last executing test programs: 4m55.044642073s ago: executing program 4 (id=53): creat(&(0x7f0000000240)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x4010, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) chmod(&(0x7f0000000140)='./file0\x00', 0x0) r3 = open$dir(&(0x7f0000000140)='./file0\x00', 0x1, 0x0) write$binfmt_misc(r3, 0x0, 0x0) 4m54.711594582s ago: executing program 4 (id=55): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={{{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={{{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={{{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) 4m50.481769905s ago: executing program 4 (id=69): syz_mount_image$udf(&(0x7f0000000a40), &(0x7f00000001c0)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1004480, &(0x7f0000000080)=ANY=[@ANYBLOB="73686f72746164000000006d654277e73d3030303030303030303030303030303030b030342c6e6f6164696e6963ca2cee2f9b0057192165f8a2c4811377599e664d944ab02fb24b22fb9f0ce4164c9546c61af63b57cf4a6dff0d33586c5d3dcf5c3cbf026e8bed5e56827bb3e5a8b15c9f9e451dd9ac3f4ac4000000000000", @ANYRESDEC=0x0, @ANYRES16], 0x1, 0xa1b, &(0x7f0000001540)="$eJzs209sm+d9B/Dfw1eyaadrFbd1kzbLWLQIPKUN5P9KvAH2rApt5iZGZWXzZTBlyQ4R/askF043tB42oAjQg1FgPWzAkMsOA3bwDrvsFOwwDBg2GDsMxYp2Wrpm6Y3BBuS0aXhfPpQoWY7VOLZk+/Mx7C/58veSzx+afMmHbwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEb/1lVNDB9N2twIAuJ9eGvvG0GHv/wDwSDnn8z8AAAAAAAAAAAAAAOx0KYr4s0jx6k/a6UJ1vaN+pjV75er4yOjmu+1JkaIWRVVf/q0fPHT4yNFjx4e7+cH7f9SejJfHzp1qnJ6bmV+YWlycmmyMz7Yuzk1Obfke7nb/jQarAWjMvHZl8tKlxcah5w6vu/nqwDu7H9s/cOL4i+f3dWvHR0ZHx3pq+vo/9KPf4nZneOyKIn4WKerfezc1I6IWdz8Wd3ju3Gt7qk4MVp0YHxmtOjLdas4ulTemWq6qRQz07HSyO0b3YS7uSiPiWtn8ssGDZffG5psLzYnpqcbZ5sJSa6k1N5tqndaW/RmIWgyniPmIaBe33l1/FPHvkeL777fTREQU3XF4tjox+M7tqd2DPm5BX9m3IuJmPABztoPtjiLeiBQ/OD8UF/O4VsP2TMTXy3w64ptlLkdcz9dT+QR5KuK9TZ5PPFj6ooh/ihRzqZ0mu3Nfva6ceaXxtdlLcz213deVB/794X7a4a9N9ShionrFb6cPf7ADAAAAAMDOU8TfRoobMwfSfPSuKbZmLzfONSemO98Kd7/7b+S9VlZWVgZSJxs5h3KezHk254Wc8zmv5bye882cN3K+lfNmzuWc7ZxRy4+fs5FzKOfJnGdzXsg5n/Nazus538x5I+dbOW/mXM7ZzhnWvQAAAAAAAADYYfZEET+OFF/4m29V5xVHdV76J04MH/jqF3vPGf/MHe6nrH0uIm7E1s7J7c+nDqda+eej7xdbU48ivpPP//vD7W4MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwrWpRxGcixQ/faKdIEdGIuBCdXC62u3UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAh1FPRZyOFL/4Sr26fjMiPhsR/7dS/omI5ZUNtrvFAAAAAAAAAMAtUhFDkeLxJ9tpICKuDryz+7H9AyeOv3h+XxFFpLKkt/7lsXOnGqfnZuYXphYXpyYb47Oti3OTU1t9uPqZ1uyVq+Mjo/ekM3e05x63f0/99Nz86wuty68ubXr73vqpicWlhebFzW+OPVGLGOrdMlg1eHxktGr0dKs5W+2aardpYC2isdXOAAAAAAAAAPDQ2JuKOBopXm0dSd11477Omv+vdK4Vq7V/8QdrvwWY3pBdvb8f2MrltNWGDlYL743xkdHRsZ7Nff23lpZtSqmIv44Un/vdJ6r18BR7N10bL+t2RYpj3zqS6wY+V9adXFdVHxwfGW28NDf75VPT03MXm0vNiempxth88+KWfzgAAAAAAAAAAPfQ3lTEn0eK3xu6mbrnnef1/77OtZ71/9+oltAr9bQ+V1Vr+x+v1vY7lz9xYrgx+mu3234v1v/LNqVUxL9Fisd//4nqfPru+v/Qhtqy7r8jxb/+41O5rrarrDvY7U7nHi+1pqeGUh6rzz/brY2q9niu/eRa7cGy9vOR4i+fWV87nGs/tVZ7qKz940jxv0c3r/30Wu3hsvaPIsVvv93o1u4ta8/k2v1rtc9dnJuevNOwlvP/d5Hi7C++mrp9vu389/z+49qGXHXLnH/w5Y9q/gd6tl3L8/rjPP8H7zD/fx8p/uSnT+W6ztgfyrc/Xv27Nv+/Eyn+61fX1x7LtfvWag9utVvbrZz/L0WKEz/60Wqf8/znkV2bod75/2zf+lx9lmzT/D/es20gt+vwLzkWj6LF17/9WnN6emrBBRdccGH1wna/MnE/lO///xwpXjhTS93jmPz+/7HOtbXjv/e/s/b+/8KGXLVN7//7era9kI9a+vsi6ksz8/37I+qLr3/7y62Z5uWpy1Ozw8eOHnl++Nix5/t3dY/t1i5teegeCuX8n4kUr/z0X1Y/x6w//tv8+H/vhly1TfP/yd4+rTuu2fJQPJLK+b8eKb779rurnzc/6Pi/+/n/wBfW5+r/v22a/0/1bKt+4//xiOd7th34dMSprT4WAAAAPGT25nXyP/31f1g953395//4Yre29/uf29kJ5/8DAAAAAMCjbm8q4q8ixf8MfSl1zyHbyu8/Jzfkqm36/d/+nm2T9+m8li0PMgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADADpSiiKcjxas/aaflorzeUT/Tmr1ydXxkdPPd9qRIUYuiqi//1g8eOnzk6LHjw9384P0/ak/Gy2PnTjVOz83ML0wtLk5NNsZnWxfnJqe2fA93u/9Gg9UANGZeuzJ56dJi49Bzh9fdfHXgnd2P7R84cfzF8/u6teMjo6NjPTV9/R/60W+RbrN9VxRxKVLUv/du+o8iohZ3PxZ3eO7ca3uqTgxWnRgfGa06Mt1qzi6VN6ZarqpFDPTsdLI7RvdhLu5KI+Ja2fyywYNl98bmmwvNiempxtnmwlJrqTU3m2qd1pb9GYhaDKeI+YhoF7feXX8UMREpvv9+O71dRBTdcXj2pbFvDB2+c3tq96CPvVa+u+nmvrJvRcTNeADmbAfbHUV8LFL84PxQ/KzojGs1bM9EfL3MpyO+WeZyxPV8PZVPkKci3tvk+cSDpS+KOBsp5lI7/WeR5756XTnzSuNrs5fmemq7rysP/PvD/bTDX5vqUcTPq1f8dvq5/88AAAAAAA+RIn4zUtyYOZCq9cHVNcXW7OXGuebEdOdr/e53/42818rKyspA6mQj51DOkznP5ryQcz7ntZzXc76Z80bOt3LezLmcs50zavnxczZyDuU8mfNszgs553Ney3k955s5b+R8K+fNnMs52znD9+QAAAAAAADADlSLIp6IFD98o51Wis4C74Xo5LJ1zofe/wcAAP//Vsw/Lg==") r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) lseek(r0, 0x7fff, 0x0) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) fcntl$setstatus(r1, 0x4, 0x46100) write$binfmt_script(r1, &(0x7f00000003c0)={'#! ', './bus'}, 0x9) write$FUSE_WRITE(r0, &(0x7f0000000000)={0x18, 0x0, 0x0, {0x94}}, 0x18) r2 = open(&(0x7f0000000180)='./bus\x00', 0x4047e, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27fffff, 0x4002011, r2, 0x0) write$cgroup_type(r1, &(0x7f0000000200), 0x175d9003) 4m50.029874655s ago: executing program 4 (id=75): syz_mount_image$squashfs(&(0x7f0000000180), &(0x7f0000000240)='./file2\x00', 0x800000, &(0x7f0000001500)=ANY=[@ANYRES16=0x0, @ANYRES32, @ANYRESHEX, @ANYRESHEX=0x0, @ANYRESDEC, @ANYRESOCT, @ANYBLOB="6d512cdb0da2586a4f6af6190e96f609184d7968bb320212271dd0c2c7f34805703b960e29dab77c99d007573ff036d5402b9e13ab7927cecee8484c7ea744a9cdff274be475468879fc48c459ddf7a93f9eaa365e021dd333ca71333dc3537320f9238aaec4013fe563abede46c5c9ccd90241bfcc9314241e62c0c0d47ac0513ea94cae7edc76d713d49c8df4bdae1cf09b499929b55c8a04e51b34ee7a1ff421f7e99addcefbb0b8d94859f0837e048c4151764345c561239b5aefe4235100b639e2ef5b6cba679bc0ce542587074abdc7ce626ea77c1193c4a7fca531dd97a189d1764f2795a116ea2db70a41fc8ef0a65c64e7bd3cba90f385f717c120441f694dfea00f5558640304c44e6de72bb63aeca5ee997486c8d40d6f92ee190e25cc45ad9264db69df5d757da2f6b2467dbf96c48d2e5871af4157027436e7d3665664216e59193cc281f0facf22df82b5b11cb2050b32b617bc1072b2ab3f36a274823f17cabbacbb4b41505f55daccb875545cd38249f91e1facca2c4c389598563f0c017ba62de175d2f5486b2f276360e1b18d70d2ff70dfae9da03dfa37b86015eb9a87943ad515010d9b85118e3e98d4f7861b28e7e116e3f6b3d23ff13f67244ec2c3d57619b513d4f185796bb9916d06e275b10b5c825983e73c8d8d6c6feab8aad1cd4bfc9cb947bc108920f85517be010db29e75b7d36b9b5dd8456e4930da3559b80d59e112948a3ef93a757d3a7ad4e9d78789c01a08165e8832b9f1f551c71f8b530110ba4fa9bc8e90b4fbc64482f11c31d2adad72e53033e3362523a6f9b6ef17d355046ae8db0b6a30f13d6af68126ca06e818a5f16e84607c2511ae36ec91be7937ed32e48fb76ba5e6f4e932c13b9e4a66c31afd6fdb5ecbbbe2b86f8d7374b0b08c99b8b0c0f0700ca0dbdc03f0547535de6a850ce774b542db85ab781448df92ace1da57512e03ed9757fb3cc03f1715390f53c633ffc4f462a1c0985cd8b4842b180526a2f0c5ba27858d6c0073e4e63bfaf8c6220760674f73ba42046bdd8ffcccc387c97e28b5f9147e076bd23107d1a7b1dc14bb28e1ffe58cfcbe7b77ce11d3ef09526486bfcf7fcd1d74d0f6b7db4fbf64686c85d79f51635858144f9f1d99360a886453f933312f27b90d5f718744202a8662057c28a2232c0064a7c4e1cf2489929a1b643671700b694c1c2c092f1ac37eefdd6a5be98add1bac5703d89a3a9b58db0047bb635a92769770210d9ded27fb84974e1e3b1afbcfd47601afa6590e62806fd6b7ff12b607b300d0a0843746d42e0f34e530b2e67630ad8d549fad25d204e080de3e2c04e0156f9d198e0392862caf22a6d97b8a687588553e92fc65295136340a817af8615e57543dbc3b56f4b628f12399e1e9c7db745627ed85685218cce49d31753b8c2dad0acdbf71ee4e91939c123230e742156d3cd35a43440dd97600a5e4af925bb4c5b62efa91cbbb0e8237f570c480cc99c28c2146f940c16f4efb889aade5a1dbfb7c1cab05a5e5410f35c68f2dbbe0f0c9700ab84c85324463033ec717eb0f6bf005ad272d7dba6cdf651c43db611dfdd65b25439487fdf9c4b741d3634ae723c2b59c1b543c80aa922fd31e747b4cc6413cafae42d8ee4017985a501db8a942c9a64582ec7e32098a26c5cfd267ca62abebdc0ac528744f14905bbf47aaff1c321c11b50bc247804bcd229ca763e22309ff447533ea976f6f705e4523e24d7362e8308d5eb847d1b0c3a78f322b84fb0718253e2c37f7d0922cf1881f27c83260713d9ca2d843d7c44508d61107e86e07f45bebb36f85a69cc05c4159561051693370c32f47b6bfaa1e5d8e9923bd73c9fc591fc04bf3408bee386965aabcb78288ae38b76080351990fff4783de26eaf73359ad3bbaef9bf069198c0358d98b29584b5d12e7527c16fc1aa3ee5fce34b096801bded3d2e8cda1fe7ec804214a5b19ad4a7fcf483c16418a52bbb5f36b2e05ec215dca0e4a3c550f2462d889c47c880cfc8d94af3cc303a8d7c1e1d5117bb657a1c7ae6ce441851b97079d68c535756201ab64c5064ad47c7f7308d2f2dfb5244178d219d3f6f2ebd7dbb7930e3c6b385129e898bb138b7b878c2ca4549ee85cba79c5c7500660705776da46e856875bfb500dac274dd3468927334db012d480b11725f8e498c24c943a9d7dbb1cba8b697c66d3848a8ece3b49fd8770a8214c807a89466b5022c31bf882a532d86211daa7633a109895d29b6d26530046b8f696d32b779125d3285c148d280024afac585ffd809def7fb286744714c9a9ac2996a0409dd68ebcf66825ae478b91a0490d6f89425795c338f5a0ec69add975aa2df8b5477fb1da01a7a548eae271e420c4270cd54fb1dbdf6faf752687b7a1d56b4d292f7c6ebe7b289f463a6e9399a21c3f8af7ecc3ddd18fb43ed1173871a0bbc260a88d11f3f67ab15a4f86bf43c8ee3b5d00a8b7f76c707ddc921ea369069caa57af7bdcab2de7e3895320fbc9a61a7a25184f95f8a975136a54f5da19a91c17a1cad0a0518f18b3f2a98cd2427474f86b63a25b8fba52788ddba19353e80e7252515802a59b09b33d2040bf5892ced35d4cc6e959459233797522b5fe6a25b47290be4e14d92329ce37d18626373c558f616feb8fa02e2129228a063b42e36491f2fb08ea20985f5dda50a0e64bef289c445c0a977bd9efbb08f3560ac9d4f0faff4b5be75c48f5e76f48d3c36dde86a5f1016f4dcb6ac0314b43bbfc0e780f851fbda12df1dc8a53638555ec516cec6908034f578b1d271d0f3e90def4bbc98a09c63400f4121a07fa870aa4a0a5a8e4bd739b5b304b89d2bc271083c050fb37eb9458f3bb6f18549d74f3b4e4bcf34c1fa000b387376b403d0f5d65b4f7c8e60a59d4b08fb1137b30896a3c1a5481dda714a41cd1022186e48941f683ed47123e5a94476695090c9b170dcca512f60a0d65e37e2c27355892be281c130c939bae532659b1bb6d7961cbaa11fabb32609ade91949e0056777e49a607d74f614d74fa323823dbcb9fe43f4491a4be4938167c8ad7256a95e7cd8271ec66c6786f08957fceb3735c94eee05668e471372b0b98e02d83c96f48e8b600ca5a4009fe3717d598a9dff8e83270f268556e758f220f3c54b465239e1c0d317f83f1ac893f97bf45bfb0cb6ea8a1dfd9ec63440be19f8a6df594fe84b5d3fcb5d1995bef646e4d9d02d59474b82e0c3047e75dd0879c7037636be53edc5515c81f32e622c98d5e7bdb267ea6afd1a80081f481c0d3cd37a54044efe59368fb0bf8ddb42a6ab8079a97835c710da3cd0ae5bf4a48bbf55101b7e3719c2a3f8013685069a586e911116610b089788e88cf368d32acea434bd0cfc426c26f3be4532d125cfd303a3021ad51f20003518c1a7bd0bbc5efcf89ec8a9c68a74078932d9f17109b90192125e1d9a7b5278dda04ba3a23c536f1efc461e6edd1b7a3dfc08d99e4c7e959acba50ac98a6196fdc3806afcf6b6e23a676c6cb081b7338ab344bb9ff688b2bf95dec14c3fdeebcf37d6fac8ef1e64a2f3a1fae6bd361ffaba8addc5e44563c87e7b5ea7c6ecc88976a94583f4df1d3bb1908c306e0b8742a1ba9576c7c8e29ca6114edbe48c4314167350b9bee2518e4ea9802448de43faf9cbb4b7e8b8707cd2bb85b4ce96c9e0d9bb1a0c1719d061438e6205919991d278d5ae0f736dd13e90d70d0380f111df365d05c9c8946869c9848d250ee98d6f33cc7ff743c05bff4da81e340574cd978fea7afef0411d5570223ced7d78944481007c3e2f91f8416f08294a804bf4e44393f95211e0173984e4c17313a7450a9ed114ed5d1185d4ba080cf604e9c61b5d97bc0f97ea57bed4bbba72317f0c076b48868fd4365a05bc951926aed5ab7c950f394f116e415031ec782fb918060a85a43e71b96866519e2ae7c4359b4b8688f1ae50869dd376a0ab024336424cd53f1aa9e577664c66b65f900ac3950aadc7f891fe78f8bca7d7fc7388cda56f6b1c559e195db86e55ea39a6371ed2ec3199b0000575f2a1175c3c0b6df01bd6953de340c9026e0eba3170d7b951247a54e6e75b7b17ed34d4b4c78560f146527e61297b77f6517a40278bfc77800bf40d7743048bf47093d65341f70c8d4bf47e570db5bd95abd1970ee858040e47b564f2dcf520b9eef7186ced3f331d3433f62ad8aa93ba8081284fe5efda0aac8fc20e07b43fbc015642d1b65a791cf8a81b4e3ecd8bd2ab9d69d9a9daea727687ddbf184432ded13ee8de666ba3aab66eee5686704308230053ae4f76f37231e5a65639466ad5287752a7bc99b4dfafd9378f528feacf1c28af2bab749cb4dd3000659a17a09c5990a3d3231021b1f71fbdf2839888772bb84286a938a357a9649732071e7d37b25b5207d520637d3edd96cc7785e45ae9bb2f82aae3c24ac8954d3e837735981fa9c05acda145b4d8672c0f7c5e1333fa89daf5f3a369ed346a78e1c1e32a6a57efb8e9b7a03555d3f6fdd93c0afd3464fd7691d906b5a3572cde396109dcd7761d151570fde9ad902a2e3a90dc789e8b1d87ef79f0c0342f136a5320a2632812fa4abcdd1afeb3881bb39e7dff080007f0a3eaffea6fedda9037f5c92dbddceff11d8c1697485306cb18de2b5673c4c722ade0f7a0fbef9f9aa2824fe892231f5c85487fb29aaac74c84876b26a38c6afd316ab4a29eaea5cb26df4b6227d526db0d5ad62db60bc0d49b58ec19ebe6f66f5d48ec59bef76d73b4cd3bc2b9f6b87bea3f0ec8f1bb5db3fa4b6088d7d5ae13f97cefa9560eb8b556987ac80c822e505bda94fe1a14979dd467e868eeabe486601feac864eacf863f14916ac71be0a261d7697c611f5caf86ce7fdb40e2c8adc9f29feebf08321590bdd93170efe57c49a29d46f6c179ec6ab18a2a1c3ad6205e95fd2a5f1e17f50115861be455c36fd25f64daf21696ad8493cea898c4926321c6a9449afab79583069309e378a3ee53f5d20c77abe248e735bb76c369ae86f005d41aa590187bbde5d35c0052bbef8f9b203ace202395c58b2cd39312a447ac6b2849bd372a894a8c4baad2a4e2addee7c52dbf9756b119559cc734c37290a4b725b0902c939e83b39d2ef8cd25ef4db3a48ff475565bca4b3d7edadcf71c2a29a6024b33a1040a2391db5df05d00cba606a478f5d7f034b928659728badd7c074f21a2e74498036e7f8905484c985983300c8a6bfa8d88b2bd29e1f2c433290b100cd41a73e3d18decfd12f33e1ab5af22f36bedd5d8e20843cd9c5aab050ef4866f91bf66b71aee38bfc22be4967b1c3742ef377533f47d73a95fdeef9e55c5f2deb826710f8f4686f902f0b45b5cd976de9a7ef1a56ebf11903e48761a703cfc97afcec8b082484f984e3976c3ac60f3cdb835ca46a65eb24bea9b7043cef98bf07efd438de8e62d900bb61cfef4897626fd4552ee17c87b43aaeaa58688ced2250b9a278eb6d2835a9424c4801cbb5e7e13a6f7ac6cbf0a00f3cfefd3d04564907f841008de1a23dfa1ea397c54a9ec30ad0270359b654a3557b8fd9e6b7048a5532ec10edf801b503ace03b8285235053d63cbefe0ef886b700bb799d145dcef03e7dfbf4ab4857720aa7ebe6237c401c831ce7e3f3206b4c2b11727979548790224a32c715cd0504fcabb06df93e29084295d3b1ef357276bb6b244b655e4ac3daebdb45895e00000000000000000000000000000000000000000000000000000000000000000000000000821b78ec654ae193ec5adde1111a4dad5f", @ANYRES8, @ANYRES8], 0x1, 0x1e4, &(0x7f0000000280)="$eJzslc1qE1EUx39n5qbTaBZdu7XYbrTNFMQ3sHt9AEM61mLiRyeiCQWjm25ciC9R8ClcCLp3ISK4qQsFXVRcVSRy5547nTRDtX4ggflDOP/zP1/3zmTuvZbeTiPg+95WmzkyCA3eimCABXHa/oyzX9SOFB+M85uqP1X7Xm3aH7x65OjgeqvTSTbT/tEkQuAnOeNkUjK/OqyMvHw4rgi/1+ffk17onuxk6PGYEpXlaC2HOzcv/fd9/Tn52oCi8vFvj6hRGhI51n/9KAK58q0x+ZoOkzdP3OTSnFDL64w/lukjwbGqUvR9pBcfBHwWqPF6b6tt1St6itnwmvv5TyLLsc7zQs4pA0OQkJH4HJOdlrAALPW6t5bS/uDsRre1nqwnN+J45fzyi5P6iY7uw0YnWZZsGa48sMSQw36n9UK8Brw7iA8pQNzSAu+fAPG1vsQfzounC4V1CArb8vag77N8fqTanbTLZc4wC9wd2nCMe1rz2G6Gq3ZrqwihOk1TWCfsEzCbBc61b3bWthHEl+1g8h7NXWreCWN17KBk5UK+/W2182pX1e6o3VXr7y5/J5mswyf1Focww71Wr7eZXV6O5Vqca/FcPjnQqf42FL+SiAoVKlSoUKFChSnBjwAAAP//GZZKWw==") pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r2, &(0x7f0000000440)=ANY=[@ANYBLOB="b0000000000000"], 0xb0) write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000002280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) chdir(&(0x7f0000000100)='./file0\x00') utime(&(0x7f0000000200)='.\x00', 0x0) 4m49.560741004s ago: executing program 4 (id=80): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r0, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x1}, 0x10) r1 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r1, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x1, 0x5}}, 0x10) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000240)={0x42, 0x1}, 0x10) bind$tipc(r0, 0x0, 0x0) close(r0) 4m49.031979777s ago: executing program 4 (id=87): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(des3_ede)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000c18000)="beef915d564c90c200"/24, 0x18) r2 = accept$alg(r1, 0x0, 0x0) read$alg(r2, &(0x7f0000000080)=""/4114, 0x106a) write$binfmt_script(r2, &(0x7f0000004180), 0xff77) 4m48.507354031s ago: executing program 32 (id=87): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(des3_ede)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000c18000)="beef915d564c90c200"/24, 0x18) r2 = accept$alg(r1, 0x0, 0x0) read$alg(r2, &(0x7f0000000080)=""/4114, 0x106a) write$binfmt_script(r2, &(0x7f0000004180), 0xff77) 4m32.091717887s ago: executing program 0 (id=161): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000500)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000440)=@gcm_128={{0x304}, "e453f079dff9d540", "1ec2d524d78682576ec2d9e13dad1018", "993161e3", "be0692db0b429ee8"}, 0x28) prctl$PR_SET_MM(0x23, 0x6, &(0x7f0000001000/0x4000)=nil) prctl$PR_SET_MM(0x23, 0x7, &(0x7f0000ffc000/0x4000)=nil) brk(0x20001000) write$binfmt_script(r0, &(0x7f0000001300), 0x8f) close(r0) 4m31.719781954s ago: executing program 0 (id=165): syz_usb_connect$uac1(0x0, 0x0, 0x0, 0x0) syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000000340)='./bus\x00', 0x8, &(0x7f0000000500)={[{@autodefrag}, {@autodefrag}, {@ref_verify}, {@acl}, {@clear_cache}, {@discard}, {@noenospc_debug}, {@barrier}, {@flushoncommit}, {@datasum}, {@nodatacow}, {@ssd_spread}, {@flushoncommit}, {@noacl}, {@nodiscard}]}, 0x1, 0x55a3, &(0x7f0000005680)="$eJzs3X9snHUdB/DnruvaFdeWMOuArGwDJFtEOjdNCCR2bNNpYTnphE3I+gNH0DmtY8NVCCtinIERijWMwQoLbn9MEYqucyiJBewqul8IJtNFBbPFNWOkOBExYTG9u+d299zaHhMpwuu1tM/zvc/z/d73njx/3PvW73MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABEHwx+N3TL/t3roJ26+ru++8a85e+2D3kuMX3rq1avND20v2dTz31aNVq1qPLF1w0/2JpkfW93d3BkEs2S+W7t9w2fwrr69vuKI0HLDxc6ltZeVQT5nq+mKqMTbnwcF+uT9NQRAURwYoSm/npXfiOQNkdlfkDzisayf1tE4dP69x28qujc8uu3xL/ktnUOloT2C0pK+rgyeupdrk73jkiEw769KL5Vyiqf7RC+4deREAwFtSk0huMm9H029xM+22aD3Sro202yPt8B1Ce3bjVKTGHTvUPCdH66M0z9pUVCgZcp6Revr8Z9qJaP9IOxI13sI8cw9NR5rSoebZEqmP1jwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3k0uuH5m/d49D7/8ldbf/u7h17/16sePrGq8ZaC7/qJ1ix/v2PG9vx2tWtV6ZOmCm+5PND2yvr+7Mwgqk/1iqe6xZ6ri8ZkDddseu6e3puFDC9cUpccNt2OyDg72hzsXVwRBc1blYDhsf3kQJHILyWawIb/wpeTOZ8ICAAAA7yVnJn/HM+1UHCzOaceSaTKW/BdKhcVrJ/W0Th0/r3Hbyq6Nzy67fMupj5cYYrzak46XaVee+IllBeMw/kbHO1EPD12RN87woiNG8/zpx/qnNdfdUHrl7gsWzphdv+XS4CfTD3csX3TfhBfHL9nXXpOX/yuHz//hmZP/AQAA+G/I/9FxhjdS/m+uqZh0cOp3ix67rur44fkP/Lyz7/kn4w8VD3Q//dLYcbf9cnVe/p+c85R5+T+ccZj/48Gp5X8AAAB4N/tf5//avHGGN1L+/8X+zZ//98pvTDk84187Xnj69xdvnVI+/7WyGTe8+cSCVxp2tf0pL//XFJb/x2RPO3xwVzjhZRVBUFP4SQUAAAByhP/vfuKjhTCvpz45iOb1y+4qe3LXG+tvjJ/V8o8zFvfPqv7i7tVf37ApNrChc92O5XNX5OX/2sLyf/E783IBAACAAvxm+y13V395ydYtew7N2XFnYvPYS+a+uuennVf1vXwsUfT8zX15+T9RWP4vGZ2XAwAAAJzEU+MmPnfo0UNfm7177YS9q9rmPD5t3+qFD/xz9t+veOnPxzddWJ6X/xsLy/9l6W165UOq087wrxA6KoKgdHCnJVXoC9o/mSkAAAAAb5Mwpzc1revduX7MrNfOPvzDNSuW/2rvpd++a2P1zQd+XXX7ucf2996Yl/9bhr//f3ing3D9f879//LW/2cVUnf9u8SNAQAAAHg/yl/PH94eP/XNBUN9/36h6/8/euaBko7m8ysnx7dVz3rig31Xra1+fVHHRZ/YfusbH46V//VTefm/rbD8X5S9fTu//w8AAABOwf/b9/8tzhtneCPd/79v3DPnrPnsPT+o/WbZU+e+eXfzd9oPTj9v87QzPlJ0fvecmX/4fl7+by8s/4fb07JfXk94fm6vCIKJgzvpuwluDae7LFLoKs4qpE58pEd92CNd6CrJKiS1RHp8rCIIpgzutEUKp4eF9khhoDxd2BQp7A0L6eshU3g0UugJr7R7y9PTjRZ+FhbSCyy6whUUp2WWRER6HBuqx2DhpD0OZJ4cAADgfSUMz+ksW5zbDKJRtis20gFlIx0QH+mAopEOGBM5IHrgUI8HjbmF8PEfz+1e+so1D9b1Xt1w9KzZe5bc0faBnkW9O7/wo55z/nL1Cws/nZf/NxWW/8NTMTa1GWr9fxCu/09/r2Fm/X9jWKiMFLrCQiJ6x4BE+BypsHtn+ByViXSPgYmZAgAAALynhZ8LFI3yPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sHfvcVJVd4LATzf9oJum6YgBY4ygRkR3aZomGEQcUXRXo4tNJKtjhtAIjXZoAwq4YsyKr3GV6GLUmBjZwY+jJg6r+CDqRIXoiElGJfE5Kz4HnciqS9BR45gs++m+dYqqW112IaC0+/3+0XWqfud569F17r11LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/P/hsiX3Nrw58H9965ffW/f697409TdTD9m8y19uqHt3yDlPbT5ocN0tbw1asPCNtklnXtsyffk1G1YuDaGlq1xZUrzsoUHl5aP/cMxdt13xcNO0wVPOrcrUm4mHfp1/yjN3Loytvto/hLvLQqhIB0bUJYHKzP26WN8edSF8LmwJZEu01SYl0g2Hh2tCWBa2BLJV3VsTQl1OYMoTD666rDNxVU0I+4YQqtNtvFCdtFGTDgyrSgK16cCciiTw/uZENnBPeRKAbRbfDNkX/YqW/AwN3Zcr8vqr3G4d+3Slh9cnJhqK53vrsB3cqRxV6QdatulpK6iOHaLg7bHau60XvNsKtvMST1vuF6nMN5TNW0LVoXxm26zpCzrmx0fKQ2Njn2I17aDned2mc2ZsTbrXvA5jBxq2y+vwgdpJ9Ze9PfHglSf/8fR956+duq3dfC5nk+amd7TqkHnN9ZrnMZrg86QXvP0KviUN9aUrhHD8nz5f9sycl3bf+MGrJ068/YWLr5628JopE58d9Iux/3jtLndPu7xg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MbKxP5uYAAADQa/SGvaZfHf3qS6c+dPeiF5cfV/Hdcb86abf6irO/33H8rivHf/HSK9sf36Vg/j+0tOP/8ZB/Xe5oV4cwoStxwYAQdut6PAn8LHbn5AEh7NWVaskPHJYKrA7hC12J/bNVpUr0jSWGpgK/r88EJqQCa2KgJRW4MQaWpAIXxsCKVGBGDKxOBQ6PgdCeP44D6jPjKDlQEwOtyUZcEc9CeKc+tpbaVuuyVQEAAGwnmdlhZf7dnHMdtjVDnF6uqOkpQzwDu2iG6lQN6RlsdlpVtIaKnmoo76mG7LgXffTwC2ou66nmgtMwyvIzfDjkO+UDJu79o7tuHHFT84sTv/vu2OO/8uc33129/z/993vOmX/dAQXz/6aPnv9Xd9ORsoLj/yFM7vobc5dnIh3ZeGtLXgYAAABgG1z12NInbzjgqP9z38v33fmla28oX3311//vKxsv2HvUccPL+v7dt1cUzP8nlHb+f9wn0icnc3g07oaYPSCEpvxAUu3BhYHkqHe/TAAAAAB6g+zx+Oyx8PbMbXKKdno+XZi/ZSvzxwP/E7rNf/mmv372y9c+eeLCYftsuOK/nflB2efH/m6XY9eOfPytPYf9Q0PfwvP/W0o7/782/zbpxJrYiysHhNA3J/BI7GVnoMvQGHj50PxAZvxr4gZYHKvKnJiQrWpxLNEaA02pwLJiJX6bLbFbfiDzZGUbvyA7jvZMiZwAAAAAfOLi7oB4XD6e/3/P5AO+tP+gl8a8uOe9C1+bsPSEU2t/uM8tu74+oGPSmAMnHHLEMwXz/9atO/+/ax5ccHp/R78QRlaE0Cf9w4BHa5OFAWOgriyTuL82qatPuqrzakMY3zmwdFWvZNb/r0ivMfhETVJVDOy29083DetM3FATwsjcwDPfvH5MZ2J+KpBt/Bs1IQzpHG268ZV9k8Yr041f0zeEPXMC2apO7htCZ2NV6aoerM5cxyBd1W3VIQzMCWSrOrA6hIUBgF4q/iudmfvgvIVnz57e0dF2xg5MxH34NWFWe0db44w5HTOri/RpZqrPecsYnVc4plKvfPN8ZomiqUNuH15KOvs7wabctjL78QtOHMzcj9+FKrvG2VyZd3d0esjD9ylsIuR8kyo25PIdPOTa3Eq2PIkF9cf8VaFf6LtgXtsZjWdNnz//jFHJ31KzNyd/42GmZFuNSm+r2u76VsLLo+hqWSkfd1vtl1vJyPmnzR05b+HZI9pPm35K2ylt32keO6q5ecxXx45pHtk5qqbkbw9D3a+7qlND3Xx9iePajkPdvSKnkk/iU0NCQqK3JaYvKTt/wrRf3/+tPdacdtZJe/z9HjNHnPRXl/9m7omNh0z+1fV/ubZg/j/3o+f/8VMnfvJn1mcodvy/IR7mTx7fcpi/NQaWlXr8v6HY0fzsiQFDU4FFMbDIYX4AAAA+G+LuyLg3M+6Vvq7un+4+cuaMQ97/5QlTrv7bseNOPWv9vg0XX33skv+w/p0lq454u2D+v6i03/9vp/X/s0vXf63YMv/7xxJNxdb/Ty/zn13/f1Gx9f/Ty/xn1/9f9ims/78gG0htknes/w8AAHwWfHLr//e4vH/6AgEFGXpc3j99gYCCDD0u41/qBQK2ev3/OR1/UTvo8jnjDh0x98ePrNp7ycDbvvT8xF/vs/SgEfeuvOW9UbcWzP+XlDb/t3A/AAAA7Dwe+mXfb1/87rD7n3rk/SPLLv3txpuO/6u2Aw75w8DmUyYfXfP9m/6tYP6/rLT5/ye//l8odv7/0GKBlmILA1r/DwAAgF6q2Pp/Nw98eejq+SNufOznb97yUusvZo5/7d8t+cFXpg9runnNut80zFhfMP9fUdr8P552UZ6XO/bmw/pkTbuQXtNuY332JwMAAADQO5SHxsbKEvPmrYx62Mdvc11mKdCPSud6+r5BqxaUP3RVWfXGH1wy7ZDGc489c86RF63/fu2TP6md2lh9RsH8f3Vp8/+832U8UDup/rK3Jx784cqT/3j6vvPXTt1y/B8AAADYcUrdLwEAAAAAAAAAAAAAAHz6nmpdetAHo45+Y+Zeo/70jWNf+MHiL37zkb+59s9n/vzw+/Zq3zxsSsHv/8PkrnLFfv8fr/sXf1+wa17u2GrP6/9l7k855taFXUsWPlofwj65gdnnz/5cyFybf7/cwKqp+w/uTJyfLnHfi4e/1pmYlg4cNWKX9zoT41OB1rhI4hfSgXhVxff6pwJxecUn04G4PVakA1WZwCX9k3GUpbfVhrpkW5Wlt9VzdSEMyAlkt9XddUkbZekBXpUKZAd4ejoQBzgpEyhP9+rWfkmvYqAuFv2bfkmvAADYacVvgZVhVntHW1P8Ch9vd6/Iv43yliw7r7DashKbfz6zNNnUIbcPLyXdJ/1ddMu1xitDdecQRhV8Xc3NUtY1yu1TSw+bbtciQ+5ptbfyIuXStnbTVRUfUU0yosYZczpmVvY48NE9Z2mu6DHLqILJTm6W8q5NWkItJfSlhBGVuG1K6HK8Xx4aG/ukco2LwYaQp6dXRKm/189d56/YqyA3z9/WXHtpn8F93v+38Rc99OCAyo5TJ7ddtPtj/zxw1Mwf//DB1mt+XzD/byht/l+dO673MhcDWBSvrHfwgBBaSxwRAAAAfPb9z3OX33HinDUbZq2uePZ3v5tdftyJlZvPueucsy967v7FR13y72/e1viKsqc2nfjGprP++o2ffOW6h8966fAZZ901ad0h69uqb/zuXyw/dUjB/H9oafP/uAcrcyg42duxOl7//4IBIXRdWr8hCfwsDvfkASHs1ZVqiSWSC+p/LZZoSgI/iztM9o8lWlvyq+obAytSgd/XZwKrU4E1MZDZS/HTkNmVc0V9CGO6UpPzS8yNJRpSgeNiYGgq0BgDTalA/xiYkAq82T8TaEkF/jEGQnv+trqzf2ZbAQAAbI3MPKsy/25Iz/NWVPSUoaynDLU9ZSjvKUN1TxmKjSLevyNmqEydvFKWk6kyXWtNqpaCDPFi+Fvdr4IM4bf5OdMFC5qO5x9kzzcoy88w7od3tB70tXk/3nTxjx4/8sALj1xy5duXHt1v8JXP/u/2c/v131RbMP9vKm3+X5t/m7S+Js7/t1z/Lwk8Ert3ZTx1fGgMvHxofiCzY2BNnOwuzlbVkimRmbQvjiUmxMDQVGBuDExIBVonZwLLBucHMjPtbOMXZBtvz5TICQAAAMAnLu4giLtp4vx/5bjwzh5Hvt+8+5UD5457/JHzjphes2t1zT+PX7t0/KXVD+3Xt2D+P6G0+X9sr19uYxfG3rzaP4S7y7b0JhsYUZcE4n6Muvjz+D3qQvhczg6ObIm22qREVarh8HBN8gv1qnRV99YkawzE+1OeeHDVZZ2Jq2pC2Ddn70u2jReqkzZq0oFhVUmgNh2YU5EE4p6fbOCe8iQA2yy7VzC+oDKnumQ1dF+uyOvvs3JN0PTwCvaBdpOvu99c7SjV6Qcy+1Sztu5pK6iOHaLg7bHau603vtsavNtyv0hlvqFs3hKqDuUz22ZNX9AxPz6S+0vWAjvoec79lWop6e3wOlz08Xvbs+p0B5pSHx9N3Zfr/nVYFqt7oHZS/WVvTzx45cl/PH3f+WunltyNIuIPhQ++de4Bz+Vs3h2tOmRec73u86TF50lv/Dcw1NMWQlh+wawnn/iX95+vWN/8Xw4cu/y2Nx9b/pODHpg14gsbLvnyxrfePapg/t9S2vy/InXb5YO4MecNCGF4zsZ9NG7+iQOSz8GcQPIpObAwkBxyX19f9JMTAAAAtrfs7o7s/oL2zG1yQnh6nlyYv2Ur88f9FRO6zV9qvweO+YfvHXrV69/4+vrdL3906VPr/tObrxwx7dAHNj29YuXrzcd+/umC+X/rR8//+6a66fi/4//sII7/d2tn3xXdN/3Aom3aFV1QHTuE4//d2tnfbY7/d8vxf8f/u+P4fw8c/+/Wzv60FXxLmutLVwihdcANt/+idvrwflec860Za3/+9DtN416oO/foO//H4YvDNeet+nPB/H9uafN/6/91v2hfdv2/1mLr/80ttv7fIuv/AQAAO1SRhebS87yC1fsKMqRX7yvI0OMCgT0uMWj9v61e/6/2pLNPeqX+rb2umXj7f75z+oXPn3Tis/v2ef6E20+4aeTVw1/68oaC+f+i0ub/8eXQL7f13rL+39DJRapaEgNzLQwIAADAzqjYDgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+XSseXPzFzYv3OeimZz9/0+H/umzNrL1/dcDm0WNObhy+eGDZlX/3L28NWrDwjbZJZ17bMn35NRtWLg2hvatcWVK87KFB5eWj/3DMXbdd8XDTtMFTzq3O1FuZuf1iXu7Y6of1ISzLeaQuJjbWd97ZEphyzK0LKzoTj9aHsE9uYPb5sz/XmbixPoT9cgOrpu4/uDNxfrrEfS8e/lpnYlo6cNSIXd7rTIzPBMrS3b2uf9LdsnR3L+sfwoCcQLa73+6fX1W2jf+YCZSn27i5LmkjBupi0R/VJW3EQEcs0d43hJEVIfRJV/Xr6qSqPumq/r46qapPuqr/Wh3C+BBCRbqqF6uSqirSI19blVQVA7vt/dNNwzoTy6pCGJkbeOab14/pTJyeCmQb/3pVCEM6XzLpxu+oTBqvTDd+VWUIe4YQqtIl/rUiKVGVLvFKRQgDcwLZxk+tCGFh4DMhfvjMzH1w3sKzZ0/v6Gg7YwcmqjJt1YRZ7R1tjTPmdMysTvWpmLKc9ObzPv7Yn990zozO26lDbh9eSroiU66yq8vNlXl3R+/svY/9qs2tZMvzUVB/zF8V+oW+C+a1ndF41vT5888YlfwtNXtz8rdPJppsq1G9ZVvtl1vJyPmnzR05b+HZI9pPm35K2ylt32keO6q5ecxXx45pHtk5qqbk7/YY6vWf/FB3r8ip5JP4AJCQkOhtifK8T7emnf2DvOCL/paOVobqrg/ogmlFbpayrlFuj0Ef9jFH/HG+p/Q4olEFE4eCLM09ZxldMJnYkqUmydL1va5gcphbU3nXJo33y0NjY59i26Eh/27u5n1rGzbvusymKzUNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/D924EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsAMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYUdOBYAAAAAEOZvHUbPBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKUAAAD//5twzl8=") r0 = syz_open_dev$loop(&(0x7f0000000640), 0x0, 0x22400) sendmsg$NFC_CMD_DEV_UP(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x1c}}, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$BTRFS_IOC_QGROUP_CREATE(r1, 0xc400941b, &(0x7f0000000000)={0x1}) ioctl$LOOP_SET_STATUS(r0, 0x4c02, &(0x7f00000001c0)={0x0, {}, 0x0, {}, 0x40010001, 0x5, 0x12, 0x0, "9e959f16b6787b08aa26e66c40568a1695284854c382ec6bcfeef4fb0efcc1d8a6078ed98e203fd5f0643902dd8f6fac274de9d940bba5e51a92bbe4ce85450d", "f625c1076e4c36c800def96015e0fb7e904d865c2fdc458ec58d347f41be5a08", [0x10, 0x7]}) io_setup(0x1, &(0x7f00000004c0)=0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101042, 0x0) io_submit(r2, 0x1, &(0x7f00000002c0)=[&(0x7f0000000280)={0xffffff7f00000000, 0x0, 0x0, 0x1, 0x0, r3, &(0x7f0000000140)='i', 0x1}]) 4m28.240624517s ago: executing program 0 (id=178): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c0ef815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaad1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69922050000f5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762e122428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302be7ff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9d3fded31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a000000000000000000000000000000000000000000000000000000bb60bc1f1635caf0ca9eabf804adc94e0a73923976299c7ac285542e5de1dd14183f1bb171eabe19fe98f551e1b635300d8e38f07eda29341535e532a6d64ed36fac9c77827bf85ac369eac8879e515b58a03438561c5e78157649c6d45e7e621b79d724e277f1ee49e5b63e81180626a73510be26082a097de42b016336707866d422a93e01c1cbe0cefd4a89dc24b0d7f549908b8620ffd7d900a0a96a381fdd763b39f0bc0af5faf593c5d39fdf43430e4b7c23b5cf691792248cfb9ec9f882dd19a9f6e9426b4f88fe14487942bb34e585083f7b98900682e2683922a94e2f0baecc00f74071d025220bcdbc7f5575ce72981e918681b5a0b1ee9af749885fd8cefb9e182b326eaebad4616647fe1c8c16e42e123c9651f634e962219f"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10) syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x2000480, &(0x7f0000000000)={[{@jqfmt_vfsv0}, {@errors_remount}]}, 0x1, 0x784, &(0x7f00000007c0)="$eJzs3c1rHOUfAPDvbJKmSfv7JYKg9RQQNFC6MTW2Ch4qHkSwUNCz7bLZhppNtmQ3pQkBW0TwIqh4EPTSsy/15tWXq/4XHqSlalqseJDI7Eu7bXbTTZvdDeTzgck+z8xsnue7z8wzz+wMOwHsWRPpn0zEoYj4KIkYq89PImKomhqMOFFb7/b6Wj6dktjYePOPpLrOrfW1fDS9J3WgnnkyIn58P+JwZnO55ZXV+VyxWFiq56cqC+enyiurR84t5OYKc4XFY9MzM0ePv3D82M7F+tcvqwevf/zas9+c+Oe9J65++FMSJ+JgfVlzHDtlIibqn8lQ+hHe49WdLqzPkn5XgIeS7poDtb08DsVYDFRTbYz0smYAQLe8GxEbAMAekzj+A8Ae0/ge4Nb6Wr4x9fcbid668UpE7K/F37i+WVsyWL9mt796HXT0VnLPlZEkIsZ3oPyJiPjiu7e/Sqfo0nVIgFYuXY6IM+MTm/v/ZNM9C9v13FYLN4arLxP3zdb/Qe98n45/Xmw1/svcGf9Ei/HPcIt992E8eP/PXNuBYtpKx38vN93bdrsp/rrxgXruf9Ux31By9lyxkPZt/4+IyRgaTvPT1VVb3wU1efPfm+3Kbx7//fnJO1+m5aevd9fIXBscvvc9s7lK7lHjbrhxOeKpwVbxJ3faP2kz/j3VYRmvv/TB5+2WpfGn8TamzfF318aViGdatv/dtky2vD9xqro5TDU2iha+/fWz0XblN7d/OqXlN84FeiFt/9Gt4x9Pmu/XLG+/jJ+vjP3QbtmD42+9/e9L3qqm99XnXcxVKkvTEfuSNzbPP3r3vY18Y/00/smnW+//W23/6TnhmQ7jH7z++9cPH393pfHPbqv9t5+4ent+oF35nbX/TDU1WZ/TSf/XaQUf5bMDAAAAAAAAAAAAAAAAAAAAAAAAgE5lIuJgJJnsnXQmk83WnuH9eIxmiqVy5fDZ0vLibFSflT0eQ5nGT12ONf0e6nT99/Ab+aP35Z+PiMci4tPhkWo+my8VZ/sdPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADUHWjz/P/Ub8P9rh0A0DX7+10BAKDnHP8BYO/Z3vF/pGv1AAB6x/k/AOw9HR//z3S3HgBA7zj/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoMtOnTyZTht/r6/l0/zshZXl+dKFI7OF8nx2YTmfzZeWzmfnSqW5YiGbLy20/UeXai/FUun8TCwuX5yqFMqVqfLK6umF0vJi5fS5hdxc4XRhqGeRAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDnyiur87lisbAksWViZHdUY9ckBmNXVEOia4nmXmKkfx0UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwC73XwAAAP//+Lkq2Q==") r1 = open(&(0x7f0000000200)='./bus\x00', 0x14d27e, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x141842, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_percpu\x00', 0x275a, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) ftruncate(r3, 0x2007ff3) copy_file_range(r3, 0x0, r2, 0x0, 0xffffffffa003e459, 0x700000000000000) ioctl$EXT4_IOC_GET_ES_CACHE(r1, 0xc020660b, &(0x7f0000000580)={0x0, 0xffffffff000, 0x5}) 4m25.684951358s ago: executing program 0 (id=187): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x101091, 0x0) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000040)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0) mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0) unshare(0x22020600) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00') read$FUSE(r1, &(0x7f000000ac40)={0x2020}, 0x2020) 4m25.143234098s ago: executing program 0 (id=192): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000040)=ANY=[@ANYBLOB="1500000065ffff001000000800395032303030"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_DIRENT(r2, &(0x7f0000000000)=ANY=[@ANYBLOB="58000000000000009fed2788c5532994414b47034801d524faf416638217", @ANYRES32], 0x58) mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) chdir(&(0x7f0000000100)='./file0\x00') read$FUSE(r0, &(0x7f0000000300)={0x2020}, 0x2020) mknod$loop(&(0x7f0000000000)='./file0\x00', 0x800, 0x0) 4m22.487870916s ago: executing program 0 (id=201): socket$inet_udp(0x2, 0x2, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000440)=@raw={'raw\x00', 0x3c1, 0x3, 0x380, 0x1d8, 0x12, 0x60d, 0x0, 0x202, 0x2d8, 0x2e8, 0x2e8, 0x2d8, 0x2c0, 0x4, 0x0, {[{{@ipv6={@private1, @ipv4={'\x00', '\xff\xff', @empty}, [], [], 'ip_vti0\x00', 'macsec0\x00', {0xff}}, 0x0, 0x190, 0x1d8, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'bm\x00', "000000165a8c2e0617ae5119b5135c2aee68d23a465cd431e1ecef50c3234e082555f672225d6147864fa03182f5cf11d8c348cbd06dc8de1dcbde7d4e252c3394fed47bf78c70f607b0178fa5ea335019ac05a602061c96baebc989f1f34a214e6726401fe4b124e0f7323a587d2a1fcf07000000eca0a7b66c60c527bac2b5", 0x3, 0x2}}, @common=@icmp6={{0x28}, {0xd, "ea9c", 0x1}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}, {{@ipv6={@mcast1, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [0xff, 0x0, 0xffffff00, 0xff000000], [0xff, 0xff000000, 0x0, 0xff], 'ipvlan1\x00', 'erspan0\x00', {}, {0xff}, 0x2b, 0x5, 0x6}, 0x0, 0xa8, 0xd8}, @common=@inet=@SET2={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3e0) getpid() syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) bind$inet6(0xffffffffffffffff, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0xa4, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TIMEOUT={0x8}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private2}, {0x14, 0x4, @mcast1}}}]}, @CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @remote}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_HELP={0x10, 0x5, 0x0, 0x1, {0xb, 0x1, 'amanda\x00'}}]}, 0xa4}}, 0x0) 4m21.426850191s ago: executing program 33 (id=201): socket$inet_udp(0x2, 0x2, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000440)=@raw={'raw\x00', 0x3c1, 0x3, 0x380, 0x1d8, 0x12, 0x60d, 0x0, 0x202, 0x2d8, 0x2e8, 0x2e8, 0x2d8, 0x2c0, 0x4, 0x0, {[{{@ipv6={@private1, @ipv4={'\x00', '\xff\xff', @empty}, [], [], 'ip_vti0\x00', 'macsec0\x00', {0xff}}, 0x0, 0x190, 0x1d8, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'bm\x00', "000000165a8c2e0617ae5119b5135c2aee68d23a465cd431e1ecef50c3234e082555f672225d6147864fa03182f5cf11d8c348cbd06dc8de1dcbde7d4e252c3394fed47bf78c70f607b0178fa5ea335019ac05a602061c96baebc989f1f34a214e6726401fe4b124e0f7323a587d2a1fcf07000000eca0a7b66c60c527bac2b5", 0x3, 0x2}}, @common=@icmp6={{0x28}, {0xd, "ea9c", 0x1}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}, {{@ipv6={@mcast1, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [0xff, 0x0, 0xffffff00, 0xff000000], [0xff, 0xff000000, 0x0, 0xff], 'ipvlan1\x00', 'erspan0\x00', {}, {0xff}, 0x2b, 0x5, 0x6}, 0x0, 0xa8, 0xd8}, @common=@inet=@SET2={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3e0) getpid() syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) bind$inet6(0xffffffffffffffff, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0xa4, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TIMEOUT={0x8}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private2}, {0x14, 0x4, @mcast1}}}]}, @CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @remote}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_HELP={0x10, 0x5, 0x0, 0x1, {0xb, 0x1, 'amanda\x00'}}]}, 0xa4}}, 0x0) 3m48.059670874s ago: executing program 6 (id=364): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mkdir(&(0x7f0000000400)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000240)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}]}) chdir(&(0x7f0000000140)='./bus\x00') fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffed3) r0 = socket(0x10, 0x3, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setregid(0xffffffffffffffff, r1) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) setxattr$system_posix_acl(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='system.posix_acl_access\x00', 0x0, 0x0, 0x0) 3m47.74397189s ago: executing program 6 (id=369): ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'gre0\x00', &(0x7f0000000380)={'sit0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x23, 0x4, 0x0, 0x0, 0x8c, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @rand_addr, {[@timestamp={0x44, 0x1c, 0xff, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @timestamp_prespec={0x44, 0x34, 0x0, 0x3, 0x0, [{@multicast2}, {@empty}, {@broadcast, 0x10001}, {@empty}, {@multicast1}, {@private}]}, @rr={0x7, 0x23, 0x0, [@remote, @empty, @empty, @multicast1, @remote, @dev, @loopback, @rand_addr]}, @lsrr={0x83, 0x3}]}}}}}) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000240), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r0, 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000100)=ANY=[@ANYBLOB="dc01c6ba1cdcc12519250000000000007f007101001300000000000000000000000000000000000000000000000000000000000000dce600000000000000", @ANYRES32=0x0, @ANYBLOB="200100000000000000000000000000020000000032000000fe8000000000000000000000000000bb00"/150], 0x1dc}}, 0x0) r1 = syz_io_uring_setup(0x24fa, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000240)=0x0, &(0x7f0000000140)=0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r4, &(0x7f00000001c0)=ANY=[@ANYBLOB='2'], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r4, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_READ_FIXED) io_uring_enter(r1, 0x2d3e, 0x0, 0x0, 0x0, 0x0) 3m46.440308855s ago: executing program 6 (id=374): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='task_newtask\x00', r0}, 0x10) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) close(r2) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x15, 0x8, 0x8, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x8, 0xf, &(0x7f0000000c80)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r3}, {}, {0x7, 0x0, 0xb, 0x2}, {0x85, 0x0, 0x0, 0x51}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x5}}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x1d, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback=0x20, r2, 0x8, &(0x7f0000000300)={0x3, 0x5}, 0x8, 0x10, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x10, 0x7, @void, @value}, 0x94) bpf$BPF_GET_PROG_INFO(0x1c, &(0x7f00000003c0)={r4, 0x0, 0x0}, 0x10) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000001e40)={r3, &(0x7f0000000300), 0x0}, 0x20) 3m46.104531593s ago: executing program 6 (id=377): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x1901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0) mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0) mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0) mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0) close(0xffffffffffffffff) umount2(&(0x7f00000002c0)='./file0\x00', 0x0) 3m45.78561939s ago: executing program 6 (id=381): munmap(&(0x7f0000ba0000/0x2000)=nil, 0x2000) mremap(&(0x7f0000dde000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000bb3000/0x1000)=nil) mremap(&(0x7f00006bd000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000721000/0x4000)=nil) munmap(&(0x7f0000e29000/0x1000)=nil, 0x1000) madvise(&(0x7f0000ad2000/0x4000)=nil, 0x4000, 0x10) munmap(&(0x7f0000694000/0x3000)=nil, 0x3000) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x26e1, 0x0) munmap(&(0x7f0000b04000/0x4000)=nil, 0x4000) mremap(&(0x7f000040b000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f00004b3000/0x4000)=nil) mremap(&(0x7f000046b000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000769000/0x1000)=nil) mremap(&(0x7f00008a8000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000fb1000/0x1000)=nil) 3m44.755873262s ago: executing program 6 (id=389): r0 = socket$alg(0x26, 0x5, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) read$alg(0xffffffffffffffff, 0x0, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) read$alg(0xffffffffffffffff, &(0x7f0000000300)=""/99, 0x63) syz_genetlink_get_family_id$fou(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$FOU_CMD_ADD(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x8081) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000ec0)={'batadv0\x00', 0x0}) r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000440)={0x1c, r3, 0x303, 0x70bd28, 0x0, {0xa}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r2}]}, 0x1c}}, 0x0) 3m44.527855522s ago: executing program 34 (id=389): r0 = socket$alg(0x26, 0x5, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) read$alg(0xffffffffffffffff, 0x0, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) read$alg(0xffffffffffffffff, &(0x7f0000000300)=""/99, 0x63) syz_genetlink_get_family_id$fou(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$FOU_CMD_ADD(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x8081) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000ec0)={'batadv0\x00', 0x0}) r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000440)={0x1c, r3, 0x303, 0x70bd28, 0x0, {0xa}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r2}]}, 0x1c}}, 0x0) 3m13.065137007s ago: executing program 3 (id=488): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000280)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) inotify_init1(0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r3, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000a00)=@allocspi={0xf8, 0x16, 0x411, 0xffffffff, 0x0, {{{@in6=@private2, @in6=@private1, 0x0, 0x0, 0x4e21, 0x200, 0x2}, {@in=@multicast1, 0x0, 0x32}, @in=@private=0xa010102, {0x380, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, {0x5d4, 0x0, 0x5}, {0x0, 0x0, 0x8}, 0x70bd28, 0xfffffffe, 0x0, 0x2}, 0x0, 0x6}}, 0xf8}, 0x1, 0x0, 0x0, 0x881}, 0x0) 3m11.57114859s ago: executing program 3 (id=491): socket$inet6_tcp(0xa, 0x1, 0x0) socket$can_raw(0x1d, 0x3, 0x1) socket$kcm(0x10, 0x3, 0x10) open(&(0x7f0000001180)='./bus\x00', 0x400101042, 0x0) openat$iommufd(0xffffffffffffff9c, &(0x7f0000000940), 0x80000, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) socket$l2tp(0x2, 0x2, 0x73) socket(0x400000000010, 0x3, 0x0) socket$netlink(0x10, 0x3, 0x0) socket$netlink(0x10, 0x3, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)=ANY=[@ANYBLOB="3c00000010001ffe00989837a182138b00268f1c", @ANYRES32=0x0, @ANYBLOB="ff7f000080000000140012800a00010076786c616e0000000400028008000a00", @ANYRES64=r0], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0) 3m10.988774799s ago: executing program 3 (id=497): r0 = socket$nl_route(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x8) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) request_key(0x0, 0x0, &(0x7f0000000300)='@\x9f+^\xbe-@(/[+\x9f{\x00', 0xfffffffffffffffe) sendmsg$nl_route_sched(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000005b80)=@delchain={0x24, 0x26, 0xf31}, 0x24}}, 0x0) 3m8.803377165s ago: executing program 3 (id=502): fcntl$setpipe(0xffffffffffffffff, 0x8, 0x80000000) modify_ldt$write2(0x11, &(0x7f0000000080)={0x4, 0x0, 0x1000, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x10) syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x2000c12, &(0x7f0000000200)=ANY=[@ANYBLOB="696f636861727365743d63703835352c757466382c757466382c646d6f64653d3078303030303030303030303030393063382c63727566742c6f76657272696465726f636b7065726d2c636865636b3d7374726963742c6d61703d6f66662c6d6f64653d3078303030303030303030303030303030312c6d61703d6f66662c6f76657272696465726f636b7065726d2c696f636861727365743d64656661756c742c00553459239cc27347a48417c0f93ac0ba095e7cffc5c4fddc72b0acbb858ade3fa8677c39e605a858f1fc03aa3bb441f12627176b75e5312fd7b76a313eafaed505a653df3f3e4755d83dbfae9108d0698e5c7dd588899b31e82cc76d03aa10466b2c8cf82a352e67b4942d149ea42a7612de672d0824c9e3534784c0dd0e80f86758ea33fe023501c9caf88b760bca5be74b221f9b42d23d812d3628e05751725edf05033ecf2aede9bc0000000000000000000000001932664a95e40c386b4e989f0e60bd9c00bc7d00"/375], 0x12, 0x9ef, &(0x7f0000000e40)="$eJzs3ctvXNd9B/Dv5UOiaUOSbdV1BdsayZVM2yxFUrVUwYtWIkcSXT4KkgIsdGG5FlUIYuvWbgHbKFAZKLqKkQAJskh2RlZZGfAm3gTeJbtklUWAwP+CkZWyYnDvDKkhOeSQMh+y/PkQM3Mfv3vO7859HM7MnTlhf914YrO5d9dNWTq8amxpqbo94Pi1n3+T1Pn2uzT+1aeffVLePr6bA+nOa8Uvkr4ktaQnybNJ79j47MxUh4LuJDeSfJkUSQ6m8bglN1J8Py2HwZcpflrWu6EDWy2ZTpb4Ttvv/Q8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB5Gxdj48PBIcSAT09ferDUktXXGxmdniiwtrZ+zvEzDF1Wv38UXHetNivKWvr7lrr6fPXp/9jNJaifzXGPsuapD8vTlo8efOfL60z1dy8tvlM03cnDrxb7/4Ud33l5cXHhvVxJ5+F2pT0/MzUxMXbxSr03MzdQunDs3fObq5bna5YnJ+tz1ufn6VG1stn5xfma2NjD2cm3kwoWztfrQ9Zlr01fGhybryxPP/83o8PC52htD/1S/ODs3M33mjaG5sasTk5MT01eqmHJ2GXO+3BH/cWK+Nl+/OFWr3bq9uHB2TU7dWbP/lkEjndakDBrtFDQ6PDo6MjI6OvJxs/fslQnnXrvw2vnh4Z7hNbIuYpd2Wh4uj228mXf+JA4PqKvR/ieTmch0ruXN1Nr+jWU8s5nJ1Abzm5bb/1Nn6pvW29r+N1v5npbZx8q7k3mhOdq3Qfu/QS579/d+PsxHuZO3s5jFLOS9fc9ob/+upJ7pTGQuM5nIVC5WU2rNKbVcyLmcy3DeytUcz1xquZyJTKaeuVzPXOZTr/aoscymnouZz0xmU8tAxvJyahnJhVzI2dRSz1CuZybXMp0rGc/FqpRbuV0972c3yXElaGQrQaObBK1rzLfd/tfX/nPCd87On8ThAS012/8DnUMHxvYiIQAAAGDH/dWvc+joU7/6Q1Lk+ep9+csTk/Xh/U4LAAAA2EHV5XrPlQ+95dDzKbz+BwAAgEdNUX3HrkjSn+ONoeVvQnkTAAAAAB4R1ef/L6Q4fn+C1/8AAADwiOn8G/sdI4rB5Z//rd1sPN5sRjTGiv7LE5P1obGZyddHcrr6lYHqmwbrSutOit7q6wev5EQj6kR/47H/follnX1l1MjQ6yN5JSebKzLwYvnw4kCbyNFG5EuNyJdaI7uzKvJsGQkAj7qTm7THW23/X8lgI2LwWNXk9xxr0wYPa1kB4GGx0sfOn5pdmrVp/5sRL2zU/v/tJq//y4incut445KCobyTd7OYmxlM84qD4+1KXe6NoHEZwmCHdwP6m5cs/PZ8VwbXvR/Qt7KurbELGc1g23cEWsotlnM424jr3p1tAAB77eSm7fDW2v/BDq//+11SCAAPlZUe7HdxYL/XEQBYTSsNAAAAAAAAAAAAAAAAAAAAAAAAAAAAO29LP+D/m9PJ4uJCsgedBawM9G0nw80HurJHOe/7QHeS/ar977Ptpcpt/LA8dQZWD+zziQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA9USTd7aZ3JQeTDCc5s/dZ7Z67+53ATqk92GLFvdzLBzm00+kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHzXNX//vyuNx8cbk9LTlZxKciPJP+93jjvp3n4nsG/+rbpv+f3/rqQ3S0V6Gps9Re/Y+OzMVLn5i4Pl/K8+/eyT8ta57PW9KpQFlDWs6lyiWUPLlN7VSz1ZLdU/vvD+nf969z9q45eqHfPS/OXJ8akrs/9wP/CZ4vNGFwit3SAs5/s/p375g5bJB5qVf16uaXtr671c1Tu+vt6/bLf0BvVuwe3FhdGypvn6m/P//e+3P2iZ9VROJC8OJAOra/rX8rZBTSfWPp+rFV8X/18cyo9zo9r+5bNRLBXlJjpcrf9jt24vLgy98+7izZWc/ndVTkdyPMnNpG/rOR2vzidtVXtdV29Z63AVVN4d7VDeplpKHNngeX2y2mX6t7UOtY3XodLheW9mdLZtRj/8z6dzettb+nSHGtsqvi5+X1zN7/J/Lf1/dJXb/1TaHp1tiqgiW/aU1nmrDq+uRmS15qOtM95aW+aGRyW74Hv5l/zdyvbvajn/N7fV3pyPWmpsf1wk2z8ufnZ4XYtyX9UiHV3TIjXPPhst08zzaCNqgzz/Iq8mPce2dUZ5tcMZZbeO/58UA/lj7ur/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAePgVSXe76V3JqSRHkhwux2vJ0tqYuw9QX1d/8SBp7pgHyfnbp9hwRYt7uZcPcmivMwIAAAAAAABgd1wa/+rTzz4pb9Xn8d35667mnFrSk+RI8aPesfHZmakOBfUmN5Y/0u/bXg43yrsn7o9/WY4922Gh/b18AAC+1f4cAAD//7IYb70=") openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={0x0}, 