9b/0x100 [ 662.970420][ C1] Code: f2 08 00 8b 95 70 ff ff ff 85 d2 75 21 eb 2f 4c 89 ef 2e e8 c7 62 e9 09 84 c0 74 22 48 89 df e8 bb d1 08 00 8b 85 70 ff ff ff <85> c0 74 10 48 89 df e8 f9 cb 08 00 48 85 c0 48 89 c6 75 d1 48 8b [ 662.970457][ C1] RSP: 0018:ffffc90000a18ba0 EFLAGS: 00000282 [ 662.970486][ C1] RAX: 0000000000000002 RBX: ffffc90000a18ba0 RCX: 0000000000000000 [ 662.970511][ C1] RDX: 0000000000000102 RSI: ffffc90000a18f10 RDI: 0000000000000001 [ 662.970537][ C1] RBP: ffffc90000a18c30 R08: ffffc90000a18bd4 R09: ffffffff90f625ee [ 662.970563][ C1] R10: ffffc90000a18bff R11: 000000000000813b R12: ffffffff8185c160 [ 662.970589][ C1] R13: ffffc90000a18c60 R14: 0000000000000000 R15: ffff88803135da00 [ 662.970618][ C1] FS: 0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 662.970653][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 662.970681][ C1] CR2: 00007f437e5452d8 CR3: 000000007f0f8000 CR4: 0000000000350ef0 [ 662.970706][ C1] Call Trace: [ 662.970716][ C1] [ 662.970729][ C1] ? nmi_cpu_backtrace+0x1d8/0x390 [ 662.970770][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 662.970808][ C1] ? nmi_handle+0x1af/0x5d0 [ 662.970850][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 662.970911][ C1] ? arch_stack_walk+0x9b/0x100 [ 662.970960][ C1] ? default_do_nmi+0x6a/0x160 [ 662.970997][ C1] ? exc_nmi+0x170/0x1e0 [ 662.971033][ C1] ? end_repeat_nmi+0xf/0x53 [ 662.971088][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 662.971163][ C1] ? arch_stack_walk+0x9b/0x100 [ 662.971217][ C1] ? arch_stack_walk+0x9b/0x100 [ 662.971269][ C1] ? arch_stack_walk+0x9b/0x100 [ 662.971320][ C1] [ 662.971332][ C1] [ 662.971349][ C1] ? handle_softirqs+0x216/0x8f0 [ 662.971404][ C1] stack_trace_save+0x95/0xd0 [ 662.971463][ C1] ? __pfx_stack_trace_save+0x10/0x10 [ 662.971521][ C1] ? lock_release+0x4e2/0x6f0 [ 662.971565][ C1] ? __pfx_lock_release+0x10/0x10 [ 662.971607][ C1] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 662.971658][ C1] ref_tracker_free+0x10f/0x820 [ 662.971718][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 662.971779][ C1] ? __pfx_ref_tracker_free+0x10/0x10 [ 662.971838][ C1] ? dst_destroy+0x108/0x3f0 [ 662.971886][ C1] ? rcu_core+0x7a0/0x14d0 [ 662.971944][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 662.972003][ C1] ? __local_bh_enable_ip+0xa4/0x120 [ 662.972051][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 662.972114][ C1] dst_destroy+0x108/0x3f0 [ 662.972164][ C1] ? rcu_core+0x79b/0x14d0 [ 662.972218][ C1] rcu_core+0x7a0/0x14d0 [ 662.972268][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 662.972327][ C1] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 662.972375][ C1] ? __pfx_rcu_core+0x10/0x10 [ 662.972429][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 662.972487][ C1] ? rcu_is_watching+0x12/0xc0 [ 662.972545][ C1] handle_softirqs+0x216/0x8f0 [ 662.972595][ C1] ? __pfx_handle_softirqs+0x10/0x10 [ 662.972644][ C1] ? neigh_periodic_work+0x767/0xcb0 [ 662.972685][ C1] do_softirq+0xb2/0xf0 [ 662.972729][ C1] [ 662.972740][ C1] [ 662.972753][ C1] __local_bh_enable_ip+0x100/0x120 [ 662.972801][ C1] neigh_periodic_work+0x767/0xcb0 [ 662.972845][ C1] ? __pfx_neigh_periodic_work+0x10/0x10 [ 662.972886][ C1] ? rcu_is_watching+0x12/0xc0 [ 662.972938][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 662.972998][ C1] ? trace_lock_acquire+0x14e/0x1f0 [ 662.973057][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 662.973117][ C1] ? process_one_work+0x921/0x1ba0 [ 662.973162][ C1] process_one_work+0x9c8/0x1ba0 [ 662.973212][ C1] ? __pfx_neigh_managed_work+0x10/0x10 [ 662.973255][ C1] ? __pfx_process_one_work+0x10/0x10 [ 662.973296][ C1] ? rcu_is_watching+0x12/0xc0 [ 662.973348][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 662.973413][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 662.973471][ C1] ? assign_work+0x1a0/0x250 [ 662.973510][ C1] worker_thread+0x6c8/0xf00 [ 662.973561][ C1] ? __pfx_worker_thread+0x10/0x10 [ 662.973602][ C1] kthread+0x2c4/0x3a0 [ 662.973651][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 662.973693][ C1] ? __pfx_kthread+0x10/0x10 [ 662.973745][ C1] ret_from_fork+0x48/0x80 [ 662.973781][ C1] ? __pfx_kthread+0x10/0x10 [ 662.973833][ C1] ret_from_fork_asm+0x1a/0x30 [ 662.973899][ C1] [ 663.771152][ T89] ================================================================== [ 663.779268][ T89] BUG: KASAN: slab-use-after-free in folio_evictable+0x7b/0x270 [ 663.786950][ T89] Read of size 8 at addr ffff8880251f59b0 by task kswapd1/89 [ 663.794349][ T89] [ 663.796777][ T89] CPU: 0 UID: 0 PID: 89 Comm: kswapd1 Tainted: G B 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0 [ 663.808537][ T89] Tainted: [B]=BAD_PAGE [ 663.812701][ T89] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 663.822780][ T89] Call Trace: [ 663.826075][ T89] [ 663.829027][ T89] dump_stack_lvl+0x116/0x1f0 [ 663.833754][ T89] print_report+0xc3/0x620 [ 663.838211][ T89] ? srso_alias_return_thunk+0x5/0xfbef5 [ 663.843908][ T89] ? srso_alias_return_thunk+0x5/0xfbef5 [ 663.849606][ T89] ? __phys_addr+0xc6/0x150 [ 663.854255][ T89] kasan_report+0xd9/0x110 [ 663.858709][ T89] ? folio_evictable+0x7b/0x270 [ 663.863604][ T89] ? folio_evictable+0x7b/0x270 [ 663.868502][ T89] kasan_check_range+0xef/0x1a0 [ 663.873410][ T89] folio_evictable+0x7b/0x270 [ 663.878214][ T89] shrink_folio_list+0x4e4/0x42d0 [ 663.883292][ T89] ? trace_lock_acquire+0x14e/0x1f0 [ 663.888553][ T89] ? srso_alias_return_thunk+0x5/0xfbef5 [ 663.894245][ T89] ? __pfx_shrink_folio_list+0x10/0x10 [ 663.899748][ T89] ? trace_irq_enable.constprop.0+0xea/0x140 [ 663.905777][ T89] ? srso_alias_return_thunk+0x5/0xfbef5 [ 663.911469][ T89] ? finish_task_switch.isra.0+0x210/0xcc0 [ 663.917319][ T89] ? srso_alias_return_thunk+0x5/0xfbef5 [ 663.923022][ T89] ? __switch_to+0x749/0x1190 [ 663.927753][ T89] ? srso_alias_return_thunk+0x5/0xfbef5 [ 663.933445][ T89] ? __schedule+0xe60/0x5ad0 [ 663.938108][ T89] ? preempt_schedule_common+0x44/0xc0 [ 663.943615][ T89] ? srso_alias_return_thunk+0x5/0xfbef5 [ 663.949307][ T89] ? preempt_schedule_thunk+0x1a/0x30 [ 663.954724][ T89] evict_folios+0x6e3/0x19c0 [ 663.959374][ T89] ? __pfx_evict_folios+0x10/0x10 [ 663.964446][ T89] ? hlock_class+0x4e/0x130 [ 663.969002][ T89] ? srso_alias_return_thunk+0x5/0xfbef5 [ 663.974691][ T89] ? __lock_acquire+0x15a9/0x3c40 [ 663.979768][ T89] ? srso_alias_return_thunk+0x5/0xfbef5 [ 663.985546][ T89] ? mem_cgroup_get_nr_swap_pages+0x20/0x120 [ 663.991579][ T89] ? srso_alias_return_thunk+0x5/0xfbef5 [ 663.997270][ T89] ? sc_swappiness+0xd4/0x190 [ 664.001995][ T89] try_to_shrink_lruvec+0x61e/0xa80 [ 664.007255][ T89] ? find_held_lock+0x2d/0x110 [ 664.012099][ T89] ? __pfx_try_to_shrink_lruvec+0x10/0x10 [ 664.017897][ T89] ? shrink_node+0x2743/0x3e60 [ 664.022725][ T89] shrink_one+0x3e3/0x7b0 [ 664.027107][ T89] ? srso_alias_return_thunk+0x5/0xfbef5 [ 664.032982][ T89] ? shrink_node+0x2743/0x3e60 [ 664.037802][ T89] shrink_node+0x2763/0x3e60 [ 664.042458][ T89] ? shrink_node+0x24b0/0x3e60 [ 664.047280][ T89] ? __pfx_shrink_node+0x10/0x10 [ 664.052271][ T89] ? __pfx_lock_release+0x10/0x10 [ 664.057425][ T89] ? percpu_ref_put_many.constprop.0+0x1b/0x150 [ 664.063730][ T89] ? balance_pgdat+0xc1f/0x18f0 [ 664.068630][ T89] ? srso_alias_return_thunk+0x5/0xfbef5 [ 664.074324][ T89] balance_pgdat+0xc1f/0x18f0 [ 664.079051][ T89] ? __entry_text_end+0x1020c6/0x1020c9 [ 664.084688][ T89] ? __pfx_balance_pgdat+0x10/0x10 [ 664.089868][ T89] ? __pfx___lock_acquire+0x10/0x10 [ 664.095112][ T89] ? srso_alias_return_thunk+0x5/0xfbef5 [ 664.100804][ T89] ? __schedule+0xe60/0x5ad0 [ 664.105451][ T89] ? __pfx___lock_acquire+0x10/0x10 [ 664.110693][ T89] ? srso_alias_return_thunk+0x5/0xfbef5 [ 664.116395][ T89] ? lock_acquire.part.0+0x11b/0x380 [ 664.121724][ T89] ? srso_alias_return_thunk+0x5/0xfbef5 [ 664.127427][ T89] ? srso_alias_return_thunk+0x5/0xfbef5 [ 664.133123][ T89] ? __pfx___might_resched+0x10/0x10 [ 664.138465][ T89] kswapd+0x605/0xc00 [ 664.142503][ T89] ? __pfx_kswapd+0x10/0x10 [ 664.147062][ T89] ? __pfx_autoremove_wake_function+0x10/0x10 [ 664.153168][ T89] ? lockdep_hardirqs_on+0x7c/0x110 [ 664.158414][ T89] ? srso_alias_return_thunk+0x5/0xfbef5 [ 664.164198][ T89] ? srso_alias_return_thunk+0x5/0xfbef5 [ 664.169895][ T89] ? __kthread_parkme+0x148/0x220 [ 664.174976][ T89] ? __pfx_kswapd+0x10/0x10 [ 664.179532][ T89] kthread+0x2c4/0x3a0 [ 664.183670][ T89] ? _raw_spin_unlock_irq+0x23/0x50 [ 664.189098][ T89] ? __pfx_kthread+0x10/0x10 [ 664.193745][ T89] ret_from_fork+0x48/0x80 [ 664.198200][ T89] ? __pfx_kthread+0x10/0x10 [ 664.202847][ T89] ret_from_fork_asm+0x1a/0x30 [ 664.207685][ T89] [ 664.210721][ T89] [ 664.213054][ T89] Allocated by task 27: [ 664.217225][ T89] kasan_save_stack+0x33/0x60 [ 664.221964][ T89] kasan_save_track+0x14/0x30 [ 664.226700][ T89] __kasan_slab_alloc+0x89/0x90 [ 664.231585][ T89] kmem_cache_alloc_lru_noprof+0x226/0x3d0 [ 664.237429][ T89] shmem_alloc_inode+0x25/0x50 [ 664.242230][ T89] alloc_inode+0x60/0x230 [ 664.246599][ T89] new_inode+0x22/0x210 [ 664.250786][ T89] shmem_get_inode+0x194/0xf00 [ 664.255585][ T89] shmem_mknod+0x1a8/0x450 [ 664.260035][ T89] vfs_mknod+0x5da/0x8e0 [ 664.264320][ T89] devtmpfs_work_loop+0x1a8/0x7d0 [ 664.269386][ T89] devtmpfsd+0x4c/0x50 [ 664.273488][ T89] kthread+0x2c4/0x3a0 [ 664.277602][ T89] ret_from_fork+0x48/0x80 [ 664.282053][ T89] ret_from_fork_asm+0x1a/0x30 [ 664.286968][ T89] [ 664.289301][ T89] Freed by task 14220: [ 664.293384][ T89] kasan_save_stack+0x33/0x60 [ 664.298119][ T89] kasan_save_track+0x14/0x30 [ 664.302852][ T89] kasan_save_free_info+0x3b/0x60 [ 664.307936][ T89] __kasan_slab_free+0x51/0x70 [ 664.312731][ T89] kmem_cache_free+0x152/0x4c0 [ 664.317564][ T89] i_callback+0x46/0x70 [ 664.321770][ T89] rcu_core+0x7a0/0x14d0 [ 664.326060][ T89] handle_softirqs+0x216/0x8f0 [ 664.330864][ T89] __irq_exit_rcu+0x109/0x170 [ 664.335590][ T89] irq_exit_rcu+0x9/0x30 [ 664.339881][ T89] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 664.345561][ T89] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 664.351594][ T89] [ 664.353934][ T89] Last potentially related work creation: [ 664.359658][ T89] kasan_save_stack+0x33/0x60 [ 664.364391][ T89] __kasan_record_aux_stack+0xba/0xd0 [ 664.369809][ T89] __call_rcu_common.constprop.0+0x99/0x7a0 [ 664.375746][ T89] destroy_inode+0x12c/0x1b0 [ 664.380395][ T89] evict+0x5ed/0x960 [ 664.384328][ T89] iput+0x52a/0x890 [ 664.388171][ T89] do_unlinkat+0x5c3/0x760 [ 664.392642][ T89] __x64_sys_unlink+0xc5/0x110 [ 664.397434][ T89] do_syscall_64+0xcd/0x250 [ 664.401988][ T89] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 664.407932][ T89] [ 664.410267][ T89] The buggy address belongs to the object at ffff8880251f54e8 [ 664.410267][ T89] which belongs to the cache shmem_inode_cache of size 1544 [ 664.424968][ T89] The buggy address is located 1224 bytes inside of [ 664.424968][ T89] freed 1544-byte region [ffff8880251f54e8, ffff8880251f5af0) [ 664.438980][ T89] [ 664.441316][ T89] The buggy address belongs to the physical page: [ 664.447738][ T89] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff8880251f7590 pfn:0x251f0 [ 664.457828][ T89] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 664.466356][ T89] flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff) [ 664.474887][ T89] page_type: f5(slab) [ 664.478903][ T89] raw: 00fff00000000240 ffff888140aea280 ffffea000094ca10 ffffea0000ca0010 [ 664.487528][ T89] raw: ffff8880251f7590 0000000000130001 00000001f5000000 0000000000000000 [ 664.496147][ T89] head: 00fff00000000240 ffff888140aea280 ffffea000094ca10 ffffea0000ca0010 [ 664.504851][ T89] head: ffff8880251f7590 0000000000130001 00000001f5000000 0000000000000000 [ 664.513556][ T89] head: 00fff00000000003 ffffea0000947c01 ffffffffffffffff 0000000000000000 [ 664.522266][ T89] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 664.530965][ T89] page dumped because: kasan: bad access detected [ 664.537390][ T89] page_owner tracks the page as allocated [ 664.543116][ T89] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 27, tgid 27 (kdevtmpfs), ts 