Extracting prog: 2m30.659358934s
Minimizing prog: 9m47.869377245s
Simplifying prog options: 6m25.067563441s
Extracting C: 1m22.32390156s
Simplifying C: 0s


extracting reproducer from 39 programs
testing a last program of every proc
single: executing 9 programs separately with timeout 30s
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$kvm-sched_setaffinity-statx-openat$fuse-mount$fuse-read$FUSE-write$FUSE_INIT-syz_fuse_handle_req-syz_fuse_handle_req-socket-gettid-timer_create-getsockopt$inet_IP_XFRM_POLICY-stat-syz_clone3-getresgid-getpid-sched_setscheduler-stat-syz_open_dev$usbmon-openat$vsock-openat$selinux_enforce-sendmmsg$unix-ioctl$KVM_CREATE_VM-ioctl$KVM_CREATE_VCPU-mmap-bpf$PROG_LOAD-ioctl$KVM_SET_REGS-ioctl$KVM_RUN-syz_mount_image$ext4
detailed listing:
executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x141800, 0x0) (async)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2) (async)
statx(0xffffffffffffff9c, &(0x7f0000005980)='./file0\x00', 0x6000, 0x100, &(0x7f00000059c0)={0x0, 0x0, 0x0, 0x0, <r1=>0x0}) (async)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) (async)
read$FUSE(r2, &(0x7f00000021c0)={0x2020, 0x0, <r3=>0x0, 0x0, <r4=>0x0}, 0x2020)
write$FUSE_INIT(r2, &(0x7f0000000040)={0x50, 0x0, r3, {0x7, 0x1f, 0xe0000000, 0x5e490420, 0x2, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}}, 0x50) (async)
syz_fuse_handle_req(r2, &(0x7f000000e3c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d838aae8c05dd22d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) (async)
syz_fuse_handle_req(r2, &(0x7f0000004200)="a28096c80abf3543ecde7564abff5085d2227ebcb0f164ae92706ad0b083a3f469a3efd15b4921e9c3063b98b3082068e7c31950dde842eac55df0f991453cad62a6956b0b6f7b8cf49b506a3060fe1127eca99663ade8efa89ee189acb5f3b92f6bc4c46621c803eed0d0bb5f32384870ed08f89d4f74445762fb99715e083c4c92a8878be19ffacc30d0f2da64f971cd40563163adc15670ecf25cd3ad96138967c4b53ad9d04b5193ab5fb674aa0030a9d703d1baf810ce897f969121f142161919e583c275671b999e7f363891dfdfdf3556d01b86ee29eca8fccbfeaf1771395148706cc6e6be7ce29fc9ffef061b5420950c1a525bf75ad06edec51538d1c5bbc77da72dc90fd9998936fffdda2427e5a68966c7e2208f76304680182ec73007e482f034195712af922db2726195d997708734db9e7825a864be00b2a4f800881fc0363f5e618398454f35b148b4ccb88d418269fac868a8ba4a2d5b4f06a1ac01b5ad158b842e05adca22c7372585bf4ce95560b6c1e021a3ed2ff7bd3b6b3c7734c3b66d7e4c460096312082f89b16baa6e73814aa60925780cd92cd65087e260ec046fc363264366a9df2c849c0644911303946adad544521ceb469a3e193ecc9a7876403fac461a4a70d6193b2451189a5c5120b3535e9edf619108af7f517b58abd3fa7fb1ab832213430d2e6901076fba9c9e1acc6c6f48ff0e419bbc45589745a176f52a7407ad5e3dd49acb31b47862806f47077dda04905e45a80a12cbcd4d2dd9fe66c2d1f99394fed8ec60961cd2dc7115a96ece432fac86d51bebb08b95f447a83792fe80291fca7b298c9043ef2c26f0f7e42798d3f54c84b94c24c76c555d83ecc53b99bb22d71845e5cf21a5ba7fbeffeb6306e1730db14561b950a3f24bcfd78d4ab0d97de8054bb1a6077ae7cca6e45d846d3df82298d07212922742cb0facac3b77edfbab90e9ee2d4f7b0ee9b17bb11ec5e5721340d84cb6bd93428167e69b47759172557acda313c3decdfc6fe9336bfade459f43b39d0f2289f9142db280f4ee668e650e12858c577e12e2b9a57ee66c834be97979bcbe94747fa5d8d0b7d3a9f8f218df1bf960f828429a1efe838616b18faf6629236ddbded43a093efae163228e5c38fd7714743c2fcca47e3382bcfb1ab893fd7377527b4ec43f3fa60ebd338161d8de7cad65