0x18) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$EVIOCSCLOCKID(0xffffffffffffffff, 0x40084503, 0x0) ptrace(0x10, r0) getsockname$unix(0xffffffffffffffff, 0x0, 0x0) ioctl$EVIOCSKEYCODE_V2(0xffffffffffffffff, 0x80104592, &(0x7f0000000040)={0x0, 0x0, 0x0, 0xfffffffe, "00207d2000000000201b14700c1e0ac74f000000001200000000000900"}) ptrace$getregset(0x4205, r0, 0x1, &(0x7f0000000080)={0x0}) 3m7.33224641s ago: executing program 3 (id=506): socket$inet_sctp(0x2, 0x400000000001, 0x84) r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x2d) r2 = syz_io_uring_setup(0x2ddd, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000240), &(0x7f0000000380)=0x0) syz_io_uring_setup(0x5e2, &(0x7f00000003c0), &(0x7f0000000040)=0x0, &(0x7f0000000180)) syz_io_uring_submit(r4, r3, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x4}) io_uring_enter(r2, 0xa3d, 0x0, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r5 = mq_open(&(0x7f000084dff0)='!sali\x1cqxte&\xac\xe87x\x00', 0x6e93ebbbcc0884f2, 0x12e, &(0x7f0000000300)={0x0, 0x1, 0x7}) mq_timedsend(r5, 0x0, 0x0, 0x0, 0x0) mq_timedsend(r5, 0x0, 0x0, 0x0, 0x0) 3m5.48390414s ago: executing program 3 (id=512): socket$nl_generic(0x10, 0x3, 0x10) socket$can_bcm(0x1d, 0x2, 0x2) socket$alg(0x26, 0x5, 0x0) socket(0x10, 0x3, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_netfilter(0x10, 0x3, 0xc) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000100)) r0 = socket(0x1, 0x803, 0x0) getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x14) r2 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newlink={0x44, 0x10, 0x403, 0x0, 0xfffffffc, {0x0, 0x0, 0x0, 0x0, 0xff7f}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_ICV_LEN={0x5, 0x3, 0x10}]}}}, @IFLA_LINK={0x8, 0x5, r1}]}, 0x44}}, 0x0) 3m4.426849275s ago: executing program 35 (id=512): socket$nl_generic(0x10, 0x3, 0x10) socket$can_bcm(0x1d, 0x2, 0x2) socket$alg(0x26, 0x5, 0x0) socket(0x10, 0x3, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_netfilter(0x10, 0x3, 0xc) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000100)) r0 = socket(0x1, 0x803, 0x0) getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x14) r2 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newlink={0x44, 0x10, 0x403, 0x0, 0xfffffffc, {0x0, 0x0, 0x0, 0x0, 0xff7f}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_ICV_LEN={0x5, 0x3, 0x10}]}}}, @IFLA_LINK={0x8, 0x5, r1}]}, 0x44}}, 0x0) 1m59.488095094s ago: executing program 9 (id=711): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r0}, 0x18) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xe, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r4, 0x3ba0, &(0x7f0000000340)={0x48, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1}) 1m58.047021379s ago: executing program 9 (id=713): r0 = socket$pppoe(0x18, 0x1, 0x0) socket$nl_route(0x10, 0x3, 0x0) connect$pppoe(r0, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f00000000c0)) userfaultfd(0x801) socket$nl_netfilter(0x10, 0x3, 0xc) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$EVIOCGPROP(r2, 0x40047438, &(0x7f0000000180)=""/246) ioctl$PPPIOCSFLAGS1(r2, 0x4004743a, &(0x7f0000000300)) ioctl$PPPIOCGCHAN(r0, 0x80047437, &(0x7f0000001f00)) sendmmsg(r0, &(0x7f0000001cc0), 0x400000000000026, 0x0) 1m56.723593932s ago: executing program 9 (id=722): r0 = socket$can_j1939(0x1d, 0x2, 0x7) r1 = eventfd2(0x9, 0x0) r2 = socket$can_j1939(0x1d, 0x2, 0x7) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = dup3(r2, r1, 0x0) setsockopt$sock_int(r2, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4) ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000000)={'vcan0\x00', 0x0}) bind$can_j1939(r2, &(0x7f0000000240)={0x1d, r5, 0x0, {0x0, 0xff}}, 0x18) sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(r4, &(0x7f000009de80)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[], 0x4c}}, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000009c0)={'vcan0\x00', 0x0}) r7 = socket$can_j1939(0x1d, 0x2, 0x7) bind$can_j1939(r7, &(0x7f0000000080)={0x1d, r6, 0x0, {0x0, 0x0, 0x2}, 0xfe}, 0x18) sendmsg$can_j1939(r7, &(0x7f00000001c0)={&(0x7f0000000040)={0x1d, 0x0, 0x0, {}, 0xfe}, 0x18, &(0x7f0000000180)={&(0x7f00000005c0)="8021fd38ece7021d70", 0x9}}, 0x0) 1m53.384172434s ago: executing program 9 (id=728): r0 = syz_open_dev$ttys(0xc, 0x2, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TCFLSH(r2, 0x400455c8, 0x1) r3 = fcntl$dupfd(r0, 0x0, r1) ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000000c0)=0xf) ioctl$KDSIGACCEPT(r3, 0x400455c8, 0x9) r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r5 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x8) bind$bt_hci(r4, &(0x7f0000000000)={0x1f, 0xffff, 0x3}, 0x6) setsockopt$packet_fanout_data(r5, 0x107, 0x16, &(0x7f0000000100)={0x3c, &(0x7f0000000180)=[{0x0, 0x80}, {0x1, 0x1}]}, 0x10) write$binfmt_misc(r4, &(0x7f0000000100), 0x6) 1m52.065593882s ago: executing program 9 (id=731): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000001100)=@req3={0x8000, 0x200, 0x80, 0x20000}, 0x1c) mmap(&(0x7f0000568000/0x2000)=nil, 0x1000000, 0x0, 0x11, r0, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) accept$alg(r1, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x20008000) write$UHID_CREATE(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_SIOCGIFBR(r0, 0x8940, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_serviced\x00', 0x275a, 0x0) syz_clone(0x2c9a4080, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0) 1m47.213127801s ago: executing program 8 (id=739): socket$inet(0x2, 0x4000000000000001, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) socket$inet6_mptcp(0xa, 0x1, 0x106) socket$nl_route(0x10, 0x3, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000180), 0xfea7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000007580), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000007680)={0x0, 0x0, &(0x7f0000007640)={&(0x7f0000000000)=ANY=[@ANYBLOB="46040000", @ANYRES16=r4, @ANYBLOB="ff830500000700ffffff", @ANYRES8=r0], 0x4}}, 0x0) sendfile(r3, r1, 0x0, 0x100000000) 1m46.837288605s ago: executing program 9 (id=740): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xe, &(0x7f0000000200)={[{@resuid}, {@init_itable}, {@stripe}, {@stripe={'stripe', 0x3d, 0x200}}]}, 0x3, 0x453, &(0x7f0000001f80)="$eJzs3M9vFFUcAPDvzHaLCNiKqPxS8Vck/mgpoHLwoEYTD5iY6EGPTVsIslBDayKEKBiDJ2NMvBuP/gt60Ysxnoxe9W5IiOECeFozuzN0d7u7tNsti93PJxl4b+ZN3/v2zdt9M2+3AQytfdk/ScTWiPgzIsbq2eYC++r/Xb96fubG1fMzSVSrb/+T1Mpdu3p+pihanLclz+xPI9LPktjTpt6Fs+dOTlcqc2fy/OTiqQ8mF86ee+7Eqenjc8fnTh88cuTwoakXXzj4fF/izNp0bffH83t3vfHeV28e/aIp/pY41mznpsYf3daT1WrfqrsTbGtIJyMDbAirUoqIrLvKtfE/FqVY6ryxeP3TgTYOWFfVarW6pfPhC1VgA0uiOW/Iw7Ao3uiz+99ia50EvLx+04+Bu/JK/QYoi/t6vtWPjESalym33N/2076IePfCv99kW/T7OQQAQBs/ZvOfZ9vN/9J4oKHcPfna0HhE3BsR2yPivojYERH3R9TKPhgRO1dZf+siyfL5T3q5p8BWKJv/vZSvbTXP/4rZX4yX8ty2Wvzl5NiJytyB/HeyP8qbsvxUlzp+eu2PLzsda5z/ZVtWfzEXzNtxeWRT8zmz04vTa4m50ZWLEbtH2sWf3FwJSCJiV0Ts7rGOE09/t7fTsVvH30Uf1pmq30Y8Ve//C9ESfyHpvj45eVdU5g5MFlfFcr/+dumtTvWvKf4+yPr/7rbX/834x5PG9dqF1ddx6a/PO97T9Hr9jybv1NKj+b6PphcXz0xFjCZH641u3H9w6dwiX5T/4ff6/nbjf3ss/Sb2RER2ET8UEQ9HxCN52x+NiMci4vEu8f/y6hPv9x7/+sr6f3ZV/b+UGI3WPe0TpZM/f99U6fiy+G907//DtdT+fM9KXv9W0q7ermYAAAD4/0kjYmsk6cTNdJpOTNQ/L78jIq3MLyw+c2z+w9Oz9e8IjEc5LZ50jTU8D53Kb+vr+YsRUf9oQXH8UP7c+OvS5lp+Yma+Mjvo4GHIbekw/jN/lwbdOmDd+b4WDC/jH4aX8Q/Dy/iH4dVm/G8eRDuA26/d+/8nA2gHcPu1jH/LfjBE3P/D8Oo4/jfyX/4Barz/w1Ba2By3/pJ810Txk3o8fcMmonxHNGPtiWrStnMjHXTDJNYzMdjXJQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgH75LwAA//8HW+BC") bpf$PROG_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0) r0 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$invalidate(0x15, r0) syz_mount_image$fuse(0x0, &(0x7f0000000180)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c}) socket(0x1e, 0x3, 0x8) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0) getdents64(r1, 0x0, 0x0) 1m46.487133256s ago: executing program 8 (id=742): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) syz_io_uring_setup(0xd3f, &(0x7f00000003c0)={0x0, 0x8000000, 0x100, 0xfffffffd, 0x220}, 0x0, 0x0) dup(r1) socket(0x40000000002, 0x3, 0x2) socket(0x40000000002, 0x3, 0x80000000002) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x20000000) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={0xffffffffffffffff, 0xfca804a0, 0x0, 0x0, 0x0, 0x0, 0x5ee, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x4}, 0x50) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0xe, 0x4, 0x8, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r2}, &(0x7f0000000000), &(0x7f0000000040)=r3}, 0x20) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000240)={r3}, 0x57) 1m42.756182992s ago: executing program 5 (id=747): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = syz_io_uring_setup(0x10e, &(0x7f0000000140)={0x0, 0x8380, 0x0, 0x3, 0x801}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x29c780}) io_uring_enter(r3, 0x3516, 0x0, 0x0, 0x0, 0xfffffdcf) 1m42.668485935s ago: executing program 8 (id=749): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000001200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) r1 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) r2 = fsmount(r1, 0x0, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10) socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000003c0)={r0, r2}, 0x10) r5 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r5, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) syz_emit_ethernet(0x36, &(0x7f0000000280)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @val, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}}, 0x0) timer_create(0x0, 0x0, 0x0) 1m38.768582123s ago: executing program 5 (id=751): socket$nl_route(0x10, 0x3, 0x0) socket$packet(0x11, 0x2, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'vcan0\x00'}) r0 = socket(0x1, 0x803, 0x0) socket(0x2, 0x2, 0x0) getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)) setsockopt$bt_BT_DEFER_SETUP(0xffffffffffffffff, 0x112, 0x7, &(0x7f0000000380), 0x4) r2 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="7fff0000000000002800128009000100766c616e000000001800028006000100340200000c0002001f0000001e00000008000500", @ANYRES32=r1], 0x50}}, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x1, 0x803, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)=@newlink={0x50, 0x10, 0x421, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, 0x88a8ffad, 0x60e1}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x18, 0x2, 0x0, 0x1, [@IFLA_VLAN_FLAGS={0xc, 0x2, {0xe, 0xa}}, @IFLA_VLAN_ID={0x6, 0x1, 0x400}]}}}, @IFLA_LINK={0x8, 0x5, r5}]}, 0x50}}, 0x2) 1m38.603943219s ago: executing program 8 (id=753): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) r1 = eventfd(0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f}) ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]}) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000002c0)={0x1, r1}) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xf, @void, @value}, 0x94) write$binfmt_script(0xffffffffffffffff, &(0x7f0000000380), 0x208e24b) 1m35.626081578s ago: executing program 5 (id=756): socket$inet_mptcp(0x2, 0x1, 0x106) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(des3_ede)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r1 = accept4(r0, 0x0, 0x0, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f00000010c0)=0xffff) syz_genetlink_get_family_id$nl80211(&(0x7f0000000600), r1) socket(0x25, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$inet6(0xa, 0x806, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0) sendmsg$nl_route_sched_retired(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000001100)=@newchain={0x24, 0x64, 0x800, 0x70bd2b, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x5, 0x4}, {0xfff2, 0x5}, {0xffe0, 0xd}}}, 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x4000800) 1m35.61222055s ago: executing program 8 (id=757): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(r0, 0x0, 0x0) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', 0x0}) sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0) r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x4, [@func={0x2, 0x0, 0x0, 0xc, 0x2}, @func_proto]}, {0x0, [0x0, 0x5f]}}, 0x0, 0x34, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000100)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r3, 0x8, &(0x7f00000000c0)={0x0, 0x1}, 0x1, 0x10, 0x0, 0xf400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) 1m29.713100788s ago: executing program 36 (id=740): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xe, &(0x7f0000000200)={[{@resuid}, {@init_itable}, {@stripe}, {@stripe={'stripe', 0x3d, 0x200}}]}, 0x3, 0x453, &(0x7f0000001f80)="$eJzs3M9vFFUcAPDvzHaLCNiKqPxS8Vck/mgpoHLwoEYTD5iY6EGPTVsIslBDayKEKBiDJ2NMvBuP/gt60Ysxnoxe9W5IiOECeFozuzN0d7u7tNsti93PJxl4b+ZN3/v2zdt9M2+3AQytfdk/ScTWiPgzIsbq2eYC++r/Xb96fubG1fMzSVSrb/+T1Mpdu3p+pihanLclz+xPI9LPktjTpt6Fs+dOTlcqc2fy/OTiqQ8mF86ee+7Eqenjc8fnTh88cuTwoakXXzj4fF/izNp0bffH83t3vfHeV28e/aIp/pY41mznpsYf3daT1WrfqrsTbGtIJyMDbAirUoqIrLvKtfE/FqVY6ryxeP3TgTYOWFfVarW6pfPhC1VgA0uiOW/Iw7Ao3uiz+99ia50EvLx+04+Bu/JK/QYoi/t6vtWPjESalym33N/2076IePfCv99kW/T7OQQAQBs/ZvOfZ9vN/9J4oKHcPfna0HhE3BsR2yPivojYERH3R9TKPhgRO1dZf+siyfL5T3q5p8BWKJv/vZSvbTXP/4rZX4yX8ty2Wvzl5NiJytyB/HeyP8qbsvxUlzp+eu2PLzsda5z/ZVtWfzEXzNtxeWRT8zmz04vTa4m50ZWLEbtH2sWf3FwJSCJiV0Ts7rGOE09/t7fTsVvH30Uf1pmq30Y8Ve//C9ESfyHpvj45eVdU5g5MFlfFcr/+dumtTvWvKf4+yPr/7rbX/834x5PG9dqF1ddx6a/PO97T9Hr9jybv1NKj+b6PphcXz0xFjCZH641u3H9w6dwiX5T/4ff6/nbjf3ss/Sb2RER2ET8UEQ9HxCN52x+NiMci4vEu8f/y6hPv9x7/+sr6f3ZV/b+UGI3WPe0TpZM/f99U6fiy+G907//DtdT+fM9KXv9W0q7ermYAAAD4/0kjYmsk6cTNdJpOTNQ/L78jIq3MLyw+c2z+w9Oz9e8IjEc5LZ50jTU8D53Kb+vr+YsRUf9oQXH8UP7c+OvS5lp+Yma+Mjvo4GHIbekw/jN/lwbdOmDd+b4WDC/jH4aX8Q/Dy/iH4dVm/G8eRDuA26/d+/8nA2gHcPu1jH/LfjBE3P/D8Oo4/jfyX/4Barz/w1Ba2By3/pJ810Txk3o8fcMmonxHNGPtiWrStnMjHXTDJNYzMdjXJQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgH75LwAA//8HW+BC") bpf$PROG_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0) r0 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) keyctl$invalidate(0x15, r0) syz_mount_image$fuse(0x0, &(0x7f0000000180)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c}) socket(0x1e, 0x3, 0x8) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0) getdents64(r1, 0x0, 0x0) 1m29.6692588s ago: executing program 8 (id=762): rseq(&(0x7f00000004c0)={0x0, 0x0, 0x0, 0x3}, 0x20, 0x0, 0x0) tkill(0x0, 0x7) r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TIOCMIWAIT(r1, 0x545c, 0x3000000) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x1, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x400000bce) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) 1m29.657737041s ago: executing program 5 (id=763): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$FITRIM(r0, 0xc0185879, &(0x7f00000001c0)={0x7, 0x8, 0x7}) socket$tipc(0x1e, 0x5, 0x0) r1 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000000)={0x2001}, 0x10) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000280)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cipher_null)\x00'}, 0x58) sendmsg$NL80211_CMD_SET_KEY(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)=ANY=[], 0x34}, 0x1, 0x0, 0x0, 0x24000001}, 0x404c893) bind$tipc(r1, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f00000003c0)={0x2, @vbi={0x6, 0x1, 0x34565348, 0x34325241, [0x7, 0x9], [0x1, 0x200], 0x10a}}) r4 = syz_genetlink_get_family_id$tipc(&(0x7f00000003c0), 0xffffffffffffffff) sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)={0x30, r4, 0x1, 0x0, 0x100000, {{}, {}, {0x14, 0x19, {0x2, 0x1, 0x0, 0x2000000}}}}, 0x30}, 0x1, 0x0, 0x0, 0x4008000}, 0x1004) 1m27.176976178s ago: executing program 5 (id=766): socket$inet6_sctp(0xa, 0x5, 0x84) socket$inet_mptcp(0x2, 0x1, 0x106) socket$rds(0x15, 0x5, 0x0) r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) ioctl$int_in(r0, 0x40000000af01, 0x0) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000300)) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f00000001c0)={0x0, 0x0, 0x0, &(0x7f00000003c0)=""/75, 0x0}) r2 = dup(r1) ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f0000000000)={0x0, r2}) pselect6(0x40, &(0x7f0000000600), 0x0, &(0x7f0000000680)={0xff}, 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=@newspdinfo={0x14, 0x24, 0x1, 0x2000}, 0x14}, 0x1, 0x0, 0x0, 0x4040000}, 0x4000000) 1m25.62870843s ago: executing program 5 (id=770): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x26e1, 0x0) close(r2) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)) ioctl$SIOCSIFHWADDR(r2, 0x8b26, &(0x7f0000000000)={'wlan1\x00', @random="00ffffff8d00"}) 1m14.364899447s ago: executing program 37 (id=762): rseq(&(0x7f00000004c0)={0x0, 0x0, 0x0, 0x3}, 0x20, 0x0, 0x0) tkill(0x0, 0x7) r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TIOCMIWAIT(r1, 0x545c, 0x3000000) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x1, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x400000bce) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) 1m10.056158546s ago: executing program 38 (id=770): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x26e1, 0x0) close(r2) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)) ioctl$SIOCSIFHWADDR(r2, 0x8b26, &(0x7f0000000000)={'wlan1\x00', @random="00ffffff8d00"}) 1m4.430791418s ago: executing program 2 (id=792): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) gettid() bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) mount(0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000b80)={[{@nombcache}, {@abort}, {@dioread_lock}, {@norecovery}, {@discard}, {@lazytime}, {@noload}, {@usrquota}, {@noauto_da_alloc}]}, 0xfe, 0x558, &(0x7f0000001f40)="$eJzs3U1rG0cfAPD/ynbenOeJAyG0PRRDDk1JI8d2X1LoIT2WNjTQ3lNhb0ywHAVLDrEbaHJoLr2UUCilgdIP0HuPoV+gnyLQBkIJpj30orLyylFsyZZtpVaq3w82mdldaXY0+x/PaCQUwMAaz/4pRLwcEV8nEcdajg1HfnB87bzVJ7dmsi2Jev2TP5JI8n3N85P8/9E881JE/PJlxJnC5nKryyvzpXI5XczzE7WF6xPV5ZWzVxdKc+lcem1qevr8W9NT777zds/q+vqlv777+MEH5786tfrtT4+O30viQhzNj7XWYw9ut2bGYzx/TUbiwoYTJ3tQWD9J9vsC2JWhPM5HIusDjsVQHvXAf98XEVEHBlQi/mFANccBzbl9j+bBL4zH769NgDbXf3jtvZE41JgbHVlNnpkZZfPdsR6Un5Xx8+/372Vb9O59CIBt3b4TEeeGhzf3f0ne/+3euS7O2VjGDvu/+g4vCWjxIBv/vNFu/FNYH/9Em/HPaJvY3Y3t47/wqAfFdJSN/95rO/5dX7QaG8pz/2uM+UaSK1fLada3/T8iTsfIwSy/1XrO+dWHHfup1vFftmXlN8eC+XU8Gj747GNmS7XSXurc6vGdiFfajn+T9fZP2rR/9npc6rKMk+n9Vzsd277+z1f9x4jX2rb/0xWtZOv1yYnG/TDRvCs2+/PuyV87lb/f9c/a/8jW9R9LWtdrqzsv44dDf6edju32/j+QfNpIH8j33SzVaouTEQeSjzbvn3r62Ga+eX5W/9Ontu7/2t3/hyPisy7rf/fE3Y6n9kP7z+6o/XeeePjh5993Kr+79n+zkTqd7+mm/+v2Avfy2gEAAAAAAEC/KUTE0UgKxfV0oVAsrn2+40QcKZQr1dqZK5Wla7PR+K7sWIwUmivdoy2fh5jMPw/bzE9tyE9HxPGI+GbocCNfnKmUZ/e78gAAAAAAAAAAAAAAAAAAANAnRjt8/z/z29B+Xx3w3PnJbxhc28Z/L37pCehL/v7D4BL/MLjEPwwu8Q+DS/zD4BL/MLjEPwwu8Q8AAAAAAAAAAAAAAAAAAAAAAAAAAAA9denixWyrrz65NZPlZ28sL81XbpydTavzxYWlmeJMZfF6ca5SmSunxZnKwnbPV65Urk9OxdLNiVparU1Ul1cuL1SWrtUuX10ozaWX05F/pVYAAAAAAAAAAAAAAAAAAADwYqkur8yXyuV0UUJiV4nh/rgMibVEM7D3/IT72y8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQKt/AgAA//+jgjYy") mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) chdir(&(0x7f00000003c0)='./bus\x00') syz_mount_image$ext4(&(0x7f00000005c0)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x808003, &(0x7f00000003c0)={[{@lazytime}, {@block_validity}, {@norecovery}, {@nojournal_checksum}, {@usrjquota}, {@norecovery}]}, 0x1, 