13448348220, free_ts 0 [ 664.563054][ T89] post_alloc_hook+0x2d1/0x350 [ 664.567874][ T89] get_page_from_freelist+0xfce/0x2f80 [ 664.573378][ T89] __alloc_pages_noprof+0x223/0x25b0 [ 664.578698][ T89] alloc_pages_mpol_noprof+0x2c9/0x610 [ 664.584201][ T89] new_slab+0x2c9/0x410 [ 664.588491][ T89] ___slab_alloc+0xd7d/0x17a0 [ 664.593217][ T89] __slab_alloc.constprop.0+0x56/0xb0 [ 664.598645][ T89] kmem_cache_alloc_lru_noprof+0xff/0x3d0 [ 664.604401][ T89] shmem_alloc_inode+0x25/0x50 [ 664.609196][ T89] alloc_inode+0x60/0x230 [ 664.613558][ T89] new_inode+0x22/0x210 [ 664.617745][ T89] shmem_get_inode+0x194/0xf00 [ 664.622544][ T89] shmem_mknod+0x1a8/0x450 [ 664.626995][ T89] vfs_mknod+0x5da/0x8e0 [ 664.631280][ T89] devtmpfs_work_loop+0x1a8/0x7d0 [ 664.636347][ T89] devtmpfsd+0x4c/0x50 [ 664.640451][ T89] page_owner free stack trace missing [ 664.645829][ T89] [ 664.648165][ T89] Memory state around the buggy address: [ 664.653809][ T89] ffff8880251f5880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 664.661896][ T89] ffff8880251f5900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 664.670000][ T89] >ffff8880251f5980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 664.678078][ T89] ^ [ 664.683729][ T89] ffff8880251f5a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 664.691826][ T89] ffff8880251f5a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc [ 664.699910][ T89] ================================================================== [ 664.907798][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 664.914977][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Tainted: G B 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0 [ 664.927019][ T30] Tainted: [B]=BAD_PAGE [ 664.931190][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 664.941356][ T30] Call Trace: [ 664.944652][ T30] [ 664.947602][ T30] dump_stack_lvl+0x3d/0x1f0 [ 664.952246][ T30] panic+0x71d/0x800 [ 664.956203][ T30] ? __pfx_panic+0x10/0x10 [ 664.960676][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 664.966093][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 664.971790][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 664.977291][ T30] ? watchdog+0xd7e/0x1240 [ 664.981755][ T30] ? watchdog+0xd71/0x1240 [ 664.986227][ T30] watchdog+0xd8f/0x1240 [ 664.990519][ T30] ? __pfx_watchdog+0x10/0x10 [ 664.995242][ T30] ? lockdep_hardirqs_on+0x7c/0x110 [ 665.000488][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 665.006184][ T30] ? __kthread_parkme+0x148/0x220 [ 665.011262][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 665.016961][ T30] ? __pfx_watchdog+0x10/0x10 [ 665.021686][ T30] kthread+0x2c4/0x3a0 [ 665.025816][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 665.031062][ T30] ? __pfx_kthread+0x10/0x10 [ 665.035706][ T30] ret_from_fork+0x48/0x80 [ 665.040161][ T30] ? __pfx_kthread+0x10/0x10 [ 665.044804][ T30] ret_from_fork_asm+0x1a/0x30 [ 665.049636][ T30] [ 665.052890][ T30] Kernel Offset: disabled [ 665.057226][ T30] Rebooting in 86400 seconds..