b15579e4af258f5fe3a63c2637a15703207029b0899b5427767647baef11e291358e6e54f6f13d3d2ca7a5e7969e04d2733b3b9ab822c69a3cfac097384de5071a9b74a656136d55eb190df08747b509fd610ff62b4950ef71c934fe21a48a4931d3d9458b415f112cee65c660f5490e982341da1c58634b3967ca6f3596d20cc90f508382156e36f16539093240ef5f2aa6a2c0dff2a67df30dcf50bf6e0b82a3d49f2d532a8dde1b3ceefcf0837190b74186090d1c18b59917d7efce1adfb238ef4a7b1d22c4cef09320221de883e97e6882466508de06fcdabad3b741bdca2cff879d57ddda52f42b3dcb8a78cfc05826af7e4ff155960ff8491194f4d321ef195990abaeeefdcb852d1e1e3703f317385a9458b6c2dd9db830f757ec29c9939fc7313e639fe485bc1e41ddaaef3fbf1f7cc527c8fad0d21b8082482caad7bee440e5097665f636c3dfec82f8c98afb6243bc3944939675a594277d278ba4361461f7da52e224e4ce5dee4a467bf6ae9f67b61ac6eb0a440406abac2016eec907e241c57f5f44be47290fd0fef785ff04df3810ccd637b4d97a84bae8486a36f75d872e645fe46625969fc2d1f032c56ed44bd98ea27bd9b6ddc8eb2dc2ec9f90f2f1ca1bd20e37ac58b03c84c872f4ba47310654986641460dfdd531ac62a76ad87b89c103ac5c9c2e7e70c66447b3412d4a1e5cbc30e16939505116c04de33ae054ed366de8d1f971c2de439957a194e22a488f58d7efd46439177f3f3c45a1475927eecd846d3d2e6a2ab5c7f8addd99062c2fc6b272d1f51bb8f22f1b6f8bb3faf8aa85e5eb9abf7df5cf8f26267323808b0833a987989cbe59205e7ad06556e2d1b8a4873ca1cbcbc8d43abc145fd4eb832e7a58ab2c793d003ce7b1850ce45eb7480417a1e9eb9d39a1028a2a04a2aa649c098c4f8eee514db5f6021173bb254b8e22b150b2ca01dc7ff235db46ed78d07f43d1adab13b8445d1b32069eb45f9d389fcf5a3f7d3ebe243c5b1fe17b1f5a3d571b65f21b9e471e818172554dc956749b99cb7a5f303ec480d7194a2ba86e204f06aa1becdddc8c49082c527e7064ac2ad77dc05639d3d2a7778f6943ed6105ebf6f0b9e94fddbe05c236ec000f4d1d4e496b10068211ab68ada4c7f7ac61f5f5ba5f1810d5bbe87ff4f8356af0d3f682baedb0ad8f8488b277421f0a03fc5e3095ee34bc4472d8f17e3f7013cf2f79f5ff3ea4b6bae56d1365a33b09bfa9a496323f7da923b7e29dce4beb81035f13130004c96e56d7ef6ca6c101d20c27a218e623227c33c9e488b17e7ae9ac20da8240501f7b614a1730f164553fe479ef149866e4ea47296814284a3d3eb7cbb294289ffb996e0eb053b9c16e54cf267832e3d360eb196ed51305630223309ea97215628f01ec9d3ea48096418d5e962cac5063460f0a18772ec7ce66d14a1cce14b52c40bbbfafccbf1e76f09e57ff0718048e5b993157a6cf4718826b1e09430413a3596a15c4a620fa8c8e1d1663e5739f9f790ddbb3be0e00187d43717d659242467d8681ac10303346157f894d9037641417010e9654c6a5b22263e73a5a37128f50078a980c30930321aa5c5e7851d5d392ddce3a14a96916fa8421ae6728f37f5de7c3e98feb4babd4e1bd2315d595e209d52748f70adc2284fcdaa6ad880470d2a071f3490aaf3491fb64b4547419e8eccdc491a8921156cb4811ad1e66514a32b0b31b641438881f28c1e6461b4f451938999af671e8c6a5cd0c072a9fe4cdbefe24ca616f3d0a15ac97cca835b1a440e04fa28340c6044176c8ecc8ee0d033d47db8a0aacfa0eabdfa1c9509fc2604008f01cbafeb5bd2b503b809ed672340b9a576593f1ef388391b54b605e7a15bef7b1345627a34fca57738b0f8f4f19eea93c903495274a4425a1a1cc6c4c6e335b631df5185c95b485e4257867b5347a40e4e14dcc560f061fd4fd265137dc68afd548adde778f1330f769acb1ccf5da14ff6992c24e210ea6e6179421881b803393bc6974e37106c5b5b3b5d0b3469f8969bffb7e4ceb2c98e928e74366492d27235ae4c74a2f48511aeeaa53a2beafa7a331b50e454c507af1b63350a5cef35668a5b9325014192277e509561008b3601088f79d42eaa8b1e4ae2000b31749e2b8094312ddb7f3c1cd625ef885c11fa22a66e374b52b3425e0b8016154e1fd8471339e32e7373d63ab646d893fbe09ae07b06074c01401ea76b3c382a9d32f24f93c789964e16bc4206ecd75c10917ab84ffd8d6cdf4cd28fd90375ff28518f8c1a3befc538e1b9e427fb671988d29