last executing test programs: 7.817112041s ago: executing program 0: sendmsg$key(0xffffffffffffffff, 0x0, 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x0) bind$bt_hci(0xffffffffffffffff, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x12, 0xc, &(0x7f00000019c0)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x90) r0 = syz_open_dev$cec(&(0x7f0000000480), 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000001c0)) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x1) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0xc0200, 0x0) preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) read$FUSE(r1, &(0x7f00000021c0)={0x2020}, 0x2020) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58) ioctl$SG_BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000380)={'\x00', 0x40, 0x2a3b1846, 0x0, 0x200000000000000, 0x2}) accept4(r2, 0x0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000200)="ad00"/16, 0x10) ioctl$CEC_ADAP_S_LOG_ADDRS(r0, 0xc05c6104, &(0x7f0000000300)={"a97c5ff4", 0x0, 0x3, 0x1, 0x0, 0x0, "471d8555269bcc14d76f2cacd41ff3", "d17563f2", '\x00', "001400", ["c7fae40c3521d20000001042", "6a0a67a40900007c976f2c00", "34064000cbfd92c98d9c3338", "e1967ddf000000000000de77"]}) r4 = dup(0xffffffffffffffff) read$FUSE(0xffffffffffffffff, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x16b0) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x1d) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$inet(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000006c0)="5c00000013006bcd9e3fe3dc6e48aa31086b87030b0000001f00000000000000040014000d000a000d0000009ee517d34460bc24eab556a705251e6182949a3651f60a84c9f5d1938037e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r4, 0x0, 0xe, 0x0, &(0x7f0000000180)="0000ffffff8d00f03f471523b378", 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x8}, 0x50) 6.616722157s ago: executing program 0: process_vm_readv(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = socket$inet(0x2, 0x6, 0x0) dup3(0xffffffffffffffff, r0, 0x0) shutdown(r0, 0x0) recvmmsg(r0, &(0x7f00000066c0), 0xa0d, 0x0, 0x0) 6.331380822s ago: executing program 0: r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=@base={0x12, 0x33, 0x8, 0x2}, 0x48) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000b40)={r0, &(0x7f0000000a40), 0x0}, 0x20) sendmsg$IPSET_CMD_SWAP(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="280000000606010800000000000000000700000409010007000000"], 0x28}, 0x1, 0x0, 0x0, 0x4000800}, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) r2 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r1, &(0x7f00000001c0)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x20}, 'veth1_vlan\x00'}}, 0x1e) connect$pppoe(r2, &(0x7f0000000240)={0x18, 0x0, {0x3, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x30}, 'syz_tun\x00'}}, 0x1e) r3 = socket$kcm(0x10, 0x2, 0x0) r4 = socket$alg(0x26, 0x5, 0x0) bind$alg(r4, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'crc32-generic\x00'}, 0x58) accept4(r4, 0x0, 0x0, 0x0) r5 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r5, 0x0, 0x80, &(0x7f0000000000)=@filter={'filter\x00', 0x2, 0x2, 0x250, [0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="00000000000000000000000000000000000000100000000000000000000000000000002000000000ffffffff0000000000000000000000000000050000000000000000000000000000000000000000000000000000000000ffffffff0100000003000000000000000000697036677265300000000000000000007465616d30000000000000000000000076657468305f746f5f626f6e6400000076657468305f746f5d626f6e64000000aaaaaaaaaa0000000000000024ffffffffff0000000000000000f0000000f0000000200100006c696d697400000000000000000000000000000000000000000000000000000020000000000000000000000002000000000000000000000000000000000000000000000000000000636c757374657200000000000000000000000000000000000000000000000000100000000000fdffffffffffffff000000000000000000004155444954000000000000000000000000000000000000000000000000000000080000000000000000449300000000000000000000000000000000000000000000000000369da91a00000000000000000000000001000000feffffff0100000011000000000000000000766c616e3000000000000000000000006c6f0000000000000000000000000000726f736530000000000000000000000062726964676530000000000000000000ffffffffffff000000000000aaaaaaaaaa0000000000000000007000000070000000a000000041554449540000000000000000000000000000000000000000000000000000000800"/592]}, 0x2c8) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$kcm(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000000)="2e00000010008188040f46ecdb4cb9cca7480ef421000000e3bd6efb440013030e000a000d000008ba8000001201", 0x2e}], 0x1}, 0x0) 5.862395864s ago: executing program 0: syz_mount_image$bcachefs(&(0x7f0000000180), &(0x7f0000005dc0)='./file0\x00', 0x18, &(0x7f0000005e00)=ANY=[], 0x1, 0x5d5e, &(0x7f0000005f80)="$eJzs3X2QHOWZGPDumVntSquPlSybFRJiMbIdccEWKBDLd442ztmxHdnIwgIsTicJWGEdQhL6QCBdwlcOCCYpVUEdBOKUDihylbpKcOkSwp1SJWPAV74qCpn4D458HRWcP+IjqrPEEcnlTe1u9+5Mb7/Ts9OzQuDfr0o78/Y+87zv0/NOd7+j3dkIAACAXwmv/N6ed79+/hd/dO/Qqbu+/Ce33hP1Vke396QBfcntHe/XCJlOy398puGZ7a71j95m58V5f7rw3b771nztoVVf+vHmP5s/uHTZ0JXfO3LV/fe9+PlfvPjYE2uK+knn0yUT7fiv4iha+vaRx+5/+c/PG9kWj/Qf990dzZ8fL/j+/DiTYsXpKIpuGh9n4zePnFq5deT2nu90N2yfl0livv9q60nm2cFNNzx17JbBl48M7Fr5s5NX7Lx7IiTuqZtPUTR3c/3ju6Iompn8G5HOtv70wcnt2iiKZtU97rMF47q4xfFfGmgvSW5nJLe9BXnS71+UaddaHEctc9vd4uPaVZnm/FnZ/Zc9GE2XtM65ye3zye0lU8xTTf/FUSWOauPD3x5PzJGo7nmLo3h0bveMtyuj7Wi8HWXbcaZdybSrXZm6RvtNdmw1jhu3p3GZ7enhuJZsv6j+WJ1jXWD7ouS2J3mhvpe2o+ydMb2T7kzUEdWN68TZmhgBlcBrL90+PrzkyehNtvXGCyY9ZjhH+r0TP9yy4Z03DjzfFxhH/Fyc5I/byj849OSxZ687uqg/lH9zJclfaSv/K9VXTz9zsn92MP+hNH+1rfzrf/nTB++9ev/C4P45ke6fWlv5lz08++Cp/eu6B0L5D6f5e9rKf+XGpasuOLnv9uD4V6T7Z2Zb+X/yyPIzGw+9cDSYP0rzz2or/5tPPr2kuujR48H8x9L909tW/mtWPr76q4vveyK4/19L889pK/+G4/dv3vXUS8uD83Ntun/62sp/evXrb53pW/N06NgZHz7bZ1iAD5ePJNdYDybtdteZZdWtFx4fqI1d881O/s3pZEcZcd3aBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADa9ejq/3BbffsT/+f29cf/49JttaTdXYuiOIqid6pj7XT7jCiKZ0ZRtGfvlt17t+24eeB3du7bvWPL9oEteweGduzdfefA3/nbA7uHdm3fcufId1dcunLscQtGs0XRgviCSWMZHh4ejqJooH5b2t8ffOW5/7f+ib/+VhSt+OjrS2vBej7zX9/64sKcrxnx4PDaf3XFIwdm/K95Yxv6knH1hcbV17gtHUHv4Gt/8YXn3xgZ18eajeuxV6/9vw0DGt0wkSdR6Y4qo3e641m54xgf9cR4RvdXbeu27UMrivdvHNi/n3rpj0/++zvW//Ox/dsTrKPF/TuyV2vDD/383k/d/YWhz53Dz3vR/q4rYXR86f7rSfb33KSuuYG6KoG6bh9488S/+Hf/+Zm7oxW1n184ue+iurqSCdAVL2qp37SHWfH8htieJD59xtPHfWbvrbs+s+fOA5duu3XLzUM3D+1YufKKVZetvOzyVSs/M1r62NeO1Z/2/6kW65+dZJodL87db9mtab8Xjn6tRsmw05u6O426ot6x28x+TsOzVfcm3+uNF0zKNZwj/d6JH27Z8M4bB54PvfLi58Z6nBnNGbuNlwQit2ceWB0fcF7/Z+d1ufP3e7anX1t7XRaNq2hejYyreF7Vj6jJcezVix/8+VMP/MvrWzhe1IWOji8d56yRl8tlUd3rdvK+yqurhednMG8/3Hjp7j++c9uGQ0XH8/pnpv5rRjw4/D+XxF/bt+cvdo9tOCvny/oBtXm+HB/1xHhG91dP8nycq/u3O6omdfXmjmtd/NTnP3Xr0V8bH9+MGdEdW/bu3X3Z2NcPal1/OWPewm33LL5gUl2Xj30tOu5fmGkXHvcr+fUVHfez/UzE5+cbyLR7o2pb54n1v/zpg/devX9h8DxxotXzxO82tKolzxOVwOv9ob/+7sC713/z3aL5dNWexXctzPmaLW9w+IU/+vXLPnft1V8a23BWjkP1A2rzODQ+6mQ86f4aPQ5dfu7U8f49zw0vxHhw+MLvffKaM6du+8bYhqL9Ox6dt39XFh/nq4G6ru/6+PxHfrb4452bv3s2/c3Fn541+xybvz3J/u0J7N/xUSfjqdbv30/fuHP7TWPtc/e6bUx3wfonPe/sufPALVu2bx/avae1ulo9n6b9ZPdyu+fT9OyxoKCu9PmaqGv67rSyv1p9vaXjvymTo93XG0Bq4rwwo2F79viZvu+3dG60/tMP/ODVeGDsfNmp91vTfs7PnJjbfb+1aJ308Uy7cZ1Ui+rqHjN5nTT6kKJ1UrafonXSxZl28TrmwdxKQs9fV3LmzXvfNDPe2kiG0PzoT/L3J+30enPpp6Mrqs9/4ivxYGvzo9Xr6bSfv5XZQe1eTxfNj2VR/rg6PT8+mXlQ8fN9KHdkPYHno+j5XtaQaHi47Lq8LzDqdF3eG8Vt5R8cevLYs9cdXRTMv7mS5K+0lf+V6qunnznZPzuY/1Cav9ZW/mUPzz54av+67mD+w+n+6Wkr/5Ubl6664OS+24P5V6Tjn9lW/p88svzMxkMvHA3mj9L8vW3lv2bl46u/uvi+J4L5X4uTfkZeu1F05NTKrWPtOOpK5n86jq6GcUXZdpxpVzLtan27MvZ/veMdVOO4cXsal9me1lFLtl9UN8Y86wPb01dtT/LCfi9tR9k7zbenh6d0XCcC55+zpVJ37ZG3vej9yU555+3+P6hvp///n86B7trYc3d5Zn8VnT+yR+80X/B92MBbGEXXC5P//21WW6+/N598ekl10aPHg++rHmv1fdVdDa1ZBe+rlh1v8HhxLD2eljse9Yfyv5bmL3c+COZPzgdF8+wTmXbhPOvK769onmWvU3qjOW3VveH4/Zt3PfXS8uA8Wzv2gi+eZ482tOYUzrNy/y8dnGfPxR3ZH8H8aztzXROcZ8l1TdE8uyTTLj/PGq9Hv5bc3pGJ703eIZ5q3adXv/7Wmb41Twfn2eFW59kfNrT6CudZuevb4PM0fn073dfnH+zrz/ft+jD579zpuj5cF9g+1evD3kl3JuqIPojXh4HjDAA086OH7vzf9e10/Z+eu9P1/w8yjyu7rsz+PFSqU+vKYP7DnVmvBK9Tx9cr073emu7r7Oldb7mOD+Qffx95ut8Xmt51pXVI0o6yd8ZYhwAA8H646N989zfr2+n6f/zn3pLf/38pbWceb50byH/W1rnT/T6JdXRu/g79fEXx+2DT/T6V9wG8D1DM+wAAAB8Om7buHhras2vLjUObtu3Ytnd8e9foymnyz6n+3eR2bSZP0c9P58XPahL/jWD+xvF8NhAfUhv9mdcouuHGb1++6aah26daf6i/ovrz4pvVn11fhOpfFYgPKVt/qL+i+vPim9V/dTB/43g+F4gPKVt/qL+i+vPim9X/zWD+xvH8eiA+pGz9of6K6s+Lb1Z/9vfBQvX/RiA+pGz9of6K6s+Lb1b/NcH8jeP5fCA+pGz9of6K6s+Lb1b/tcH8jeP5e4H4kLL1h/orqj8vvln91wXzN45ndSA+pGz9of6K6s+Lb1b/t4L5G8czGIgPKVt/qL+i+vPim9W/IZi/cTx/PxAfUrb+UH9F9efFN6v/+mD+xvF8IRAfUrb+UH9F9efFN6v/t4L5G8fzDwLxIWXrD/VXVH9efLP6NwbzN47nNwPxIWXrD/VXVH9efLP6fzuYv3E8XwzEh5StP9RfUf158c3q3xTM3zieLwXiQ8rWH+qvqP68+Gb1bw7mbxzPPwzEh5StP9RfUf158c3q3xLM3zieLwfiQ8rWH+qvqP68+Gb13xDM3zierwTiQ8rWH+qvqP68+Gb13xjM3zierwbiQ8rWH+qvqP68+Gb1Zz/vMFT/PwrEh5StP9RfUf158c3qHwrmbxzPmkB8SNn6Q/0V1Z8X36z+rcH8+Z8bkI0PKVt/qL+i+vPim9V/czB/43i+HogPKVt/qL+i+vPim9X/7WD+xvFcFYgPKVt/qL+i+vPim9W/LZi/cTxrA/EhZesP9VdUf158s/p/J5i/cTzfCMSHlK0/1F9R/Xnxzeq/JZi/cTzrAvEhZesP9VdUf158s/q3B/M3jufqQHxI2fpD/RXVnxffrP5bg/kbx/PNQHxI2fpD/RXVnxffrP4dwfyN41kfiA8pW3+ov6L68+Kb1b8zmL9xPNcE4kPK1h/qr6j+vPhm9e8K5m8cz7WB+JCy9Yf6K6o/L75Z/bcF8zeO57pAfEjZ+kP9FdWfF9+s/t3B/I3j+VYgPqRs/aH+iurPi29W/55g/sbxbAjEh5StP9RfUf158c3q3xvM3zie6wPxIWXrD/VXVH9efLP69wXzN47ntwLxIWXrD/VXVH9efLP6bw/mbxzPxkB8SNn6Q/0V1Z8X36z+/cH8jeP57UB8SNn6Q/0V1Z8X36z+7OdAhurfFIgPGa9/7+6hoU37dt20Ze/Qph07bxras2n/7m179w4lF2plf68s/HtB7/MvstBUw+tjbJJs27FnaPfk4/fMpvO3fk5Eo7/2NHPsNv5YS/HZj71ud9acK/O9K6o13V/nZ9rzks+jnRf4PNpsfJp28eidyZ9Hm+22VvA5rkXHp2z/oeNT3CQ+7/gaOp4Vnf+mfPwrnN89TevPbu5OfrGvO/5oS/FRk7/v1tp8Lfd7p8H5+lpr8zX7uetF8zUbP9X52ltyvmb7D82nSpP4ZtdDrc7XDYH4VOvzMw7Wmzevpvp3BtO0U/o7g5kvk7Txtwxafz2U+z3y4OshGXTR6yH7e9xFr4ds/FRfDzNLvh6y/Re9HvLim62PW309XBuID2l9PpT73ILgfFjR2nzI/h2rovmQjZ/qfOgpOR+y/RfNh7z4Zu8XtjofvhmIb1Xr86Pc54oE58fm1uZH9u9JFM2PbPxU50dccn5k+y+aH3nxzf4/pdX58Y1AfKrh/Ll1z+iiftuW7dsOZH4Aoy85f77f58Ozcl7+m9/4y/fGviTjqEwaR9H1RJwZx/xkJPNDf/cwMO4b/8u/Xf+DXzzw3Sha8dHqkvC4J4Y88SUjHhxecNeyZ6/72PEvjIy/0nT845Hp3y0u+HvH2fi0ntr2nXv2/trWnft2tPoTV82ln4dSGW9P0+ehJBurLX6+Sej3Cab6+SZdk+6cm1r+fBOAD4l5h5+bU99OP/8vPR/1J8e+mckBMN3e+nV2uc/XC15nH2rtOnt5tt6C6+xsfFpvq9fZlZLX2dn+i66z8+Kb/dxeq9fZXw/ET1XjPBmZIKPzY2jT/p27638mbrr/bm3nxzu9f8e3/Pim93Mb29X6+Kf3cyGnf/zT+3eAp3/80/t3ntt11tZLyYdFFn1+ZNE6KvR76VNdR82YdOfcZB0FAOe+f7b77X9d307X/8kqdnz9/52kXe1w/9O9jprudeV0Xyd/8D9/f3rXQdYDTTo7B1gPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOT7w//+n75f3+6u9Y/evvJ7e979+vlf/NG9Q6fu+vKf3HrPeX+68N2++9Z87aFVX/rx5j+bP7h02dCV3zty1f33vfj5X7z42BNrCjvqG7u5JGn2RFH8V3EULX37yGP3v/zn541si0f6j/vujubPjxd8f36cybDidBRFN42Ps/GbR06t3Dpye893uhu2z8skydYV9VbT8TSMM7qjsCI+gHqSeXZw0w1PHbtl8OUjA7tW/uzkFTvvngiJe+rmUxTN3Vz/+K4oimYm/0aks60/fXByuzaKoll1j/tswbgubnH8lwbaS5LbGcltb0Ge9PsXZdq1FsdRy9x2t/i4dlWmOX9Wdv9lD0bTJa1zbnL7fHJ7yRTzVNN/cVSJo9r48LfHE3Mkqnve4igends94+3KaDsab0fZdpxpVzLtalemrtF+kx1bjePG7WlcZnt6OK4l2y+qP1bnWBfYvii57UleqO+l7Sh7Z0zvpDsTdUR14zpxtiZGQCXw2ku3jw8veTJ6k2298YJJjxnOkX7vxA+3bHjnjQPP9wXGET8XJ/njtvIPDj157Nnrji7qD+XfXEnyV9rK/0r11dPPnOyfHcx/KM1fbSv/+l/+9MF7r96/MLh/TqT7p9ZW/mUPzz54av+67oFQ/sNp/p628l+5cemqC07uuz04/hXp/pnZVv6fPLL8zMZDLxwN5o/S/LPayv/mk08vqS569Hgw/7F0//S2lf+alY+v/uri+54I7v/X0vxz2sq/4fj9m3c99dLy4Pxcm+6fvrbyn179+ltn+tY8HTp2xofP9hkW4MPlI8k11oNJu911Zll164XHB2pj13yzk39zOtlRRly3dgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgJCdw9V99e23jj501bf/x6b/VoujKA48ZjhH+r3qjMHBgTbGsezh2QdP7V/XnbZH+u5vIw8AAAAw2eI3H7itvp2uwytJO456ov5ofzwzWpz7+PQ9gsVpK27cnn0PYeZEZEfyVDqUp9qhPLUO5enqUJ4ZHcrT3aE8PQV5eqLW8sxsmqfS8nhmdShPb4fyzO5QnjkdyjO3Q3nmdShPX9M8rc/D+R3Ks6BDeT7SoTwLO5Tnox3K87EO5TmvQ3my7ylPdR7OSSLPD+UZvVMtzFOLq+PfyHs/Pe3ngpL99LbYT/Y9+6n2M7PFfi4u2U9Pi/18smQ/cYv9LM88rjLFfioF/aTz9o5QPWmrxfl/Z4fyHOhQnoMdyvO7HcrzjzuU5590KM9dJfMAhPz+i5f8UX07Xf+n68846ou6a5dHs5IjTvZdgHS9e+Ho18nnu9ABKc23JLO9qyhfdoGdyXfhVMeXfQMhk+/jTfPVJq1Xc/LV6vMt61A+AAAAmIp/evpgw3/NTV7/90fdtYXj69dPZB5fuF7P/kd2Is13SYfyAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw/9m11xi5yvIB4O/ZmZ2Z/3LpQtoypbdN2z+FEHqhqRFUmDSRBCNsEVsuDVkrLGzD0kK3BVo1RTC22QSDFi/cPliQGEIEEpIGXRMMKPGDjQ1iuLgurAS+EEF6A4qOmd1zds/OzrDLKK3V3y/knHnOeZ73ec8hIXnOAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/+f74/b89m44H+3rbuwY6+kMUKv/UVK4huZfJlUptDezjnefWXvnXl7buTuJK73y2gYUAAACAcR4/b8bp6TiZw5PROwqFkM8uDfkoN6auGH8HKMZxU+vwec6isDyz+/8vjEpNQ/HJ0Ulj6gpxXSGOM3Fdz5at16/t7u7c+An+qPSpfo7q/UQhDH2+mHNiWLVo+zN7orbh52iZ4Dma4rrFm264cXHPlq1nrbth7XWd13WuX7Zs+TlLly09+5xli69d1925ZPgY8hOsF0IojX0vE/yLBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAI2Dbb3d/Kx0P9vW2dw109LdEIUR1aso1JPcyuVKprYF9vHLfg7MyM+7em8SV3vlsAwsBAAAA4/zq8Rnnp+NkDk9G7ygUQj6bC5kwYyieN5qaDaFcTq4vqLp+JPYOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcWfsOtv85HQ/29bZ3DXT0HxeFENWpKdeQ3MvkSqW2BvaxetmPzv/CzDvuTeJK72ID6wAAAADjvXB68x3pOJnDm+I4CoVQDPNDczRjTF3ybeDUqvWq85J1Zk8yr/rbQb28+ZPMO22SeWdMkHdxfL41AAAAwLHnitbfrU7HyfzfHMdRaA35bDFk4niiOT75LjC3Ki+pn2i+T+rn1amfaO5P6qvnfgAAAPhfdtabT3yYjsfP/8WQzxZG5u+J/p5+UXz2d3IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoJ5fH7zwF+l4sK+3vWugoz8ThRDVqSnXkNzL5Eqltgb2seofb+y4/dJbpiZxpXc+28BCAAAAwDiP5j59SzpO5vBk9I5CIeSzLaE5HDc097+WmzJ13Tdnzg4hlIYScrlw69pNmzaePXxM8r4U7frcwhv6zhyXt3T4eOSfFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+Fcte2TnmnQ82Nfb3jXQ0f9/UQhRnZpyDcm9TK5UamtgHy/sPOPwVXc91ZfEld7FBtYBAAAAxpvV/fRf0nEyhyezfxQKoRhyIRemD8XpWb+iqWq9et8MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgP8ePVu2Xr+2u7tzox9++OHHyI+j/V8mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgaPn5+u+9nY4H+3rbuwY6+gtRCFGdmnINyb1MrlRqa2Afn7pqzjmz92++OYkrvYsNrAMAAACMt+atzfvTcTKHJ7N/FAqhGJpDc5gWx+MNzf+tR2K3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA0TQ3RKH8MZ2y8mjvGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPgkHHhx1X3peLCvt71roKP/hCiEqE5NuYbkXiZXKrU1sI8r9377KzfuevaMJK70zmcbWAgAAAAYp/nNF7+ajpM5PBm9o1AI+eyskA+z4ivdYxeIMklize8Co3VfH1OWmXTdjqodD++sEH+HKIzsMwx9dhitu+sj64rx1abWyb0nAAAAOJZN23HxN9JxMv83x3EUWkM+Oy01V984pr5l0nP83WPqTph03U/H1LVOUPdveCUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQIPuXPncKel4sK+3vWugoz+KQojq1JRrSO5lcqVSWwP7KHXe9/TDl/fNSOJK72ID6wAAAADjXfpG4bvpOJnDk9k/CoVQDLPDiWH20NwfWsfWJ3nHlX7/8ordL10RwpLpz8/J1u33wz2XvR0Offa194YPQ2EITWOTmkKYEveL6vS7+g+PrHrmw+0PhLBkWmZW/X6jrUYPVaJS+eRtCx6+fPreFXWXAQAAgGNa4cEDP0nHyfyfTNRRaA357Pq683+S97Hm//aemdumxsf4C0BVRVNr3K+pTr/edx9oO7jmywcr8//zcwoj/6/A6fPH5qdbpY9V3xyiUnnuE6etPnzgpkuGLyT9M3X6r2med9LOt2bOS/oX4uvXhMn2D1X9ezoOzV/UcvwFY/uHENpq9f/xhY+/v+red68Y7l//fS/+0+Dnp4YNPyh0J8fhK+P7r7x/+c6tudenjO0f1em/8Nkn9z9266o7q5//1Gyt/uOPVSpds+XefbcvvG1F57mp/k11+t/c9so73/nZLx+q9N83t2Wk/8KPeP4J+++Zv2Pfru33rBn7/ku1+l991sYnt6y78q7q52+pWjj95tPH8e//1VnRRZt7Xt5YfQsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODY1vHYB4fS8WBfb3vXQEd/UxRCVKemXENyL5Mrldoa2MdvMns+eGh/8fgkrvQuNrAOAAAAMN4lK169Lh0nc3gy+0ehEIohF3KhZWjuP3nbgocvn753RWiN78fnbPeGnk1nXrth8/prjvQjAAAAABPYdd77K9JxMv9n4zgKrSGfXRCa4/l/5f3Ld27NvT4lmf9DCEN/7s9eu667c0kY+U7Q03Fo/qKW4y9I8jLxuVDJW3T1hu74M0Gy7lOPfmbpuZddOpLflM4/ezRv7hOnrT584KZLauYtG817dVZ00eaelzem9lkayVs6mte77/aFt63oPDd5jig+F+LnSfL2zN+xb9f2e9YkeU3xuSVeDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI4aT3/v61dDzY19veNdDRHzIhRHVqyjUk9zK5UqmtgX18cP7zg4dbv/hgEld657MNLAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPyTHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzXT2gcVRwH8Pd2t2bbTeumFppoDSn20oJQCBZ7kObiHyRqqShaKEYxXlQsiFbswbbBUNRDQaGlvZRWPCs5FLWHWGwVBbGKB/GkoCeVHJIiqagkmbfZTDskjraU8vnA8Pb3Zuc7b96+nd0BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBr2uM/3ltrrztq3bPtuddfvPDgzXd/cWB46rX7Pnp+/9qP11xojgw+8MbWe74Z+rxroHfD8JYPxh4aHTlz159nDh8dXPREr8w1m7KyHkL8LYbQ+/PY4dGzX66d6Ysz54/NfaGrK67+pCvmEjZPhxCebo1z4c6xqf5nZtr9b3Ys6L8xF5K/rtCopvHMaS4cL9eXerbO9j7x1InxZwfOjvXt7v918o4X9s2/Jdbb1lMIq4baj18WQliebTPSautOB2ft9hDCirbj7lxkXLctcfy3F9TrsvaGrG0skpP2r8/VtSWOo5ZrO5Z4XFmVK5yfl5+//M3oSknXuSprT2Xtpn+ZU01bDJUYaq3hPxfn10ho+9xiiLNru96qK7N1aNUhX8dcXcnV1WW565o9bzax1RgX9qf35frT7biW9a9vv1dfxo6C/p6srWdf1D9SHfIv5jQueTF/HaFtXBNXa2EUqBR891J/a3jZh9HI+hpx9SXH/H0Zad/EZ0/u/P37V081C8YR349ZfiyVPzB8bPy9x073dBflD1Wy/Eqp/HPVr6bfnezuLMw/lPKrpfIf+euXgwce3rOmcH4m0vzUSuVveKtz79SeHR19RfnHU369VP6WXb1bb5186eXC8W9O87O8VP53b2+8uOvQh6cL80PKX1Eq/4djJ9dVe945X5g/nuanUSr/0f4j2+6/ZeRo4fx/nfJXlsrfeX50aPeJTzcWrs/taX6apfKnt33708Xm4Mmie2c8frV/YQGuLzdl/7EOZnXZ58z/qu154Uhfbe4/X2e2rfw/T5QT255dAAAAAAD+YQeOBQAAAACE+Vt3ZbEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwAoAAP//pgBmrg==") mount(0x0, &(0x7f0000000000)='.\x00', 0x0, 0x2012024, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0) fcntl$setstatus(r0, 0x4, 0x0) r1 = dup(r0) copy_file_range(r0, 0x0, r1, &(0x7f0000000640)=0xe000, 0x1fff, 0x0) 5.709237884s ago: executing program 1: r0 = io_uring_setup(0x2a0c, &(0x7f00000002c0)) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4) bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10) sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) sendmmsg$inet(r1, &(0x7f0000000500)=[{{0x0, 0x0, &(0x7f0000000900)=[{0x0}, {&(0x7f0000000d40)="316f825a3d29f96a2093a917017b4cd300000000bee70035ed313e19d6dd1fb41a20baf7f7343067fd40cdd4b16742e94b62f4eb1c5d9faab7f30281", 0x3c}, {&(0x7f0000000700)}], 0x3}}], 0x1, 0x0) sendmsg$inet(r1, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000000)="14fafa37bf25f04bda99eefbbdd8d76b8136ee6cfdee25bdb2d1873ce347c7b623dd3140cfb2326fa1bf9f1dc2375eeba25df45aefdb3c49a4e7ffab4ed7181180bde98af6", 0x45}, {&(0x7f0000000580)="c3e361cabaa484b0c035139c64932a377f926342f6b052b6a3b273c187a5e0c26fe049092a54eb9b6be2ac2df69e6a36fad43d88851aa162b6aa0d4734e36aad318ea99586ca9f642920068473af2e996703149f0c13bcfae9beeb8d0db1a62525fe8d35518c4f382090dae83362e60a49eb89", 0x73}, {&(0x7f0000000800)="8434335f698d91a2a3efe5291f7ebbc2424bb7ee30459376efe5541dc546f93c4ad4f9343e78f0ab4905fd5197956540e7a587c2be6b3d04eb4e90b3f388e9a908564032db194919454c842247e2803e333358a2", 0x54}, {&(0x7f0000000980)="dfc56286b56ecc486c04bc14504d983be1f4ef618879be74e47bb41ea0ec8db85da5cfdb43e07b8cc7860bc152943651075c35a9e715afc516b3c84a77236602539578c21fa41ba1a52740bba9669431751337c09fb0f778ede72a7ea175b5a4b75731f0995db9a4c6b3697af718c4bd83bc52de04e2445f17ce7122d4e0a02228b5b85b6497a798dacaca452be0c031b4e1f486024133e474130eb73a1a8d37", 0xa0}], 0x4}, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 4.569234544s ago: executing program 3: r0 = syz_init_net_socket$llc(0x1a, 0x0, 0x0) setsockopt$sock_int(r0, 0x1, 0x3e, &(0x7f00000000c0)=0x7, 0x4) bind$llc(r0, &(0x7f0000000040)={0x1a, 0x0, 0x0, 0x54}, 0x10) r1 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0) r2 = openat$cgroup_ro(r1, &(0x7f0000000100)='blkio.bfq.time_recursive\x00', 0x275a, 0x0) write$cgroup_int(r2, &(0x7f0000000000), 0xffffff6a) sendfile(r0, r2, 0x0, 0xffffffff00f) 4.339016181s ago: executing program 1: syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./bus\x00', 0x1000410, &(0x7f0000000b80)={[{@acl}]}, 0x4, 0x4eb, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x275a, 0x0) futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, 0x0, 0x0, 0x0) futex(&(0x7f000000cffc)=0x40000000, 0x800000000006, 0x0, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3f, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000000020000000000000000018190000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x10) connect$netlink(0xffffffffffffffff, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f0000001540)=@newtaction={0x14, 0x30, 0x829}, 0x14}}, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) write$binfmt_script(r0, &(0x7f0000000380), 0x208e24b) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000180)='/sys/module/nf_conntrack_ftp', 0x80000, 0x2) ioctl$EXT4_IOC_MIGRATE(r0, 0x6609) fanotify_init(0x200, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x7fff) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x7, 0x2, 0x4, 0x5}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r3}, &(0x7f0000000b00), &(0x7f0000000300)}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='kmem_cache_free\x00'}, 0x10) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x68, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x12, 0x3, 'bitmap:ip,mac\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @empty=0x2}}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8}}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x68}}, 0x0) 3.138322245s ago: executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x4) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) ioprio_set$uid(0x3, 0x0, 0x0) 2.997196677s ago: executing program 4: r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=@base={0x12, 0x33, 0x8, 0x2}, 0x48) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000b40)={r0, &(0x7f0000000a40), 0x0}, 0x20) sendmsg$IPSET_CMD_SWAP(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="280000000606010800000000000000000700000409010007000000"], 0x28}, 0x1, 0x0, 0x0, 0x4000800}, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) r2 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r1, &(0x7f00000001c0)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x20}, 'veth1_vlan\x00'}}, 0x1e) connect$pppoe(r2, &(0x7f0000000240)={0x18, 0x0, {0x3, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x30}, 'syz_tun\x00'}}, 0x1e) r3 = socket$kcm(0x10, 0x2, 0x0) r4 = socket$alg(0x26, 0x5, 0x0) bind$alg(r4, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'crc32-generic\x00'}, 0x58) accept4(r4, 0x0, 0x0, 0x0) r5 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r5, 0x0, 0x80, &(0x7f0000000000)=@filter={'filter\x00', 0x2, 0x2, 0x250, [0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="00000000000000000000000000000000000000100000000000000000000000000000002000000000ffffffff0000000000000000000000000000050000000000000000000000000000000000000000000000000000000000ffffffff0100000003000000000000000000697036677265300000000000000000007465616d30000000000000000000000076657468305f746f5f626f6e6400000076657468305f746f5d626f6e64000000aaaaaaaaaa0000000000000024ffffffffff0000000000000000f0000000f0000000200100006c696d697400000000000000000000000000000000000000000000000000000020000000000000000000000002000000000000000000000000000000000000000000000000000000636c757374657200000000000000000000000000000000000000000000000000100000000000fdffffffffffffff000000000000000000004155444954000000000000000000000000000000000000000000000000000000080000000000000000449300000000000000000000000000000000000000000000000000369da91a00000000000000000000000001000000feffffff0100000011000000000000000000766c616e3000000000000000000000006c6f0000000000000000000000000000726f736530000000000000000000000062726964676530000000000000000000ffffffffffff000000000000aaaaaaaaaa0000000000000000007000000070000000a000000041554449540000000000000000000000000000000000000000000000000000000800"/592]}, 0x2c8) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$kcm(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000000)="2e00000010008188040f46ecdb4cb9cca7480ef421000000e3bd6efb440013030e000a000d000008ba8000001201", 0x2e}], 0x1}, 0x0) 2.869729929s ago: executing program 2: syz_emit_vhci(0x0, 0x0) socket$inet6_sctp(0xa, 0x5, 0x84) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan0\x00'}) socket$nl_route(0x10, 0x3, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0) ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000040)) ioctl$PPPIOCSACTIVE(r1, 0x40047459, &(0x7f0000000080)={0xfffffffffffffe43, 0x0}) read(r1, 0x0, 0x2) pwrite64(r1, &(0x7f0000000000)='@\n', 0x2, 0x0) 2.842378219s ago: executing program 1: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000200)='sys_enter\x00'}, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@index_on}, {@metacopy_on}]}) mknodat$loop(0xffffffffffffffff, 0x0, 0x0, 0x0) chdir(&(0x7f00000003c0)='./bus\x00') r0 = open(&(0x7f0000000040)='./file0\x00', 0x40c5, 0x0) r1 = open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() syz_emit_ethernet(0x312, &(0x7f00000020c0)={@multicast, @broadcast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "430093", 0x2dc, 0x3a, 0xff, @dev, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{}, {0x0, 0x1, "00000000000000000800ee00"}, {0x0, 0x18, "fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d0363a979acf93f88eea07d68423e90280409de1657275f716a2bf2915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cab282af9d7ebe668177704c5fd4698c934de4731f3f61effc978"}, {0x0, 0x1d, "06aa85616177c61bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8674b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0822a18b79f7c5eba31fb68b2d734a6671e27182aee4df24a4a5c6186c0d3baa75af390dab23b500b0c0272479611e4f7f4299ec4d926d443367b105185e6ecd9602ba95392343e9bbd047ef6bc1ba42399907ccd0a562db212baa39eb8164e240069f656d3a05fecf894222a141123f5acaa556b9f30dcab2b90aa235a670670ffc5dc49dfb58d89310000"}, {0x0, 0xb, "d47ae6e8805d4809c20547406b18901b0aeff04c0300f3c75dc2d227a83b89483b1084743475671545e65eb2e9ac946a3f0e2bc4619f91394c02bcfbbb7d71138537d68e2d2c6393a9f3becd1a9f51a948b5b303f4f019"}, {0x21, 0x7, "fcf98a102ec1876d4e6fa3b20519bbaa8a029cee00b8d3485e4163ed09bdb581c9fe68a356f542b0430509da61bfb02b3235e1d16212fb"}, {0x0, 0xf, "5e14f0e74d2d52cfb3f27fafb60845f90b6dfc87c6905bbc94d33e4575c853105f543e868a8a53b360a9d33e2b1e26eb1d18065daa7628cf9ef083611c9f6ae2e1eb3d8bf9c6ab2642c4808288e62afbf03269f1f98aea6ab3beb1fdc5fdaabc2c676d8800871a6aa54155dea2d995cb22c9924e0ad38c6967052c"}]}}}}}}, 0x0) fcntl$getownex(r1, 0x10, &(0x7f0000000240)) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) open(&(0x7f0000000100)='.\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48) write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600) sendfile(r0, r1, 0x0, 0xe065) 2.648364094s ago: executing program 0: r0 = syz_open_dev$radio(&(0x7f0000000000), 0xffffffffffffffff, 0x2) ioctl$VIDIOC_S_EXT_CTRLS(r0, 0xc0205647, &(0x7f0000000100)={0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000040)={0x98f910, 0x8000, '\x00', @ptr=0x20001100}}) 2.645367592s ago: executing program 4: r0 = syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x10, &(0x7f00000014c0), 0x1, 0x793, &(0x7f0000001700)="$eJzs3c1rXFUbAPDnTpKmb9r3TV4QbF0FBA2UTkyNrYKLigsRLBR0bTtMpqFmkimZSWlCoBYR3AhaXAi66dqPunPrx1b/Bd2ISEvVtFhxISN3PjqTZiadtvloze8Htz3n3jM595l77zln5h7mBrBjjab/ZCL2R8R7ScRwY30SEQO1VH/E0Xq5myvL+XRJolp99bekVubGynI+2l6T2tPI7IuIb96OOJBZW295cWkmVywW5hv58crsmfHy4tLB07O56cJ0Ye7wxOTkoSPPHBncuFj/+H5p79X3X3ry86N/vfXo5Xe/TeJo7G1sa49jo4zGaOM9GUjfwlVe3OjKtlmy3TvAPUkvzb76VR77Yzj6aqne9F4SAHiQnI+IKgCwwyT6fwDYYZrfA9xYWc6nS/X89n4fsdWuvRARu+vxN+9v1rf0N+7Z7a7dBx26kay635FExMgG1D8aER9/+fqn6RKbdB8SoJM3L0TEyZHRZvvfan+SNXMW6nqfkPFUD2VGb8tr/2DrfJWOf55tjf9a11/m1vgnOox/Bjtcu/diNGJXe37t9Z+5sgHVdJWO/54faM1tu9kWf8NIXyP339qYbyA5dbpYSNu2/0XEWAwMpvmJdeoYu/739VUr+lrJ9vHf7xff+CStP/2/VSJzpf+2JncqV8ndb9xN1y5EPNbfKf7k1vFPuox/j/dYx8vPvfNRt21p/Gm8zWV1/Js/q6x6KeKJ6Bx/U7Le/MTD47XTYbx5UnTwxU8fDnWrv/34p0taf/OzwFZIj//Q+vGPJO3zNct3X8d3l4a/7rbtzvF3Pv93Ja/V0s3G41yuUpmfiNiVvLJ2/aHWa5v5Zvk0/rHHO1//653/6WfCkz3G33/118/uPf7NlcY/dVfH/+4Tl2/O9HWrv7fjP1lLjTXW9NL+9bqD9/PeAQAAAAAAAAAAAAAAAAAAAAAAAECvMhGxN5JM9lY6k8lm68/wfiSGMsVSuXLgVGlhbipqz8oeiYFM86cuh9t+D3Wi8Xv4zfyh2/JPR8T/I+KDwf/U8tl8qTi13cEDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQMOeLs//T/0yuN17BwBsmt13LHG9sCU7AgBsmTv3/wDAv43+HwB2Hv0/AOw8+n8A2Hn0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGyy48eOpUv1z5XlfJqfOru4MFM6e3CqUJ7Jzi7ks/nS/JnsdKk0XSxk86XZtpf+0OnvFUulM5Mxt3BuvFIoV8bLi0snZksLc5UTp2dz04UThYEtiwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeldeXJrJFYuFeYmHJVEdrh+6B2V/Nj/x88Ef961X5qLTeOMT290yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwc/gkAAP//skMoxA==") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = open(&(0x7f0000007fc0)='./bus\x00', 0x0, 0x0) r5 = open(&(0x7f0000000380)='./file1\x00', 0x0, 0x0) bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000001740)={0x9c02}, 0x8) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000004000000000000000000850000002300000095"], &(0x7f0000000180)='GPL\x00', 0x4}, 0x90) r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000380)='sched_switch\x00', r6}, 0x10) r8 = socket(0x10, 0x80002, 0x4) sendmsg$nl_route_sched(r8, &(0x7f0000002980)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000006c0)=@newtaction={0x70, 0x13, 0x53b, 0x0, 0x0, {}, [{0x5c, 0x1, [@m_sample={0x58, 0x0, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PSAMPLE_GROUP={0x8}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x0, 0x0, 0x0, 0xe80}}, @TCA_SAMPLE_RATE={0x8, 0x3, 0x11}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x70}}, 0x0) r9 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000001080)={0x2, &(0x7f0000001040)=[{0x3, 0x7, 0x1, 0xffffff81}, {0x1ff, 0x2, 0xf2}]}) openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000600), 0x2, 0x0) unshare(0x22000600) r10 = bpf$ITER_CREATE(0x21, &(0x7f00000010c0)={r4}, 0x8) r11 = socket(0x10, 0x80002, 0x4) sendmsg$nl_route_sched(r11, &(0x7f0000002980)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000600), 0x70}}, 0x0) sendmmsg$unix(r3, &(0x7f00000003c0)=[{{0x0, 0x0, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000a40)}, {0x0}, {&(0x7f0000000b00)="6455089ab9075e64c4bedb2b941533bc71ec4be38eeb5e2e6c9ecdda0c6ed7bd4706c3fb85575d0034077bb770e214219d50542e7e671050c17a8022b175ce074558fe4e94f15f588cb4a56928bae16bd7f992b843c5011456ed86b60133edc2903c9f6bdf9a3620f7577841abe2e06fef85eb3ee0091a527f0977e3ba534f7fa31caf7465d30df85587b36f219c23d089bbff7e259bffa1157b2393f0a3cd0a5bd97fadc821f659", 0xa8}, {&(0x7f0000000bc0)="148187735e85181ef5b798e0e0df3f67ae40874566271a94a4c5672cb6b12c53f6d38fb1e5b243e0fa875e9e3d66ab33a3f9738fb48c072d1f50e59e4dbc9e920775d2900835f91f3629cd853370b1f5ac1978d3d610b0a8332a25389244c9c5165173bf18e89b7e8be9507774d8824a1a61b29a1b8081c0ea1dd6a0d3d4e8e8a11debfa97f12b69736819fffc7f3b5b08", 0x91}], 0x5, &(0x7f00000012c0)=ANY=[@ANYBLOB="28000000000000000100000001000000b5376e51ab324160b1445009bfc3f82936bb8364a6e2f1156c4edfa76c8fd8a62c975d37d61c58094e0f4f8a9c48d4e621360d15ca9ab3e8ffa4ab41ed51e8cda603426f09bdeed81216d158e19abc17785c9854077c81c9", @ANYRESHEX=r4, @ANYRES32=r5, @ANYRES32, @ANYRES32=r4, @ANYRES32, @ANYBLOB, @ANYRES32, @ANYRESHEX=r6, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32, @ANYRES32=0xee00, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000fa000000", @ANYRESHEX=r7, @ANYRES32=r11, @ANYRESHEX, @ANYBLOB="00000000280000000100cc8d26e9ce24e5c36be347000001000000", @ANYRESOCT=r1, @ANYRES32=r9, @ANYRES32=r0, @ANYRES32=r10, @ANYRES32=r11], 0xa8, 0x40040}}], 0x1, 0x4000) r12 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000005c0)='/sys/block/loop0', 0x200, 0x54) sendmsg$NL80211_CMD_SET_WIPHY_NETNS(r4, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000040)={&(0x7f0000001240)=ANY=[@ANYBLOB="3d00001126ee28dcd11ce5ec583d7039267bfd91e686737de5b57db34d10740fd023", @ANYRES16=0x0, @ANYRES32=0x0, @ANYBLOB="0c00990004000000580000000800010057000000080001002e0000000800db00", @ANYRES32=r12], 0x48}, 0x1, 0x0, 0x0, 0x4001}, 0x11) ioctl$sock_SIOCSIFBR(r8, 0x2, &(0x7f0000000680)=@add_del={0x2, &(0x7f00000001c0)='syzkaller1\x00'}) 2.445609907s ago: executing program 2: socket$igmp(0x2, 0x3, 0x2) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000340)={'wlan1\x00'}) sendmsg$NL80211_CMD_GET_WIPHY(r0, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x0) 2.310906999s ago: executing program 2: process_vm_readv(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = socket$inet(0x2, 0x6, 0x0) dup3(0xffffffffffffffff, r0, 0x0) shutdown(r0, 0x0) recvmmsg(r0, &(0x7f00000066c0), 0xa0d, 0x0, 0x0) 2.02936206s ago: executing program 2: socket$caif_stream(0x25, 0x1, 0x1) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) ioctl$SIOCSIFHWADDR(r0, 0x8924, 0x0) syz_open_procfs(0x0, &(0x7f00000009c0)='net/tcp6\x00') futex_waitv(0x0, 0x0, 0x2, 0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x40000000015, 0x5, 0x0) r1 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x801) r3 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000100), 0x20100, 0x0) ioctl$TUNGETSNDBUF(r3, 0x800454d3, &(0x7f0000000140)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}}) syz_memcpy_off$IO_URING_METADATA_FLAGS(r1, 0x0, &(0x7f0000000000), 0x0, 0x4) 1.975257013s ago: executing program 3: pipe(&(0x7f00000001c0)) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=@framed, 0x0}, 0x90) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) r0 = socket$netlink(0x10, 0x3, 0xc) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x8, 0x10, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000040), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000b, 0x28011, r1, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f00000002c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000001280)="b7f2288a911993f08d3aaea2bc0000de", 0x10) sendfile(0xffffffffffffffff, r2, 0x0, 0x10000a006) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) preadv(r4, &(0x7f0000001580)=[{&(0x7f0000000140)=""/90, 0x88400}], 0x2, 0x0, 0x0) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000140)=0x6, 0x4) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000200), 0x4) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)={0xac, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @mcast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @local}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x18, 0x6, 0x0, 0x1, [@CTA_NAT_V6_MINIP={0x14, 0x4, @mcast1}]}]}, 0xac}}, 0x0) 1.503855641s ago: executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x4) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) ioprio_set$uid(0x3, 0x0, 0x0) 1.409425275s ago: executing program 4: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) write$cgroup_int(0xffffffffffffffff, &(0x7f0000000040), 0x12) sendmsg$IPSET_CMD_FLUSH(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x14, 0x4, 0x6, 0x201}, 0x14}}, 0x0) ioctl$SIOCSIFHWADDR(r0, 0x89f1, &(0x7f0000000900)={'ip6_vti0\x00', @random="0600002000"}) 1.149043689s ago: executing program 1: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10) r1 = syz_open_dev$vcsa(&(0x7f0000000100), 0x2, 0x4204) fsopen(&(0x7f00000002c0)='hpfs\x00', 0x1) ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r1, 0x7a8, &(0x7f0000000180)={{@host, 0x1000007f}, @local, 0xa, 0x1000006, 0x2, 0x3, 0x403a, 0x5, 0x80e}) setsockopt$inet_sctp6_SCTP_RECVRCVINFO(r0, 0x84, 0x20, &(0x7f00000000c0)=0x10000, 0x4) sendmmsg$inet6(r0, &(0x7f0000008780)=[{{&(0x7f0000000000)={0xa, 0x4e20, 0x0, @dev={0xfe, 0x80, '\x00', 0x11}, 0x6}, 0x1c, &(0x7f0000000440)=[{&(0x7f0000000040)='{', 0x1}], 0x1}}], 0x1, 0x0) openat$cgroup_int(r1, &(0x7f00000001c0)='notify_on_release\x00', 0x2, 0x0) readv(0xffffffffffffffff, &(0x7f0000000680)=[{&(0x7f0000000200)=""/140, 0x8c}, {0x0}, {&(0x7f0000000380)=""/130, 0x82}, {&(0x7f00000004c0)=""/199, 0xc7}, {&(0x7f0000000280)}], 0x5) recvmsg(r0, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0) fspick(0xffffffffffffff9c, &(0x7f0000000780)='./file0\x00', 0x1) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000840)='cpuset.memory_spread_slab\x00', 0x2, 0x0) socket(0x10, 0x3, 0x0) unshare(0xa020480) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000580), 0x12) 956.798785ms ago: executing program 4: sendmsg$key(0xffffffffffffffff, 0x0, 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x0) bind$bt_hci(0xffffffffffffffff, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x12, 0xc, &(0x7f00000019c0)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x90) r0 = syz_open_dev$cec(&(0x7f0000000480), 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000001c0)) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x1) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0xc0200, 0x0) preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) read$FUSE(r1, &(0x7f00000021c0)={0x2020}, 0x2020) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58) ioctl$SG_BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000380)={'\x00', 0x40, 0x2a3b1846, 0xfff, 0x0, 0x2}) accept4(r2, 0x0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000200)="ad00"/16, 0x10) ioctl$CEC_ADAP_S_LOG_ADDRS(r0, 0xc05c6104, &(0x7f0000000300)={"a97c5ff4", 0x0, 0x3, 0x1, 0x0, 0x0, "471d8555269bcc14d76f2cacd41ff3", "d17563f2", '\x00', "001400", ["c7fae40c3521d20000001042", "6a0a67a40900007c976f2c00", "34064000cbfd92c98d9c3338", "e1967ddf000000000000de77"]}) r4 = dup(0xffffffffffffffff) read$FUSE(0xffffffffffffffff, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x16b0) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x1d) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$inet(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000006c0)="5c00000013006bcd9e3fe3dc6e48aa31086b87030b0000001f00000000000000040014000d000a000d0000009ee517d34460bc24eab556a705251e6182949a3651f60a84c9f5d1938037e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r4, 0x0, 0xe, 0x0, &(0x7f0000000180)="0000ffffff8d00f03f471523b378", 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x8}, 0x50) 924.200474ms ago: executing program 3: r0 = socket(0x10, 0x3, 0x0) r1 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00'}) sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, 0x0}, 0x0) 691.398785ms ago: executing program 3: r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=@base={0x12, 0x33, 0x8, 0x2}, 0x48) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000b40)={r0, &(0x7f0000000a40), 0x0}, 0x20) sendmsg$IPSET_CMD_SWAP(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="280000000606010800000000000000000700000409010007000000"], 0x28}, 0x1, 0x0, 0x0, 0x4000800}, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) r2 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r1, &(0x7f00000001c0)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x20}, 'veth1_vlan\x00'}}, 0x1e) connect$pppoe(r2, &(0x7f0000000240)={0x18, 0x0, {0x3, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x30}, 'syz_tun\x00'}}, 0x1e) r3 = socket$kcm(0x10, 0x2, 0x0) r4 = socket$alg(0x26, 0x5, 0x0) bind$alg(r4, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'crc32-generic\x00'}, 0x58) accept4(r4, 0x0, 0x0, 0x0) r5 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r5, 0x0, 0x80, &(0x7f0000000000)=@filter={'filter\x00', 0x2, 0x2, 0x250, [0x0, 0x20000100], 0x2, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="00000000000000000000000000000000000000100000000000000000000000000000002000000000ffffffff0000000000000000000000000000050000000000000000000000000000000000000000000000000000000000ffffffff0100000003000000000000000000697036677265300000000000000000007465616d30000000000000000000000076657468305f746f5f626f6e6400000076657468305f746f5d626f6e64000000aaaaaaaaaa0000000000000024ffffffffff0000000000000000f0000000f0000000200100006c696d697400000000000000000000000000000000000000000000000000000020000000000000000000000002000000000000000000000000000000000000000000000000000000636c757374657200000000000000000000000000000000000000000000000000100000000000fdffffffffffffff000000000000000000004155444954000000000000000000000000000000000000000000000000000000080000000000000000449300000000000000000000000000000000000000000000000000369da91a00000000000000000000000001000000feffffff0100000011000000000000000000766c616e3000000000000000000000006c6f0000000000000000000000000000726f736530000000000000000000000062726964676530000000000000000000ffffffffffff000000000000aaaaaaaaaa0000000000000000007000000070000000a000000041554449540000000000000000000000000000000000000000000000000000000800"/592]}, 0x2c8) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$kcm(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000000)="2e00000010008188040f46ecdb4cb9cca7480ef421000000e3bd6efb440013030e000a000d000008ba8000001201", 0x2e}], 0x1}, 0x0) 470.342633ms ago: executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) 442.459907ms ago: executing program 0: socket$caif_stream(0x25, 0x1, 0x1) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) ioctl$SIOCSIFHWADDR(r0, 0x8924, 0x0) syz_open_procfs(0x0, &(0x7f00000009c0)='net/tcp6\x00') futex_waitv(0x0, 0x0, 0x2, 0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x40000000015, 0x5, 0x0) r1 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f00000000c0)) r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000100), 0x20100, 0x0) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000140)) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}}) syz_memcpy_off$IO_URING_METADATA_FLAGS(r1, 0x0, &(0x7f0000000000), 0x0, 0x4) 412.77342ms ago: executing program 3: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet(0x2, 0x6, 0x0) dup3(r0, r1, 0x0) shutdown(r1, 0x0) recvmmsg(r1, &(0x7f00000066c0), 0xa0d, 0x0, 0x0) 211.212112ms ago: executing program 3: r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3e, &(0x7f00000000c0)=0x7, 0x4) bind$llc(r0, &(0x7f0000000040)={0x1a, 0x0, 0x0, 0x54}, 0x10) r1 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0) r2 = openat$cgroup_ro(r1, &(0x7f0000000100)='blkio.bfq.time_recursive\x00', 0x275a, 0x0) write$cgroup_int(r2, &(0x7f0000000000), 0xffffff6a) sendfile(r0, r2, 0x0, 0xffffffff00f) 158.227494ms ago: executing program 2: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = dup2(r0, r1) sendmmsg$inet(r2, &(0x7f0000000dc0)=[{{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000a00)="316f825a3d29f96a2093a917017b4cd30000000000000035ed313e19d6dd", 0x1e}, {&(0x7f0000000640)="0036d551863e1902129da79f5986e05288f50e5398660c1a29b0f45c0cc36902e0251c8d34197b357b32b161f9ad72d55a0eab976aae24ed805271b43f0ce2fea5e764494873e0d82a172b3bb54f59b458fd35039c7d81e9ab07f2fb4dad61bd500a119b54c74a12e4569e47b69a95f92c6380af2bd003fa56f06a23bbd1c76d7756bf4fcaff0c23374ec7c4aadbb8b985f14893a91d750e168350685e0f4f079d2d8e79be174ef9355b70719c712c5d15d2e7505a8696b50738ece15ee5", 0xbe}, {&(0x7f0000000700)="f5e022a4d2ed0cf5f8b2e9857cb9af98da7aa60f7a1582aadeaef336f9139f6768452f868624c7e6ce0948f33f1a63e0fcf0f2df283b3ca3f1f4de26a8b575ccb465985e48f65b9a7fcc93c0a5be8b16774f7c7ca9848a182d6ee7c0f2b9c0e7030ed93ee34214c25c951279", 0x6c}, {&(0x7f0000000500)="fff5c0293353db83a683db60266a3867d03f740f4f0a7bafe7be9b2bac0bf1b2019dbde5f640c897ac57789fb8490642b47a96f0d03ec69d1f6e90e86be7fb3ef9e76969438283b0ab8d31b707ddd3b453f5ed67232e172945aecaf6dd89", 0x5e}], 0x4}}, {{0x0, 0x0, &(0x7f00000005c0)}}, {{0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000f00)="2ea5d94f90933978352c42a3dad24b4909f57c7dba08e38797ab936fc9c5158f38287dbf6242139b1abfd08aabc9d67efa71c608a29bc1636373ad0461338c453a5bae9e10b5713832e4a6b717d0ebe8c0ee1fd8ccfdd83c514ffa754463ff63126faf04b514e5a27aa54f59f9516e5cba1a7a587a56a944c41c7081bcfd9fc61a4f714f7d7284f39cb83ab2013358814c3043db5fb95583aafd0910c9fc00000000000000000099a821fe7b604fa870b9a8fd792630f0ac", 0xb8}], 0x1}}], 0x3, 0x0) sendmsg$TIPC_NL_SOCK_GET(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001340)=ANY=[], 0x2b8}}, 0x0) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4) sendto$inet(r0, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf6f4b4704ff922b3f1e0b02bd67a653059bcecc7a95425a3a07e758044ab4ea6f7ae55d88facf90b", 0x3a, 0x11, 0x0, 0x0) 148.037844ms ago: executing program 1: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000200)='sys_enter\x00'}, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@index_on}, {@metacopy_on}]}) mknodat$loop(0xffffffffffffffff, 0x0, 0x0, 0x0) chdir(&(0x7f00000003c0)='./bus\x00') r0 = open(&(0x7f0000000040)='./file0\x00', 0x40c5, 0x0) r1 = open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() syz_emit_ethernet(0x312, &(0x7f00000020c0)={@multicast, @broadcast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "430093", 0x2dc, 0x3a, 0xff, @dev, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{}, {0x0, 0x1, "00000000000000000800ee00"}, {0x0, 0x18, "fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d0363a979acf93f88eea07d68423e90280409de1657275f716a2bf2915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cab282af9d7ebe668177704c5fd4698c934de4731f3f61effc978"}, {0x0, 0x1d, "06aa85616177c61bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8674b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0822a18b79f7c5eba31fb68b2d734a6671e27182aee4df24a4a5c6186c0d3baa75af390dab23b500b0c0272479611e4f7f4299ec4d926d443367b105185e6ecd9602ba95392343e9bbd047ef6bc1ba42399907ccd0a562db212baa39eb8164e240069f656d3a05fecf894222a141123f5acaa556b9f30dcab2b90aa235a670670ffc5dc49dfb58d89310000"}, {0x0, 0xb, "d47ae6e8805d4809c20547406b18901b0aeff04c0300f3c75dc2d227a83b89483b1084743475671545e65eb2e9ac946a3f0e2bc4619f91394c02bcfbbb7d71138537d68e2d2c6393a9f3becd1a9f51a948b5b303f4f019"}, {0x21, 0x7, "fcf98a102ec1876d4e6fa3b20519bbaa8a029cee00b8d3485e4163ed09bdb581c9fe68a356f542b0430509da61bfb02b3235e1d16212fb"}, {0x0, 0xf, "5e14f0e74d2d52cfb3f27fafb60845f90b6dfc87c6905bbc94d33e4575c853105f543e868a8a53b360a9d33e2b1e26eb1d18065daa7628cf9ef083611c9f6ae2e1eb3d8bf9c6ab2642c4808288e62afbf03269f1f98aea6ab3beb1fdc5fdaabc2c676d8800871a6aa54155dea2d995cb22c9924e0ad38c6967052c"}]}}}}}}, 0x0) fcntl$getownex(r1, 0x10, &(0x7f0000000240)) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) open(&(0x7f0000000100)='.\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48) write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600) sendfile(r0, r1, 0x0, 0xe065) 0s ago: executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() timer_create(0x0, &(0x7f0000000680)={0x0, 0x21}, &(0x7f0000000000)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) ioprio_set$uid(0x3, 0x0, 0x0) kernel console output (not intermixed with test programs): 64.485362][ T5109] hsr_slave_1: entered promiscuous mode [ 64.494801][ T5109] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 64.502783][ T5109] Cannot create hsr debugfs directory [ 64.525350][ T5105] hsr_slave_0: entered promiscuous mode [ 64.532816][ T5105] hsr_slave_1: entered promiscuous mode [ 64.539421][ T5105] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 64.547183][ T5105] Cannot create hsr debugfs directory [ 64.614925][ T5104] hsr_slave_0: entered promiscuous mode [ 64.622094][ T5104] hsr_slave_1: entered promiscuous mode [ 64.630238][ T5104] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 64.637978][ T5104] Cannot create hsr debugfs directory [ 64.649619][ T5102] hsr_slave_0: entered promiscuous mode [ 64.656693][ T5102] hsr_slave_1: entered promiscuous mode [ 64.663717][ T5102] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 64.671446][ T5102] Cannot create hsr debugfs directory [ 65.132667][ T5109] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 65.145330][ T5109] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 65.158156][ T5109] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 65.170848][ T5109] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 65.233768][ T5101] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 65.248531][ T5101] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 65.263509][ T5101] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 65.273739][ T5101] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 65.370591][ T5105] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 65.389597][ T5105] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 65.404467][ T5105] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 65.415791][ T5105] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 65.490435][ T5104] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 65.510085][ T5104] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 65.538479][ T5104] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 65.549987][ T5104] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 65.632640][ T5101] 8021q: adding VLAN 0 to HW filter on device bond0 [ 65.675350][ T5102] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 65.687101][ T5102] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 65.704016][ T5102] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 65.729184][ T5102] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 65.769320][ T5109] 8021q: adding VLAN 0 to HW filter on device bond0 [ 65.805847][ T5101] 8021q: adding VLAN 0 to HW filter on device team0 [ 65.841187][ T5154] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.848611][ T5154] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.861703][ T5109] 8021q: adding VLAN 0 to HW filter on device team0 [ 65.897060][ T5154] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.904691][ T5154] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.915279][ T5154] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.923123][ T5154] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.990379][ T5157] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.997833][ T5157] bridge0: port 2(bridge_slave_1) entered forwarding state [ 66.077767][ T5114] Bluetooth: hci3: command tx timeout [ 66.093838][ T5104] 8021q: adding VLAN 0 to HW filter on device bond0 [ 66.106600][ T5105] 8021q: adding VLAN 0 to HW filter on device bond0 [ 66.157058][ T5101] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 66.175214][ T5114] Bluetooth: hci4: command tx timeout [ 66.180834][ T5114] Bluetooth: hci1: command tx timeout [ 66.182920][ T4481] Bluetooth: hci2: command tx timeout [ 66.186230][ T5107] Bluetooth: hci0: command tx timeout [ 66.241071][ T5104] 8021q: adding VLAN 0 to HW filter on device team0 [ 66.273394][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.280594][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 66.355877][ T5105] 8021q: adding VLAN 0 to HW filter on device team0 [ 66.366990][ T5160] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.374414][ T5160] bridge0: port 2(bridge_slave_1) entered forwarding state [ 66.414375][ T5160] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.425017][ T5160] bridge0: port 1(bridge_slave_0) entered forwarding state [ 66.457552][ T5102] 8021q: adding VLAN 0 to HW filter on device bond0 [ 66.486156][ T5154] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.493486][ T5154] bridge0: port 2(bridge_slave_1) entered forwarding state [ 66.509175][ T5109] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 66.549398][ T5102] 8021q: adding VLAN 0 to HW filter on device team0 [ 66.591923][ T5159] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.599845][ T5159] bridge0: port 1(bridge_slave_0) entered forwarding state [ 66.655745][ T5159] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.662941][ T5159] bridge0: port 2(bridge_slave_1) entered forwarding state [ 66.706784][ T5105] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 66.726186][ T5101] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 66.788486][ T5109] veth0_vlan: entered promiscuous mode [ 66.864835][ T5102] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 66.913326][ T5109] veth1_vlan: entered promiscuous mode [ 66.971068][ T5101] veth0_vlan: entered promiscuous mode [ 67.040974][ T5101] veth1_vlan: entered promiscuous mode [ 67.073257][ T5109] veth0_macvtap: entered promiscuous mode [ 67.104418][ T5109] veth1_macvtap: entered promiscuous mode [ 67.182657][ T5101] veth0_macvtap: entered promiscuous mode [ 67.202828][ T5104] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 67.221965][ T5105] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 67.233749][ T5101] veth1_macvtap: entered promiscuous mode [ 67.243875][ T5109] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 67.265974][ T5109] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 67.294511][ T5101] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 67.305825][ T5101] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.319216][ T5101] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 67.350021][ T5101] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 67.361415][ T5101] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.373962][ T5101] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 67.384521][ T5109] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.393822][ T5109] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.406928][ T5109] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.416205][ T5109] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.471809][ T5101] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.482607][ T5101] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.491681][ T5101] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.510221][ T5101] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.541995][ T5102] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 67.671553][ T5104] veth0_vlan: entered promiscuous mode [ 67.705138][ T5160] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.717773][ T5160] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.749155][ T5104] veth1_vlan: entered promiscuous mode [ 67.815782][ T5102] veth0_vlan: entered promiscuous mode [ 67.826671][ T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.837198][ T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.852592][ T5154] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.879321][ T5154] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.902047][ T5105] veth0_vlan: entered promiscuous mode [ 67.924415][ T5102] veth1_vlan: entered promiscuous mode [ 67.965039][ T5105] veth1_vlan: entered promiscuous mode [ 67.991849][ T5104] veth0_macvtap: entered promiscuous mode [ 68.036363][ T5104] veth1_macvtap: entered promiscuous mode [ 68.038973][ T5154] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 68.062285][ T5154] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 68.160517][ T5114] Bluetooth: hci3: command tx timeout [ 68.239482][ T5114] Bluetooth: hci1: command tx timeout [ 68.245570][ T5107] Bluetooth: hci0: command tx timeout [ 68.251764][ T5107] Bluetooth: hci2: command tx timeout [ 68.257923][ T5114] Bluetooth: hci4: command tx timeout [ 68.321725][ T5102] veth0_macvtap: entered promiscuous mode [ 68.334031][ T5102] veth1_macvtap: entered promiscuous mode [ 68.762255][ T5105] veth0_macvtap: entered promiscuous mode [ 69.086736][ T5102] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 69.119058][ T29] audit: type=1326 audit(1717684988.145:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5191 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1849c7cf69 code=0x0 [ 69.172359][ T5102] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 69.201344][ T5102] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 69.208698][ T5194] loop0: detected capacity change from 0 to 2048 [ 69.216889][ T5102] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 69.242080][ T5194] UDF-fs: error (device loop0): udf_process_sequence: Primary Volume Descriptor not found! [ 69.251970][ T5196] loop3: detected capacity change from 0 to 512 [ 69.274695][ T5194] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 69.298980][ T5102] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 69.316476][ T5196] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 69.329572][ T5196] ext4 filesystem being mounted at /root/syzkaller-testdir3251348183/syzkaller.kLKkZb/1/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 69.359611][ T5104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 69.384720][ T5104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 69.434336][ T5104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 69.447667][ T5194] Zero length message leads to an empty skb [ 69.457375][ T5104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 69.480657][ T5104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 69.503991][ T5104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 69.524550][ T5104] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 69.543985][ T5105] veth1_macvtap: entered promiscuous mode [ 69.566814][ T5102] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 69.596581][ T5102] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 69.611898][ T5102] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 69.623826][ T5102] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 69.635369][ T5102] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 69.659524][ T5104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 69.732561][ T5104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 69.864047][ T5104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 69.971904][ T5104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 70.237345][ T5117] Bluetooth: hci3: command tx timeout [ 70.249857][ T5104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 70.271195][ T5104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 70.301176][ T5104] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 70.317376][ T5117] Bluetooth: hci4: command tx timeout [ 70.323050][ T5117] Bluetooth: hci2: command tx timeout [ 70.337591][ T5117] Bluetooth: hci1: command tx timeout [ 70.343125][ T5117] Bluetooth: hci0: command tx timeout [ 70.371178][ T5104] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.394548][ T5104] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.403895][ T5104] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.412814][ T5104] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.430728][ T5109] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 70.449439][ T5102] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.458934][ T5102] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.468417][ T5102] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.481491][ T5102] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.535895][ T5105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 70.565040][ T5105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 70.591923][ T5105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 70.611557][ T5105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 70.624096][ T5105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 70.638484][ T5105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 70.654146][ T5105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 70.666394][ T5105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 70.708809][ T5105] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 70.794371][ T5105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 70.840543][ T5212] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 70.864488][ T5105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 70.875998][ T5105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 70.886722][ T5105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 70.896766][ T5105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 70.908848][ T5105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 70.927140][ T5105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 70.947282][ T5105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 70.969197][ T5105] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 70.982183][ T5212] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 71.063987][ T5105] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.088956][ T5105] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.100845][ T5105] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.110090][ T5105] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.175127][ T8] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 71.184502][ T8] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 71.272901][ T2851] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 71.303395][ T2851] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 71.359287][ T2851] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 71.375450][ T929] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 71.386868][ T2851] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 71.397984][ T929] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 71.594511][ T5159] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 71.632518][ T5159] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 71.776459][ T2902] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 71.797831][ T2902] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 71.843314][ T1249] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.852740][ T1249] ieee802154 phy1 wpan1: encryption failed: -22 [ 72.074172][ T5229] netlink: 224 bytes leftover after parsing attributes in process `syz-executor.1'. [ 72.664718][ T5239] loop0: detected capacity change from 0 to 4096 [ 72.727196][ T5239] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512). [ 72.773567][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 72.782134][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 72.792948][ T5242] ======================================================= [ 72.792948][ T5242] WARNING: The mand mount option has been deprecated and [ 72.792948][ T5242] and is ignored by this kernel. Remove the mand [ 72.792948][ T5242] option from the mount to silence this warning. [ 72.792948][ T5242] ======================================================= [ 72.911770][ T5242] EXT4-fs (sda1): re-mounted 5941fea2-f5fa-4b4e-b5ef-9af118b27b95 r/w. Quota mode: none. [ 72.961166][ T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!! [ 72.987671][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 73.255024][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 73.268212][ T5247] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 