0x504, &(0x7f0000001140)="$eJzs3c9rHG0dAPDvbLJ5k/dNTaoeqqANorRFu5s0tg0e2gqip4Ja7zEmmxCyyYbspm1CkRTPIoio6EVPHv0DhNI/wUtB70VECdrWg+CPfZnd2TRNd5uW7mbb5POBp/M8M7Pz/T675EmemelOACfWRETciIiBiLgQEWPZ+lxWYqdZ0v2ePrk3n5Yk6vVb/0giyda1jpVky4+ylw1HxHe/FfGDJGmu2Ke6tb0yVy6XNrJ2sba6XqxubV9cXp1bKi2V1qanp67MXJ25PDPZtb5e+8Zff/6T333z2oOv3Hk8+/fzP0zzHc227e9HNzXfk3zjvWgZjIiNXgTrg4GsP/nX2TnpfT4AALxa+jf+JyPiCxHx7Ff9zgYAAADohfr10fhvElEHAAAAjq1c4x7YJFfI7gUYjVyuUGjew/vpuB7lSrX25cXK5tpC817Z8cjnFpfLpcnsXuHxyCdpe6pRf96+dKA9HRGnI+JnYyONdmG+Ul7o98kPAAAAOCHSef5orllPF/8aa87/AQAAgGNmvN8JAAAAAD1n/g8AAADH38vz/4nmIhlss/dI7xMCAAAAuunbN2+mpd56/vXC7a3Nlcrtiwul6kphdXO+MF/ZWC8sVSpLje/sWz3seOVKZf2rsbZ5t1grVWvF6tb27Gplc60223iu92zptZ4TDQAAAHTV6bMP/5xExM7XRholNZRtM1eH4y33ZrsnvcoDOHoD/U4A6Jt2N/gCJ4M5PnDYxH74iPIAAAB659xn9q7/j8S+6/+nHjs3AMfdG17/B44R1//h5Dpw/f83/coDOHrm+MBh5wE6Xv//Y/dzAQAAemO0UZJcIZsDjEYuVyhEnGo8FiCfLC6XS5MR8YmI+NNY/oO0PdXvpAEAAAAAAAAAAAAAAAAAAAAAAADgPVOvJ1EHAAAAjrWI3N+SiEhiOGLsi6MHzw8MJf8eaywj4s6vb/3i7lyttjGVrv/n3vraL7P1l159ruGDnp3FAAAAAPZrzdNb83gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6KanT+7Nt8pRxt39ekSMt4s/GMON5XDkI+LDZ0kM7ntdEhEDXYi/cz8izrwUf7i1fTyrHoyfi4iR3sVv9HD8kPgfdSE+nGQP0/HnRrufv1xMNJbtf/4Gs/K2dic6jX+5vfFvIB1q2ox/pw459lC2/Oyj3xez6s5L8YeaHWk3/rTiJ285/n7/e9vbnbbVfxtxru3vn+SFWMXa6nqxurV9cXl1bqm0VFqbnp66MnN15vLMZHFxuVzK/m0b46ef+8P/O8XfvR/xYYf44536nzRzqtfbH/Psgfb/Ht198ql2OyYRuz/O6m0+/zOd4mfv/Zey3wPp9nOt+k6zHlk79fkHnT+ptP8LHfp/2Od/vuNRX3ThOz/6S7OWf81XAAC9VN3aXpkrl0sb73sl7cw7kEYXKxPvRhoqR1H5T/2dSGNfpd8jEwAA0G3P/+jvdyYAAAAAAAAAAAAAAAAAAABwcrX+/3/rG4J78XVi++PtfbF+khx5XwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXuXjAAAA//9Id9Gj") symlink(&(0x7f0000000940)='./file0\x00', &(0x7f0000000200)='./bus\x00') execve(&(0x7f0000000000)='./bus\x00', &(0x7f0000000180)={[0x0, &(0x7f0000000140)='abort']}, &(0x7f0000000440)) 1m1.48713933s ago: executing program 2 (id=796): r0 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r0, &(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10) r1 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x6, 0x1}, 0x10) r2 = accept4$tipc(0xffffffffffffffff, 0x0, 0x0, 0x800) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f00000001c0)={0x43}, 0x10) dup3(0xffffffffffffffff, r2, 0x0) sendmsg$tipc(r1, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) r3 = socket$tipc(0x1e, 0x5, 0x0) setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000040)={0x42}, 0x10) bind$tipc(r0, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) open(0x0, 0x0, 0x0) 1m1.237411319s ago: executing program 2 (id=798): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) waitid(0x0, 0x0, 0x0, 0x4, 0x0) 1m0.121796028s ago: executing program 2 (id=799): r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCSTI(r0, 0x5412, 0x0) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x7f) bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0xb, 0x0, &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) r1 = io_uring_setup(0x6282, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, 0x0, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) dup2(r2, 0xffffffffffffffff) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x1, 0x0, 0x0, 0x2) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) bpf$PROG_LOAD(0x5, 0x0, 0x0) 56.973791876s ago: executing program 2 (id=803): timer_create(0x0, &(0x7f0000533fa0), 0x0) mremap(&(0x7f00007ff000/0x4000)=nil, 0x4000, 0x4000, 0x3, &(0x7f0000580000/0x4000)=nil) syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc000, &(0x7f00000006c0), 0x2, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) r1 = creat(&(0x7f0000000140)='./file0\x00', 0x0) write$binfmt_aout(r1, &(0x7f0000000d40)=ANY=[], 0x20) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSKBENT(r2, 0x4b47, &(0x7f0000000380)={0x0, 0x7f, 0x708}) fallocate(r0, 0x0, 0x0, 0x10fff9) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000000)={0xc, r1, 0x0, 0x0, 0x1, 0x2}) mremap(&(0x7f0000580000/0x4000)=nil, 0x4000, 0x2000, 0x3, &(0x7f00007ff000/0x2000)=nil) r3 = syz_open_procfs(0x0, &(0x7f00000009c0)='net/tcp6\x00') read$FUSE(r3, &(0x7f00000082c0)={0x2020}, 0x2020) 56.487004849s ago: executing program 2 (id=805): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x18) r3 = add_key$user(&(0x7f0000000180), &(0x7f0000000000)={'syz', 0x0}, &(0x7f00000005c0)='\x00', 0x1, 0xfffffffffffffffe) keyctl$set_timeout(0xf, r3, 0x0) 53.546195618s ago: executing program 1 (id=808): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) r1 = eventfd(0x0) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f00000001c0)={0x0, 0x0, 0x0, &(0x7f00000002c0)=""/116, 0x0}) ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1) poll(&(0x7f0000000180)=[{r1}], 0x1, 0x800) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000200)={0x1, r1}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000500)) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000580)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/72, &(0x7f0000000600)=""/77}) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x20000) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f0000000140)={0x1, r1}) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events.local\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r2, 0x0) 41.330366237s ago: executing program 39 (id=805): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x18) r3 = add_key$user(&(0x7f0000000180), &(0x7f0000000000)={'syz', 0x0}, &(0x7f00000005c0)='\x00', 0x1, 0xfffffffffffffffe) keyctl$set_timeout(0xf, r3, 0x0) 39.479236373s ago: executing program 1 (id=815): openat$sndseq(0xffffffffffffff9c, 0x0, 0x42202) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x140, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$MAP_CREATE(0x0, 0x0, 0x50) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = socket$inet6_mptcp(0xa, 0x1, 0x106) fsopen(&(0x7f0000000040)='ecryptfs\x00', 0x1) close_range(r1, 0xffffffffffffffff, 0x0) 36.088182931s ago: executing program 1 (id=817): syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000080)='./bus\x00', 0x2000010, &(0x7f00000013c0)=ANY=[], 0xf, 0x6a2, &(0x7f0000000100)="$eJzs3c1vHGcdB/DvrNeuHargtEkboSKiRCpIFolf5IK5EBBCPlSoKgfOVuI0VjZOZbvIrRC4FMEJiUP/gILkGyck7kHhXG69+lgJiUvEIeJiNLOz9tq7ju3Eb4HPJxo/z8zzzDO//e0zM951Vhvg/9bsWJoPU2R27O3Vcn1jfaq1sT71Ut3cSlLWG0mzXaRYTIpHyc2yveha0lX2+HRh5t0vHm982V5r1kvVv/G0/fro03etXnIlyUBd9ho86CF2jHcrycs9XYYOOtaOjmXSrtUlnLrNHmuH2f0w5y1wxnTuTkX7vtljNDmXZLj+PSD11aFxchEej0Nd5QAAAOAF9fmD044AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXjz19/8X9dKoy1xJ0fn+/6HOtrr+Qnt42gEAAAAAAAAAwBH4xpM8yWrOd9Y3i+pv/lerlYv5z2bylXyQ5cxnKdezmrmsZCVLmUgy2jXQ0OrcysrSxNaepf57Tvbdc/KkHjEAAAAAAAAA/E/6dWa3//4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABnQZEMtItqudipj6bRbFczVP5YS/7Rqb8gin4bH558HAAAAPBchp9hn68+yZOs5nxnfbOoXvO/Vr1eHs4HWcxKFrKSVuZzu34NXb7qb2ysT7U21qful0vvuD/416HCqEZM+72H/ke+XPUYyZ0sVFuu51YVzO00qj1Llzvx9I/r4zKm4vu1A0bWrNNaHuwPe72LcCQO+1bEaBlcspWR8Tq2MhsX2hkoqjdqkt2Z2PfZae4+UhoZ3DrSRBpb7/xcPIacn6vL8vH89lhzflhbmWikysRk1+x77emZSL751z//7G5r8d7dO8tjZ+ch7WNgj+2758RUVyZe75eJ7oHOdCaah+w/XmXi0tb6bH6cn2YsV/JOlrKQn2cuK5nPZt0+V8/n8ufo0+fMzR1r7+wXyVD9vLRTfZCYruRHVW0uV6t9z2chRR7kdubzVvVvMhP5TqYznZmuZ/jSnnFXj6066xu7z/rOM/23vsFf+1ZdGUnyu7rsycEue83Oo9K+9pd5vdCV1/asf7zV60LXeTDelaVXOtkZ7Dv4s1wbm1+rK+UxPqnLs2G0zkR5AnXuEp3oXm1nolndi3rn+R+rc2O5tXhv6e7c+3uMv7Zr/c26LKfV+tcPGmX/p+JolfPllQzXV5Kds6Nse3XrKnNhx111qP6LS7ut0dN2qWoris6Z+pOeM7Wcr+WZOlT/Dtc70mTV9nrftqmq7XJX247ft/Igrdw+gfwB8JxGc25o5J8jn498NvKbkbsjbw//8KXvvvTGUAb/Pvi95vjAm403ir/ks/xy+/U/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw7JY//OjeXKs1v9S/0ti7aZ/KfiPvqhT1F/o807HOYGU4yY4tg+WGIzvEJwfsPLI7jJ7K5q+SE89P50sE+/f5fVlp5iAD3tyvz8enPhPOemUg/SfAKV+YgGN3Y+X++zeWP/zo2wv3596bf29+cXB6emZ8ZvqtqRt3Flrz4+2fpx0lcBy2b/qnHQkAAAAAAAAAAABwUP0+GHD15f0+NHKgz3j4n4UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAkZgdS/NhikyMXx8v1zfWp1rl0qlv92wmaTSS4hdJ8Si5mfaS0a7hivzpUTb7HOfThZl3v3i88eX2WM12/6RRl89hrV5yJclAXR7VeLeee7zi351HWCbsWidxcNr+GwAA///UmvRo") r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) mmap(&(0x7f00008bb000/0x2000)=nil, 0x2000, 0xb635773f06ebbeee, 0x11, r1, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000003b40)=ANY=[@ANYRES32=0x0, @ANYRESDEC, @ANYRES16=0x0, @ANYRESHEX=r0, @ANYBLOB="fe2ecf20a9a17bd2ed7e803f830375c150a1f848f604c2c1f932d2b7163be4b2b9a5bd521d185cfbee555b27608594beba6325923aaf5db74cff01000053db92c6c5fcbba0abd975fc76bea49b00513afc856ed89d3fadeda307ca587354322803b0983cc65725ae7f45fb95e7cdb28c6b886959b7dde2c87c73f6008cf6eed7861f24b7423704b95f3d05b92d3d7ff9d392833ecd02443320b60131a350360fcc1d659e2a03cb469caf0498bacae0735a161345b3d71a55f14ef636b6f832c7a6071fce83904dfd871b6d8e03648dbaa3a039eb5673792cae80335732030f9aeabaf3bb3cc4ca5fe75271d69b2e78beb2b81fc3cf3a18a7ae93a3cdbe6599806134e839e13533ec000000000000006a1c000000000000000000000000000000000000000000000000000069c3288311b7414705e975eb3f1b77a12000"/328, @ANYRES64], 0x8, 0x2f4, &(0x7f0000000880)="$eJzs3U1PE1sYwPGnLxRaAsPi5t5cE8OJbnQzgepaaQwkxiYSpMaXxGSQqTYdWzLTYGqM6Mqt8UO4ICzZkShfgI073bhxx8bEhSyMYzqdodAOb6VQAv9fQubJnPNMz+kMyXMmzLB+792zYt7R80ZFon1KIiIiGyJDEpVAxN9GvTghW72Wy/0/v5y/c//BrUw2Oz6l1ERm+kpaKTU4/PH5y6TfbaVX1oYerf9If1/7d+3/9T/TTwuOKjiqVK4oQ82Uv1WMGctUswWnqCs1aZmGY6pCyTHtenu53p63ynNzVWWUZgdSc7bpOMooVVXRrKpKWVXsqoo9MQolpeu6GkgJ9pJbnJoyMm0m93V4MDgitp0xYiKSbGnJLXZlQAAAoKua6/+oqE7W/0sXViv9d5cH/fp/JRFW/1/9Wj/Wtvq/Vl2G1v/B54fW/8bB6v/WiuhsOVT9j5NhONGyK9IIa412xkj5v7+eNw+XRqTn2AYIAAAAAAAAAAAAAAAAAAAAAAAOZ8N1Ndd1tWDrxkXEdbVe/wFv198fkhoTketdGDI6qOX8+z/7OP84BRoP7sUHRay387n5XH3rd1gVEUtMGRFNfnvXg68WB08eqZoh+WQt+PkL87mY15LJS8HLHxWtR5rzXXfiZnZ8VNVtz++R1Nb8tGjyT3h+OjQ/IZcubsnXRZPPj6Uslsx642jkvxpV6sbtbFN+0usHAAAAAMBpoKtNoet3Xd+pvZ6/ub5uvj8Qa6yvR0LX53E5F+/u3AEAAAAAOCuc6ouiYVmmvUuQlL37tB/Ej+jIwQz3mxX8LcPRzXSXIPjwbU3BP9jo+NcSOcDXskMQlXayhmuzUYedRXDbaKc+Mjl2/GfQC/57/+FX5w54bblvj5m2H8R2vwB4OTAAAABwCjWK/mDPWHcHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAGXQcb0fr9hwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAk+JvAAAA///+mQDw") r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.throttle.io_serviced_recursive\x00', 0x275a, 0x0) socket$netlink(0x10, 0x3, 0x0) write$binfmt_script(r2, &(0x7f0000000040), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0) fdatasync(r2) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) ftruncate(r2, 0x8200) 35.13335457s ago: executing program 1 (id=818): r0 = socket$inet(0xa, 0x1, 0x84) connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x4e23, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x24) listen(r0, 0x8) r1 = socket$inet(0xa, 0x801, 0x84) listen(r1, 0x8) r2 = socket$inet(0xa, 0x801, 0x84) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) listen(r3, 0x100) listen(r2, 0x8) r4 = socket$inet(0xa, 0x801, 0x84) listen(r4, 0x1) r5 = socket$netlink(0x10, 0x3, 0x4) writev(r5, &(0x7f0000000000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560a84476080ffe00600000000590000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x40b}], 0x1) 31.127867105s ago: executing program 7 (id=820): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = open(&(0x7f0000000580)='./file1\x00', 0x80242, 0x1df2a23c5997fa5f) write$FUSE_CREATE_OPEN(r3, &(0x7f0000000180)={0xa0, 0xffffffffffffffda, 0x0, {{0x4, 0x3, 0x5, 0x6, 0x3, 0x1, {0x1, 0x180, 0x20ff, 0x5, 0x100, 0xd615, 0x9, 0x7fffffff, 0xfffffffe, 0x8000, 0x0, 0xee00, 0x0, 0x3ff, 0x1}}, {0x0, 0x11}}}, 0xa0) ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, 0x0) sendfile(r3, r3, &(0x7f0000000080), 0x7f03) 27.51108751s ago: executing program 7 (id=821): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) bind$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) r4 = dup(r3) ioctl$PTP_EXTTS_REQUEST2(r4, 0x40603d07, 0x0) 25.920111099s ago: executing program 1 (id=822): syz_open_dev$sndctrl(0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) mq_open(0x0, 0x40, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8) clock_gettime(0x0, 0x0) r1 = add_key$user(&(0x7f0000000040), &(0x7f0000000000), &(0x7f00000002c0)='X', 0x5d, 0xfffffffffffffffe) r2 = add_key$user(&(0x7f0000000640), &(0x7f0000000540), &(0x7f00000000c0), 0xc6, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000080)={r1, r2, r2}, &(0x7f0000000180)=""/82, 0x52, &(0x7f00000000c0)={&(0x7f0000000100)={'md5-generic\x00'}}) 25.023497476s ago: executing program 7 (id=823): syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='mnt\x00', 0x4, &(0x7f0000000000), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000040)='./file0\x00', 0x300001a, &(0x7f0000000680)=ANY=[@ANYRES8=0x0, @ANYRES64], 0x1, 0x2a0, &(0x7f0000000e40)="$eJzs3c9qM1UUAPAzSZpGXSSIG0VwQBeuyle3bhrlE8SulAjqQoNtQZJQaCFgBWNXfQKXvoeP4MaNbyC4Fdy1i8rIZGaahKZ/qDGF+vutDnPnnHsyt6SrnPnq9dFg7zCJ0/Pfo9VKorYTO3GRRCdqUfkhGgEAPB0XWRZ/ZQ/JbNRW3w0AsA7F///CY/cCAKzHJ599/lF3d/f5x2nailfbZ+NeEhGjs3GvWO8exDcxjP14Fu24jMiuFPEHH+4+j0aa68Rbo8m4l2eOvvy1rN/9M2Kavx3t6CzP304Lc/mTcW8jXow0ugcbVavteGV5/jtL8qPXjLffnOt/K9rx29dxGMPYizx3lv/9dpq+n/14/t0X+TZ5flKL3ub0vpmsvs5zAQAAAAAAAAAAAAAAAAAAAADgadtK06QY3zOd35NfKufv1C+n61tppbM4n6fIT6pCxXygLMoRPZMsfqrm6zxL0zQrb5zlN+K1hhcLAAAAAAAAAAAAAAAAAAAAQO7425NBfzjcP1pJUE0DqH7W/9A6O3NX3oiTQb9+c8HN++81P20g7/XWm6PRiBU9lruCF/J+Vl55c3a4n0YRVAez0r1efq8oejLop+VS9ZAH/eSuvVrVwf08v9SMf9tYNv2TuMwWz7R11epiVnNFT6P50tKlv7Msu1+dd/8ozqi8kkxHbNxv940yWPoB86B1/Sx+ubngjV8Z9ZV88QAAAAAAAAAAAAAAAAAAANfMfvS7ZPH01tTaf9YUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKzZ7P3/VdCKiMUr14JJmXzbPWXQjKPjR/6IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/A/8EwAA//9s0FAH") mount$9p_fd(0x0, 0x0, 0x0, 0x222464, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$inet6(0xa, 0x802, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x39, &(0x7f0000000040)="ff02040000ffffffffffffffff1f2be82db1af0000000000", 0x18) 22.617176385s ago: executing program 7 (id=824): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f00000005c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x2b0, 0x118, 0x150, 0x150, 0x118, 0x0, 0x1e0, 0x238, 0x238, 0x1e0, 0x238, 0x3, 0x0, {[{{@ipv6={@local, @mcast2, [], [], 'virt_wifi0\x00', 'ip6tnl0\x00', {}, {}, 0x0, 0x8}, 0x0, 0xf8, 0x118, 0x0, {}, [@inet=@rpfilter={{0x28}, {0x8}}, @inet=@rpfilter={{0x28}, {0x1e}}]}, @unspec=@NOTRACK={0x20}}, {{@ipv6={@empty, @local, [0xff000000, 0xffffff00, 0xffffffff, 0xff], [0xff000000, 0xff, 0xff, 0xff], 'sit0\x00', 'bridge_slave_0\x00', {}, {0xff}, 0x3b, 0x3, 0x1, 0x21}, 0x0, 0xa8, 0xc8}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x310) 15.888142461s ago: executing program 7 (id=825): socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$tipc(r1, &(0x7f0000003280)={0x0, 0x0, 0x0}, 0x0) sendmsg$tipc(r1, &(0x7f0000000e40)={0x0, 0x0, 0x0}, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r2}, 0x0, &(0x7f0000000040)}, 0x20) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10) sendmsg$inet(r1, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)=[{&(0x7f00000042c0)="86", 0x1}], 0x1}, 0x0) sendmsg$tipc(r1, &(0x7f0000002700)={0x0, 0x0, 0x0}, 0x0) setsockopt$sock_attach_bpf(r0, 0x1, 0x21, &(0x7f0000000040), 0x4) sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0) close(r1) recvmsg(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000600)=""/203, 0xcb}], 0x1}, 0x0) 15.567708318s ago: executing program 1 (id=826): bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = syz_open_dev$media(&(0x7f00000001c0), 0x0, 0x0) ioctl$MEDIA_IOC_G_TOPOLOGY(r3, 0xc0487c04, &(0x7f0000000700)={0x0, 0x0, 0x0, &(0x7f0000000240), 0x0, 0x0, &(0x7f0000000500), 0x0, 0x0, &(0x7f0000006140), 0x5, 0x0, &(0x7f0000006200)=[{}, {}, {}, {}, {}]}) 15.51938626s ago: executing program 7 (id=827): pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9) r4 = openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) preadv(r4, 0x0, 0x0, 0x0, 0x0) read$FUSE(0xffffffffffffffff, 0x0, 0x0) syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x10) bind$packet(r3, &(0x7f0000000000)={0x11, 0x0, r6, 0x1, 0x0, 0x6, @link_local}, 0x14) write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x4ffe6, 0x2) 284.382757ms ago: executing program 40 (id=827): pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9) r4 = openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) preadv(r4, 0x0, 0x0, 0x0, 0x0) read$FUSE(0xffffffffffffffff, 0x0, 0x0) syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x10) bind$packet(r3, &(0x7f0000000000)={0x11, 0x0, r6, 0x1, 0x0, 0x6, @link_local}, 0x14) write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x4ffe6, 0x2) 0s ago: executing program 41 (id=826): bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = syz_open_dev$media(&(0x7f00000001c0), 0x0, 0x0) ioctl$MEDIA_IOC_G_TOPOLOGY(r3, 0xc0487c04, &(0x7f0000000700)={0x0, 0x0, 0x0, &(0x7f0000000240), 0x0, 0x0, &(0x7f0000000500), 0x0, 0x0, &(0x7f0000006140), 0x5, 0x0, &(0x7f0000006200)=[{}, {}, {}, {}, {}]}) kernel console output (not intermixed with test programs): 1 [ 120.269082][ T6207] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 120.279016][ T6207] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 120.289692][ T6207] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 120.301095][ T6207] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 120.312236][ T6207] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 120.321103][ T6207] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 120.329816][ T6207] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 120.330808][ T29] audit: type=1800 audit(1734503395.217:56): pid=6574 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.178" name="bus" dev="loop0" ino=18 res=0 errno=0 [ 120.338648][ T6207] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 120.804917][ T6256] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.839730][ T6256] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 121.007618][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 121.007646][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 121.009635][ T5830] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 121.359908][ T6625] netlink: 12 bytes leftover after parsing attributes in process `syz.5.189'. [ 123.625406][ T6645] netlink: 4 bytes leftover after parsing attributes in process `syz.5.194'. [ 125.232772][ T6259] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 125.595999][ T6259] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 125.697664][ T29] audit: type=1800 audit(1734503400.587:57): pid=6692 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.209" name="bus" dev="overlay" ino=239 res=0 errno=0 [ 125.753529][ T9] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 125.861545][ T6259] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 125.910671][ T9] usb 7-1: Using ep0 maxpacket: 8 [ 126.265502][ T6697] loop5: detected capacity change from 0 to 40427 [ 126.303049][ T6697] F2FS-fs (loop5): build fault injection attr: rate: 771, type: 0x1fffff [ 126.378572][ T9] usb 7-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 126.388268][ T9] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 126.396525][ T9] usb 7-1: Product: syz [ 126.402027][ T9] usb 7-1: Manufacturer: syz [ 126.406645][ T9] usb 7-1: SerialNumber: syz [ 126.412557][ T6697] F2FS-fs (loop5): invalid crc value [ 126.426802][ T9] usb 7-1: config 0 descriptor?? [ 126.560196][ T6697] F2FS-fs (loop5): Found nat_bits in checkpoint [ 126.659180][ T6707] process 'syz.3.213' launched './file0' with NULL argv: empty string added [ 126.940812][ T9] usb 7-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 126.962174][ T6697] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 127.019750][ T6259] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 127.083776][ T5842] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 127.098651][ T5842] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 127.166021][ T5842] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 127.218151][ T5842] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 127.331176][ T5825] syz-executor: attempt to access beyond end of device [ 127.331176][ T5825] loop5: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 127.334662][ T5842] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 127.353571][ T5842] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 127.456243][ T5825] F2FS-fs (loop5): Stopped filesystem due to reason: 3 [ 127.541446][ T5825] F2FS-fs (loop5): Stopped filesystem due to reason: 3 [ 127.662642][ T6736] 9pnet_fd: Insufficient options for proto=fd                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        syzkaller syzkaller login: [ 195.226791][ T7851] bridge0: port 3(vxlan0) entered blocking state [ 195.288904][ T7851] bridge0: port 3(vxlan0) entered disabled state [ 195.317131][ T7851] vxlan0: entered allmulticast mode [ 195.326984][ T29] audit: type=1326 audit(1734503470.207:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7857 comm="syz.1.496" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f0c5fb85d29 code=0x0 [ 195.397227][ T7851] vxlan0: entered promiscuous mode [ 195.478865][ T7868] loop5: detected capacity change from 0 to 512 [ 195.522313][ T7457] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 195.608278][ T7868] EXT4-fs error (device loop5): ext4_map_blocks:671: inode #2: block 3: comm syz.5.495: lblock 0 mapped to illegal pblock 3 (length 1) [ 195.866577][ T5842] Bluetooth: hci0: command 0x0406 tx timeout [ 195.876573][ T5842] Bluetooth: hci3: command 0x0406 tx timeout [ 195.887517][ T5136] Bluetooth: hci5: command 0x0406 tx timeout [ 195.895588][ T5842] Bluetooth: hci1: command 0x0406 tx timeout [ 196.230826][ T7868] EXT4-fs (loop5): Remounting filesystem read-only [ 196.237407][ T7868] EXT4-fs warning (device loop5): dx_probe:823: inode #2: lblock 0: comm syz.5.495: error -117 reading directory block [ 196.362693][ T7868] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -117 [ 196.372574][ T7868] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 196.451497][ T7868] EXT4-fs warning (device loop5): dx_probe:823: inode #2: lblock 0: comm syz.5.495: error -117 reading directory block [ 196.497867][ T7868] EXT4-fs warning (device loop5): dx_probe:823: inode #2: lblock 0: comm syz.5.495: error -117 reading directory block [ 196.518296][ T7868] EXT4-fs warning (device loop5): dx_probe:823: inode #2: lblock 0: comm syz.5.495: error -117 reading directory block [ 196.719850][ T7883] tipc: Started in network mode [ 196.726654][ T7868] EXT4-fs warning (device loop5): dx_probe:823: inode #2: lblock 0: comm syz.5.495: error -117 reading directory block [ 196.838960][ T7891] EXT4-fs warning (device loop5): dx_probe:823: inode #2: lblock 0: comm syz.5.495: error -117 reading directory block [ 196.955744][ T7868] EXT4-fs warning (device loop5): dx_probe:823: inode #2: lblock 0: comm syz.5.495: error -117 reading directory block [ 197.004949][ T7883] tipc: Node identity 4, cluster identity 4711 [ 197.095259][ T7883] tipc: Node number set to 4 [ 197.138088][ T7891] EXT4-fs warning (device loop5): dx_probe:823: inode #2: lblock 0: comm syz.5.495: error -117 reading directory block [ 197.471884][ T7894] EXT4-fs warning (device loop5): dx_probe:823: inode #2: lblock 0: comm syz.5.495: error -117 reading directory block [ 197.519622][ T7868] EXT4-fs warning (device loop5): dx_probe:823: inode #2: lblock 0: comm syz.5.495: error -117 reading directory block [ 197.542657][ T7868] EXT4-fs warning (device loop5): dx_probe:823: inode #2: lblock 0: comm syz.5.495: error -117 reading directory block [ 197.583767][ T47] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 197.597413][ T5825] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 197.865710][ T7899] loop3: detected capacity change from 0 to 1764 [ 198.061075][ T47] usb 2-1: Using ep0 maxpacket: 8 [ 199.083323][ T47] usb 2-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 199.092654][ T47] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 199.121504][ T47] usb 2-1: config 0 descriptor?? [ 199.327481][ T5836] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 199.386277][ T7457] veth0_vlan: entered promiscuous mode [ 199.501943][ T7457] veth1_vlan: entered promiscuous mode [ 199.870872][ T7457] veth0_macvtap: entered promiscuous mode [ 199.901806][ T7457] veth1_macvtap: entered promiscuous mode [ 199.982598][ T7457] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 199.993946][ T7457] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 200.004014][ T7457] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 200.019917][ T7457] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 200.060180][ T7457] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 200.123158][ T5836] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 200.210597][ T7457] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 200.220724][ T7457] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 200.231206][ T7457] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 200.241245][ T7457] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 200.251771][ T7457] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 200.262941][ T7457] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 200.271919][ T47] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 200.282029][ T47] asix 2-1:0.0: probe with driver asix failed with error -71 [ 200.285901][ T7457] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 200.292861][ T47] usb 2-1: USB disconnect, device number 4 [ 200.317250][ T7457] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 200.349548][ T7457] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 200.370590][ T7457] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 200.380431][ T7457] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 200.393079][ T7457] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 200.403710][ T7457] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 200.414975][ T7457] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 200.424876][ T7457] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 200.435535][ T7457] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 200.447361][ T7457] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 200.457566][ T7457] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 200.466602][ T7457] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 200.475369][ T7457] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 200.484217][ T7457] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 201.782702][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 201.871505][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 201.940583][ T5881] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 201.966138][ T6256] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 202.004975][ T7946] overlayfs: failed to clone upperpath [ 202.007870][ T6256] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 202.114250][ T5881] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 202.142468][ T5881] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 202.176379][ T5881] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 202.210807][ T5881] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 202.246773][ T5881] usb 6-1: SerialNumber: syz [ 202.378434][ T7958] TCP: out of memory -- consider tuning tcp_mem [ 202.490928][ T5881] usb 6-1: 0:2 : does not exist [ 202.505118][ T5881] usb 6-1: unit 5: unexpected type 0x03 [ 202.582102][ T5881] usb 6-1: USB disconnect, device number 2 [ 202.827068][ T5853] udevd[5853]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 202.845036][ T29] audit: type=1800 audit(1734503477.717:134): pid=7972 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.519" name="/" dev="fuse" ino=1 res=0 errno=0 [ 202.910123][ T5842] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 202.922242][ T5842] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 202.930576][ T5842] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 202.939033][ T5842] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 202.947683][ T5842] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 202.955072][ T5842] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 203.300191][ T25] IPVS: starting estimator thread 0... [ 203.305924][ T5905] usb 9-1: new low-speed USB device number 2 using dummy_hcd [ 203.318514][ T29] audit: type=1800 audit(1734503478.207:135): pid=7987 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.7.523" name="/" dev="9p" ino=2 res=0 errno=0 [ 203.440678][ T7986] IPVS: using max 20 ests per chain, 48000 per kthread [ 203.523039][ T5905] usb 9-1: config 1 has an invalid interface descriptor of length 6, skipping [ 203.532368][ T5905] usb 9-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 203.541900][ T5905] usb 9-1: config 1 has no interface number 1 [ 203.548126][ T5905] usb 9-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 4 [ 203.561914][ T5905] usb 9-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 203.888435][ T7973] chnl_net:caif_netlink_parms(): no params data found [ 203.928285][ T5905] usb 9-1: string descriptor 0 read error: -22 [ 203.936187][ T5905] usb 9-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 203.945842][ T5905] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 204.625848][ T5905] usb 9-1: low speed audio streaming not supported [ 205.050728][ T5842] Bluetooth: hci5: command tx timeout [ 206.440103][ T7973] bridge0: port 1(bridge_slave_0) entered blocking state [ 206.487644][ T7973] bridge0: port 1(bridge_slave_0) entered disabled state [ 206.500665][ T5905] usb 9-1: USB disconnect, device number 2 [ 206.529458][ T7973] bridge_slave_0: entered allmulticast mode [ 206.572732][ T7973] bridge_slave_0: entered promiscuous mode [ 206.622309][ T7973] bridge0: port 2(bridge_slave_1) entered blocking state [ 206.672761][ T7973] bridge0: port 2(bridge_slave_1) entered disabled state [ 206.680167][ T7973] bridge_slave_1: entered allmulticast mode [ 206.716211][ T7973] bridge_slave_1: entered promiscuous mode [ 207.050072][ T7973] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 207.106089][ T5842] Bluetooth: hci5: command tx timeout [ 207.186469][ T8058] loop5: detected capacity change from 0 to 1024 [ 207.275130][ T8058] hfsplus: request for non-existent node 196608 in B*Tree [ 207.282583][ T8058] hfsplus: request for non-existent node 196608 in B*Tree [ 207.290377][ T8058] hfsplus: failed to load root directory [ 207.538017][ T7973] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 208.324269][ T8073] netlink: 4 bytes leftover after parsing attributes in process `syz.1.543'. [ 208.335942][ T7973] team0: Port device team_slave_0 added [ 208.360071][ T7973] team0: Port device team_slave_1 added [ 208.856595][ T7973] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 208.877048][ T7973] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 208.967911][ T29] audit: type=1326 audit(1734503483.857:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8090 comm="syz.5.548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d65585d29 code=0x7ffc0000 [ 208.976645][ T8089] loop8: detected capacity change from 0 to 1024 [ 209.015756][ T29] audit: type=1326 audit(1734503483.857:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8090 comm="syz.5.548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d65585d29 code=0x7ffc0000 [ 209.033589][ T7973] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 209.121506][ T8089] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 209.129290][ T29] audit: type=1326 audit(1734503483.867:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8090 comm="syz.5.548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2d65584690 code=0x7ffc0000 [ 209.150681][ T7973] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 209.163062][ T7973] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 209.189377][ T7973] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 209.261710][ T5846] Bluetooth: hci5: command tx timeout [ 209.365166][ T29] audit: type=1326 audit(1734503483.867:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8090 comm="syz.5.548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2d65584690 code=0x7ffc0000 [ 209.404486][ T7457] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 209.408883][ T8103] 8021q: adding VLAN 0 to HW filter on device macvlan0 [ 209.441785][ T29] audit: type=1326 audit(1734503483.867:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8090 comm="syz.5.548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d65585d29 code=0x7ffc0000 [ 209.488592][ T29] audit: type=1326 audit(1734503483.867:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8090 comm="syz.5.548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d65585d29 code=0x7ffc0000 [ 209.517852][ T29] audit: type=1326 audit(1734503483.867:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8090 comm="syz.5.548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2d65584690 code=0x7ffc0000 [ 209.554937][ T29] audit: type=1326 audit(1734503483.867:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8090 comm="syz.5.548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d65585d29 code=0x7ffc0000 [ 209.602342][ T29] audit: type=1326 audit(1734503483.867:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8090 comm="syz.5.548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f2d65585d29 code=0x7ffc0000 [ 209.624904][ T29] audit: type=1326 audit(1734503483.867:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8090 comm="syz.5.548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d65585d29 code=0x7ffc0000 [ 209.656719][ T7973] hsr_slave_0: entered promiscuous mode [ 209.668135][ T7973] hsr_slave_1: entered promiscuous mode [ 209.670967][ T5942] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 209.740286][ T7973] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 209.749212][ T7973] Cannot create hsr debugfs directory [ 209.864641][ T5942] usb 6-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00 [ 209.887669][ T5942] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 209.913496][ T5942] usb 6-1: Product: syz [ 209.927796][ T5942] usb 6-1: Manufacturer: syz [ 209.942552][ T5942] usb 6-1: SerialNumber: syz [ 209.974212][ T5942] usb 6-1: config 0 descriptor?? [ 210.164966][ T8126] netlink: 156 bytes leftover after parsing attributes in process `syz.1.557'. [ 210.209138][ T7973] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 210.222647][ T7973] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 210.239062][ T5942] hso 6-1:0.0: Failed to find BULK IN ep [ 210.262398][ T5942] usb-storage 6-1:0.0: USB Mass Storage device detected [ 210.281650][ T7973] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 210.313839][ T7973] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 210.473252][ T8104] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 210.574882][ T8104] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 210.663632][ T5905] usb 6-1: USB disconnect, device number 3 [ 210.774244][ T7973] 8021q: adding VLAN 0 to HW filter on device bond0 [ 210.871832][ T7973] 8021q: adding VLAN 0 to HW filter on device team0 [ 210.953177][ T3422] bridge0: port 1(bridge_slave_0) entered blocking state [ 210.960323][ T3422] bridge0: port 1(bridge_slave_0) entered forwarding state [ 211.005166][ T3422] bridge0: port 2(bridge_slave_1) entered blocking state [ 211.012474][ T3422] bridge0: port 2(bridge_slave_1) entered forwarding state [ 211.137192][ T8150] loop8: detected capacity change from 0 to 1024 [ 211.212705][ T8150] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 211.344460][ T5846] Bluetooth: hci5: command tx timeout [ 211.530644][ T5942] usb 9-1: new high-speed USB device number 3 using dummy_hcd [ 211.722076][ T5942] usb 9-1: Using ep0 maxpacket: 32 [ 211.756318][ T5942] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 211.791436][ T5942] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 211.851704][ T5942] usb 9-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00 [ 211.886692][ T5942] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 211.930390][ T5942] usb 9-1: config 0 descriptor?? [ 211.935644][ T7973] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 212.181695][ T5942] usbhid 9-1:0.0: can't add hid device: -71 [ 212.218224][ T5942] usbhid 9-1:0.0: probe with driver usbhid failed with error -71 [ 213.260873][ T5942] usb 9-1: USB disconnect, device number 3 [ 213.395106][ T8186] loop7: detected capacity change from 0 to 2048 [ 213.509891][ T8186] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 213.557061][ T7973] veth0_vlan: entered promiscuous mode [ 213.566470][ T5881] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 213.634486][ T7973] veth1_vlan: entered promiscuous mode [ 213.660875][ T7973] veth0_macvtap: entered promiscuous mode [ 213.670944][ T7973] veth1_macvtap: entered promiscuous mode [ 213.687275][ T7973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 213.697896][ T7973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 213.707875][ T7973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 213.718528][ T7973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 213.728708][ T7973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 213.739304][ T7973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 213.749204][ T7973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 213.759762][ T7973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 213.769857][ T7973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 213.780369][ T7973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 213.790252][ T7973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 213.800823][ T7973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 213.814174][ T8191] loop5: detected capacity change from 0 to 2048 [ 213.824251][ T7973] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 213.862484][ T7973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 213.873228][ T7973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 213.883537][ T7973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 213.895402][ T7973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 213.905410][ T7973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 213.916189][ T7973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 214.067819][ T7973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 214.122891][ T7973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 214.476752][ T8191] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 214.496119][ T7973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 214.552774][ T7973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 214.612797][ T29] kauditd_printk_skb: 41 callbacks suppressed [ 214.612820][ T29] audit: type=1804 audit(1734503489.507:187): pid=8191 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.570" name="/newroot/104/file1/bus" dev="loop5" ino=18 res=1 errno=0 [ 214.642803][ T7973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 214.700774][ T7973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 214.707909][ T29] audit: type=1804 audit(1734503489.557:188): pid=8204 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.570" name="/newroot/104/file1/bus" dev="loop5" ino=18 res=1 errno=0 [ 214.735797][ T7973] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 214.749145][ T7973] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 214.758142][ T7973] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 214.767739][ T7973] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 214.794347][ T5881] usb 2-1: Using ep0 maxpacket: 16 [ 214.799630][ T7973] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 214.825723][ T5881] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 214.876788][ T5881] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 214.996696][ T5881] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 215.034823][ T5881] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 215.044948][ T5881] usb 2-1: Product: syz [ 215.049138][ T5881] usb 2-1: Manufacturer: syz [ 215.054165][ T5881] usb 2-1: SerialNumber: syz [ 215.095239][ T5881] usb 2-1: config 0 descriptor?? [ 215.112238][ T5881] em28xx 2-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 215.121917][ T5881] em28xx 2-1:0.0: Audio interface 0 found (Vendor Class) [ 215.190854][ T5905] usb 9-1: new high-speed USB device number 4 using dummy_hcd [ 215.236160][ T5825] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 216.270662][ T5905] usb 9-1: Using ep0 maxpacket: 32 [ 216.277761][ T5905] usb 9-1: config 0 has an invalid interface number: 67 but max is 0 [ 216.286041][ T5905] usb 9-1: config 0 has no interface number 0 [ 216.293852][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 216.295357][ T5905] usb 9-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 216.311444][ T5905] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 216.319455][ T5905] usb 9-1: Product: syz [ 216.323785][ T5905] usb 9-1: Manufacturer: syz [ 216.328577][ T5905] usb 9-1: SerialNumber: syz [ 216.334610][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 216.365972][ T5905] usb 9-1: config 0 descriptor?? [ 216.378468][ T29] audit: type=1326 audit(1734503491.267:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8216 comm="syz.2.574" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f202b785d29 code=0x7ffc0000 [ 216.401890][ T29] audit: type=1326 audit(1734503491.267:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8216 comm="syz.2.574" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f202b785d29 code=0x7ffc0000 [ 216.424605][ T29] audit: type=1326 audit(1734503491.267:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8216 comm="syz.2.574" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f202b785d29 code=0x7ffc0000 [ 216.446849][ T29] audit: type=1326 audit(1734503491.267:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8216 comm="syz.2.574" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f202b785d29 code=0x7ffc0000 [ 216.469416][ T29] audit: type=1326 audit(1734503491.297:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8216 comm="syz.2.574" exe="/root/syz-executor" sig=0 arch=c000003e syscall=332 compat=0 ip=0x7f202b785d29 code=0x7ffc0000 [ 216.493260][ T29] audit: type=1326 audit(1734503491.297:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8216 comm="syz.2.574" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f202b785d29 code=0x7ffc0000 [ 216.555354][ T29] audit: type=1326 audit(1734503491.297:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8216 comm="syz.2.574" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f202b785d29 code=0x7ffc0000 [ 216.578959][ T5881] em28xx 2-1:0.0: unknown em28xx chip ID (0) [ 216.629363][ T5905] smsc95xx v2.0.0 [ 216.650668][ T5881] em28xx 2-1:0.0: Config register raw data: 0xfffffffb [ 216.691956][ T29] audit: type=1326 audit(1734503491.437:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8216 comm="syz.2.574" exe="/root/syz-executor" sig=0 arch=c000003e syscall=434 compat=0 ip=0x7f202b785d29 code=0x7ffc0000 [ 217.538473][ T5911] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 