f2fb2fcd039f4d341c84eb4d7cf600ddaba88bb094e4d87a1419180149f491368e648b69985b05ac39a4ecdd3c5135f3a5c8ad7792dacb6470144bb9e67805a211efb3ec9ccaf8e0901345fb19e4da579e1fbe86a1207f4f13c3436009c2c640b7cf3f8b77ca7bd994bf93308027359c6dd1b7db1e153fc0821968ef36c003b6c73fe890f4de24f5c6458dbaaf3819edeaa91783c3cfc7e773689236248195c7bbd60113f2476fa3687621d668d1728ee433d2f8f4db707345d30f1e52ab87a2a0afd547c6bb06500f59f17facde48f693490e22494b75d11df1a143b85068d143ef6a9bb5937a9df380c8948f1a01e9675e18409edb0f6b9605b68e34632fcce472dc50b90b0f6dcd57931f78e1e8861a0fb62e72b0baad6f9d23c1cfb0f19b25013c8d9fcd786a2f6f79768b5fb398f7b2baa31ce8156d1fc4a46c1c463fdf30360d42aeed2ef11611d0b7f654bb51052fd4dc39328f8ec4c58bbda05e6f1b3c8f6d8adca0268f2410e9a4a7d63b6616006d0e02f6edacc10e5c54fd85f15a8bd7648a293f23d6a699bd9a675250475a73a96d7475e4fabb89fb5e7de5d7a3479aa485c0befc60d0ac4fd5ac6dbecceb06cad86e219fc0ce4720758917811a3215f8d13e413bfb64fc065fc421aede0b56691797dac428c7e463479fa591b9072c309b7533e427c5cc11a1f6cf9a5b995d328d796d874c5b55dfc12a5039b413ce319cf5ba1f355c4e0717d32650b43e18010f37f048731931c52c4f36eb969dda702afe96c2a5241350a67ba2d026946189c5e281293c9a8e2cff3784776f1de78b917101b54e5ab00c045ea15f28a0e3f509962cf8bd3385d85250737eae5c34ece86b86669c13b00308a3b13c0ac3c83ff26fb52a4aa83c1233a9490cb9ca917a056908931751bddb88a62379a713395f0764e4a393faf253a4026d0472270e6036287d56850df1751543484d65b3062155b6300e0024241c59a862ae769c1a9232a2d9fb24705177a09cceb3eefbf9f106f67e01be14cdeb4d2fc7d8661df3e75de5ccd09a7e559f028fb9837c621ea0045b4d1b679067f246339c974631aa7134d4e910efb28d3c48929cef1df7e6c73668762d55086b6c59c36ac90154135fd7ca4e4047dd0aa161fa982d8edf9c0cb9666477e096c55718f6e4742415fefd4f696d1f1ccd6322bc19496ddebd36282a7c707d5b44113e30678e6e33ab7d34be04a59ac614d6a54134490998be02636fa91633d6294781c2b9a54c611c0045cfcfe81f49aa21b29d835cd2047c854486fd8e65a2ebf629f7ced602b9dd107bfde483e5c9b5cbba4a08cdce09920bda9978b7fc2b4a89bf1573a26389e52090fdf5dccf22111dc8c42fd3c8c477092895398086cc22cca665269e193fc650742a361a44b857d258429f701f22e9b7615bc3dab78c1479a41cf8575cdb17169470b347adfc03e03daea3e269725cfc72df5664b9df36d2f2b55013b71133e0b80577a47182511ebb308b6248d457bd2af7b28e77182c305241178c4124ab102771fd5a8c3dacb8775de881301d71587c76bcf0a97a72ad244d0c42fd71aceec32dd48bb5c9a95b391166c832ac5bac8c7cae4d18b3f7d9f2e4782fdf97732e3d51f67bbb57f989ee0d7589dbd0c2a5c63840e914b9d7d720fa120acbffebf816b588b2ccc052e7fa78992e0ea39dd21a122add41195f8e2e1acd777c1a4e8ef4362fef441feb4d9252c6bfbd2742152300a32027776e3341620d3c8d9365e10e81adcca7d87a0e555c98a0353c692557d90ee9be3fbaab766abf93e2462149fd99c92a5fc58d899ee75535cd1fe1386c5ab0b157c2102039d6015258f59cef3f15b951893a30ae839f740402a30b34e7be73796286403c5beb0853d856d83f1b00b48328f56dcb32e1faab08a3435b1482bf18b21c95aefeaafa7fd761c7f28d416fcde06bf7aee5c6e9eb50e55874253ba3f1d0ce2505b4fc7c3fc996bfbb8446bafe84f5bea94bfd7ca5aeaf237fe793b66e5c521d4092e4e1f9bde1dfcfe53fa55005d21cfa833a338fd9792614129336060e10d1911862070761aa20c2902eb7c5a355eff4cf6253d7102a2ca1fead4c53b57d576d104c081310d92797e4e2e8c269d19910d0d4cedf30fa28ba680c00137f83de940624229b6a125ce5233c6cf4a3640b74f58f288dad8451fbe37641c5559a5f3caf1299c8bfb230723652278fe378efd8e459b9da26cffeb58468a6301dbc06d713ba2d8d43d9038f5f2dc8b831ba58a88eeb5b1786b21e398aeeeb7c1f3d6f01d82b3947862fb9e7cbd7da5d04c5fcd