73.297292][ T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!! [ 73.357609][ T0] NOHZ tick-stop error: local softirq work is pending, handler #142!!! [ 73.497277][ T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!! [ 74.176628][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 74.688442][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 75.580378][ T5255] syz-executor.0 (pid 5255) is setting deprecated v1 encryption policy; recommend upgrading to v2. [ 75.592643][ T5236] syz-executor.2 (5236): drop_caches: 2 [ 76.083712][ T5261] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 78.974844][ T5267] EXT4-fs (sda1): re-mounted 5941fea2-f5fa-4b4e-b5ef-9af118b27b95 r/w. Quota mode: none. [ 79.005674][ T5275] loop1: detected capacity change from 0 to 128 [ 79.338577][ T29] audit: type=1326 audit(1717684998.385:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5279 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1849c7cf69 code=0x0 [ 79.521434][ T5282] loop0: detected capacity change from 0 to 2048 [ 79.556574][ T29] audit: type=1804 audit(1717684998.585:4): pid=5281 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir1471014640/syzkaller.NDRruG/3/bus/file0" dev="overlay" ino=1969 res=1 errno=0 [ 79.794136][ T5282] UDF-fs: error (device loop0): udf_process_sequence: Primary Volume Descriptor not found! [ 79.939398][ T5282] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 80.688032][ T5277] loop4: detected capacity change from 0 to 32768 [ 80.724218][ T29] audit: type=1326 audit(1717684999.765:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5288 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff14d27cf69 code=0x0 [ 81.039548][ T5292] loop3: detected capacity change from 0 to 2048 [ 81.085713][ T5292] UDF-fs: error (device loop3): udf_process_sequence: Primary Volume Descriptor not found! [ 81.154314][ T5292] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 81.335171][ T5300] binder: BINDER_SET_CONTEXT_MGR already set [ 81.341607][ T5300] binder: 5293:5300 ioctl 4018620d 20000040 returned -16 [ 82.111058][ T1149] cfg80211: failed to load regulatory.db [ 82.270763][ T29] audit: type=1804 audit(1717685001.315:6): pid=5298 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1806458761/syzkaller.ANQ55i/4/file0/0x0000000000000000" dev="loop4" ino=8 res=1 errno=0 [ 82.738521][ T29] audit: type=1804 audit(1717685001.785:7): pid=5317 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir3251348183/syzkaller.kLKkZb/6/bus/file0" dev="overlay" ino=1944 res=1 errno=0 [ 83.811742][ T5322] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 83.865404][ T5296] syz-executor.0 (5296): drop_caches: 2 [ 84.018132][ T5331] EXT4-fs (sda1): re-mounted 5941fea2-f5fa-4b4e-b5ef-9af118b27b95 r/w. Quota mode: none. [ 84.019740][ T5333] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 84.258772][ T5342] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'. [ 84.364695][ T5322] loop1: detected capacity change from 0 to 8192 [ 84.372270][ T29] audit: type=1326 audit(1717685003.405:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5341 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6339e7cf69 code=0x0 [ 84.401705][ T5322] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 84.489832][ T5354] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 84.754922][ T5355] loop0: detected capacity change from 0 to 512 [ 84.999241][ T5355] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002] [ 85.083893][ T29] audit: type=1804 audit(1717685004.125:9): pid=5360 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir1869448535/syzkaller.LbrAwh/6/bus/file0" dev="overlay" ino=1969 res=1 errno=0 [ 85.327736][ T5355] EXT4-fs (loop0): orphan cleanup on readonly fs [ 86.141910][ T5355] EXT4-fs warning (device loop0): ext4_enable_quotas:7078: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 86.332391][ T5355] EXT4-fs (loop0): Cannot turn on quotas: error -22 [ 86.365654][ T29] audit: type=1326 audit(1717685005.405:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5369 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1abb27cf69 code=0x0 [ 86.417008][ T5355] EXT4-fs error (device loop0): ext4_ext_check_inode:520: inode #13: comm syz-executor.0: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 86.507419][ T5355] EXT4-fs error (device loop0): ext4_orphan_get:1399: comm syz-executor.0: couldn't read orphan inode 13 (err -117) [ 86.602240][ T5372] loop1: detected capacity change from 0 to 2048 [ 86.681560][ T5372] UDF-fs: error (device loop1): udf_process_sequence: Primary Volume Descriptor not found! [ 86.749698][ T5372] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 86.765480][ T5355] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 86.955992][ T5355] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 87.492978][ T5387] UBIFS error (pid: 5387): cannot open "./file0", error -22 [ 87.856552][ T5373] syz-executor.4 (5373): drop_caches: 2 [ 88.253919][ T5397] binder: BINDER_SET_CONTEXT_MGR already set [ 88.260075][ T5397] binder: 5393:5397 ioctl 4018620d 20000040 returned -16 [ 89.637081][ T5396] loop1: detected capacity change from 0 to 8192 [ 89.692668][ T5396] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 89.883543][ T5413] loop3: detected capacity change from 0 to 512 [ 90.051587][ T5413] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 90.064368][ T5413] ext4 filesystem being mounted at /root/syzkaller-testdir3251348183/syzkaller.kLKkZb/9/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 91.607120][ T5109] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 92.043102][ T29] audit: type=1804 audit(1717685011.085:11): pid=5430 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir1471014640/syzkaller.NDRruG/17/bus/file0" dev="overlay" ino=1970 res=1 errno=0 [ 92.496839][ T5442] loop3: detected capacity change from 0 to 512 [ 92.523768][ T5446] loop0: detected capacity change from 0 to 256 [ 92.583795][ T5442] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002] [ 92.793809][ T5442] EXT4-fs (loop3): orphan cleanup on readonly fs [ 92.992456][ T5442] EXT4-fs warning (device loop3): ext4_enable_quotas:7078: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 93.173302][ T29] audit: type=1804 audit(1717685012.115:12): pid=5449 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir1204994364/syzkaller.3i3Mkz/11/bus" dev="sda1" ino=1974 res=1 errno=0 [ 93.316272][ T5442] EXT4-fs (loop3): Cannot turn on quotas: error -22 [ 93.455782][ T5443] syz-executor.4 (5443): drop_caches: 2 [ 93.491228][ T5442] EXT4-fs error (device loop3): ext4_ext_check_inode:520: inode #13: comm syz-executor.3: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 93.566932][ T5451] loop1: detected capacity change from 0 to 512 [ 93.669897][ T5451] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 93.682752][ T5451] ext4 filesystem being mounted at /root/syzkaller-testdir1869448535/syzkaller.LbrAwh/13/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 95.038538][ T5461] binder: BINDER_SET_CONTEXT_MGR already set [ 95.044632][ T5461] binder: 5455:5461 ioctl 4018620d 20000040 returned -16 [ 95.103237][ T5442] EXT4-fs error (device loop3): ext4_orphan_get:1399: comm syz-executor.3: couldn't read orphan inode 13 (err -117) [ 95.476712][ T5467] binder: BINDER_SET_CONTEXT_MGR already set [ 95.483659][ T5467] binder: 5457:5467 ioctl 4018620d 20000040 returned -16 [ 95.987233][ C0] sched: RT throttling activated [ 96.244503][ T5442] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 96.268553][ T5104] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 96.300077][ T5442] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 96.420726][ T29] audit: type=1804 audit(1717685015.465:13): pid=5471 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir1471014640/syzkaller.NDRruG/19/cgroup.controllers" dev="sda1" ino=1961 res=1 errno=0 [ 96.533868][ T29] audit: type=1804 audit(1717685015.535:14): pid=5471 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir1471014640/syzkaller.NDRruG/19/cgroup.controllers" dev="sda1" ino=1961 res=1 errno=0 [ 97.098748][ T5484] loop1: detected capacity change from 0 to 4096 [ 98.929357][ T5484] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 99.025158][ T5503] loop3: detected capacity change from 0 to 256 [ 99.378379][ T29] audit: type=1804 audit(1717685018.395:15): pid=5509 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir3251348183/syzkaller.kLKkZb/12/bus" dev="sda1" ino=1967 res=1 errno=0 [ 100.079752][ T5515] loop4: detected capacity change from 0 to 512 [ 100.147359][ T5515] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 100.160357][ T5515] ext4 filesystem being mounted at /root/syzkaller-testdir1806458761/syzkaller.ANQ55i/16/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 100.178422][ T5513] loop2: detected capacity change from 0 to 1024 [ 100.247622][ T5513] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869) [ 100.310926][ T5513] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 101.197472][ T5531] binder: BINDER_SET_CONTEXT_MGR already set [ 101.203580][ T5531] binder: 5522:5531 ioctl 4018620d 20000040 returned -16 [ 102.743659][ T5513] EXT4-fs error (device loop2): ext4_get_journal_inode:5752: inode #32: comm syz-executor.2: iget: special inode unallocated [ 102.879997][ T5513] EXT4-fs (loop2): no journal found [ 102.904251][ T5513] EXT4-fs (loop2): can't get journal size [ 102.962960][ T5513] workqueue: Failed to create a rescuer kthread for wq "ext4-rsv-conversion": -EINTR [ 102.974779][ T5513] EXT4-fs: failed to create workqueue [ 103.183872][ T5513] EXT4-fs (loop2): mount failed [ 105.108744][ T5105] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 105.393074][ T5547] loop1: detected capacity change from 0 to 1024 [ 105.463903][ T5547] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869) [ 105.486399][ T29] audit: type=1804 audit(1717685024.525:16): pid=5551 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1806458761/syzkaller.ANQ55i/17/cgroup.controllers" dev="sda1" ino=1963 res=1 errno=0 [ 105.530676][ T5547] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 105.576188][ T5547] EXT4-fs error (device loop1): ext4_get_journal_inode:5752: inode #32: comm syz-executor.1: iget: special inode unallocated [ 105.593855][ T29] audit: type=1804 audit(1717685024.555:17): pid=5551 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1806458761/syzkaller.ANQ55i/17/cgroup.controllers" dev="sda1" ino=1963 res=1 errno=0 [ 105.652870][ T5547] EXT4-fs (loop1): no journal found [ 105.675548][ T5547] EXT4-fs (loop1): can't get journal size [ 105.690846][ T5547] EXT4-fs error (device loop1): ext4_protect_reserved_inode:160: inode #32: comm syz-executor.1: iget: special inode unallocated [ 105.718965][ T5547] EXT4-fs (loop1): failed to initialize system zone (-117) [ 105.727087][ T5547] EXT4-fs (loop1): mount failed [ 105.907760][ T5562] loop4: detected capacity change from 0 to 4096 [ 105.942026][ T5562] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512). [ 106.413902][ T5568] loop2: detected capacity change from 0 to 32768 [ 107.691718][ T5568] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz-executor.2 (5568) [ 108.107540][ T5574] loop1: detected capacity change from 0 to 32768 [ 108.123507][ T5574] BTRFS: device /dev/loop1 (7:1) using temp-fsid 7c5ef5e2-74f4-4a21-94e8-425c5b5dc06d [ 108.127144][ T5568] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 108.134429][ T5574] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz-executor.1 (5574) [ 108.144561][ T5568] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 108.166615][ T5568] BTRFS info (device loop2): using free-space-tree [ 108.211136][ T5574] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 108.221646][ T5574] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 108.230993][ T5574] BTRFS info (device loop1): using free-space-tree [ 108.631636][ T5613] trusted_key: syz-executor.4 sent an empty control message without MSG_MORE. [ 108.937171][ T5607] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'. [ 109.071406][ T29] audit: type=1804 audit(1717685028.105:18): pid=5617 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir1471014640/syzkaller.NDRruG/24/file0/file0/bus" dev="loop2" ino=263 res=1 errno=0 [ 110.806072][ T29] audit: type=1804 audit(1717685029.255:19): pid=5619 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir1869448535/syzkaller.LbrAwh/19/file0/file0/bus" dev="loop1" ino=263 res=1 errno=0 [ 111.284500][ T5102] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 111.308438][ T5104] BTRFS info (device loop1): last unmount of filesystem 7c5ef5e2-74f4-4a21-94e8-425c5b5dc06d [ 111.785700][ T29] audit: type=1804 audit(1717685030.825:20): pid=5634 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir1204994364/syzkaller.3i3Mkz/19/bus/file0" dev="sda1" ino=1968 res=1 errno=0 [ 112.370825][ T5646] loop4: detected capacity change from 0 to 512 [ 112.431705][ T5646] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 112.444913][ T5646] ext4 filesystem being mounted at /root/syzkaller-testdir1806458761/syzkaller.ANQ55i/22/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 112.483389][ T5641] loop3: detected capacity change from 0 to 8192 [ 112.543187][ T5641] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 113.502729][ T5105] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 115.681327][ T5671] loop0: detected capacity change from 0 to 4096 [ 115.711774][ T5671] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512). [ 118.233466][ T5694] loop3: detected capacity change from 0 to 512 [ 118.274115][ T5694] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 118.287900][ T5694] ext4 filesystem being mounted at /root/syzkaller-testdir3251348183/syzkaller.kLKkZb/21/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 119.389174][ T5109] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 119.604917][ T5707] loop0: detected capacity change from 0 to 4096 [ 119.672161][ T5707] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512). [ 122.806613][ T5707] ntfs3: loop0: Failed to read $UpCase (-4). [ 123.009610][ T5724] loop4: detected capacity change from 0 to 128 [ 124.518909][ T29] audit: type=1326 audit(1717685043.555:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5732 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1849c7cf69 code=0x0 [ 124.826345][ T5739] syz-executor.4 uses obsolete (PF_INET,SOCK_PACKET) [ 124.943791][ T5720] loop1: detected capacity change from 0 to 32768 [ 125.508241][ T29] audit: type=1804 audit(1717685044.535:22): pid=5720 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir1869448535/syzkaller.LbrAwh/23/file0/0x0000000000000000" dev="loop1" ino=8 res=1 errno=0 [ 126.406466][ T5764] capability: warning: `syz-executor.3' uses deprecated v2 capabilities in a way that may be insecure [ 126.760066][ T5767] loop2: detected capacity change from 0 to 32768 [ 126.800123][ T5767] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz-executor.2 (5767) [ 126.843473][ T5767] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 126.853727][ T5767] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 126.862566][ T5767] BTRFS info (device loop2): using free-space-tree [ 127.537996][ T5768] DRBG: could not allocate CTR cipher TFM handle: ctr(aes) [ 128.128127][ T29] audit: type=1804 audit(1717685046.735:23): pid=5799 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir1471014640/syzkaller.NDRruG/31/file0/bus" dev="loop2" ino=263 res=1 errno=0 [ 128.432693][ T5102] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 128.671256][ T29] audit: type=1326 audit(1717685047.715:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5803 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1849c7cf69 code=0x0 [ 128.721758][ T5811] netlink: 191416 bytes leftover after parsing attributes in process `syz-executor.4'. [ 128.748118][ T5812] EXT4-fs (sda1): re-mounted 5941fea2-f5fa-4b4e-b5ef-9af118b27b95 r/w. Quota mode: none. [ 129.240072][ T29] audit: type=1326 audit(1717685048.285:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5815 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd976e7cf69 code=0x0 [ 129.354098][ T5822] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 129.832317][ T5830] netlink: 'syz-executor.1': attribute type 10 has an invalid length. [ 129.854345][ T5830] geneve0: entered promiscuous mode [ 129.978492][ T5830] bond0: (slave geneve0): Enslaving as an active interface with an up link [ 130.937691][ T5845] loop0: detected capacity change from 0 to 128 [ 131.159790][ T5844] loop4: detected capacity change from 0 to 32768 [ 131.207805][ T5844] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz-executor.4 (5844) [ 131.397445][ T5844] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 131.410493][ T5844] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 131.421429][ T5844] BTRFS info (device loop4): using free-space-tree [ 132.369684][ T29] audit: type=1804 audit(1717685050.995:26): pid=5872 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1806458761/syzkaller.ANQ55i/33/file0/bus" dev="loop4" ino=263 res=1 errno=0 [ 132.645072][ T5105] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 133.081740][ T5881] loop1: detected capacity change from 0 to 128 [ 133.294635][ T1249] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.307333][ T1249] ieee802154 phy1 wpan1: encryption failed: -22 [ 135.091778][ T29] audit: type=1326 audit(1717685054.125:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5894 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff14d27cf69 code=0x0 [ 135.190331][ T5902] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 136.818718][ T5901] loop0: detected capacity change from 0 to 32768 [ 136.997730][ T5154] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 137.030178][ T5901] bcachefs (loop0): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=crc64,background_compression=zstd,str_hash=crc32c,nojournal_transaction_names [ 137.052671][ T5901] bcachefs (loop0): recovering from clean shutdown, journal seq 8 [ 137.116754][ T5928] loop2: detected capacity change from 0 to 256 [ 137.156990][ T5901] bcachefs (loop0): alloc_read... done [ 137.173565][ T5901] bcachefs (loop0): stripes_read... done [ 137.217639][ T5901] bcachefs (loop0): snapshots_read... done [ 137.222403][ T5154] usb 2-1: config 0 has an invalid interface number: 1 but max is 0 [ 137.253366][ T5154] usb 2-1: config 0 has no interface number 0 [ 137.261556][ T5901] bcachefs (loop0): journal_replay... done [ 137.270204][ T5154] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 137.273091][ T5901] bcachefs (loop0): resume_logged_ops... [ 137.282324][ T5931] loop3: detected capacity change from 0 to 512 [ 137.287434][ T5154] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 137.288267][ T5901] done [ 137.294707][ T5154] usb 2-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.18 [ 137.323960][ T5154] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 137.341942][ T5933] loop4: detected capacity change from 0 to 64 [ 137.349067][ T5931] EXT4-fs (loop3): blocks per group (71) and clusters per group (32768) inconsistent [ 137.360839][ T5154] usb 2-1: config 0 descriptor?? [ 137.393609][ T5901] bcachefs (loop0): going read-write [ 137.426822][ T5901] bcachefs (loop0): done starting filesystem [ 137.898876][ T5938] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 138.881774][ T5154] input: HID 04d9:a055 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.1/0003:04D9:A055.0001/input/input5 [ 138.900320][ T5914] loop1: detected capacity change from 0 to 256 [ 139.026485][ T5154] holtek_kbd 0003:04D9:A055.0001: input,hidraw0: USB HID v0.00 Keyboard [HID 04d9:a055] on usb-dummy_hcd.1-1/input1 [ 139.070086][ T5914] FAT-fs (loop1): Directory bread(block 64) failed [ 139.078398][ T5914] FAT-fs (loop1): Directory bread(block 65) failed [ 139.116766][ T5914] FAT-fs (loop1): Directory bread(block 66) failed [ 139.144660][ T5914] FAT-fs (loop1): Directory bread(block 67) failed [ 139.182896][ T5914] FAT-fs (loop1): Directory bread(block 68) failed [ 139.228809][ T5914] FAT-fs (loop1): Directory bread(block 69) failed [ 139.254360][ T5914] FAT-fs (loop1): Directory bread(block 70) failed [ 139.284207][ T5914] FAT-fs (loop1): Directory bread(block 71) failed [ 139.318786][ T5914] FAT-fs (loop1): Directory bread(block 72) failed [ 139.428919][ T5914] FAT-fs (loop1): Directory bread(block 73) failed [ 139.458085][ T5937] syz-executor.0 (5937) used greatest stack depth: 16880 bytes left [ 139.571818][ T5154] usb 2-1: USB disconnect, device number 2 [ 139.807128][ T5101] bcachefs (loop0): shutting down [ 139.816331][ T5101] bcachefs (loop0): going read-only [ 139.826560][ T5101] bcachefs (loop0): finished waiting for writes to stop [ 139.856669][ T5101] bcachefs (loop0): flushing journal and stopping allocators, journal seq 9 [ 139.868683][ T5101] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 9 [ 139.884844][ T5101] bcachefs (loop0): shutdown complete, journal seq 10 [ 139.898947][ T5101] bcachefs (loop0): marking filesystem clean [ 140.033985][ T5101] bcachefs (loop0): shutdown complete [ 140.567463][ T5951] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 140.813359][ T5958] netlink: 'syz-executor.2': attribute type 8 has an invalid length. [ 140.852054][ T5958] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 142.774844][ T5988] bridge0: port 2(bridge_slave_1) entered disabled state [ 142.875326][ T5989] loop4: detected capacity change from 0 to 4096 [ 142.942596][ T5989] NILFS (loop4): invalid segment: Checksum error in segment payload [ 142.964479][ T5990] loop2: detected capacity change from 0 to 4096 [ 142.966592][ T5989] NILFS (loop4): trying rollback from an earlier position [ 142.995112][ T5990] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512). [ 143.043562][ T5989] NILFS (loop4): recovery complete [ 143.061351][ T5990] ntfs3: loop2: It is recommened to use chkdsk. [ 143.097196][ T5997] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 143.134481][ T5996] evm: overlay not supported [ 143.135273][ T5990] ntfs3: loop2: volume is dirty and "force" flag is not set! [ 143.459038][ T6000] loop0: detected capacity change from 0 to 64 [ 143.483874][ T6005] netlink: 'syz-executor.1': attribute type 8 has an invalid length. [ 143.514917][ T6005] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 144.394786][ T5158] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 145.133678][ T5158] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 145.170469][ T5158] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 145.201140][ T5158] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 145.261787][ T5158] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 145.321782][ T5158] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 145.380286][ T5158] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 145.429201][ T5158] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 145.466224][ T5158] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 145.511200][ T5158] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 145.538317][ T5158] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 145.564863][ T5158] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 145.593665][ T5158] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 145.618707][ T5158] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 145.637881][ T5158] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 145.659331][ T5158] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 145.712428][ T5158] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 145.744121][ T5158] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 145.779351][ T5158] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 145.812424][ T5158] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 145.852876][ T5158] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 145.906912][ T5158] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 145.939184][ T5158] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 145.970688][ T5158] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 146.097591][ T5158] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 146.117601][ T5158] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 146.136929][ T5158] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 146.400533][ T5158] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 146.479005][ T5114] Bluetooth: hci4: command 0x0405 tx timeout [ 146.568640][ T5158] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 146.634103][ T5158] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 146.713357][ T5158] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 147.021897][ T5158] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 147.070517][ T5158] hid-generic 0000:0000:0000.0002: hidraw0: HID v0.00 Device [syz0] on syz0 [ 147.112841][ T6038] loop2: detected capacity change from 0 to 4096 [ 147.174689][ T6038] NILFS (loop2): invalid segment: Checksum error in segment payload [ 147.184090][ T6038] NILFS (loop2): trying rollback from an earlier position [ 147.212785][ T6038] NILFS (loop2): recovery complete [ 147.225702][ T6046] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 148.448536][ T6061] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 149.310433][ T929] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 149.335597][ T929] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 149.366959][ T929] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 149.393220][ T929] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 149.411461][ T929] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 149.423405][ T929] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 149.439458][ T929] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 149.462103][ T929] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 149.479651][ T929] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 149.488844][ T929] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 149.508535][ T929] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 149.531288][ T929] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 149.549283][ T929] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 149.563763][ T929] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 149.597532][ T8] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 149.619435][ T929] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 149.699512][ T6094] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 149.777532][ T929] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 149.807784][ T929] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 149.861371][ T8] usb 1-1: config 0 has no interfaces? [ 149.866940][ T8] usb 1-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 149.912868][ T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 149.935140][ T8] usb 1-1: config 0 descriptor?? [ 149.941078][ T929] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 149.985184][ T929] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 149.994742][ T929] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 150.012046][ T929] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 150.026531][ T929] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 150.062687][ T929] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 150.081265][ T929] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 150.239361][ T929] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 150.257388][ T929] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 150.660657][ T929] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 150.668402][ T929] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 150.677562][ T929] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 150.685195][ T929] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 150.828083][ T929] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 150.835493][ T929] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 150.924300][ T929] hid-generic 0000:0000:0000.0003: hidraw0: HID v0.00 Device [syz0] on syz0 [ 151.133641][ T8] usb 1-1: USB disconnect, device number 2 [ 151.193759][ T6103] loop1: detected capacity change from 0 to 4096 [ 151.195297][ T6104] loop4: detected capacity change from 0 to 64 [ 151.296599][ T6103] NILFS (loop1): invalid segment: Checksum error in segment payload [ 151.339706][ T6103] NILFS (loop1): trying rollback from an earlier position [ 151.432324][ T6103] NILFS (loop1): recovery complete [ 151.503443][ T6109] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 153.612456][ T6128] warning: `syz-executor.1' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 153.977682][ T6135] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 154.214208][ T6142] macvlan2: entered promiscuous mode [ 154.258590][ T6142] macvlan2: entered allmulticast mode [ 154.278117][ T6142] bridge0: entered promiscuous mode [ 154.299683][ T6142] bridge0: entered allmulticast mode [ 154.326367][ T6142] team0: Port device macvlan2 added [ 155.288392][ T5154] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 155.510621][ T5154] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 155.549228][ T5154] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 155.572387][ T5154] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 155.604140][ T5154] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 155.635606][ T5154] usb 3-1: config 0 descriptor?? [ 155.809194][ T6175] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 155.953507][ T6178] netlink: 112 bytes leftover after parsing attributes in process `syz-executor.1'. [ 159.692544][ T5154] uclogic 0003:256C:006D.0004: failed retrieving Huion firmware version: -71 [ 159.768592][ T5154] uclogic 0003:256C:006D.0004: failed probing parameters: -71 [ 159.885943][ T5154] uclogic 0003:256C:006D.0004: probe with driver uclogic failed with error -71 [ 159.965078][ T5154] usb 3-1: USB disconnect, device number 2 [ 160.137276][ T6195] team_slave_0: entered promiscuous mode [ 160.145100][ T6195] team_slave_1: entered promiscuous mode [ 160.179393][ T6195] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 160.281087][ T6195] team_slave_0: left promiscuous mode [ 160.284531][ T6204] loop0: detected capacity change from 0 to 512 [ 160.286775][ T6195] team_slave_1: left promiscuous mode [ 160.374047][ T6204] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem [ 160.608194][ T29] audit: type=1804 audit(1717685079.655:28): pid=6215 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir3251348183/syzkaller.kLKkZb/47/file0" dev="sda1" ino=1960 res=1 errno=0 [ 160.730476][ T6204] EXT4-fs (loop0): failed to open journal device unknown-block(0,0) -6 [ 160.796188][ T6217] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 160.842935][ T5114] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 160.872709][ T5114] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 160.881941][ T5114] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 160.890238][ T5114] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 160.900070][ T5114] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 160.909896][ T5114] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 162.077458][ T6218] chnl_net:caif_netlink_parms(): no params data found [ 162.111772][ T6240] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 162.290193][ T2831] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 162.450619][ T6240] netlink: 72 bytes leftover after parsing attributes in process `syz-executor.4'. [ 162.523958][ T2831] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 162.571872][ T6218] bridge0: port 1(bridge_slave_0) entered blocking state [ 162.588359][ T6218] bridge0: port 1(bridge_slave_0) entered disabled state [ 162.596237][ T6218] bridge_slave_0: entered allmulticast mode [ 162.604456][ T6218] bridge_slave_0: entered promiscuous mode [ 162.639474][ T2831] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 162.659761][ T6218] bridge0: port 2(bridge_slave_1) entered blocking state [ 162.667351][ T6218] bridge0: port 2(bridge_slave_1) entered disabled state [ 162.674924][ T6218] bridge_slave_1: entered allmulticast mode [ 162.683818][ T6218] bridge_slave_1: entered promiscuous mode [ 162.778190][ T2831] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 162.800455][ T6218] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 162.840816][ T6218] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 162.959076][ T6218] team0: Port device team_slave_0 added [ 162.975061][ T5114] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 162.979294][ T6218] team0: Port device team_slave_1 added [ 162.990926][ T5114] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 163.001075][ T5114] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 163.010702][ T5114] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 163.025065][ T5114] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 163.033513][ T5114] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 163.079244][ T6218] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 163.098675][ T6218] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 163.134960][ T6218] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 163.153514][ T6218] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 163.164330][ T6218] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 163.193787][ T6218] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 163.235515][ T6253] xt_cluster: you have exceeded the maximum number of cluster nodes (4294967295 > 32) [ 163.281828][ T6255] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 163.390786][ T6253] netlink: 'syz-executor.4': attribute type 10 has an invalid length. [ 163.406353][ T6253] bond0: (slave bond_slave_0): Releasing backup interface [ 163.465079][ T6218] hsr_slave_0: entered promiscuous mode [ 163.490253][ T6218] hsr_slave_1: entered promiscuous mode [ 163.498333][ T6218] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 163.520326][ T6218] Cannot create hsr debugfs directory [ 163.629333][ T5117] Bluetooth: hci3: command tx timeout [ 163.736321][ T2831] bridge_slave_1: left allmulticast mode [ 163.749926][ T2831] bridge_slave_1: left promiscuous mode [ 163.776234][ T2831] bridge0: port 2(bridge_slave_1) entered disabled state [ 163.848620][ T2831] bridge_slave_0: left allmulticast mode [ 163.869694][ T2831] bridge_slave_0: left promiscuous mode [ 163.883328][ T2831] bridge0: port 1(bridge_slave_0) entered disabled state [ 165.901586][ T5117] Bluetooth: hci1: command tx timeout [ 165.988182][ T5114] Bluetooth: hci3: command tx timeout [ 166.617936][ T2831] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 166.640989][ T2831] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 166.670819][ T2831] bond0 (unregistering): Released all slaves [ 167.141539][ T6218] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 167.608800][ T6218] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 167.895654][ T6218] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 167.990111][ T6316] loop3: detected capacity change from 0 to 256 [ 167.997418][ T5117] Bluetooth: hci3: command tx timeout [ 168.077895][ T5117] Bluetooth: hci1: command tx timeout [ 168.125439][ T6218] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 168.199469][ T6250] chnl_net:caif_netlink_parms(): no params data found [ 168.381422][ T2831] hsr_slave_0: left promiscuous mode [ 168.399550][ T2831] hsr_slave_1: left promiscuous mode [ 168.410194][ T2831] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 168.418223][ T2831] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 168.444986][ T2831] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 168.458605][ T2831] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 168.491664][ T2831] veth1_macvtap: left promiscuous mode [ 168.498100][ T2831] veth0_macvtap: left promiscuous mode [ 168.503938][ T2831] veth1_vlan: left promiscuous mode [ 168.510488][ T2831] veth0_vlan: left promiscuous mode [ 168.607505][ T929] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 168.830564][ T929] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 168.847574][ T929] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 168.863783][ T929] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 168.876066][ T929] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 168.885154][ T929] usb 4-1: SerialNumber: syz [ 169.468886][ T929] usb 4-1: 0:2 : does not exist [ 169.474159][ T929] usb 4-1: unit 5: unexpected type 0x0b [ 169.552456][ T2831] team0 (unregistering): Port device team_slave_1 removed [ 169.560145][ T929] usb 4-1: USB disconnect, device number 2 [ 169.631637][ T6186] udevd[6186]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 169.706993][ T2831] team0 (unregistering): Port device team_slave_0 removed [ 170.037817][ T6320] capability: warning: `syz-executor.4' uses 32-bit capabilities (legacy support in use) [ 170.081332][ T5117] Bluetooth: hci3: command tx timeout [ 170.157569][ T5117] Bluetooth: hci1: command tx timeout [ 170.304524][ T2870] Bluetooth: hci5: Frame reassembly failed (-84) [ 170.321270][ T2870] Bluetooth: hci5: Frame reassembly failed (-84) [ 171.397098][ T6250] bridge0: port 1(bridge_slave_0) entered blocking state [ 171.426688][ T6250] bridge0: port 1(bridge_slave_0) entered disabled state [ 171.476380][ T6250] bridge_slave_0: entered allmulticast mode [ 171.487925][ T6250] bridge_slave_0: entered promiscuous mode [ 171.496867][ T6250] bridge0: port 2(bridge_slave_1) entered blocking state [ 171.527477][ T6250] bridge0: port 2(bridge_slave_1) entered disabled state [ 171.535020][ T6250] bridge_slave_1: entered allmulticast mode [ 171.543896][ T6250] bridge_slave_1: entered promiscuous mode [ 171.605094][ T6250] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 171.623435][ T6250] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 171.695461][ T6250] team0: Port device team_slave_0 added [ 171.728329][ T6250] team0: Port device team_slave_1 added [ 171.782799][ T6346] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 171.825845][ T6250] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 171.833414][ T6250] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 171.877145][ T6250] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 171.936373][ T6250] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 171.952261][ T6250] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 172.010121][ T6250] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 172.086573][ T6218] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 172.101878][ T6218] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 172.128605][ T6250] hsr_slave_0: entered promiscuous mode [ 172.165784][ T6250] hsr_slave_1: entered promiscuous mode [ 172.237634][ T5114] Bluetooth: hci1: command tx timeout [ 172.247475][ T6218] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 172.281504][ T6218] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 172.317519][ T5117] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 173.220146][ T6218] 8021q: adding VLAN 0 to HW filter on device bond0 [ 173.440495][ T6218] 8021q: adding VLAN 0 to HW filter on device team0 [ 173.474668][ T5155] bridge0: port 1(bridge_slave_0) entered blocking state [ 173.481893][ T5155] bridge0: port 1(bridge_slave_0) entered forwarding state [ 173.524907][ T5155] bridge0: port 2(bridge_slave_1) entered blocking state [ 173.532134][ T5155] bridge0: port 2(bridge_slave_1) entered forwarding state [ 173.783103][ T6250] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 173.821216][ T6250] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 173.867109][ T6250] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 173.911929][ T6250] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 174.258566][ T6250] 8021q: adding VLAN 0 to HW filter on device bond0 [ 174.273442][ T6218] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 174.389094][ T6250] 8021q: adding VLAN 0 to HW filter on device team0 [ 174.444235][ T5160] bridge0: port 1(bridge_slave_0) entered blocking state [ 174.451474][ T5160] bridge0: port 1(bridge_slave_0) entered forwarding state [ 174.504482][ T6218] veth0_vlan: entered promiscuous mode [ 174.539727][ T5160] bridge0: port 2(bridge_slave_1) entered blocking state [ 174.546994][ T5160] bridge0: port 2(bridge_slave_1) entered forwarding state [ 174.612862][ T6218] veth1_vlan: entered promiscuous mode [ 174.775908][ T6250] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 