217.608818][ T5911] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 217.701107][ T5905] smsc95xx 9-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32 [ 217.713741][ T5881] em28xx 2-1:0.0: AC97 chip type couldn't be determined [ 217.734119][ T5905] smsc95xx 9-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 217.743569][ T5881] em28xx 2-1:0.0: No AC97 audio processor [ 217.809481][ T5881] usb 2-1: USB disconnect, device number 5 [ 218.086330][ T5881] em28xx 2-1:0.0: Disconnecting em28xx [ 219.105674][ T5881] em28xx 2-1:0.0: Freeing device [ 220.210943][ T5905] smsc95xx 9-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71 [ 220.241015][ T5905] smsc95xx 9-1:0.67: probe with driver smsc95xx failed with error -71 [ 220.418243][ T8307] ebt_among: dst integrity fail: 104 [ 220.472760][ T5905] usb 9-1: USB disconnect, device number 4 [ 220.540867][ T29] kauditd_printk_skb: 9 callbacks suppressed [ 220.540890][ T29] audit: type=1326 audit(1734503495.357:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8308 comm="syz.1.582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0c5fb85d29 code=0x7ffc0000 [ 220.608822][ T29] audit: type=1326 audit(1734503495.357:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8308 comm="syz.1.582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0c5fb85d29 code=0x7ffc0000 [ 220.613890][ T8311] loop9: detected capacity change from 0 to 512 [ 220.633761][ T29] audit: type=1326 audit(1734503495.477:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8308 comm="syz.1.582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f0c5fb85d29 code=0x7ffc0000 [ 220.659824][ T29] audit: type=1326 audit(1734503495.477:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8308 comm="syz.1.582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0c5fb85d29 code=0x7ffc0000 [ 220.682266][ T29] audit: type=1326 audit(1734503495.477:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8308 comm="syz.1.582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0c5fb85d29 code=0x7ffc0000 [ 220.768942][ T29] audit: type=1326 audit(1734503495.657:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8308 comm="syz.1.582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0c5fb84690 code=0x7ffc0000 [ 220.807448][ T29] audit: type=1326 audit(1734503495.657:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8308 comm="syz.1.582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0c5fb84690 code=0x7ffc0000 [ 220.836061][ T29] audit: type=1326 audit(1734503495.657:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8308 comm="syz.1.582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0c5fb85d29 code=0x7ffc0000 [ 220.928513][ T8311] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 220.945193][ T8311] ext4 filesystem being mounted at /1/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 220.954254][ T29] audit: type=1326 audit(1734503495.657:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8308 comm="syz.1.582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0c5fb85d29 code=0x7ffc0000 [ 221.278851][ T29] audit: type=1326 audit(1734503495.767:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8308 comm="syz.1.582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0c5fb84690 code=0x7ffc0000 [ 221.785030][ T7973] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 222.466380][ T8343] fuse: root generation should be zero [ 226.311470][ T8400] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci5/hci5:200/input7 [ 226.739898][ T8420] netlink: 'syz.7.605': attribute type 2 has an invalid length. [ 227.453680][ T8423] Invalid source name [ 227.906656][ T8432] loop5: detected capacity change from 0 to 128 [ 227.983411][ T8432] vfat filesystem being mounted at /111/file0 supports timestamps until 2107-12-31 (0x10391447e) [ 229.088068][ T29] kauditd_printk_skb: 27 callbacks suppressed [ 229.088092][ T29] audit: type=1800 audit(6029473377.974:243): pid=8432 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.610" name="bus" dev="loop5" ino=1048626 res=0 errno=0 [ 229.269934][ T29] audit: type=1800 audit(6029473378.104:244): pid=8432 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.610" name="bus" dev="loop5" ino=1048626 res=0 errno=0 [ 229.528196][ T8447] syz.5.610: attempt to access beyond end of device [ 229.528196][ T8447] loop5: rw=2049, sector=977, nr_sectors = 64 limit=128 [ 231.811553][ T8469] 9p filesystem being mounted at /117/file0 supports timestamps until 2106-02-07 (0xffffffff) [ 232.254062][ C1] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 233.332109][ T8487] loop9: detected capacity change from 0 to 512 [ 233.376301][ T8487] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode [ 233.536750][ T8487] EXT4-fs (loop9): 1 truncate cleaned up [ 233.574038][ T8487] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 233.692244][ T8496] loop8: detected capacity change from 0 to 512 [ 236.897329][ T8496] EXT4-fs warning (device loop8): ext4_multi_mount_protect:398: Unable to create kmmpd thread for loop8. [ 238.794866][ T7973] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 239.080766][ T8533] bridge1: entered promiscuous mode [ 239.089156][ T29] audit: type=1326 audit(6029473387.975:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8532 comm="syz.8.634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2304785d29 code=0x7ffc0000 [ 239.113787][ T8533] bridge1: entered allmulticast mode [ 239.188808][ T5892] usb 8-1: new low-speed USB device number 5 using dummy_hcd [ 239.201759][ T29] audit: type=1326 audit(6029473387.975:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8532 comm="syz.8.634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=4 compat=0 ip=0x7f2304785d29 code=0x7ffc0000 [ 239.238873][ T29] audit: type=1326 audit(6029473387.975:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8532 comm="syz.8.634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2304785d29 code=0x7ffc0000 [ 239.261425][ T29] audit: type=1326 audit(6029473387.985:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8532 comm="syz.8.634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2304785d29 code=0x7ffc0000 [ 239.283941][ T29] audit: type=1326 audit(6029473387.985:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8532 comm="syz.8.634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2304785d29 code=0x7ffc0000 [ 239.306372][ T29] audit: type=1326 audit(6029473388.015:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8532 comm="syz.8.634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2304785d29 code=0x7ffc0000 [ 239.329586][ T29] audit: type=1326 audit(6029473388.015:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8532 comm="syz.8.634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2304785d29 code=0x7ffc0000 [ 239.352627][ T29] audit: type=1326 audit(6029473388.025:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8532 comm="syz.8.634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2304785d29 code=0x7ffc0000 [ 239.389606][ T5892] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 239.404437][ T5892] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 239.429438][ T5892] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 239.458870][ T29] audit: type=1804 audit(6029473388.345:253): pid=8537 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.636" name="/newroot/120/file1" dev="fuse" ino=1 res=1 errno=0 [ 239.468454][ T5892] usb 8-1: New USB device found, idVendor=09da, idProduct=022b, bcdDevice= 0.00 [ 239.488686][ T29] audit: type=1800 audit(6029473388.375:254): pid=8537 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.636" name="/" dev="fuse" ino=1 res=0 errno=0 [ 239.722382][ T5892] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 239.733008][ T5892] usb 8-1: config 0 descriptor?? [ 240.266826][ T5892] a4tech 0003:09DA:022B.0003: item fetching failed at offset 5/7 [ 240.578916][ T5892] a4tech 0003:09DA:022B.0003: parse failed [ 240.626926][ T5892] a4tech 0003:09DA:022B.0003: probe with driver a4tech failed with error -22 [ 240.739933][ T5892] usb 8-1: USB disconnect, device number 5 [ 241.151621][ T9] usb 9-1: new high-speed USB device number 5 using dummy_hcd [ 241.425585][ T8575] loop1: detected capacity change from 0 to 2048 [ 241.659286][ T8575] NILFS (loop1): Invalid checkpoint (checkpoint number=2) [ 241.667854][ T8575] NILFS (loop1): error -22 while loading last checkpoint (checkpoint number=2) [ 242.068146][ T9] usb 9-1: Using ep0 maxpacket: 32 [ 242.127296][ T9] usb 9-1: config index 0 descriptor too short (expected 29220, got 36) [ 242.138717][ T9] usb 9-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 242.188147][ T9] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 242.297024][ T9] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 242.356216][ T8584] 9p filesystem being mounted at /123/file0 supports timestamps until 2106-02-07 (0xffffffff) [ 242.367739][ T9] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 242.410427][ T9] usb 9-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 242.450210][ T9] usb 9-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 242.489842][ T9] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 242.515380][ T9] usb 9-1: config 0 descriptor?? [ 242.742383][ T9] usblp 9-1:0.0: usblp0: USB Bidirectional printer dev 5 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 243.119929][ C1] usblp0: nonzero read bulk status received: -71 [ 243.138836][ T8560] usblp0: error -71 reading from printer [ 243.161870][ C0] usblp0: nonzero read bulk status received: -71 [ 244.032267][ T5892] usb 9-1: USB disconnect, device number 5 [ 246.600482][ T8607] usblp0: removed [ 246.878953][ T8633] loop1: detected capacity change from 0 to 8 [ 246.970272][ T8633] SQUASHFS error: xz decompression failed, data probably corrupt [ 246.978955][ T8633] SQUASHFS error: Failed to read block 0x108: -5 [ 246.985543][ T8633] SQUASHFS error: Unable to read metadata cache entry [106] [ 246.994193][ T8633] SQUASHFS error: Unable to read inode 0x0 [ 247.252074][ T5842] Bluetooth: hci6: sending frame failed (-49) [ 247.290780][ T8266] Bluetooth: hci7: Frame reassembly failed (-84) [ 247.319876][ T5846] Bluetooth: hci6: Opcode 0x1003 failed: -49 [ 250.066613][ T5842] Bluetooth: hci7: Entering manufacturer mode failed (-110) [ 251.341922][ T8673] netlink: 4 bytes leftover after parsing attributes in process `syz.9.669'. [ 251.375545][ T8674] overlayfs: failed to clone upperpath [ 251.620542][ T29] kauditd_printk_skb: 2 callbacks suppressed [ 251.620564][ T29] audit: type=1800 audit(6029473400.516:257): pid=8684 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.673" name="bus" dev="overlay" ino=137 res=0 errno=0 [ 251.677212][ T8686] netlink: 8 bytes leftover after parsing attributes in process `syz.1.672'. [ 251.738025][ T8686] netlink: 8 bytes leftover after parsing attributes in process `syz.1.672'. [ 254.194731][ T8677] netlink: 8 bytes leftover after parsing attributes in process `syz.5.670'. [ 255.089893][ T8677] netlink: 8 bytes leftover after parsing attributes in process `syz.5.670'. [ 255.637042][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.643645][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.260661][ T8732] netlink: zone id is out of range [ 256.266654][ T8732] netlink: set zone limit has 8 unknown bytes [ 257.349317][ T8743] 9p filesystem being mounted at /18/file0 supports timestamps until 2106-02-07 (0xffffffff) [ 258.190353][ T5892] usb 9-1: new high-speed USB device number 6 using dummy_hcd [ 258.208478][ T5905] usb 10-1: new high-speed USB device number 2 using dummy_hcd [ 258.389354][ T5892] usb 9-1: Using ep0 maxpacket: 8 [ 258.636687][ T5905] usb 10-1: Using ep0 maxpacket: 8 [ 258.727585][ T5892] usb 9-1: config 0 has an invalid interface number: 60 but max is 0 [ 258.735721][ T5892] usb 9-1: config 0 has no interface number 0 [ 258.766223][ T5905] usb 10-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 258.826079][ T5905] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 258.837511][ T5892] usb 9-1: New USB device found, idVendor=17cc, idProduct=1010, bcdDevice=16.0a [ 258.905303][ T5905] usb 10-1: config 0 descriptor?? [ 258.939250][ T5892] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 259.228998][ T5892] usb 9-1: config 0 descriptor?? [ 259.308644][ T8778] loop7: detected capacity change from 0 to 64 [ 259.345040][ T8778] minix filesystem being mounted at /64/file0 supports timestamps until 2106-02-07 (0xffffffff) [ 259.849904][ T5892] usb 9-1: string descriptor 0 read error: -71 [ 259.859775][ T5892] snd-usb-audio 9-1:0.60: probe with driver snd-usb-audio failed with error -71 [ 259.883260][ T5892] usb 9-1: USB disconnect, device number 6 [ 261.240892][ T8802] loop7: detected capacity change from 0 to 128 [ 261.290071][ T8802] sysv filesystem being mounted at /65/file0 supports timestamps until 2106-02-07 (0xffffffff) [ 261.302045][ T8802] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 261.636645][ T5905] asix 10-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 261.659947][ T5905] asix 10-1:0.0: probe with driver asix failed with error -71 [ 261.892203][ T5905] usb 10-1: USB disconnect, device number 2 [ 263.033819][ T5842] Bluetooth: hci4: command 0x0406 tx timeout [ 265.715300][ T5905] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 266.334300][ T8836] loop8: detected capacity change from 0 to 256 [ 266.529714][ T8836] exFAT-fs (loop8): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 267.197060][ T8847] netlink: 8 bytes leftover after parsing attributes in process `syz.1.709'. [ 267.706026][ T8836] exfat filesystem being mounted at /27/file2 supports timestamps until 2107-12-31 (0x10391447f) [ 267.865207][ T5905] usb 6-1: Using ep0 maxpacket: 8 [ 268.684124][ T5905] usb 6-1: device descriptor read/all, error -71 [ 268.886091][ T29] audit: type=1800 audit(6029473417.589:258): pid=8836 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.707" name="bus" dev="loop8" ino=1048629 res=0 errno=0 [ 269.483494][ T8871] binder: BINDER_SET_CONTEXT_MGR already set [ 269.489648][ T8871] binder: 8870:8871 ioctl 4018620d 20004a80 returned -16 [ 269.645937][ T8874] capability: warning: `syz.2.717' uses deprecated v2 capabilities in a way that may be insecure [ 271.737486][ T5905] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 271.977197][ T5905] usb 6-1: Using ep0 maxpacket: 8 [ 272.369265][ T5905] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 272.385751][ T5905] usb 6-1: config 0 has no interfaces? [ 272.426368][ T5905] usb 6-1: New USB device found, idVendor=05ac, idProduct=0249, bcdDevice= 0.00 [ 272.483067][ T5905] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 272.541935][ C0] vcan0: j1939_tp_rxtimer: 0xffff888021f36400: rx timeout, send abort [ 273.421843][ T8919] 9p filesystem being mounted at /71/file0 supports timestamps until 2106-02-07 (0xffffffff) [ 273.458549][ T8913] loop1: detected capacity change from 0 to 1024 [ 273.592223][ T5842] Bluetooth: hci6: sending frame failed (-49) [ 273.599787][ T5846] Bluetooth: hci6: Opcode 0x1003 failed: -49 [ 273.614778][ T8913] EXT4-fs: Ignoring removed nomblk_io_submit option [ 273.930043][ T8913] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e055c01c, mo2=0002] [ 273.978100][ T8913] System zones: 0-1, 3-36 [ 274.078347][ T8913] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 274.158240][ T5905] usb 6-1: config 0 descriptor?? [ 274.260427][ T8928] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 278.822520][ T5828] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 280.250150][ T8977] loop9: detected capacity change from 0 to 512 [ 280.353769][ T8977] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode [ 280.441478][ T8977] EXT4-fs (loop9): 1 truncate cleaned up [ 280.461608][ T8972] loop1: detected capacity change from 0 to 8192 [ 280.493065][ T8977] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 280.537194][ T8972] vfat filesystem being mounted at /141/file0 supports timestamps until 2107-12-31 (0x10391447e) [ 284.159982][ T9009] loop1: detected capacity change from 0 to 1024 [ 288.203595][ T9025] vlan2: entered promiscuous mode [ 288.208821][ T9025] vlan2: entered allmulticast mode [ 288.294738][ T9029] 9p filesystem being mounted at /74/file0 supports timestamps until 2106-02-07 (0xffffffff) [ 288.313117][ T9025] hsr_slave_1: entered allmulticast mode [ 288.396023][ T9030] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 288.472449][ C1] sched: DL replenish lagged too much [ 300.502786][ T9101] loop7: detected capacity change from 0 to 64 [ 300.625738][ T9101] bfs filesystem being mounted at /77/bus supports timestamps until 2106-02-07 (0xffffffff) [ 307.685409][ T5842] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 307.698001][ T5842] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 307.716985][ T5842] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 307.726899][ T5842] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 307.738014][ T5842] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 307.745631][ T5842] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 310.112407][ T5842] Bluetooth: hci6: command tx timeout [ 310.950435][ T5905] usb 6-1: can't set config #0, error -71 [ 311.974287][ T9149] loop7: detected capacity change from 0 to 1024 [ 312.117448][ T9120] chnl_net:caif_netlink_parms(): no params data found [ 312.129748][ T5842] Bluetooth: hci6: command tx timeout [ 312.419746][ T5942] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 312.538467][ T9156] netlink: 'syz.2.780': attribute type 13 has an invalid length. [ 312.611037][ T5942] usb 2-1: Using ep0 maxpacket: 8 [ 312.683328][ T5942] usb 2-1: config 0 has an invalid interface number: 113 but max is 0 [ 312.749710][ T5942] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 312.834840][ T5942] usb 2-1: config 0 has no interface number 0 [ 312.897201][ T5942] usb 2-1: config 0 interface 113 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 312.979332][ T5942] usb 2-1: config 0 interface 113 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 7 [ 313.035136][ T9120] bridge0: port 1(bridge_slave_0) entered blocking state [ 313.079800][ T9120] bridge0: port 1(bridge_slave_0) entered disabled state [ 313.087097][ T9120] bridge_slave_0: entered allmulticast mode [ 313.146028][ T5942] usb 2-1: New USB device found, idVendor=0b48, idProduct=1006, bcdDevice=c0.0a [ 313.196234][ T5942] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 313.211505][ T9120] bridge_slave_0: entered promiscuous mode [ 313.265787][ T5942] usb 2-1: Product: syz [ 313.279141][ T9120] bridge0: port 2(bridge_slave_1) entered blocking state [ 313.317294][ T5942] usb 2-1: Manufacturer: syz [ 313.333812][ T5942] usb 2-1: SerialNumber: syz [ 313.353338][ T9120] bridge0: port 2(bridge_slave_1) entered disabled state [ 313.384544][ T5942] usb 2-1: config 0 descriptor?? [ 313.399009][ T9120] bridge_slave_1: entered allmulticast mode [ 313.432536][ T5942] ttusb_dec_send_command: command bulk message failed: error -8 [ 313.471145][ T9120] bridge_slave_1: entered promiscuous mode [ 313.517760][ T5942] ttusb-dec 2-1:0.113: probe with driver ttusb-dec failed with error -8 [ 313.591581][ T5942] usbhid 2-1:0.113: couldn't find an input interrupt endpoint [ 313.709731][ T5942] usb 2-1: USB disconnect, device number 6 [ 313.811777][ T9120] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 313.932437][ T9120] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 314.209721][ T5842] Bluetooth: hci6: command tx timeout [ 314.385291][ T5846] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 314.394563][ T5846] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 314.406962][ T5846] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 314.415082][ T5846] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 314.471107][ T5846] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 314.482136][ T5846] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 314.491512][ T9120] team0: Port device team_slave_0 added [ 316.379229][ T5842] Bluetooth: hci6: command tx timeout [ 316.617866][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 316.624501][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 318.146326][ T9194] overlayfs: failed to clone upperpath [ 318.190946][ T9120] team0: Port device team_slave_1 added [ 318.765312][ T5847] Bluetooth: hci7: command tx timeout [ 319.051857][ T9120] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 319.158967][ T9120] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 320.134772][ T9120] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 321.818301][ T5847] Bluetooth: hci7: command tx timeout [ 322.573943][ T9120] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 322.599315][ T5846] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 322.634778][ T5846] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 322.644316][ T9120] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 322.678818][ T5846] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 322.727925][ T5846] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 322.744218][ T5846] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3 [ 322.753479][ T5846] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 322.892618][ T9120] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 323.040713][ T9219] overlayfs: failed to resolve './file1': -2 [ 324.968234][ T5846] Bluetooth: hci7: command tx timeout [ 324.973858][ T5846] Bluetooth: hci8: command tx timeout [ 325.449818][ T9243] loop7: detected capacity change from 0 to 512 [ 325.525966][ T9243] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 326.576308][ T6726] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 327.008171][ T5847] Bluetooth: hci8: command tx timeout [ 327.013627][ T5847] Bluetooth: hci7: command tx timeout [ 327.431104][ T9266] loop7: detected capacity change from 0 to 128 [ 327.519466][ T9266] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 327.571414][ T9266] ext4 filesystem being mounted at /87/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 328.668996][ T6726] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 329.509737][ T9276] ptrace attach of "./syz-executor exec"[6726] was attempted by ""[9276] [ 329.532312][ T5847] Bluetooth: hci8: command tx timeout [ 329.965474][ T9282] loop7: detected capacity change from 0 to 2048 [ 330.037729][ T9282] UDF-fs: warning (device loop7): udf_load_vrs: No anchor found [ 330.045701][ T9282] UDF-fs: Scanning with blocksize 512 failed [ 330.138756][ T9282] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 331.568320][ T5847] Bluetooth: hci8: command tx timeout [ 331.937504][ T5942] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 332.467493][ T5942] usb 8-1: Using ep0 maxpacket: 16 [ 332.480206][ T9291] loop1: detected capacity change from 0 to 8 [ 332.544283][ T5942] usb 8-1: New USB device found, idVendor=0403, idProduct=b8d8, bcdDevice=30.bb [ 332.574096][ T5942] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 332.617230][ T5942] usb 8-1: Product: syz [ 332.648210][ T5942] usb 8-1: Manufacturer: syz [ 332.653030][ T5942] usb 8-1: SerialNumber: syz [ 333.423226][ T9289] syz.7.806[9289] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 333.423367][ T9289] syz.7.806[9289] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 333.508890][ T9289] syz.7.806[9289] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 333.592647][ T5942] usb 8-1: Quirk or no altset; falling back to MIDI 1.0 [ 333.906019][ T5942] snd-usb-audio 8-1:222.0: probe with driver snd-usb-audio failed with error -2 [ 334.082456][ T5853] udevd[5853]: error opening ATTR{/sys/devices/platform/dummy_hcd.7/usb8/8-1/8-1:222.