34da28d53e2246e3ac1e3a619ad174efa6435eaa0fc94d610799ce0158421dce046306eb5042143daa336d52206b12610ea6389cdda49bf5af1d4ee42ac090a94ae7b7612073f3a5c36a2205eda887f41478f7d20f18667f941f71eebcfa76c1ab28f2a49a3bd56bd3f4e6bd079ab3fe2d94782236e83585a03e52907abaef7456a95d5d3f3d37efdc035dbfd7c41b8ba0af2df8adf1cf24f7ff0beccd3d26bc91caf42314ef7e466f74e19ae0df2e2298fc2f694a7ec134632035585d530e7e19f65c256f001d75382d9825ef741bc213af186377d9ca10d3722354e1897ca5c23ac6a52c9ad0e6b686e1776f7ec65df033e8f4d5db80c1bc354093b319cb70df93d610667675816328c99322f14e636b95f04e6497f139d508b453f53ddb5c289d849fd5407c9bdcefd1642abd46e28cb4e94371bdc606eeb67c9fe17747c68f2d50e82711da4d3edb0eda06f41b7f93fa8fb4d83cf21c79da67000bac2275508217ade1659fa8d24e5f8efb9f4bd21073ebef3d06368eb03fa3cf0d638448bd055ed20d292033ffdba538559c8ff9a2a5c8f83b5c393643d6585d1df994c3be43e72b8f3f53114d2a5f6bcedb573842b23b6a3eb7fca8495bf03bd03fde7b19bd39a16cec49e01f38e671af33cae082d9788e3202799bc466babec2080528d0609c0b731964719093735b4c1e73bd0705637c47516922197c552baeaf3516b5e3bbc2cd1afa3ef8215196ed580d9561092f620b897e98e786a0c7cbb0eedda8063292ba6482497f5f6bb62fb5ab4c97cb7658dc6579718eb97b547fcf47ced1426561af93a15fb4dc6d3d93b868644943c2c94b23b0570bbb81df2666c24f5abccfcdd71e209f3bb43c01d17f9bc8b9af2c26762fc6a741a150b7d1186e4f35175f3c315243e1c11e92c43a1fc492eef5a13c77a81fcf514ebfd0f8e645dae15a07e86b2f01fda065db4505a5eea83cb616f744f6bee731be191c65449c02603556d5a51422cf9c2f19f8d6843e0c1091e0708aa271e91f71c8602b9fa72189e036b7cb6af1569f21269283de94a6d7fe5849fd433d5b719c80419873db0587fc29786cc598d896fb16360bddd2ce12e54d05418f4f5e5f2d7aafe9fcd6268cbe2e9e6329ffb6c67fab8f3ce673028cc06aaa6b857556bba3b44d3fab5b6e875e70a2f3ad4b2ff76f31ead3462d3801ba373b3c2f545e94f57021575e2947f81f53283fc0a5137fd44fa3d074c92de54a0a3465c858f5a7ef08313faddbc3663e4e0167f3cba39612057a7518fbfb031f5ad0f9f75831973ebd733b82e554bf3fdec84e51f65dab6028c6c51366d9d4700fdf255e4c7bd70766e7f2281b3f2a5363f85ce49f9135904d14bcb117ad754c2594dcdca2d30e40ff265b5accfb116f64ed99aad570c4c5a91efdbb984ac651d8721405a0342cf77f448c17a152eabf29e88950558a86d0074e1cefab1eb7c366682f686ee1338737e675ea58eb8b4c86b9f28a6f6e96459f29e3b4dc59ff044c61a0dcc5c31d803e6e98420e446229ccdec3d0f705e92ffe016bb3696373eadab7f35ccf65ab4d9be09a085ce21bbd7c0555376e4d7fe68b5e7a64f48b5127825fb2be598d991f9c1a54bf52713417dcc599e812d85513a537e6eafa738edc972b67e065595d11678449bce6cd3d69800a649b560d0e057c502ca3e72e97820829ecfea801192c3f4e2c8763c095a43ee6fe45fe8730130937668df1d4ee577ada28238be03286481f2d2a004cc4d48856e71fbd64f1a0043a4520ecbbf1b3abdc96b87a27be8495a20542967aa4cd3a44a11502419a083d84e97abfde0901b66dde48388649a0ed6d93b9f20c530e990c7c52370a114d800d6ab3f6687d6bbc105b63738fe05fa6cac98ad6663936bb18cb923264e44312c24c2ce8e642bb73c921012b68a26a70977446b8f15f9d62467d8b356560c183a6bd6cd76ec868c3bd94a595cd7bf996755a508a814980c5e588b275200c45afd900c8c2de329ec2484b0e3ecd7b0960e5e3425881d1ff7f8bd8b20f5cc98ffc3acb77f5e88775a4bd3ab9f9eb027e27d3af55ebdf4eebab48ea911128d668d00fc3f5b5480aa0d9a4af563ba577384448e5425157133d59e1cef3c722f33700bd372825046b1fa5824e405154a3af1440bc2b75acfbd07cf92e8c162587e74b5ab66b1c6aeab3ad5fa3ee91da4900ef30ad04baea326df912517dd96e1696b4a91faa66675978a375e81f25464a1073dc6737af08d7e25956bb31d438548a7da38662d49db812a8cf1d6cc65f5c63879fd9ee7fd2a66ca3fc1a768cb239aab