174.806958][ T6218] veth0_macvtap: entered promiscuous mode [ 174.840483][ T6218] veth1_macvtap: entered promiscuous mode [ 174.870062][ T6218] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 174.899031][ T6218] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 174.927413][ T6218] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 174.957416][ T6218] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 174.993889][ T6218] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 175.017973][ T6218] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 175.037586][ T6218] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 175.055797][ T6218] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 175.069683][ T6218] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 175.074323][ T6343] syz-executor.3 (6343): drop_caches: 1 [ 175.106442][ T6218] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 175.129334][ T6218] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 175.140323][ T6218] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 175.152683][ T6218] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 175.178888][ T6218] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 175.208728][ T6218] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 175.220496][ T6218] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 175.237400][ T6218] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 175.259365][ T6218] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 175.276000][ T6396] syz_tun: entered allmulticast mode [ 175.303845][ T6218] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 175.313645][ T6218] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 175.322900][ T6218] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 175.332350][ T6218] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 175.344046][ T6394] syz_tun: left allmulticast mode [ 175.454942][ T6250] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 175.472808][ T6402] loop3: detected capacity change from 0 to 256 [ 175.651779][ T6250] veth0_vlan: entered promiscuous mode [ 175.674148][ T2902] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 175.698120][ T2902] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 175.714841][ T6250] veth1_vlan: entered promiscuous mode [ 175.779089][ T2902] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 175.796726][ T2902] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 175.820920][ T5159] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 175.847103][ T6250] veth0_macvtap: entered promiscuous mode [ 175.884868][ T6250] veth1_macvtap: entered promiscuous mode [ 175.947664][ T6250] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 175.973263][ T6250] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 175.987977][ T6250] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 176.012292][ T6250] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 176.023622][ T6412] loop1: detected capacity change from 0 to 64 [ 176.032726][ T5159] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 176.045785][ T5159] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 176.055030][ T6250] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 176.074341][ T6250] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 176.084829][ T6250] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 176.094501][ T5159] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 176.095788][ T6250] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 176.118149][ T6250] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 176.128611][ T5159] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 176.132974][ T6250] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 176.148736][ T5159] usb 4-1: SerialNumber: syz [ 176.170633][ T6250] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 176.212083][ T6250] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 176.224225][ T6250] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 176.234538][ T6250] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 176.246129][ T6250] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 176.256253][ T6250] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 176.266914][ T6250] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 176.281137][ T6250] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 176.292053][ T6250] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 176.302672][ T6250] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 176.313456][ T6250] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 176.326870][ T6250] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 176.346002][ T6250] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 176.366121][ T6250] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 176.377965][ T6250] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 176.386697][ T6250] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 176.538894][ T6415] loop1: detected capacity change from 0 to 1024 [ 176.630723][ T5159] usb 4-1: 0:2 : does not exist [ 176.632655][ T2870] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 176.635667][ T5159] usb 4-1: unit 5: unexpected type 0x0b [ 176.699962][ T5159] usb 4-1: USB disconnect, device number 3 [ 176.705307][ T2870] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 176.814382][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 176.829571][ T2870] hfsplus: b-tree write err: -5, ino 4 [ 176.853538][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 177.308896][ T29] audit: type=1326 audit(1717685096.355:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6423 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f274407cf69 code=0x0 [ 178.559271][ T6444] loop3: detected capacity change from 0 to 8 [ 178.643751][ T6438] netlink: 'syz-executor.0': attribute type 1 has an invalid length. [ 178.655484][ T6444] SQUASHFS error: Unable to read inode 0xe3 [ 178.665932][ T6438] netlink: 224 bytes leftover after parsing attributes in process `syz-executor.0'. [ 178.842935][ T6422] loop4: detected capacity change from 0 to 32768 [ 179.235219][ T29] audit: type=1804 audit(1717685098.275:30): pid=6422 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1806458761/syzkaller.ANQ55i/69/file0/0x0000000000000000" dev="loop4" ino=8 res=1 errno=0 [ 179.303189][ T6451] loop0: detected capacity change from 0 to 128 [ 179.773854][ T6453] loop1: detected capacity change from 0 to 32768 [ 179.785815][ T6453] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz-executor.1 (6453) [ 179.813430][ T6453] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 179.823843][ T6453] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 179.832731][ T6453] BTRFS info (device loop1): using free-space-tree [ 180.161175][ T6475] bridge0: port 1(bridge_slave_0) entered disabled state [ 180.351842][ T6475] bridge_slave_0 (unregistering): left allmulticast mode [ 180.387327][ T6475] bridge_slave_0 (unregistering): left promiscuous mode [ 180.506705][ T6475] bridge0: port 1(bridge_slave_0) entered disabled state [ 180.803412][ T29] audit: type=1804 audit(1717685099.675:31): pid=6481 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir1373288213/syzkaller.R9oGEk/5/file0/bus" dev="loop1" ino=263 res=1 errno=0 [ 181.222029][ T6483] loop3: detected capacity change from 0 to 256 [ 181.269855][ T6218] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 181.619616][ T5156] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 181.684654][ T6485] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 181.706035][ T6485] netlink: 224 bytes leftover after parsing attributes in process `syz-executor.4'. [ 181.847630][ T5156] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 181.867586][ T5156] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 181.889789][ T5156] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 181.924686][ T5156] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 181.954911][ T5156] usb 4-1: SerialNumber: syz [ 182.196604][ T6493] loop4: detected capacity change from 0 to 256 [ 182.279953][ T6188] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 182.328574][ T6188] udevd[6188]: failed to send result of seq 11383 to main daemon: Connection refused [ 182.409131][ T5156] usb 4-1: 0:2 : does not exist [ 182.437424][ T5156] usb 4-1: unit 5: unexpected type 0x0b [ 182.466147][ T5156] usb 4-1: USB disconnect, device number 4 [ 182.471018][ T6186] udevd[6186]: failed to send result of seq 11380 to main daemon: Transport endpoint is not connected [ 182.661618][ T6499] netlink: 'syz-executor.0': attribute type 10 has an invalid length. [ 182.715479][ T6499] geneve0: entered promiscuous mode [ 182.774694][ T6499] bond0: (slave geneve0): Enslaving as an active interface with an up link [ 183.762007][ T6519] loop3: detected capacity change from 0 to 32768 [ 183.781239][ T6519] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz-executor.3 (6519) [ 183.814600][ T6519] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 183.825122][ T6519] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 183.833941][ T6519] BTRFS info (device loop3): using free-space-tree [ 184.295623][ T29] audit: type=1804 audit(1717685103.335:32): pid=6541 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir3251348183/syzkaller.kLKkZb/68/file0/bus" dev="loop3" ino=263 res=1 errno=0 [ 185.018276][ T5109] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 185.458475][ T6555] loop3: detected capacity change from 0 to 256 [ 186.393091][ T6561] netlink: 'syz-executor.0': attribute type 10 has an invalid length. [ 186.614699][ T6547] loop1: detected capacity change from 0 to 32768 [ 186.864311][ T6547] bcachefs (loop1): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=crc64,background_compression=zstd,str_hash=crc32c,nojournal_transaction_names [ 186.890734][ T6547] bcachefs (loop1): recovering from clean shutdown, journal seq 8 [ 186.928253][ T6547] bcachefs (loop1): alloc_read... done [ 186.934346][ T6547] bcachefs (loop1): stripes_read... done [ 186.941392][ T6547] bcachefs (loop1): snapshots_read... done [ 186.958375][ T5117] Bluetooth: hci0: command 0x0406 tx timeout [ 186.958387][ T5114] Bluetooth: hci2: command 0x0406 tx timeout [ 186.975683][ T6547] bcachefs (loop1): journal_replay... done [ 187.009298][ T6547] bcachefs (loop1): resume_logged_ops... done [ 187.064673][ T6547] bcachefs (loop1): going read-write [ 187.114148][ T6547] bcachefs (loop1): done starting filesystem [ 187.653669][ T6589] loop0: detected capacity change from 0 to 512 [ 187.746453][ T6589] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002] [ 187.785686][ T6589] EXT4-fs (loop0): orphan cleanup on readonly fs [ 187.847586][ T6589] EXT4-fs warning (device loop0): ext4_enable_quotas:7078: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 187.979154][ T6589] EXT4-fs (loop0): Cannot turn on quotas: error -22 [ 188.062018][ T6589] EXT4-fs error (device loop0): ext4_ext_check_inode:520: inode #13: comm syz-executor.0: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 188.120880][ T6218] bcachefs (loop1): shutting down [ 188.126627][ T6218] bcachefs (loop1): going read-only [ 188.182061][ T6218] bcachefs (loop1): finished waiting for writes to stop [ 188.226992][ T6218] bcachefs (loop1): flushing journal and stopping allocators, journal seq 9 [ 188.267804][ T6218] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 9 [ 188.308765][ T6218] bcachefs (loop1): shutdown complete, journal seq 10 [ 188.332274][ T6589] EXT4-fs error (device loop0): ext4_orphan_get:1399: comm syz-executor.0: couldn't read orphan inode 13 (err -117) [ 188.348249][ T6218] bcachefs (loop1): marking filesystem clean [ 188.475000][ T6589] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 188.509067][ T6218] bcachefs (loop1): shutdown complete [ 188.630930][ T6589] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 190.053490][ T6613] loop0: detected capacity change from 0 to 256 [ 191.199663][ T5117] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0 [ 191.209560][ T5117] Bluetooth: hci4: Injecting HCI hardware error event [ 191.220258][ T5107] Bluetooth: hci4: hardware error 0x00 [ 192.172876][ T6643] loop3: detected capacity change from 0 to 512 [ 192.240331][ T5114] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 192.254285][ T5114] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 192.266791][ T5114] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 192.279126][ T6643] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002] [ 192.279486][ T5114] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 192.296558][ T5114] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 192.317294][ T5114] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 192.402348][ T6643] EXT4-fs (loop3): orphan cleanup on readonly fs [ 192.471144][ T6643] EXT4-fs warning (device loop3): ext4_enable_quotas:7078: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 192.540720][ T6643] EXT4-fs (loop3): Cannot turn on quotas: error -22 [ 192.580807][ T6643] EXT4-fs error (device loop3): ext4_ext_check_inode:520: inode #13: comm syz-executor.3: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 192.632287][ T6643] EXT4-fs error (device loop3): ext4_orphan_get:1399: comm syz-executor.3: couldn't read orphan inode 13 (err -117) [ 192.660018][ T6643] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 192.671121][ T6633] loop4: detected capacity change from 0 to 32768 [ 192.678322][ T6643] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 192.862537][ T6633] bcachefs (loop4): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=crc64,background_compression=zstd,str_hash=crc32c,nojournal_transaction_names [ 192.884110][ T6633] bcachefs (loop4): recovering from clean shutdown, journal seq 8 [ 192.890825][ T6635] loop0: detected capacity change from 0 to 32768 [ 192.965871][ T6633] bcachefs (loop4): alloc_read... done [ 192.997283][ T6633] bcachefs (loop4): stripes_read... done [ 193.003132][ T6633] bcachefs (loop4): snapshots_read... done [ 193.019475][ T6635] bcachefs (a46a46fb-710c-4d8a-8a40-d337fbcdfe7d): filesystem UUID already open [ 193.033400][ T6633] bcachefs (loop4): journal_replay... done [ 193.045773][ T6633] bcachefs (loop4): resume_logged_ops... done [ 193.056287][ T6633] bcachefs (loop4): going read-write [ 193.060975][ T6635] bcachefs (a46a46fb-710c-4d8a-8a40-d337fbcdfe7d): shutdown complete [ 193.078452][ T6644] chnl_net:caif_netlink_parms(): no params data found [ 193.092487][ T6633] bcachefs (loop4): done starting filesystem [ 193.159558][ T29] audit: type=1804 audit(1717685112.205:33): pid=6664 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir1373288213/syzkaller.R9oGEk/9/bus/file0" dev="sda1" ino=1971 res=1 errno=0 [ 193.277488][ T5107] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 193.670530][ T6644] bridge0: port 1(bridge_slave_0) entered blocking state [ 193.708241][ T6644] bridge0: port 1(bridge_slave_0) entered disabled state [ 193.715945][ T6644] bridge_slave_0: entered allmulticast mode [ 193.725021][ T6644] bridge_slave_0: entered promiscuous mode [ 193.735662][ T6644] bridge0: port 2(bridge_slave_1) entered blocking state [ 193.747534][ T6644] bridge0: port 2(bridge_slave_1) entered disabled state [ 193.755144][ T6644] bridge_slave_1: entered allmulticast mode [ 193.764999][ T6644] bridge_slave_1: entered promiscuous mode [ 193.842115][ T6644] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 193.909298][ T6644] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 194.070086][ T6644] team0: Port device team_slave_0 added [ 194.117856][ T6644] team0: Port device team_slave_1 added [ 194.330382][ T5105] bcachefs (loop4): shutting down [ 194.332628][ T6644] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 194.341985][ T5105] bcachefs (loop4): going read-only [ 194.346542][ T6644] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 194.381336][ T6644] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 194.392449][ T5105] bcachefs (loop4): finished waiting for writes to stop [ 194.400113][ T5114] Bluetooth: hci0: command tx timeout [ 194.407889][ T6679] loop1: detected capacity change from 0 to 256 [ 194.434303][ T6644] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 194.441808][ T6644] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 194.480119][ T6644] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 194.510242][ T5105] bcachefs (loop4): flushing journal and stopping allocators, journal seq 9 [ 194.536128][ T5105] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 9 [ 194.748913][ T1249] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.267657][ T5105] bcachefs (loop4): shutdown complete, journal seq 10 [ 195.299123][ T5105] bcachefs (loop4): marking filesystem clean [ 195.359611][ T5107] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 195.376004][ T6644] hsr_slave_0: entered promiscuous mode [ 195.381927][ T5107] Bluetooth: hci2: Injecting HCI hardware error event [ 195.392072][ T5107] Bluetooth: hci2: hardware error 0x00 [ 195.461167][ T5105] bcachefs (loop4): shutdown complete [ 195.478108][ T6644] hsr_slave_1: entered promiscuous mode [ 195.506800][ T6644] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 195.518522][ T6644] Cannot create hsr debugfs directory [ 196.402579][ T6644] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 196.487743][ T5114] Bluetooth: hci0: command tx timeout [ 196.769630][ T6644] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 197.041082][ T6644] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 197.103256][ T29] audit: type=1326 audit(1717685116.145:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6706 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f274407cf69 code=0x0 [ 197.234922][ T6644] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 197.524419][ T5107] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 197.722335][ T6644] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 197.751988][ T6644] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 197.801711][ T6644] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 197.842019][ T6644] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 198.060319][ T6717] loop4: detected capacity change from 0 to 256 [ 198.166563][ T6721] loop3: detected capacity change from 0 to 512 [ 198.181332][ T6705] loop0: detected capacity change from 0 to 32768 [ 198.198880][ T6721] EXT4-fs (loop3): blocks per group (71) and clusters per group (32768) inconsistent [ 198.486796][ T6644] 8021q: adding VLAN 0 to HW filter on device bond0 [ 198.604892][ T5107] Bluetooth: hci0: command tx timeout [ 199.032697][ T6644] 8021q: adding VLAN 0 to HW filter on device team0 [ 199.308478][ T929] bridge0: port 1(bridge_slave_0) entered blocking state [ 199.323387][ T929] bridge0: port 1(bridge_slave_0) entered forwarding state [ 199.399131][ T6732] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 199.613239][ T5160] bridge0: port 2(bridge_slave_1) entered blocking state [ 199.622235][ T5160] bridge0: port 2(bridge_slave_1) entered forwarding state [ 200.020169][ T6748] netlink: 191416 bytes leftover after parsing attributes in process `syz-executor.4'. [ 200.252828][ T6644] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 200.288348][ T29] audit: type=1326 audit(1717685119.325:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6752 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff14d27cf69 code=0x0 [ 200.311851][ T6754] loop0: detected capacity change from 0 to 1764 [ 200.352180][ T29] audit: type=1326 audit(1717685119.385:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6755 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f274407cf69 code=0x0 [ 200.410980][ T6644] veth0_vlan: entered promiscuous mode [ 200.458376][ T6644] veth1_vlan: entered promiscuous mode [ 200.599887][ T6644] veth0_macvtap: entered promiscuous mode [ 200.633391][ T6644] veth1_macvtap: entered promiscuous mode [ 200.637772][ T5107] Bluetooth: hci0: command tx timeout [ 200.779296][ T6644] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 200.802433][ T6644] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 200.833019][ T6644] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 200.859254][ T6644] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 200.873166][ T6644] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 200.887535][ T6644] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 200.899418][ T6644] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 200.914569][ T6644] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 200.928898][ T6644] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 200.942505][ T6644] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 200.954757][ T6644] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 200.970249][ T6644] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 200.986668][ T6644] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 201.035947][ T6644] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 201.075809][ T6644] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 201.089392][ T6644] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 201.100877][ T6644] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 201.112006][ T6644] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 201.126533][ T6644] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 201.162167][ T6644] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 201.234357][ T6644] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 201.306447][ T6644] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 201.344494][ T6644] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 201.508235][ T6644] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 201.526053][ T6644] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 201.550848][ T6644] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 201.578520][ T6644] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 201.588599][ T6644] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 201.615730][ T6644] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 201.642302][ T6644] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 201.860894][ T2885] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 201.903434][ T2885] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 202.142689][ T6782] loop3: detected capacity change from 0 to 512 [ 202.157757][ T8] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 202.190254][ T6782] EXT4-fs (loop3): blocks per group (71) and clusters per group (32768) inconsistent [ 202.991435][ T8] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 203.162538][ T6786] syz-executor.1 (6786): drop_caches: 2 [ 203.262004][ T6786] syz-executor.1 (6786): drop_caches: 2 [ 203.276249][ T6785] syz-executor.1 (6785): drop_caches: 2 [ 203.285229][ T6785] syz-executor.1 (6785): drop_caches: 2 [ 203.941057][ T29] audit: type=1326 audit(1717685122.956:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6795 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f274407cf69 code=0x0 [ 204.108602][ T29] audit: type=1326 audit(1717685123.146:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6802 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff14d27cf69 code=0x0 [ 205.827775][ T6828] loop3: detected capacity change from 0 to 512 [ 205.876994][ T6828] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 205.892495][ T6828] ext4 filesystem being mounted at /root/syzkaller-testdir3251348183/syzkaller.kLKkZb/86/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 206.900328][ T6836] overlayfs: missing 'lowerdir' [ 207.007911][ T29] audit: type=1804 audit(1717685126.044:39): pid=6843 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir884819034/syzkaller.qINDjz/27/bus/file0" dev="sda1" ino=1972 res=1 errno=0 [ 207.223383][ T29] audit: type=1326 audit(1717685126.264:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6845 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f845847cf69 code=0x0 [ 207.309702][ T5109] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 207.662028][ T29] audit: type=1326 audit(1717685126.694:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6852 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f274407cf69 code=0x0 [ 209.228888][ T29] audit: type=1326 audit(1717685128.274:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6886 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd976e7cf69 code=0x0 [ 209.967872][ T6879] loop3: detected capacity change from 0 to 32768 [ 210.103743][ T2885] bridge_slave_1: left allmulticast mode [ 210.119964][ T2885] bridge_slave_1: left promiscuous mode [ 210.146894][ T2885] bridge0: port 2(bridge_slave_1) entered disabled state [ 210.188964][ T2885] bridge_slave_0: left allmulticast mode [ 210.203745][ T2885] bridge_slave_0: left promiscuous mode [ 210.317123][ T2885] bridge0: port 1(bridge_slave_0) entered disabled state [ 210.394442][ T6904] loop2: detected capacity change from 0 to 512 [ 210.433495][ T6904] EXT4-fs (loop2): blocks per group (71) and clusters per group (32768) inconsistent [ 210.549379][ T29] audit: type=1804 audit(1717685129.584:43): pid=6879 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir3251348183/syzkaller.kLKkZb/89/file0/0x0000000000000000" dev="loop3" ino=8 res=1 errno=0 [ 210.883512][ T6911] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 211.741650][ T2885] bond0 (unregistering): (slave geneve0): Releasing backup interface [ 212.016094][ T29] audit: type=1326 audit(1717685131.054:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6922 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff14d27cf69 code=0x0 [ 212.080840][ T2885] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 212.094777][ T2885] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 212.111723][ T2885] bond0 (unregistering): Released all slaves [ 212.369011][ T29] audit: type=1326 audit(1717685131.414:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6930 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7166c7cf69 code=0x0 [ 212.707665][ T2885] hsr_slave_0: left promiscuous mode [ 212.719373][ T2885] hsr_slave_1: left promiscuous mode [ 212.738535][ T2885] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 212.767763][ T2885] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 212.840189][ T2885] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 212.881346][ T6942] loop3: detected capacity change from 0 to 128 [ 212.891868][ T2885] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 213.122855][ T2885] veth1_macvtap: left promiscuous mode [ 213.134491][ T2885] veth0_macvtap: left promiscuous mode [ 213.419465][ T2885] veth1_vlan: left promiscuous mode [ 213.463257][ T2885] veth0_vlan: left promiscuous mode [ 214.401707][ T5155] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 214.607339][ T5155] usb 3-1: Using ep0 maxpacket: 8 [ 214.625382][ T5155] usb 3-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 214.646914][ T5155] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 214.667855][ T5155] usb 3-1: config 0 descriptor?? [ 214.927097][ T2885] team0 (unregistering): Port device team_slave_1 removed [ 214.985997][ T2885] team0 (unregistering): Port device team_slave_0 removed [ 215.407331][ C1] hrtimer: interrupt took 203552 ns [ 215.625757][ T6953] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'. [ 215.660141][ T6963] netlink: 'syz-executor.1': attribute type 10 has an invalid length. [ 215.675509][ T6963] geneve0: entered promiscuous mode [ 215.722416][ T6963] bond0: (slave geneve0): Enslaving as an active interface with an up link [ 215.758668][ T6968] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR [ 215.946666][ T29] audit: type=1326 audit(1717685134.994:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6973 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff14d27cf69 code=0x0 [ 216.079435][ T29] audit: type=1804 audit(1717685135.034:47): pid=6974 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir1373288213/syzkaller.R9oGEk/36/bus/file0" dev="overlay" ino=1975 res=1 errno=0 [ 217.038405][ T5155] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x8001: -71 [ 217.069044][ T5155] asix 3-1:0.0: probe with driver asix failed with error -71 [ 217.087190][ T5155] usb 3-1: USB disconnect, device number 3 [ 217.889149][ T6988] loop0: detected capacity change from 0 to 32768 [ 217.913462][ T6998] loop2: detected capacity change from 0 to 4096 [ 217.960062][ T6998] NILFS (loop2): invalid segment: Checksum error in segment payload [ 217.986305][ T6998] NILFS (loop2): trying rollback from an earlier position [ 218.101223][ T6998] NILFS (loop2): recovery complete [ 218.147703][ T6999] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 218.171870][ T29] audit: type=1800 audit(1717685137.214:48): pid=6998 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="loop2" ino=12 res=0 errno=0 [ 218.296393][ T29] audit: type=1326 audit(1717685137.334:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7002 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd976e7cf69 code=0x0 [ 218.319897][ T6994] loop1: detected capacity change from 0 to 32768 [ 218.561644][ T29] audit: type=1326 audit(1717685137.604:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7009 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f845847cf69 code=0x0 [ 218.576660][ T7008] loop4: detected capacity change from 0 to 2048 [ 218.625542][ T7008] UDF-fs: error (device loop4): udf_process_sequence: Primary Volume Descriptor not found! [ 218.680948][ T7008] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 218.732189][ T7019] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 218.759961][ T29] audit: type=1804 audit(1717685137.794:51): pid=6994 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir1373288213/syzkaller.R9oGEk/37/file0/0x0000000000000000" dev="loop1" ino=8 res=1 errno=0 [ 219.971660][ T29] audit: type=1804 audit(1717685139.014:52): pid=7030 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir1910654897/syzkaller.MFA5el/17/bus/file0" dev="overlay" ino=1970 res=1 errno=0 [ 220.189414][ T29] audit: type=1326 audit(1717685139.214:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7034 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd976e7cf69 code=0x0 [ 220.900685][ T7048] loop1: detected capacity change from 0 to 4096 [ 221.088989][ T7048] NILFS (loop1): invalid segment: Checksum error in segment payload [ 221.131652][ T7048] NILFS (loop1): trying rollback from an earlier position [ 221.231474][ T7048] NILFS (loop1): recovery complete [ 221.280379][ T7058] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 221.361970][ T29] audit: type=1800 audit(1717685140.404:54): pid=7048 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="loop1" ino=12 res=0 errno=0 [ 221.687185][ T7061] loop1: detected capacity change from 0 to 32768 [ 221.699421][ T7061] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz-executor.1 (7061) [ 221.720984][ T7061] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 221.731356][ T7061] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 221.741508][ T7061] BTRFS info (device loop1): using free-space-tree [ 222.279962][ T29] audit: type=1804 audit(1717685141.314:55): pid=7082 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir1373288213/syzkaller.R9oGEk/41/file0/file0/bus" dev="loop1" ino=263 res=1 errno=0 [ 222.870075][ T6218] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 223.239285][ T29] audit: type=1326 audit(1717685142.274:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7091 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd976e7cf69 code=0x0 [ 223.278279][ T7099] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 223.515808][ T29] audit: type=1326 audit(1717685142.554:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7102 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7166c7cf69 code=0x0 [ 223.719682][ T7106] loop2: detected capacity change from 0 to 4096 [ 223.759772][ T7106] NILFS (loop2): invalid segment: Checksum error in segment payload [ 223.790552][ T7106] NILFS (loop2): trying rollback from an earlier position [ 223.893032][ T7106] NILFS (loop2): recovery complete [ 223.934534][ T7116] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 223.963488][ T29] audit: type=1800 audit(1717685143.004:58): pid=7106 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="loop2" ino=12 res=0 errno=0 [ 224.607757][ T7125] loop4: detected capacity change from 0 to 32768 [ 224.642621][ T7125] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz-executor.4 (7125) [ 224.653057][ T7127] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 224.681437][ T7125] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 224.693048][ T7125] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 224.702092][ T7125] BTRFS info (device loop4): using free-space-tree [ 224.841735][ T29] audit: type=1804 audit(1717685143.884:59): pid=7138 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir1373288213/syzkaller.R9oGEk/45/cgroup.controllers" dev="sda1" ino=1952 res=1 errno=0 [ 224.988573][ T29] audit: type=1804 audit(1717685143.984:60): pid=7138 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir1373288213/syzkaller.R9oGEk/45/cgroup.controllers" dev="sda1" ino=1952 res=1 errno=0 [ 225.377963][ T29] audit: type=1804 audit(1717685144.394:61): pid=7156 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1806458761/syzkaller.ANQ55i/108/file0/file0/bus" dev="loop4" ino=263 res=1 errno=0 [ 225.881812][ T7135] loop0: detected capacity change from 0 to 8192 [ 225.948836][ T7135] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 226.036754][ T5105] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 226.205009][ T29] audit: type=1326 audit(1717685145.254:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7159 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f845847cf69 code=0x0 [ 226.796670][ T7173] loop4: detected capacity change from 0 to 4096 [ 226.841354][ T7173] NILFS (loop4): invalid segment: Checksum error in segment payload [ 226.851349][ T7173] NILFS (loop4): trying rollback from an earlier position [ 226.923664][ T7173] NILFS (loop4): recovery complete [ 226.949274][ T7178] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 227.042746][ T29] audit: type=1800 audit(1717685146.084:63): pid=7173 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="loop4" ino=12 res=0 errno=0 [ 227.132194][ T29] audit: type=1326 audit(1717685146.124:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7179 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f845847cf69 code=0x0 [ 227.136782][ T7158] loop3: detected capacity change from 0 to 32768 [ 227.520475][ T7189] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 227.590750][ T29] audit: type=1804 audit(1717685146.634:65): pid=7158 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir3251348183/syzkaller.kLKkZb/101/file0/0x0000000000000000" dev="loop3" ino=8 res=1 errno=0 [ 228.161181][ T7202] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 228.210875][ T7198] xt_cluster: you have exceeded the maximum number of cluster nodes (4294967295 > 32) [ 228.238024][ T7202] bond0: (slave bond_slave_0): Releasing backup interface [ 228.468775][ T7208] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 228.492513][ T7208] netlink: 'syz-executor.3': attribute type 10 has an invalid length. [ 228.512763][ T7208] bridge_slave_1: left allmulticast mode [ 228.542323][ T7208] bridge_slave_1: left promiscuous mode [ 228.562661][ T7208] bridge0: port 2(bridge_slave_1) entered disabled state [ 228.600375][ T7208] bridge_slave_0: left allmulticast mode [ 228.612636][ T7208] bridge_slave_0: left promiscuous mode [ 228.621722][ T7208] bridge0: port 1(bridge_slave_0) entered disabled state [ 228.682464][ T7208] bridge0 (unregistering): left allmulticast mode [ 228.733912][ T7208] team0: Port device macvlan2 removed [ 228.857434][ T5159] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 228.935704][ T7222] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 228.986560][ T29] audit: type=1326 audit(1717685148.024:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7225 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff14d27cf69 code=0x0 [ 229.062770][ T5159] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 229.077667][ T5159] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 229.118560][ T5159] usb 3-1: config 0 descriptor?? [ 229.146741][ T5159] cp210x 3-1:0.0: cp210x converter detected [ 229.195412][ T7228] loop3: detected capacity change from 0 to 2048 [ 229.227022][ T7228] UDF-fs: error (device loop3): udf_process_sequence: Primary Volume Descriptor not found! [ 229.305675][ T7228] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 229.654692][ T5159] cp210x 3-1:0.0: failed to get vendor val 0x000e size 3: -71 [ 229.662896][ T5159] cp210x 3-1:0.0: failed to get vendor val 0x3711 size 2: -71 [ 229.671969][ T5159] cp210x 3-1:0.0: GPIO initialisation failed: -71 [ 229.716481][ T5159] usb 3-1: cp210x converter now attached to ttyUSB0 [ 229.772989][ T5159] usb 3-1: USB disconnect, device number 4 [ 229.828566][ T5159] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 229.851922][ T5159] cp210x 3-1:0.0: device disconnected [ 231.232004][ T7246] netlink: 'syz-executor.3': attribute type 10 has an invalid length. [ 231.303463][ T7242] xt_cluster: you have exceeded the maximum number of cluster nodes (4294967295 > 32) [ 231.344303][ T7246] bond0: (slave bond_slave_0): Releasing backup interface [ 231.585033][ T7224] loop1: detected capacity change from 0 to 32768 [ 231.641736][ T7255] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'. [ 231.865830][ T7262] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 231.992246][ T7264] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 232.070369][ T7264] netlink: 'syz-executor.3': attribute type 10 has an invalid length. [ 232.173523][ T29] audit: type=1804 audit(1717685151.214:67): pid=7224 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir1373288213/syzkaller.R9oGEk/50/file0/0x0000000000000000" dev="loop1" ino=8 res=1 errno=0 [ 234.077138][ T7294] netlink: 'syz-executor.4': attribute type 10 has an invalid length. [ 234.168178][ T7291] xt_cluster: you have exceeded the maximum number of cluster nodes (4294967295 > 32) [ 235.066029][ T29] audit: type=1326 audit(1717685154.104:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7310 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7166c7cf69 code=0x0 [ 235.237880][ T7311] syz-executor.3 (7311): drop_caches: 2 [ 235.285661][ T7311] syz-executor.3 (7311): drop_caches: 2 [ 235.286042][ T7313] syz-executor.3 (7313): drop_caches: 2 [ 235.351916][ T7313] syz-executor.3 (7313): drop_caches: 2 [ 235.806054][ T7301] loop4: detected capacity change from 0 to 32768 [ 235.997726][ T29] audit: type=1326 audit(1717685155.031:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7325 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f845847cf69 code=0x0 [ 236.454093][ T7335] xt_cluster: you have exceeded the maximum number of cluster nodes (4294967295 > 32) [ 236.509563][ T7335] netlink: 'syz-executor.1': attribute type 10 has an invalid length. [ 236.568071][ T29] audit: type=1804 audit(1717685155.591:70): pid=7301 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1806458761/syzkaller.ANQ55i/120/file0/0x0000000000000000" dev="loop4" ino=8 res=1 errno=0 [ 236.602289][ T7335] bond0: (slave bond_slave_0): Releasing backup interface [ 237.110178][ T29] audit: type=1804 audit(1717685156.151:71): pid=7349 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir1910654897/syzkaller.MFA5el/34/cgroup.controllers" dev="sda1" ino=1964 res=1 errno=0 [ 237.230097][ T29] audit: type=1804 audit(1717685156.211:72): pid=7349 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir1910654897/syzkaller.MFA5el/34/cgroup.controllers" dev="sda1" ino=1964 res=1 errno=0 [ 237.802824][ T7357] netlink: 191416 bytes leftover after parsing attributes in process `syz-executor.2'. [ 238.339655][ T7360] loop2: detected capacity change from 0 to 2048 [ 238.402195][ T7360] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 238.412939][ T29] audit: type=1326 audit(1717685157.441:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7361 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff14d27cf69 code=0x0 [ 239.239696][ T29] audit: type=1800 audit(1717685158.288:74): pid=7373 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz-executor.2" name="file1" dev="loop2" ino=15 