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 334.113733][ T5942] usb 8-1: USB disconnect, device number 6 [ 346.889741][ T5846] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 346.905694][ T5846] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 346.913652][ T5846] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 346.928293][ T5846] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 346.937813][ T5846] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 346.945096][ T5846] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 348.402439][ T5905] usb 6-1: USB disconnect, device number 5 [ 349.005407][ T5846] Bluetooth: hci0: command tx timeout [ 350.798451][ T9327] loop1: detected capacity change from 0 to 1024 [ 351.085092][ T5846] Bluetooth: hci0: command tx timeout [ 353.272693][ T5846] Bluetooth: hci0: command tx timeout [ 353.467307][ T9353] loop7: detected capacity change from 0 to 64 [ 353.525738][ T9353] minix filesystem being mounted at /97/bus supports timestamps until 2106-02-07 (0xffffffff) [ 354.066912][ T9359] nfs: Unknown parameter 'a' [ 355.331318][ T5846] Bluetooth: hci0: command tx timeout [ 361.761536][ T9386] loop7: detected capacity change from 0 to 128 [ 361.855095][ T9386] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 361.904515][ T9386] ext4 filesystem being mounted at /100/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 362.307364][ T5847] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 362.325188][ T5847] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 362.335544][ T5847] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 362.344784][ T5847] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 362.354567][ T5847] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 362.361864][ T5847] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 364.443664][ T5847] Bluetooth: hci1: command tx timeout [ 364.771412][ T5847] Bluetooth: hci5: command 0x0406 tx timeout [ 366.523515][ T5847] Bluetooth: hci1: command tx timeout [ 367.218194][ T6726] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 369.494621][ T5846] Bluetooth: hci1: command tx timeout [ 371.562956][ T5846] Bluetooth: hci1: command tx timeout [ 372.931830][ T5847] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 372.943227][ T5847] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 372.952843][ T5847] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 372.961613][ T5847] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 372.969743][ T5847] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3 [ 372.977648][ T5847] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 375.004449][ T5847] Bluetooth: hci9: command tx timeout [ 377.082178][ T5847] Bluetooth: hci9: command tx timeout [ 378.052047][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.058387][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.650112][ T5846] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 378.680660][ T5846] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 378.692531][ T5846] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 378.700485][ T5846] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 378.708884][ T5846] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3 [ 378.716742][ T5846] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 379.161917][ T5847] Bluetooth: hci9: command tx timeout [ 380.761611][ T5847] Bluetooth: hci10: command tx timeout [ 381.241888][ T5847] Bluetooth: hci9: command tx timeout [ 382.841562][ T5847] Bluetooth: hci10: command tx timeout [ 384.925913][ T5847] Bluetooth: hci10: command tx timeout [ 387.001050][ T5847] Bluetooth: hci10: command tx timeout [ 387.713022][ T5846] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1 [ 387.724297][ T5846] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9 [ 387.734003][ T5846] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9 [ 387.742306][ T5846] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4 [ 387.752204][ T5846] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3 [ 387.773419][ T5846] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2 [ 387.883943][ T5847] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1 [ 387.892983][ T5847] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9 [ 387.901653][ T5847] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9 [ 387.910982][ T5847] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4 [ 387.922526][ T5847] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3 [ 387.931032][ T5847] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2 [ 389.880752][ T5847] Bluetooth: hci11: command tx timeout [ 389.960874][ T5847] Bluetooth: hci12: command tx timeout [ 391.960456][ T5847] Bluetooth: hci11: command tx timeout [ 392.040411][ T5847] Bluetooth: hci12: command tx timeout [ 394.040135][ T5846] Bluetooth: hci11: command tx timeout [ 394.139131][ T5847] Bluetooth: hci12: command tx timeout [ 396.120003][ T5847] Bluetooth: hci11: command tx timeout [ 396.199920][ T5847] Bluetooth: hci12: command tx timeout [ 406.456594][ T5846] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 406.465702][ T5846] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 406.478745][ T5846] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 406.492385][ T5846] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 406.500206][ T5846] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 406.507507][ T5846] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 408.598463][ T5847] Bluetooth: hci2: command tx timeout [ 410.678261][ T5847] Bluetooth: hci2: command tx timeout [ 412.758198][ T5847] Bluetooth: hci2: command tx timeout [ 414.837881][ T5847] Bluetooth: hci2: command tx timeout [ 420.595607][ T5846] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 420.605482][ T5846] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 420.613334][ T5846] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 420.621908][ T5846] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 420.633404][ T5846] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 420.642553][ T5846] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 422.676732][ T5847] Bluetooth: hci3: command tx timeout [ 424.756688][ T5847] Bluetooth: hci3: command tx timeout [ 426.836291][ T5847] Bluetooth: hci3: command tx timeout [ 428.916035][ T5847] Bluetooth: hci3: command tx timeout [ 433.676255][ T5846] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 433.686806][ T5846] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 433.697539][ T5846] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 433.707385][ T5846] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 433.718494][ T5846] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 433.727377][ T5846] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 435.795365][ T5846] Bluetooth: hci0: command tx timeout [ 437.875063][ T5846] Bluetooth: hci0: command tx timeout [ 439.138533][ T5847] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 439.148515][ T5847] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 439.156901][ T5847] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 439.167695][ T5847] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 439.178102][ T5847] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 439.186117][ T5847] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 439.480550][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 439.501791][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 439.954978][ T5846] Bluetooth: hci0: command tx timeout [ 441.234650][ T5846] Bluetooth: hci1: command tx timeout [ 441.560994][ T5846] Bluetooth: hci7: command 0x0406 tx timeout [ 442.034682][ T5842] Bluetooth: hci0: command tx timeout [ 443.314651][ T5847] Bluetooth: hci1: command tx timeout [ 445.403936][ T5847] Bluetooth: hci1: command tx timeout [ 446.674195][ T5847] Bluetooth: hci8: command 0x0406 tx timeout [ 447.475230][ T5846] Bluetooth: hci1: command tx timeout [ 447.564430][ T5847] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 447.576889][ T5847] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 447.586388][ T5847] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 447.594961][ T5847] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 447.602558][ T5847] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 447.611068][ T5847] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 448.159742][ T5847] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 448.178534][ T5847] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 448.200240][ T5847] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 448.212792][ T5847] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 448.241366][ T5847] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 448.248931][ T5847] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 449.633878][ T5846] Bluetooth: hci4: command tx timeout [ 450.273588][ T5846] Bluetooth: hci5: command tx timeout [ 451.713453][ T5846] Bluetooth: hci4: command tx timeout [ 452.353549][ T5846] Bluetooth: hci5: command tx timeout [ 453.793172][ T5846] Bluetooth: hci4: command tx timeout [ 454.433289][ T5846] Bluetooth: hci5: command tx timeout [ 455.872982][ T5846] Bluetooth: hci4: command tx timeout [ 456.521422][ T5846] Bluetooth: hci5: command tx timeout [ 468.152584][ T5847] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 468.164076][ T5847] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 468.175154][ T5847] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 468.190691][ T5847] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 468.201062][ T5847] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 468.211416][ T5847] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 470.271268][ T5846] Bluetooth: hci6: command tx timeout [ 472.351131][ T5846] Bluetooth: hci6: command tx timeout [ 474.430654][ T5846] Bluetooth: hci6: command tx timeout [ 476.510649][ T5846] Bluetooth: hci6: command tx timeout [ 481.147279][ T5847] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1 [ 481.160486][ T5847] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9 [ 481.169655][ T5847] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9 [ 481.178090][ T5847] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4 [ 481.186014][ T5847] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3 [ 481.194722][ T5847] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2 [ 483.310420][ T5846] Bluetooth: hci13: command tx timeout [ 485.389555][ T5846] Bluetooth: hci13: command tx timeout [ 487.471867][ T5846] Bluetooth: hci13: command tx timeout [ 489.549122][ T5846] Bluetooth: hci13: command tx timeout [ 494.667687][ T5847] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1 [ 494.677718][ T5847] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9 [ 494.698495][ T5847] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9 [ 494.716861][ T5847] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4 [ 494.724790][ T5847] Bluetooth: hci14: unexpected cc 0x0c25 length: 249 > 3 [ 494.732724][ T5847] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2 [ 496.833410][ T5847] Bluetooth: hci14: command tx timeout [ 497.873919][ T5847] Bluetooth: hci9: command 0x0406 tx timeout [ 498.908090][ T5847] Bluetooth: hci14: command tx timeout [ 499.397158][ T5842] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1 [ 499.411119][ T5842] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9 [ 499.420101][ T5842] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9 [ 499.429152][ T5842] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4 [ 499.436813][ T5842] Bluetooth: hci15: unexpected cc 0x0c25 length: 249 > 3 [ 499.445720][ T5842] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2 [ 500.911921][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 500.930394][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 500.987694][ T5842] Bluetooth: hci14: command tx timeout [ 501.467809][ T5842] Bluetooth: hci15: command tx timeout [ 502.993041][ T5842] Bluetooth: hci10: command 0x0406 tx timeout [ 503.067377][ T5842] Bluetooth: hci14: command tx timeout [ 503.550728][ T5842] Bluetooth: hci15: command tx timeout [ 505.630710][ T5842] Bluetooth: hci15: command tx timeout [ 507.707079][ T5842] Bluetooth: hci15: command tx timeout [ 508.600015][ T5136] Bluetooth: hci16: unexpected cc 0x0c03 length: 249 > 1 [ 508.609506][ T5136] Bluetooth: hci16: unexpected cc 0x1003 length: 249 > 9 [ 508.620012][ T5136] Bluetooth: hci16: unexpected cc 0x1001 length: 249 > 9 [ 508.628205][ T5136] Bluetooth: hci16: unexpected cc 0x0c23 length: 249 > 4 [ 508.635995][ T5136] Bluetooth: hci16: unexpected cc 0x0c25 length: 249 > 3 [ 508.643719][ T5136] Bluetooth: hci16: unexpected cc 0x0c38 length: 249 > 2 [ 508.728276][ T5842] Bluetooth: hci17: unexpected cc 0x0c03 length: 249 > 1 [ 508.740245][ T5842] Bluetooth: hci17: unexpected cc 0x1003 length: 249 > 9 [ 508.748607][ T5842] Bluetooth: hci17: unexpected cc 0x1001 length: 249 > 9 [ 508.759182][ T5842] Bluetooth: hci17: unexpected cc 0x0c23 length: 249 > 4 [ 508.767253][ T5842] Bluetooth: hci17: unexpected cc 0x0c25 length: 249 > 3 [ 508.785815][ T5842] Bluetooth: hci17: unexpected cc 0x0c38 length: 249 > 2 [ 510.676865][ T5842] Bluetooth: hci16: command tx timeout [ 510.826688][ T5842] Bluetooth: hci17: command tx timeout [ 512.746356][ T9492] Bluetooth: hci16: command tx timeout [ 512.906323][ T9492] Bluetooth: hci17: command tx timeout [ 513.256159][ T9492] Bluetooth: hci12: command 0x0406 tx timeout [ 513.262316][ T9492] Bluetooth: hci11: command 0x0406 tx timeout [ 514.826228][ T9485] Bluetooth: hci16: command tx timeout [ 514.986297][ T9485] Bluetooth: hci17: command tx timeout [ 516.906118][ T9485] Bluetooth: hci16: command tx timeout [ 517.065998][ T9485] Bluetooth: hci17: command tx timeout [ 528.089503][ T5842] Bluetooth: hci18: unexpected cc 0x0c03 length: 249 > 1 [ 528.101224][ T5842] Bluetooth: hci18: unexpected cc 0x1003 length: 249 > 9 [ 528.110087][ T5842] Bluetooth: hci18: unexpected cc 0x1001 length: 249 > 9 [ 528.118241][ T5842] Bluetooth: hci18: unexpected cc 0x0c23 length: 249 > 4 [ 528.135757][ T5842] Bluetooth: hci18: unexpected cc 0x0c25 length: 249 > 3 [ 528.144030][ T5842] Bluetooth: hci18: unexpected cc 0x0c38 length: 249 > 2 [ 530.187828][ T5842] Bluetooth: hci18: command tx timeout [ 532.264210][ T5842] Bluetooth: hci18: command tx timeout [ 533.710579][ T5842] Bluetooth: hci2: command 0x0406 tx timeout [ 534.268823][ T8977] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 534.349804][ T5136] Bluetooth: hci18: command tx timeout [ 536.423710][ T5136] Bluetooth: hci18: command tx timeout [ 541.702261][ T5842] Bluetooth: hci19: unexpected cc 0x0c03 length: 249 > 1 [ 541.712826][ T5842] Bluetooth: hci19: unexpected cc 0x1003 length: 249 > 9 [ 541.721353][ T5842] Bluetooth: hci19: unexpected cc 0x1001 length: 249 > 9 [ 541.729331][ T5842] Bluetooth: hci19: unexpected cc 0x0c23 length: 249 > 4 [ 541.748445][ T5842] Bluetooth: hci19: unexpected cc 0x0c25 length: 249 > 3 [ 541.756149][ T5842] Bluetooth: hci19: unexpected cc 0x0c38 length: 249 > 2 [ 543.863403][ T5842] Bluetooth: hci19: command tx timeout [ 543.943310][ T5842] Bluetooth: hci3: command 0x0406 tx timeout [ 545.942846][ T5842] Bluetooth: hci19: command tx timeout [ 548.022612][ T5842] Bluetooth: hci19: command tx timeout [ 550.102291][ T5842] Bluetooth: hci19: command tx timeout [ 556.163923][ T5842] Bluetooth: hci20: unexpected cc 0x0c03 length: 249 > 1 [ 556.174744][ T5842] Bluetooth: hci20: unexpected cc 0x1003 length: 249 > 9 [ 556.185425][ T5842] Bluetooth: hci20: unexpected cc 0x1001 length: 249 > 9 [ 556.198524][ T5842] Bluetooth: hci20: unexpected cc 0x0c23 length: 249 > 4 [ 556.209929][ T5842] Bluetooth: hci20: unexpected cc 0x0c25 length: 249 > 3 [ 556.217708][ T5842] Bluetooth: hci20: unexpected cc 0x0c38 length: 249 > 2 [ 558.267306][ T5842] Bluetooth: hci20: command tx timeout [ 559.146098][ T30] INFO: task kworker/u8:8:5911 blocked for more than 143 seconds. [ 559.160742][ T30] Not tainted 6.13.0-rc3-syzkaller-00044-gaef25be35d23 #0 [ 559.205028][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 559.243402][ T30] task:kworker/u8:8 state:D stack:20144 pid:5911 tgid:5911 ppid:2 flags:0x00004000 [ 559.317176][ T5842] Bluetooth: hci0: command 0x0406 tx timeout [ 559.323438][ T30] Workqueue: netns cleanup_net [ 559.328251][ T30] Call Trace: [ 559.380979][ T30] [ 559.383975][ T30] __schedule+0x1850/0x4c30 [ 559.420939][ T30] ? __pfx___schedule+0x10/0x10 [ 559.425873][ T30] ? __pfx_lock_release+0x10/0x10 [ 559.471104][ T30] ? _raw_spin_unlock_irqrestore+0x8f/0x140 [ 559.491004][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 559.496872][ T30] ? kthread_data+0x52/0xd0 [ 559.524095][ T30] ? schedule+0x90/0x320 [ 559.528406][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 559.542917][ T30] ? wq_worker_sleeping+0x66/0x240 [ 559.548079][ T30] ? schedule+0x90/0x320 [ 559.560939][ T30] schedule+0x14b/0x320 [ 559.565153][ T30] schedule_preempt_disabled+0x13/0x30 [ 559.570653][ T30] __mutex_lock+0x7e7/0xee0 [ 559.586736][ T30] ? __mutex_lock+0x5ef/0xee0 [ 559.600989][ T30] ? nsim_destroy+0x71/0x5c0 [ 559.605632][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 559.610700][ T30] ? mntput_no_expire+0x2da/0x850 [ 559.626096][ T30] ? __pfx_mntput_no_expire+0x10/0x10 [ 559.638684][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 559.649479][ T30] ? _raw_spin_unlock+0x28/0x50 [ 559.660496][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 559.670895][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 559.676580][ T30] nsim_destroy+0x71/0x5c0 [ 559.692873][ T30] __nsim_dev_port_del+0x14b/0x1b0 [ 559.698203][ T30] nsim_dev_reload_destroy+0x28a/0x490 [ 559.718225][ T30] nsim_dev_reload_down+0x98/0xd0 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 559.727306][ T30] devlink_reload+0x18d/0x870 [ 559.739084][ T30] ? __pfx_devlink_reload+0x10/0x10 [ 559.749231][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 559.869075][ T30] devlink_pernet_pre_exit+0x1f3/0x440 [ 559.911285][ T30] ? __pfx_devlink_pernet_pre_exit+0x10/0x10 [ 559.917358][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 559.986002][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 560.020845][ T30] ? class_remove_file_ns+0x121/0x160 [ 560.026303][ T30] cleanup_net+0x617/0xd50 [ 560.030758][ T30] ? __pfx_cleanup_net+0x10/0x10 [ 560.072405][ T30] ? process_scheduled_works+0x976/0x1840 [ 560.078263][ T30] process_scheduled_works+0xa68/0x1840 [ 560.111095][ T30] ? __pfx_process_scheduled_works+0x10/0x10 [ 560.117163][ T30] ? assign_work+0x364/0x3d0 [ 560.141236][ T30] worker_thread+0x870/0xd30 [ 560.145899][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 560.181528][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 560.187241][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 560.231061][ T30] ? __kthread_parkme+0x169/0x1d0 [ 560.236172][ T30] ? __pfx_worker_thread+0x10/0x10 [ 560.269628][ T30] kthread+0x2f2/0x390 [ 560.281040][ T30] ? __pfx_worker_thread+0x10/0x10 [ 560.286223][ T30] ? __pfx_kthread+0x10/0x10 [ 560.319887][ T30] ret_from_fork+0x4d/0x80 [ 560.331247][ T30] ? __pfx_kthread+0x10/0x10 [ 560.336332][ T30] ret_from_fork_asm+0x1a/0x30 [ 560.341432][ T5842] Bluetooth: hci20: command tx timeout [ 560.379682][ T30] [ 560.389748][ T30] INFO: task syz-executor:9430 blocked for more than 144 seconds. [ 560.421479][ T30] Not tainted 6.13.0-rc3-syzkaller-00044-gaef25be35d23 #0 [ 560.429173][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 560.470165][ T30] task:syz-executor state:D stack:25952 pid:9430 tgid:9430 ppid:1 flags:0x00000004 [ 560.508135][ T30] Call Trace: [ 560.525852][ T30] [ 560.528838][ T30] __schedule+0x1850/0x4c30 [ 560.556399][ T30] ? __pfx___schedule+0x10/0x10 [ 560.579796][ T30] ? __pfx_lock_release+0x10/0x10 [ 560.590756][ T30] ? _raw_spin_unlock_irqrestore+0x8f/0x140 [ 560.596704][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 560.637456][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 560.658973][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 560.671047][ T30] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 560.677434][ T30] ? schedule+0x90/0x320 [ 560.711086][ T30] schedule+0x14b/0x320 [ 560.715327][ T30] schedule_preempt_disabled+0x13/0x30 [ 560.741561][ T30] __mutex_lock+0x7e7/0xee0 [ 560.746140][ T30] ? __mutex_lock+0x5ef/0xee0 [ 560.771274][ T30] ? inet_rtm_newaddr+0x47e/0x1bd0 [ 560.776468][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 560.810816][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 560.816699][ T30] ? __lock_acquire+0x1397/0x2100 [ 560.840956][ T30] ? __nla_parse+0x40/0x60 [ 560.845450][ T30] inet_rtm_newaddr+0x47e/0x1bd0 [ 560.850457][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 560.932193][ T5847] Bluetooth: hci21: unexpected cc 0x0c03 length: 249 > 1 [ 560.953261][ T30] ? rcu_read_unlock+0x87/0xa0 [ 560.958204][ T30] ? __pfx_inet_rtm_newaddr+0x10/0x10 [ 560.965519][ T5847] Bluetooth: hci21: unexpected cc 0x1003 length: 249 > 9 [ 560.979228][ T5847] Bluetooth: hci21: unexpected cc 0x1001 length: 249 > 9 [ 560.987582][ T5847] Bluetooth: hci21: unexpected cc 0x0c23 length: 249 > 4 [ 560.997247][ T5847] Bluetooth: hci21: unexpected cc 0x0c25 length: 249 > 3 [ 561.007566][ T5847] Bluetooth: hci21: unexpected cc 0x0c38 length: 249 > 2 [ 561.068264][ T30] ? __pfx_inet_rtm_newaddr+0x10/0x10 [ 561.079356][ T30] rtnetlink_rcv_msg+0x793/0xcf0 [ 561.093348][ T30] ? rtnetlink_rcv_msg+0x1a7/0xcf0 [ 561.098522][ T30] ? __lock_acquire+0x1397/0x2100 [ 561.112923][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 561.121701][ T30] netlink_rcv_skb+0x1e5/0x430 [ 561.126512][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 561.142720][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 561.148075][ T30] ? netlink_deliver_tap+0x2e/0x1b0 [ 561.165514][ T30] netlink_unicast+0x7f8/0x990 [ 561.170366][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 561.193234][ T30] ? __virt_addr_valid+0x45f/0x530 [ 561.198412][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 561.214064][ T30] ? __phys_addr_symbol+0x2f/0x70 [ 561.230823][ T30] ? __check_object_size+0x47a/0x730 [ 561.236174][ T30] netlink_sendmsg+0x8e4/0xcb0 [ 561.250738][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 561.256076][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 561.275326][ T30] ? aa_sock_msg_perm+0x91/0x160 [ 561.292685][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 561.298367][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 561.310667][ T30] __sock_sendmsg+0x223/0x270 [ 561.315404][ T30] __sys_sendto+0x363/0x4c0 [ 561.332409][ T30] ? __pfx___sys_sendto+0x10/0x10 [ 561.337594][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 561.350683][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 561.356976][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 561.373877][ T30] ? exc_page_fault+0x590/0x8b0 [ 561.378869][ T30] __x64_sys_sendto+0xde/0x100 [ 561.397510][ T30] do_syscall_64+0xf3/0x230 [ 561.405121][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 561.426205][ T30] RIP: 0033:0x7f0e37b87bbc [ 561.434792][ T30] RSP: 002b:00007ffd91bfcbb0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 561.448223][ T30] RAX: ffffffffffffffda RBX: 00007f0e388a4620 RCX: 00007f0e37b87bbc [ 561.459933][ T30] RDX: 0000000000000028 RSI: 00007f0e388a4670 RDI: 0000000000000003 [ 561.478341][ T30] RBP: 0000000000000000 R08: 00007ffd91bfcc04 R09: 000000000000000c [ 561.488950][ T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 561.510799][ T30] R13: 0000000000000000 R14: 00007f0e388a4670 R15: 0000000000000000 [ 561.518839][ T30] [ 561.554766][ T30] [ 561.554766][ T30] Showing all locks held in the system: [ 561.570707][ T30] 1 lock held by khungtaskd/30: [ 561.575587][ T30] #0: ffffffff8e937ae0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x55/0x2a0 [ 561.595934][ T30] 1 lock held by dhcpcd/5492: [ 561.608495][ T30] #0: ffffffff8fcb2908 (rtnl_mutex){+.+.}-{4:4}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 561.636989][ T30] 4 locks held by kworker/1:5/5892: [ 561.650303][ T30] 6 locks held by kworker/u8:8/5911: [ 561.659345][ T30] #0: ffff88801baed948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1840 [ 561.676225][ T30] #1: ffffc9000401fd00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1840 [ 561.699423][ T30] #2: ffffffff8fca6450 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0x16a/0xd50 [ 561.721640][ T30] #3: ffff8880581c90e8 (&dev->mutex){....}-{4:4}, at: devlink_pernet_pre_exit+0x13b/0x440 [ 561.750647][ T30] #4: ffff8880581ca250 (&devlink->lock_key#2){+.+.}-{4:4}, at: devlink_pernet_pre_exit+0x14d/0x440 [ 561.770906][ T30] #5: ffffffff8fcb2908 (rtnl_mutex){+.+.}-{4:4}, at: nsim_destroy+0x71/0x5c0 [ 561.779890][ T30] 2 locks held by getty/7846: [ 561.790613][ T30] #0: ffff8880350620a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 561.800549][ T30] #1: ffffc900038d12f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x6a6/0x1e00 [ 561.820505][ T30] 3 locks held by kworker/u8:14/8266: [ 561.840615][ T30] #0: ffff88814d13c148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1840 [ 561.867760][ T30] #1: ffffc90004dbfd00 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1840 [ 561.890621][ T30] #2: ffffffff8fcb2908 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_dad_work+0xd0/0x16f0 [ 561.900223][ T30] 3 locks held by kworker/u8:23/8297: [ 561.914219][ T30] #0: ffff88801ac81148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1840 [ 561.936070][ T30] #1: ffffc9000475fd00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1840 [ 561.968665][ T30] #2: ffffffff8fcb2908 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60 [ 561.986615][ T30] 2 locks held by syz.8.762/9080: [ 561.995596][ T30] #0: ffffffff8fcb2908 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x3b/0x1b0 [ 562.010619][ T30] #1: ffffffff8e7d2ed0 (cpu_hotplug_lock){++++}-{0:0}, at: unregister_netdevice_many_notify+0x5ea/0x1da0 [ 562.032451][ T30] 2 locks held by syz-executor/9182: [ 562.040876][ T30] #0: ffffffff8fca6450 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x328/0x570 [ 562.059756][ T30] #1: ffffffff8fcb2908 (rtnl_mutex){+.+.}-{4:4}, at: setup_net+0x602/0x9e0 [ 562.073295][ T30] 2 locks held by syz-executor/9209: [ 562.078611][ T30] #0: ffffffff8fca6450 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x328/0x570 [ 562.104513][ T30] #1: ffffffff8fcb2908 (rtnl_mutex){+.+.}-{4:4}, at: ip_tunnel_init_net+0x20e/0x720 [ 562.120587][ T30] 1 lock held by syz.2.805/9284: [ 562.125559][ T30] #0: ffffffff8fcb2908 (rtnl_mutex){+.+.}-{4:4}, at: netdev_run_todo+0x7b2/0x1000 [ 562.148251][ T30] 1 lock held by syz.7.827/9403: [ 562.157244][ T30] #0: ffffffff8fcb2908 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x3b/0x1b0 [ 562.172429][ T30] 2 locks held by syz-executor/9410: [ 562.177747][ T30] #0: ffffffff8fca6450 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x328/0x570 [ 562.204221][ T30] #1: ffffffff8fcb2908 (rtnl_mutex){+.+.}-{4:4}, at: register_nexthop_notifier+0x84/0x290 [ 562.229893][ T30] 2 locks held by syz-executor/9414: [ 562.235768][ T30] #0: ffffffff8fca6450 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x328/0x570 [ 562.258039][ T30] #1: ffffffff8fcb2908 (rtnl_mutex){+.+.}-{4:4}, at: register_nexthop_notifier+0x84/0x290 [ 562.277756][ T30] 1 lock held by syz-executor/9420: [ 562.290082][ T30] #0: ffffffff8fcb2908 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0xbcb/0x2150 [ 562.314105][ T30] 2 locks held by syz-executor/9424: [ 562.319524][ T30] #0: ffffffff8fca6450 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x328/0x570 [ 562.347129][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 562.365405][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 562.380581][ T30] #1: ffffffff8fcb2908 (rtnl_mutex){+.+.}-{4:4}, at: register_nexthop_notifier+0x84/0x290 [ 562.399635][ T30] 1 lock held by syz-executor/9430: [ 562.406603][ T30] #0: ffffffff8fcb2908 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x47e/0x1bd0 [ 562.428279][ T30] 1 lock held by syz-executor/9433: [ 562.438973][ T5136] Bluetooth: hci20: command tx timeout [ 562.458915][ T30] #0: ffffffff8fcb2908 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x47e/0x1bd0 [ 562.470187][ T30] 1 lock held by syz-executor/9441: [ 562.482057][ T30] #0: ffffffff8fcb2908 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x47e/0x1bd0 [ 562.500119][ T30] 1 lock held by syz-executor/9449: [ 562.505763][ T30] #0: ffffffff8fcb2908 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x47e/0x1bd0 [ 562.523248][ T30] 1 lock held by syz-executor/9454: [ 562.528470][ T30] #0: ffffffff8fcb2908 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x47e/0x1bd0 [ 562.558281][ T30] 1 lock held by syz-executor/9457: [ 562.574162][ T30] #0: ffffffff8fcb2908 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x47e/0x1bd0 [ 562.594266][ T30] 1 lock held by syz-executor/9460: [ 562.599489][ T30] #0: ffffffff8fcb2908 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x47e/0x1bd0 [ 562.618438][ T30] 1 lock held by syz-executor/9466: [ 562.623954][ T30] #0: ffffffff8fcb2908 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x47e/0x1bd0 [ 562.646896][ T30] 1 lock held by syz-executor/9471: [ 562.658085][ T30] #0: ffffffff8fcb2908 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x47e/0x1bd0 [ 562.684102][ T30] 1 lock held by syz-executor/9477: [ 562.689334][ T30] #0: ffffffff8fcb2908 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x47e/0x1bd0 [ 562.708588][ T30] 1 lock held by syz-executor/9483: [ 562.715745][ T30] #0: ffffffff8fcb2908 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x47e/0x1bd0 [ 562.734651][ T30] 1 lock held by syz-executor/9486: [ 562.739883][ T30] #0: ffffffff8fcb2908 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x47e/0x1bd0 [ 562.760620][ T30] 1 lock held by syz-executor/9497: [ 562.771613][ T30] #0: ffffffff8fcb2908 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x47e/0x1bd0 [ 562.796465][ T30] 1 lock held by syz-executor/9503: [ 562.808519][ T30] #0: ffffffff8fcb2908 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x47e/0x1bd0 [ 562.828295][ T30] 1 lock held by syz-executor/9509: [ 562.834081][ T30] #0: ffffffff8fcb2908 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x47e/0x1bd0 [ 562.853216][ T30] 1 lock held by syz-executor/9513: [ 562.862773][ T30] #0: ffffffff8fcb2908 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x47e/0x1bd0 [ 562.886023][ T30] [ 562.888389][ T30] ============================================= [ 562.888389][ T30] [ 562.906076][ T30] NMI backtrace for cpu 0 [ 562.910433][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.13.0-rc3-syzkaller-00044-gaef25be35d23 #0 [ 562.920962][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 562.931035][ T30] Call Trace: [ 562.934333][ T30] [ 562.937297][ T30] dump_stack_lvl+0x241/0x360 [ 562.942019][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 562.947258][ T30] ? __pfx__printk+0x10/0x10 [ 562.951902][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 562.956881][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 562.962462][ T30] ? _printk+0xd5/0x120 [ 562.966652][ T30] ? __pfx__printk+0x10/0x10 [ 562.971287][ T30] ? __wake_up_klogd+0xcc/0x110 [ 562.976167][ T30] ? __pfx__printk+0x10/0x10 [ 562.980794][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 562.986453][ T30] ? __rcu_read_unlock+0xa1/0x110 [ 562.991509][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 562.997518][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 563.003538][ T30] watchdog+0xff6/0x1040 [ 563.007813][ T30] ? watchdog+0x1ea/0x1040 [ 563.012280][ T30] ? __pfx_watchdog+0x10/0x10 [ 563.016989][ T30] kthread+0x2f2/0x390 [ 563.021092][ T30] ? __pfx_watchdog+0x10/0x10 [ 563.025798][ T30] ? __pfx_kthread+0x10/0x10 [ 563.030425][ T30] ret_from_fork+0x4d/0x80 [ 563.034867][ T30] ? __pfx_kthread+0x10/0x10 [ 563.039491][ T30] ret_from_fork_asm+0x1a/0x30 [ 563.044303][ T30] [ 563.048700][ T30] Sending NMI from CPU 0 to CPUs 1: [ 563.054793][ C1] NMI backtrace for cpu 1 [ 563.054809][ C1] CPU: 1 UID: 0 PID: 5892 Comm: kworker/1:5 Not tainted 6.13.0-rc3-syzkaller-00044-gaef25be35d23 #0 [ 563.054835][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 563.054850][ C1] Workqueue: events_power_efficient neigh_periodic_work [ 563.054886][ C1] RIP: 0010:__kasan_check_read+0xa/0x20 [ 563.054912][ C1] Code: db eb d0 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 89 f6 48 8b 0c 24 <31> d2 e9 6f e6 ff ff 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 [ 563.054930][ C1] RSP: 0018:ffffc90000a187c0 EFLAGS: 00000286 [ 563.054950][ C1] RAX: 0000000000000100 RBX: ffff8880303546c0 RCX: ffffffff8a838e84 [ 563.054967][ C1] RDX: 0000000000000100 RSI: 0000000000000008 RDI: ffff8880303546c0 [ 563.054983][ C1] RBP: dffffc0000000000 R08: ffffffff8a838e67 R09: ffffffff89dcc5a7 [ 563.055001][ C1] R10: 0000000000000004 R11: ffffffff8a838e10 R12: ffffc90000a188c0 [ 563.055017][ C1] R13: ffff888030354603 R14: 1ffff1101341f375 R15: ffff88809a0f9ba8 [ 563.055052][ C1] FS: 0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 563.055072][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 563.055088][ C1] CR2: 00007f0c60a70f98 CR3: 000000000e736000 CR4: 0000000000350ef0 [ 563.055107][ C1] Call Trace: [ 563.055116][ C1] [ 563.055125][ C1] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 563.055154][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 563.055184][ C1] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 563.055211][ C1] ? nmi_handle+0x2a/0x5a0 [ 563.055250][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 563.055272][ C1] ? nmi_handle+0x151/0x5a0 [ 563.055300][ C1] ? nmi_handle+0x2a/0x5a0 [ 563.055328][ C1] ? __kasan_check_read+0xa/0x20 [ 563.055350][ C1] ? default_do_nmi+0x63/0x160 [ 563.055376][ C1] ? exc_nmi+0x123/0x1f0 [ 563.055400][ C1] ? end_repeat_nmi+0xf/0x53 [ 563.055424][ C1] ? __pfx_ipv6_defrag+0x10/0x10 [ 563.055451][ C1] ? nf_hook_slow+0xd7/0x220 [ 563.055484][ C1] ? ipv6_defrag+0x57/0x3c0 [ 563.055508][ C1] ? ipv6_defrag+0x74/0x3c0 [ 563.055535][ C1] ? __kasan_check_read+0xa/0x20 [ 563.055557][ C1] ? __kasan_check_read+0xa/0x20 [ 563.055580][ C1] ? __kasan_check_read+0xa/0x20 [ 563.055603][ C1] [ 563.055610][ C1] [ 563.055618][ C1] ipv6_defrag+0x74/0x3c0 [ 563.055642][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 563.055666][ C1] ? ip_sabotage_in+0x55/0x290 [ 563.055698][ C1] ? __pfx_ipv6_defrag+0x10/0x10 [ 563.055723][ C1] nf_hook_slow+0xc5/0x220 [ 563.055757][ C1] ? __pfx_ip6_rcv_finish+0x10/0x10 [ 563.055785][ C1] ? __pfx_ip6_rcv_finish+0x10/0x10 [ 563.055812][ C1] NF_HOOK+0x29e/0x450 [ 563.055838][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 563.055860][ C1] ? skb_orphan+0xae/0xd0 [ 563.055890][ C1] ? NF_HOOK+0x9a/0x450 [ 563.055916][ C1] ? __pfx_NF_HOOK+0x10/0x10 [ 563.055945][ C1] ? __pfx_ip6_rcv_finish+0x10/0x10 [ 563.055977][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 563.056001][ C1] ? __pfx_ipv6_rcv+0x10/0x10 [ 563.056041][ C1] __netif_receive_skb+0x1ea/0x650 [ 563.056074][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 563.056101][ C1] ? __pfx___netif_receive_skb+0x10/0x10 [ 563.056131][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 563.056158][ C1] ? __pfx_lock_release+0x10/0x10 [ 563.056185][ C1] ? _raw_spin_lock_irq+0xdf/0x120 [ 563.056222][ C1] process_backlog+0x662/0x15b0 [ 563.056258][ C1] ? process_backlog+0x33b/0x15b0 [ 563.056297][ C1] ? __pfx_process_backlog+0x10/0x10 [ 563.056330][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 563.056358][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 563.056388][ C1] __napi_poll+0xcd/0x490 [ 563.056421][ C1] net_rx_action+0x89b/0x1240 [ 563.056468][ C1] ? __pfx_net_rx_action+0x10/0x10 [ 563.056504][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 563.056527][ C1] ? sched_clock+0x4a/0x70 [ 563.056571][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 563.056604][ C1] handle_softirqs+0x2d6/0x9b0 [ 563.056646][ C1] ? do_softirq+0x11b/0x1e0 [ 563.056682][ C1] ? __pfx_handle_softirqs+0x10/0x10 [ 563.056720][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 563.056746][ C1] do_softirq+0x11b/0x1e0 [ 563.056779][ C1] [ 563.056787][ C1] [ 563.056795][ C1] ? __pfx_do_softirq+0x10/0x10 [ 563.056830][ C1] ? __pfx_lockdep_softirqs_on+0x10/0x10 [ 563.056857][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 563.056884][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 563.056907][ C1] ? rcu_is_watching+0x15/0xb0 [ 563.056941][ C1] __local_bh_enable_ip+0x1bb/0x200 [ 563.056977][ C1] ? neigh_periodic_work+0xbcb/0xde0 [ 563.057008][ C1] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 563.057054][ C1] ? neigh_destroy+0x429/0x590 [ 563.057088][ C1] neigh_periodic_work+0xbcb/0xde0 [ 563.057124][ C1] ? process_scheduled_works+0x976/0x1840 [ 563.057148][ C1] process_scheduled_works+0xa68/0x1840 [ 563.057188][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 563.057218][ C1] ? assign_work+0x364/0x3d0 [ 563.057243][ C1] worker_thread+0x870/0xd30 [ 563.057269][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 563.057294][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 563.057317][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 563.057349][ C1] ? __kthread_parkme+0x169/0x1d0 [ 563.057377][ C1] ? __pfx_worker_thread+0x10/0x10 [ 563.057401][ C1] kthread+0x2f2/0x390 [ 563.057428][ C1] ? __pfx_worker_thread+0x10/0x10 [ 563.057452][ C1] ? __pfx_kthread+0x10/0x10 [ 563.057480][ C1] ret_from_fork+0x4d/0x80 [ 563.057502][ C1] ? __pfx_kthread+0x10/0x10 [ 563.057531][ C1] ret_from_fork_asm+0x1a/0x30 [ 563.057561][ C1] [ 563.705056][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 563.711959][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.13.0-rc3-syzkaller-00044-gaef25be35d23 #0 [ 563.722482][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 563.732553][ T30] Call Trace: [ 563.735860][ T30] [ 563.738805][ T30] dump_stack_lvl+0x241/0x360 [ 563.743526][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 563.749023][ T30] ? __pfx__printk+0x10/0x10 [ 563.754166][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 563.760182][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 563.765839][ T30] ? vscnprintf+0x5d/0x90 [ 563.770198][ T30] panic+0x349/0x880 [ 563.774123][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 563.779780][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 563.786224][ T30] ? __pfx_panic+0x10/0x10 [ 563.790671][ T30] ? tick_nohz_tick_stopped+0x82/0xb0 [ 563.796083][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 563.801826][ T30] ? __irq_work_queue_local+0x137/0x410 [ 563.807409][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 563.813103][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 563.818526][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 563.824805][ T30] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320 [ 563.831081][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 563.836746][ T30] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320 [ 563.842933][ T30] watchdog+0x1035/0x1040 [ 563.847296][ T30] ? watchdog+0x1ea/0x1040 [ 563.851750][ T30] ? __pfx_watchdog+0x10/0x10 [ 563.856456][ T30] kthread+0x2f2/0x390 [ 563.860558][ T30] ? __pfx_watchdog+0x10/0x10 [ 563.865263][ T30] ? __pfx_kthread+0x10/0x10 [ 563.869883][ T30] ret_from_fork+0x4d/0x80 [ 563.874324][ T30] ? __pfx_kthread+0x10/0x10 [ 563.878955][ T30] ret_from_fork_asm+0x1a/0x30 [ 563.883754][ T30] [ 563.887169][ T30] Kernel Offset: disabled [ 563.891491][ T30] Rebooting in 86400 seconds..