88c87206470b4c60592afeb6d69ed97a8f990155862ba4e22b64804142c131a23792937aa8a8696e165c24d7692a04bb4471b0f0d2507fe7c8618421428fc7a0acc984ca5cc6bacb772e8a717bbaa646f9643275910a6037afaf5a80678d18edda138a4e13d06d04a5d06431eab48738225cf1567e960e765728dc12e91b91c6f2b33dfb6e033aa68c1c2334d24335abc4a7a1df5636dec29091da54d5f5a1fff41e4a35a0c2f04f968f7d78e2f51c73577e2192bb20f289aaba5a175c2ed533855bd9ed9a842ad482136dd5e0cf45eb5e2d31ff62a3be1cf8a94a58316e74f4ab9fc54f3a0bb83beef0f355993bdea2c83e61cdc796bf2564ae51fae616799e8711998cd88d35cd9824452fdd65226174b46792cb87f4dd282e4e6f67eb66da413ad877ed6ce775f7e19bc93f48bb9e5ec04009de3c042aeacf7f4b25ad6b30e017303f64fe07ac79e8744aab6926d117f13513d0469cef335fe1d0d787c2d0b2c031a9521786ac10e9f8b768271680337f2c3262abdccb5d3107c632bf1f74c83ee91f49988222fb080cc8faa9b1a02526d8b6087e0b2354173d29016b3309587c16f057dd812aa63c3169150de81f3af97d082a8f8da4ce4f909ff649821d7f96d97613552e8cc4902e046ecfa329b1d980ff5ece69b8f1615fdff5244f41cec0af924624ae1641ecae5fa26c5fb9006e57100ee71377ced7c255ae17a0845e2ee0287c62c1852f93877f9f86157ca9675d383fff5cd6f2b001ec0136c07cf37f5ace1853122c2baa1092d418e2a490c4a5c8f56b828ce1bafeef4e77f095d6b4ed99d56f66812cb19be540ebe5d52e7eff2d69cbb8477e11514f7e3604bf9999f78c2f1ca6f60a2216b87fa0f25269c425b7d50709b200912b3b7899c95e12d6e9c4dacc19e327721860e0477a53e6793fbb7fb9704a848f395f48c24a6e79b9e1358cc3497251de88b8d3a7b22c6d8af1a7fab81530d9f0cc98f62debb222b54780d89794238532717b447d71b46a60ed481c21db85b590b31720009695ecffd4ef029964e5d5149622233ac013e960a005c924f73ea82c318455546c53d74aa3f7e2ff26aa074c40a55aba8b08027fc19b596eec6c4f89bae39e74b9aad88344f7cc5ad3eefa5095f2ab47222e9a357ecd71c6700ac576025201490d9e446603dfd4bda7617dd500981b2d2ab8c43882a5208494cb3f8ebc720bca8a7cf6c80bd7aaaf89507bb3412ea490a78973f12cc30413e9df1458917ea3d68b438d424c1314bc8d01939c5a5a842438281e62d0c800dee704b2a6cd3e1e4b885a6b26b894a98765fa3308c9e4b87f93625faecdb17c29a27cd243bf6030a67874ec9f2443cf8154261ac2a834c01cbe1f314ee7aa3ca552e1648cf8b42a63f249e3538026e09e44d69dc259adb0d1a0cbccb5a5dd5d0dccc90d023da79d5634188ff060f7e35a5f9d7ad99546824d63975d4452de876093f4e997dc46eedcd80a9eebf5e4f077fbb10c7d9e19a3419e7b845972a3b62613c5404a209b16fa88e0ff49d7b4f21fecc1f773c5b4be61021e0cab8602c6e8257649303aaeafcbb178e7a460ff07f219c46eb6fe5bf8113723e454003bd707767c107daf4255751daaf8decf35262640058924eb6587868b2c08230b317e97396ebc928ba8d274ca0eed0bfcb637676003c64e8c1e1a0420b6c96a44226061ced41b8448382abd2f3d0c472afcde231fbc9ee90c2f1132f8e2391246f95ad93354c7460e20de996ad0f61b13b27646887a637cede90b94b7d8c3130f0fe060e8d955c711a2700b302a75bdeb32a0a6802ea795cb114f5f82a1a381a86bbff88b299e47728b746dff964c94c52b661b9429376b1320b46081426b7c340206dc0da151bf84be2a49e78b6b5938753d2b1be8d9e67c43c5d70e72519f5f90d0500e84ee38f82b191ac4d968b0a37901fd923cb289d585693ac3c3f8a94fca6df45e694e199a9cd0b1bc1fa7394bcc96aae670dca6605a998793b7e067ac410ba631057b8b76fcbe9524df820c02efef1608b743cd2aa6d60d3d8e476fa12d3acc329f8272b087d89471177ed531fec1f9c24a975ca2fcd8c246a33e291a3f00b7f234052067a0059c86762475256bb5e7dac6f121a0925506b18933c6e314915d4b3b2130aafc2483ef22ff8bb7b887565b1bd22fabca22037d8fc9437f675c5313526266f60bb7c7c47f30c7d567ed142ea5ec367c4298328d20e5344f01c0c90cf8a6302f4d84b6ba7495fba314a05ba29b63bb6d458fdb05a4411136958309f418fb178e19aa09ff9e62b29732fb2986c96e