res=0 errno=0 [ 239.403244][ T6644] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 239.537035][ T7379] netlink: 'syz-executor.0': attribute type 10 has an invalid length. [ 239.554860][ T7377] xt_cluster: you have exceeded the maximum number of cluster nodes (4294967295 > 32) [ 239.597016][ T7379] bond0: (slave bond_slave_0): Releasing backup interface [ 239.916662][ T29] audit: type=1326 audit(1717685158.948:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7384 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f845847cf69 code=0x0 [ 240.304137][ T29] audit: type=1804 audit(1717685159.348:76): pid=7395 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir3251348183/syzkaller.kLKkZb/114/cgroup.controllers" dev="sda1" ino=1960 res=1 errno=0 [ 240.398033][ T29] audit: type=1804 audit(1717685159.348:77): pid=7395 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir3251348183/syzkaller.kLKkZb/114/cgroup.controllers" dev="sda1" ino=1960 res=1 errno=0 [ 240.894083][ T7413] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 240.975207][ T7411] xt_cluster: you have exceeded the maximum number of cluster nodes (4294967295 > 32) [ 241.195078][ T7416] netlink: 'syz-executor.3': attribute type 10 has an invalid length. [ 241.205420][ T7416] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.3'. [ 241.210109][ T7388] loop4: detected capacity change from 0 to 32768 [ 241.224928][ T7416] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check. [ 241.604211][ T7422] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'. [ 241.649636][ T7421] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 241.712227][ T7421] bridge_slave_1: left allmulticast mode [ 241.729137][ T7421] bridge_slave_1: left promiscuous mode [ 241.746057][ T7421] bridge0: port 2(bridge_slave_1) entered disabled state [ 241.823034][ T7421] bridge_slave_0: left allmulticast mode [ 241.843380][ T7421] bridge_slave_0: left promiscuous mode [ 241.864839][ T29] audit: type=1804 audit(1717685160.898:78): pid=7388 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1806458761/syzkaller.ANQ55i/122/file0/0x0000000000000000" dev="loop4" ino=8 res=1 errno=0 [ 241.917842][ T7421] bridge0: port 1(bridge_slave_0) entered disabled state [ 242.274543][ T29] audit: type=1804 audit(1717685161.318:79): pid=7433 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir884819034/syzkaller.qINDjz/64/cgroup.controllers" dev="sda1" ino=1958 res=1 errno=0 [ 242.409276][ T29] audit: type=1804 audit(1717685161.358:80): pid=7433 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir884819034/syzkaller.qINDjz/64/cgroup.controllers" dev="sda1" ino=1958 res=1 errno=0 [ 242.762819][ T7445] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 242.824257][ T7441] xt_cluster: you have exceeded the maximum number of cluster nodes (4294967295 > 32) [ 243.037177][ T7452] loop2: detected capacity change from 0 to 512 [ 243.092473][ T7452] EXT4-fs (loop2): blocks per group (71) and clusters per group (32768) inconsistent [ 243.483558][ T7461] netlink: 'syz-executor.0': attribute type 10 has an invalid length. [ 243.492913][ T7461] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.0'. [ 243.522044][ T7429] loop3: detected capacity change from 0 to 32768 [ 243.581006][ T7462] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 244.352225][ T29] audit: type=1804 audit(1717685163.398:81): pid=7473 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir1373288213/syzkaller.R9oGEk/67/cgroup.controllers" dev="sda1" ino=1959 res=1 errno=0 [ 244.397550][ T7429] bcachefs (loop3): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=crc64,background_compression=zstd,str_hash=crc32c,nojournal_transaction_names [ 244.405822][ T7474] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 244.415809][ T29] audit: type=1804 audit(1717685163.438:82): pid=7473 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir1373288213/syzkaller.R9oGEk/67/cgroup.controllers" dev="sda1" ino=1959 res=1 errno=0 [ 244.437572][ T7429] bcachefs (loop3): recovering from clean shutdown, journal seq 8 [ 244.482818][ T7474] geneve0: entered promiscuous mode [ 244.509044][ T7474] bond0: (slave geneve0): Enslaving as an active interface with an up link [ 244.556886][ T7429] bcachefs (loop3): alloc_read... done [ 244.575019][ T7429] bcachefs (loop3): stripes_read... done [ 244.588371][ T7429] bcachefs (loop3): snapshots_read... done [ 244.628975][ T7429] bcachefs (loop3): journal_replay... done [ 244.647533][ T7429] bcachefs (loop3): resume_logged_ops... done [ 244.670761][ T7429] bcachefs (loop3): going read-write [ 244.779325][ T7429] bcachefs (loop3): done starting filesystem [ 244.802354][ T7487] netlink: 'syz-executor.0': attribute type 10 has an invalid length. [ 244.849827][ T7482] xt_cluster: you have exceeded the maximum number of cluster nodes (4294967295 > 32) [ 244.969235][ T7486] loop2: detected capacity change from 0 to 32768 [ 244.977377][ T7486] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz-executor.2 (7486) [ 245.012229][ T7486] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 245.022861][ T7486] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 245.031679][ T7486] BTRFS info (device loop2): using free-space-tree [ 246.210436][ T29] audit: type=1804 audit(1717685164.708:83): pid=7518 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir1910654897/syzkaller.MFA5el/47/file0/file0/bus" dev="loop2" ino=263 res=1 errno=0 [ 246.329776][ T5109] bcachefs (loop3): shutting down [ 246.334859][ T5109] bcachefs (loop3): going read-only [ 246.351582][ T5109] bcachefs (loop3): finished waiting for writes to stop [ 246.363933][ T5109] bcachefs (loop3): flushing journal and stopping allocators, journal seq 10 [ 246.369505][ T6644] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 246.408824][ T5109] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 10 [ 246.466736][ T5109] bcachefs (loop3): shutdown complete, journal seq 11 [ 246.548990][ T5109] bcachefs (loop3): marking filesystem clean [ 246.684229][ T5109] bcachefs (loop3): shutdown complete [ 246.756635][ T7525] loop1: detected capacity change from 0 to 512 [ 246.890951][ T7525] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 246.921961][ T7525] ext4 filesystem being mounted at /root/syzkaller-testdir1373288213/syzkaller.R9oGEk/71/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 247.211980][ T7512] loop0: detected capacity change from 0 to 32768 [ 247.282249][ T7525] syz-executor.1[7525] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 247.282401][ T7525] syz-executor.1[7525] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 247.451043][ T7512] bcachefs (loop0): mounting version 1.7: mi_btree_bitmap opts=compression=lz4,nojournal_transaction_names [ 247.560433][ T29] audit: type=1804 audit(1717685166.598:84): pid=7543 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir1910654897/syzkaller.MFA5el/50/cgroup.controllers" dev="sda1" ino=1969 res=1 errno=0 [ 247.560491][ T7512] bcachefs (loop0): recovering from clean shutdown, journal seq 7 [ 247.696113][ T7545] EXT4-fs error (device loop1): ext4_do_update_inode:5075: inode #19: comm syz-executor.1: corrupted inode contents [ 247.763971][ T7512] bcachefs (loop0): alloc_read... done [ 247.812001][ T7512] bcachefs (loop0): stripes_read... done [ 247.820836][ T7545] EXT4-fs error (device loop1): ext4_dirty_inode:5935: inode #19: comm syz-executor.1: mark_inode_dirty error [ 247.836227][ T7512] bcachefs (loop0): snapshots_read... done [ 247.866187][ T7545] EXT4-fs error (device loop1): ext4_do_update_inode:5075: inode #19: comm syz-executor.1: corrupted inode contents [ 247.881958][ T7512] bcachefs (loop0): journal_replay... done [ 247.899451][ T7545] EXT4-fs error (device loop1): ext4_xattr_delete_inode:3001: inode #19: comm syz-executor.1: mark_inode_dirty error [ 247.907559][ T7512] bcachefs (loop0): resume_logged_ops... done [ 247.933912][ T7512] bcachefs (loop0): going read-write [ 247.953280][ T7545] EXT4-fs error (device loop1): ext4_xattr_delete_inode:3004: inode #19: comm syz-executor.1: mark inode dirty (error -117) [ 247.988542][ T7512] bcachefs (loop0): done starting filesystem [ 247.997858][ T7545] EXT4-fs warning (device loop1): ext4_evict_inode:271: xattr delete (err -117) [ 248.142993][ T7566] netlink: 'syz-executor.4': attribute type 10 has an invalid length. [ 248.152364][ T6218] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 248.187611][ T7559] xt_cluster: you have exceeded the maximum number of cluster nodes (4294967295 > 32) [ 248.278649][ T6250] bcachefs (loop0): shutting down [ 248.337610][ T6250] bcachefs (loop0): going read-only [ 248.352488][ T6250] bcachefs (loop0): finished waiting for writes to stop [ 248.418781][ T6250] bcachefs (loop0): flushing journal and stopping allocators, journal seq 9 [ 248.450019][ T6250] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 10 [ 248.465703][ T7572] loop4: detected capacity change from 0 to 2048 [ 248.476707][ T6250] bcachefs (loop0): shutdown complete, journal seq 11 [ 248.491920][ T6250] bcachefs (loop0): marking filesystem clean [ 248.516924][ T29] audit: type=1804 audit(1717685167.558:85): pid=7573 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir1373288213/syzkaller.R9oGEk/72/bus/file0" dev="overlay" ino=1952 res=1 errno=0 [ 248.655560][ T6250] bcachefs (loop0): shutdown complete [ 248.674655][ T7572] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 249.531130][ T5105] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 249.835536][ T29] audit: type=1804 audit(1717685168.878:86): pid=7588 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir3251348183/syzkaller.kLKkZb/120/cgroup.controllers" dev="sda1" ino=1958 res=1 errno=0 [ 249.864602][ T29] audit: type=1804 audit(1717685168.908:87): pid=7588 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir3251348183/syzkaller.kLKkZb/120/cgroup.controllers" dev="sda1" ino=1958 res=1 errno=0 [ 250.217986][ T7601] netlink: 'syz-executor.4': attribute type 10 has an invalid length. [ 250.246754][ T7601] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'. [ 250.263462][ T7601] bridge0: port 1(syz_tun) entered blocking state [ 250.273127][ T7601] bridge0: port 1(syz_tun) entered disabled state [ 250.280219][ T7601] syz_tun: entered allmulticast mode [ 250.310275][ T7601] syz_tun: entered promiscuous mode [ 250.327904][ T7601] bridge0: port 1(syz_tun) entered blocking state [ 250.334535][ T7601] bridge0: port 1(syz_tun) entered forwarding state [ 250.376385][ T7606] netlink: 'syz-executor.3': attribute type 10 has an invalid length. [ 250.414164][ T7604] xt_cluster: you have exceeded the maximum number of cluster nodes (4294967295 > 32) [ 250.978632][ T29] audit: type=1804 audit(1717685170.028:88): pid=7622 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir1373288213/syzkaller.R9oGEk/75/bus/file0" dev="overlay" ino=1973 res=1 errno=0 [ 256.188137][ T1249] ieee802154 phy1 wpan1: encryption failed: -22 [ 355.997251][ C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 356.004243][ C1] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P61/1:b..l P7618/1:b..l [ 356.013603][ C1] rcu: (detected by 1, t=10502 jiffies, g=26041, q=512 ncpus=2) [ 356.021316][ C1] task:syz-executor.3 state:R running task stack:25584 pid:7618 tgid:7617 ppid:5109 flags:0x00004002 [ 356.034374][ C1] Call Trace: [ 356.037650][ C1] [ 356.040574][ C1] __schedule+0x1796/0x49d0 [ 356.045103][ C1] ? __pfx___schedule+0x10/0x10 [ 356.049953][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 356.055957][ C1] ? preempt_schedule_irq+0xf0/0x1c0 [ 356.061230][ C1] preempt_schedule_irq+0xfb/0x1c0 [ 356.066328][ C1] ? __pfx_preempt_schedule_irq+0x10/0x10 [ 356.072041][ C1] irqentry_exit+0x5e/0x90 [ 356.076448][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 356.082422][ C1] RIP: 0010:lock_acquire+0x264/0x550 [ 356.087945][ C1] Code: 2b 00 74 08 4c 89 f7 e8 4a 36 86 00 f6 44 24 61 02 0f 85 85 01 00 00 41 f7 c7 00 02 00 00 74 01 fb 48 c7 44 24 40 0e 36 e0 45 <4b> c7 44 25 00 00 00 00 00 43 c7 44 25 09 00 00 00 00 43 c7 44 25 [ 356.108065][ C1] RSP: 0018:ffffc90009aef2c0 EFLAGS: 00000206 [ 356.114141][ C1] RAX: 0000000000000001 RBX: 1ffff9200135de64 RCX: 0000000000000001 [ 356.122372][ C1] RDX: dffffc0000000000 RSI: ffffffff8bcacd00 RDI: ffffffff8c1f1fc0 [ 356.130616][ C1] RBP: ffffc90009aef408 R08: ffffffff92f72587 R09: 1ffffffff25ee4b0 [ 356.138705][ C1] R10: dffffc0000000000 R11: fffffbfff25ee4b1 R12: 1ffff9200135de60 [ 356.147017][ C1] R13: dffffc0000000000 R14: ffffc90009aef320 R15: 0000000000000246 [ 356.155360][ C1] ? __pfx_handle_pte_fault+0x10/0x10 [ 356.160731][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 356.165840][ C1] ? count_memcg_event_mm+0x94/0x420 [ 356.171140][ C1] count_memcg_event_mm+0xb1/0x420 [ 356.176239][ C1] ? count_memcg_event_mm+0x94/0x420 [ 356.181615][ C1] ? __pfx_count_memcg_event_mm+0x10/0x10 [ 356.187436][ C1] handle_mm_fault+0x1558/0x19d0 [ 356.192412][ C1] ? __pfx_handle_mm_fault+0x10/0x10 [ 356.197713][ C1] ? lock_mm_and_find_vma+0x9c/0x2f0 [ 356.203012][ C1] exc_page_fault+0x2b9/0x8c0 [ 356.207694][ C1] asm_exc_page_fault+0x26/0x30 [ 356.212544][ C1] RIP: 0010:fault_in_readable+0x165/0x2b0 [ 356.218349][ C1] Code: b8 ff 4c 8d b3 ff 0f 00 00 48 89 d8 4d 01 e6 49 81 e6 00 f0 ff ff 49 39 c6 72 6b e8 15 4f b8 ff 4c 39 f3 74 6e 4c 89 64 24 10 <44> 8a 23 43 0f b6 04 2f 84 c0 75 18 44 88 64 24 40 48 81 c3 00 10 [ 356.237956][ C1] RSP: 0018:ffffc90009aef860 EFLAGS: 00050287 [ 356.244038][ C1] RAX: ffffffff81ddd67b RBX: 00000000200bf000 RCX: 0000000000040000 [ 356.252261][ C1] RDX: ffffc9000a3a2000 RSI: 000000000003ba6a RDI: 000000000003ba6b [ 356.260233][ C1] RBP: ffffc90009aef918 R08: ffffffff81ddd618 R09: ffffffff84a43819 [ 356.268206][ C1] R10: 0000000000000002 R11: ffff88804e4b9e00 R12: 0000000000001000 [ 356.276250][ C1] R13: dffffc0000000000 R14: 00000000200c0000 R15: 1ffff9200135df14 [ 356.284212][ C1] ? fault_in_iov_iter_readable+0x49/0x280 [ 356.290010][ C1] ? fault_in_readable+0xf8/0x2b0 [ 356.295026][ C1] ? fault_in_readable+0x15b/0x2b0 [ 356.300163][ C1] ? __pfx_fault_in_readable+0x10/0x10 [ 356.306678][ C1] ? folio_unlock+0x126/0x2f0 [ 356.311464][ C1] fault_in_iov_iter_readable+0x229/0x280 [ 356.317232][ C1] generic_perform_write+0x220/0x640 [ 356.322612][ C1] ? do_raw_spin_unlock+0x13c/0x8b0 [ 356.327837][ C1] ? __pfx_generic_perform_write+0x10/0x10 [ 356.333661][ C1] ? ext4_write_checks+0x256/0x2c0 [ 356.338771][ C1] ext4_buffered_write_iter+0xc6/0x350 [ 356.344397][ C1] ext4_file_write_iter+0x1de/0x1a10 [ 356.349673][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 356.354781][ C1] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 356.360498][ C1] vfs_write+0xa72/0xc90 [ 356.364732][ C1] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 356.370550][ C1] ? __pfx_vfs_write+0x10/0x10 [ 356.375393][ C1] ? do_futex+0x33b/0x560 [ 356.379736][ C1] ksys_write+0x1a0/0x2c0 [ 356.384056][ C1] ? __pfx_ksys_write+0x10/0x10 [ 356.388897][ C1] ? do_syscall_64+0x100/0x230 [ 356.393664][ C1] ? do_syscall_64+0xb6/0x230 [ 356.398350][ C1] do_syscall_64+0xf3/0x230 [ 356.402899][ C1] ? clear_bhb_loop+0x35/0x90 [ 356.407584][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 356.414272][ C1] RIP: 0033:0x7ff14d27cf69 [ 356.418899][ C1] RSP: 002b:00007ff14e0830c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 356.427494][ C1] RAX: ffffffffffffffda RBX: 00007ff14d3b3f80 RCX: 00007ff14d27cf69 [ 356.435450][ C1] RDX: 00000000ffffff6a RSI: 0000000020000000 RDI: 0000000000000005 [ 356.443430][ C1] RBP: 00007ff14d2da6fe R08: 0000000000000000 R09: 0000000000000000 [ 356.451394][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 356.459355][ C1] R13: 000000000000000b R14: 00007ff14d3b3f80 R15: 00007ffc381d3b78 [ 356.467348][ C1] [ 356.470380][ C1] task:kworker/u8:4 state:R running task stack:19352 pid:61 tgid:61 ppid:2 flags:0x00004000 [ 356.482274][ C1] Workqueue: bat_events batadv_nc_worker [ 356.487918][ C1] Call Trace: [ 356.491185][ C1] [ 356.494138][ C1] __schedule+0x1796/0x49d0 [ 356.498688][ C1] ? __pfx___schedule+0x10/0x10 [ 356.503820][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 356.509899][ C1] ? preempt_schedule_irq+0xf0/0x1c0 [ 356.515202][ C1] preempt_schedule_irq+0xfb/0x1c0 [ 356.520625][ C1] ? __pfx_preempt_schedule_irq+0x10/0x10 [ 356.526360][ C1] irqentry_exit+0x5e/0x90 [ 356.530815][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 356.536804][ C1] RIP: 0010:__sanitizer_cov_trace_pc+0x11/0x70 [ 356.543110][ C1] Code: 5b e9 c3 02 57 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 8b 04 24 65 48 8b 0c 25 c0 d4 03 00 <65> 8b 15 20 af 6d 7e f7 c2 00 01 ff 00 74 11 f7 c2 00 01 00 00 74 [ 356.562832][ C1] RSP: 0018:ffffc900015c7b50 EFLAGS: 00000202 [ 356.568893][ C1] RAX: ffffffff8b483e37 RBX: ffff88802ac47400 RCX: ffff888017f49e00 [ 356.576870][ C1] RDX: ffff888017f49e00 RSI: ffffffff8c1f1fa0 RDI: ffffffff8c1f1f60 [ 356.584873][ C1] RBP: ffff88802aba48e0 R08: ffffffff8b483e21 R09: 1ffffffff25ee4b0 [ 356.593268][ C1] R10: dffffc0000000000 R11: fffffbfff25ee4b1 R12: ffff888022a24ca0 [ 356.601410][ C1] R13: 000000000000011c R14: ffff88802ac47400 R15: dffffc0000000000 [ 356.609638][ C1] ? batadv_nc_worker+0x101/0x610 [ 356.614668][ C1] ? batadv_nc_worker+0x117/0x610 [ 356.619769][ C1] batadv_nc_worker+0x117/0x610 [ 356.624896][ C1] ? batadv_nc_worker+0xcb/0x610 [ 356.629825][ C1] ? process_scheduled_works+0x945/0x1830 [ 356.635791][ C1] process_scheduled_works+0xa2c/0x1830 [ 356.641426][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 356.647600][ C1] ? assign_work+0x364/0x3d0 [ 356.652264][ C1] worker_thread+0x86d/0xd70 [ 356.656952][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 356.662883][ C1] ? __kthread_parkme+0x169/0x1d0 [ 356.667936][ C1] ? __pfx_worker_thread+0x10/0x10 [ 356.673150][ C1] kthread+0x2f0/0x390 [ 356.677217][ C1] ? __pfx_worker_thread+0x10/0x10 [ 356.682332][ C1] ? __pfx_kthread+0x10/0x10 [ 356.687092][ C1] ret_from_fork+0x4b/0x80 [ 356.691502][ C1] ? __pfx_kthread+0x10/0x10 [ 356.696166][ C1] ret_from_fork_asm+0x1a/0x30 [ 356.700966][ C1] [ 356.704017][ C1] rcu: rcu_preempt kthread starved for 10204 jiffies! g26041 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0 [ 356.715198][ C1] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 356.725275][ C1] rcu: RCU grace-period kthread stack dump: [ 356.731164][ C1] task:rcu_preempt state:R running task stack:24624 pid:17 tgid:17 ppid:2 flags:0x00004000 [ 356.742987][ C1] Call Trace: [ 356.746358][ C1] [ 356.749284][ C1] __schedule+0x1796/0x49d0 [ 356.753787][ C1] ? __pfx___schedule+0x10/0x10 [ 356.758628][ C1] ? __pfx_lock_release+0x10/0x10 [ 356.763632][ C1] ? __asan_memset+0x23/0x50 [ 356.768212][ C1] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 356.774006][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 356.780355][ C1] ? schedule+0x90/0x320 [ 356.784605][ C1] schedule+0x14b/0x320 [ 356.788880][ C1] schedule_timeout+0x1be/0x310 [ 356.793742][ C1] ? __pfx_schedule_timeout+0x10/0x10 [ 356.799106][ C1] ? __pfx_process_timeout+0x10/0x10 [ 356.804389][ C1] ? prepare_to_swait_event+0x32e/0x350 [ 356.809944][ C1] rcu_gp_fqs_loop+0x2df/0x1330 [ 356.814942][ C1] ? __pfx_rcu_gp_init+0x10/0x10 [ 356.820073][ C1] ? __pfx_rcu_implicit_dynticks_qs+0x10/0x10 [ 356.826333][ C1] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 356.831633][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 356.837623][ C1] ? finish_swait+0xd4/0x1e0 [ 356.842232][ C1] rcu_gp_kthread+0xa7/0x3b0 [ 356.846905][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 356.852267][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 356.858171][ C1] ? __kthread_parkme+0x169/0x1d0 [ 356.863183][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 356.868367][ C1] kthread+0x2f0/0x390 [ 356.872440][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 356.877654][ C1] ? __pfx_kthread+0x10/0x10 [ 356.882228][ C1] ret_from_fork+0x4b/0x80 [ 356.886627][ C1] ? __pfx_kthread+0x10/0x10 [ 356.891203][ C1] ret_from_fork_asm+0x1a/0x30 [ 356.895961][ C1] [ 356.898967][ C1] rcu: Stack dump where RCU GP kthread last ran: [ 356.907644][ C1] Sending NMI from CPU 1 to CPUs 0: [ 356.912874][ C0] NMI backtrace for cpu 0 skipped: idling at acpi_safe_halt+0x21/0x30