738f7a688cb2122dbb8f2ad9a5f28bc49ec0c462413552afee8e403259b55ad6dc334dde7f2d306929dd01f2aa6036cafd41874522689301b81c9e50e86828894140356db0a3317b081ed9d8148c41e77e6bda6287762532b86eb91f5480915680deb8a91fb8656b7f0109064865d2b846af0861f67d3f720d6e306540cd7b68f095ef3690b88ea93fb6a402ff5697597cda83171f159e85307d1a8c01611189bd4eb4f0453ab88d43ae181a562a76902a67c687514079d6f4304d9a7c0fa24b6e86074ea0a9fd8187c120312078f5ebfa674adc0303734bf8f6b5585943706594192ad24c9f7d9794fb83758924f862855ddd50bff58b522c43d73c03289baec628cd693cab93101b1e473b76532510e10f03e86812fea6f2d6f5467dcf29e6d7cf8524f383a0ded3f0951c3ffb171a6b8a6d97b5fa8899a19f1a3d0e934a1d4741076e4394ba225158f697bf7d5651717c6950229a0be22e8120d76a414edbcd03d505264b7ede8272ccbd6dbdcebaf11daf6a652f6f9eb74ba7a3ecc942892891388005ae5d971e4e79d696564906dffd44845b704a9abc2fa5ba1bb69a548423a08044ad6d0e365db7e6bea0f3844a452759716cb98dcf326001ec90c1c343174098cdf47ea2e13341058ca014d2a30e9ba3c526de72a6e387181bf76a278c9cbc518d8c374a3f1d9802a39464a100903dbec16f8f095f5d82d9d09507281e4f7fe0ce4fbeced193902a5f658af2a4c1d0952dabdc6ae5830b6b5a2c3f5b8d33a73665990822e5f4a7ce5366755a1615543bdf78299c71e890e0bedb6ec277b10a389d6a3ba9c037221421279e51ab50fb115de2076cc99444202e88ebd9d0fbe4e60234b7b761495ac6c9e615ddac8176164a88fb6d6cc2b52672c8949afe3efc1e87a598896bc93e421423844fcaafe65af898a015b3bcaf623ebeef9a57155af5278ceb52b995f7ca466d9e18b05e86380679e0257cff6d0c6750078462f2ee4701d6d8289ed848b877cf5918625b7937060d667c11119881c30809056892352c6c53c01e395af6866ea350e6f21fa3db772c1177c759999973b51e11ffc5908", 0x2000, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)={0x78, 0x0, 0x80, {0xc, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, r4, 0x1}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) (async)
r5 = socket(0x5, 0x800, 0x8)
r6 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc)) (async)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000005ac0)={{{@in6=@private1, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0}}, {{@in6=@mcast2}, 0x0, @in6=@private0}}, &(0x7f0000005bc0)=0xe8) (async)
stat(&(0x7f0000005c00)='./file0\x00', &(0x7f0000005c40)={0x0, 0x0, 0x0, 0x0, 0x0, <r8=>0x0})
r9 = syz_clone3(&(0x7f0000006100)={0x0, &(0x7f0000005e40), &(0x7f0000005e80), &(0x7f0000005ec0), {0x4}, &(0x7f0000005f00)=""/202, 0xca, &(0x7f0000006000)=""/183, &(0x7f00000060c0)=[0x0, 0x0], 0x2}, 0x58) (async)
getresgid(&(0x7f0000006180), &(0x7f00000061c0), &(0x7f0000006200)=<r10=>0x0)
r11 = getpid()
sched_setscheduler(r11, 0x2, &(0x7f0000000200)=0x4) (async)
stat(&(0x7f0000006240)='./file0\x00', &(0x7f0000006280)={0x0, 0x0, 0x0, 0x0, 0x0, <r12=>0x0})
r13 = syz_open_dev$usbmon(&(0x7f0000006400), 0x3, 0x400) (async)
r14 = openat$vsock(0xffffffffffffff9c, &(0x7f0000006440), 0x2100, 0x0)
r15 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000006480), 0x200, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000006540)=[{{&(0x7f0000000040)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f00000002c0)=[{&(0x7f0000000180)="eaa405617cb66e97a8f84fed58302f4c86b138c503ab72c641237f65591d33fb1d95e7f6827e59afe079209572dffb9f7a21fc10850b4ebf7adae4da13593fd4c6727753ec5fd890f45b5fd0b03185d00993d31ce28de7f151631760cb3741c635efc3883fa982dc1064a42fb9b0452f366721a7c24d5a963f31035789d5a9bd4d2ee59abd611cdc3c56cb1585ae802eb41a96efaeb3f2f4f59c8e7c3f5d52ae721e3bf25d6c3ec7c1af5434a01bb27f66b3b2ba2f778972b7213fc1339b4ff6ba1254ccc68f64127e33d84bd97bbdbcb7e08afabdf815a48a0d5d5f95fc17d86b871e7b8b451d38f6155efac445a1d80d63e0146f741aee747574bf", 0xfc}, {&(0x7f0000000280)="a96578c28aff4f9f5b1f855562d88541f425bc2403fbfcf60b09ec3ea510ee8a6c3b39aa506073fb225463e2f3c0476d24759d7adea0dd22ed11", 0x3a}], 0x2, &(0x7f0000002bc0)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [r0, r0, r0, r0, r0, r0]}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff}}}, @rights={{0x20, 0x1, 0x1, [r0, r0, 0xffffffffffffffff, r0]}}, @rights={{0x10}}], 0x110, 0x20040000}}, {{&(0x7f0000002d00)=@abs={0x0, 0x0, 0x4e23}, 0x6e, &(0x7f0000003100)=[{&(0x7f0000002d80)="7c5c1a23c8e61fef76d2d2d693d3eeab53c3e3985a952a65f5ad2e6985935f70199845a21b33b894", 0x28}, {&(0x7f0000002dc0)="91fd6f456541efa044115b545e9f5946f34fbf38f139c8eea4e8ac0fbc8371627b2c845d900dfe84bee7bfb621808321d5ccb4ca74a64b495f544d736b85f1880a50a0", 0x43}, {&(0x7f0000002e40)="154ebfc1fc33d16472c9bc625c66da30994b74b45fecb8435f23f1bf82740c03ad356520a1532a45062f8a61387cb27bd73fb0b32f108c57403df3b95b2992a6e78768fdc5f16fe81d5e36e74779138502875b9b1d46fbef852ef246375e23d25427375696fb0a1ad7970803e712f68944975e6766ad29909e9dcac209ce81c3af3181e55c02169b4b0370a3e3fda8abe325f19f039f709685ba5bb51701cb3a7306707b2ee351caca1a5c01d77318fb75017fad0470d04a4c68270117925ffe2ace29c313bb2f8f07f0eaba6def04e61188287e97244b3a8b1e18735892a937880c56777c", 0xe5}, {&(0x7f0000002f40)="4010044742d2e8497f5dcffa6e0fb774e1896500efcf8384c56474f790f29f5d068307b0eb90fe0d2c7191eadf18805512bef24be6c1f8d3cc739c8e4f0f93cc01365597abd2e4f6082fa6051b41c2bd9012e5d9249278915aa170930dd17ea2dc7692ad27687d214d0dc849003d47c0df7ba56146e86a7b1b03156ec19a8834d7601a", 0x83}, {&(0x7f0000003000)="031a553087a6741c8a11ecd9f98a58af75afc9124919a12cbd4a35a94cfc51442e572b3a0e5eaad13b29ce5d0f4f4d48712aecf578c7ec3e5d4a28cdfafd2577d147c8ebe449d94749341f759a0732087ea2b028fa21cc761592384fd6526bda149a52e7eb45fe65cdcbf39795979bac5f844c9ccd53e019f83bded57e1601810f0551acd53c966caa3d5517a3d735ed25ac2d18b76424d30564a24b0ff86060e91cc96880a8b024dd67a0978076f550d2eeae7183ed3e3eb8da9b060db284d7fac1c1715c499e0c92052f7d63d9f43be0e37bc71665bb3dc245de", 0xdb}], 0x5, &(0x7f0000003380)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [r0, r0]}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xffffffffffffffff, 0xffffffffffffffff}}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, r0, r0, r0]}}], 0x98, 0x40}}, {{&(0x7f0000003440)=@abs={0x1, 0x0, 0x4e21}, 0x6e, &(0x7f00000058c0)=[{&(0x7f00000034c0)="8b264a56453b49b3546990f5f876512602084cc7647974ed1a71695e6d135b802de00c259035015911818aaec786d7432bdee27ae2355fe286171b5688c36e0e614627b63ab34d8c1be0fee7d7a9420a3d8f62a72c83ffefe5623c2782f95c061dd4ec59cad8d83807e5fc42d6017fc2ac56a24955f13a1e11a5891545ceec8f85dec28b0a8e6ee4f74628976bb0c16f3d153c40b7bcad317d83ac9e182033", 0x9f}, {&(0x7f0000003580)="bcb70f94cf09da36e9d48043cff81de716049bbb347332395ec918d1c15421ef36812d3e439d5005f0cbf3f08c3be255f65134797ea58034f01b8255206f46d445a1171bfab271656ba4c0b3bf4527bd50e13aab8edaa36b99ffd3d12e098a5703894720f65dc785426a178effcf7c18a18d7df139ca4b58", 0x78}, {&(0x7f0000003600)="d496e4f51fb44049d0f0efad70138a71d6159e2b58e19207aaa15cd5bc20a585b5475ec692424b88a9875f8a4444f2776dec33ab5aa8fe35ff8174f21ff1b7d89f813fb5bad7fb177d8d2d5848d92d3b000a32259e54c568b255a88e531e75afd493827e4f01e55df920571a7b58f5eab50202e7dc6f26adb7e93351fcdb9af37d7d9e5b2f1acd7f6409bf5fbd58cee71b3e0874d8058a0d72f81b435ec66576da739c95e174d22eb684f0ce61309215aeb1", 0xb2}, {&(0x7f00000036c0)="73f3cfaa35c93a4f6ec1d492199eaa6c7aa7d3aa9e3b386fb4522ea91db022f0380f5058203c840ebbf4dab307a60e7b6fdead66a9b9950a0d4de748b0d339af3bf4dda6e17b3e15c9899ae5f0f31255cf874dd77a438821c3d083b0e9ac92fea6f5f68cc8eda6127cc25ee91edca1dc371ac33ca069d467faac7ed65defa04f0eed7da1203105568c900cf80c7759f6b1ee3a7fb3d6dd8214ea2e29c5844802823b748b6aa79ec1a647409780381231c3e5fa6a0c672a1802e5fc8617be6160c9e41bbddca76e35d1e0b858c364480e93aadafa4304134fe4b3443588bb2ebdd646517e53ee229ce5dac744225cdd6031d062e6aaff003fa09d67f69c20f2372acac368d5969658777560013d376f0d107d823e8f2d0f63e7da72960257b4e6ad326381dc1bbee40ecd7261816629dea847a41f62fa736ee23c38a9ac258e24800b9ae1dadcf3f4d4261fa89dd1c370306832214332812ee1bd7a2720d34808a60401cc7cfb77783d4525a31f3081d79fbe10f13e3a5311b73c761d2f4699f1be71c6511744d46d67cd7eaddfe746a3d9560e73ffe8b748c0a41e0bc78890fb832edf7349ff2e388bc6bec40ebaa3fd43cb0c657b1818b24c171e5536ab90f4c4ca909bc6e1244abd879b44e5de51a3ac518da31d66ebb328494ea48b6fbef10cc8aa5c6f35230406bd52c5753e7606b8edc3deabab37fbc921dad27747fb32269a83b88f39521fb55071fa791a6ff41d88c3e4c0f012ee4d612b63042414de34bd346c71e02aebfdda58f0345d86ceb32c966c403bd916b2f6e9b16af63e2e68b5ba9c3aa5583ad35916ab45420602f6aec21fd2a93e2386e9d4d138e8563663001367eb7e82eff0b55094c5ca3fc2b07aaf9f07b56b2cca6bef43534221b9e7ef16312dc3480e0691f07dc43dc208d06bd8700bac4fe2ba4e162e8118978197b6fdefee3dfe81d15a890ffed9de5f82d1065ab7d220f2090e76a771a0b94af23958d453222b9475aa013c31d888c80f870731049a491ef73c5df833852e609129f2aed522bc774434415a1be5666fdf46485d334db838ef34e6174abd40f9422d782e864a6ddd430ab85b0a8a79bf1721058f20ba515505b2d789b9da7b39d83946a08b2e25e3cf05baefc74c33a7880fb87770842f0f9e4110e0ac631b5c1504aae95b62d7bef07a3a0b0d485770ffcb9c649b3be5f9d73a4fb3cb387931cdba1797b66801b599e7eb1208a8f666b3e63ea294fbe16aca624b52eb79b1edf414fb8bbbc69979f93dcd71aa7d20c9018b0f782ba1312a4b3e3b9da3526242146a4db24cfea12308daf7b4004488c8eac9d84022706bdf3e4c81a9e246e28464849e83562e4a5e382fb196d7f2785809032a970fa633e2d1ebc73183cbca4739d5d81e75d907b1eb75e93ce0792807b79f9cf2968c6a7c1b634009e3ace1ea9ebfba925c618643feadf9f4d2eeba83c54e93f4479efcb9f5615fef079b7e3d8aa7bdcb7044040fdca0f6bc670b7d278a66dc630677e24e2c1da9465f863e3f70336c27ad948936ccf107851e2269d44ad9e35594925ea1dfca4cb152087a7d0b82832c9eee5a9b4a4935c8cd3b2c97b9919fd787c8574e17c44aef371c862b23e852af83bfe6de44225380b0724864198a803bc694dc4b70e2ee3867e8ab897ebb27491e84db048462ea80dfa95558f1d68a205c8b22280dddab309d567becc8fd31c3bfa4605b948fe04774220992fe1323a638c15b15ca287205d8f9ac60481f34585a57b53a74c2698b6e46d49ab31246e4cac5bbc2ff02a46b5577fbc0beb48f8b2f940e3cd7a4723ee3c20b64bca41a72647d548f5175556b958b38adbd1d23e61672337163f79e91c790638ec491d8c266ba62fc4b3a982941956c0e507d14b185c2ef26836e78c52cc6f61e86b8909f7465cc786bb20851425f1cab02c307699f0170a2ab9826573bcbc8919e1012a4e6ef435f4d21d2efa3497404d000312b06adac2654d1b4123c6ac40f3adb60c334b3ce85205502ffe3cbcf5d69c474dc9e9e53cdc6aaeefb80bf59ab541b20c384047eb33fd315b6b959da2212086d40885d40bb0ff8efb4d893bd2fd206a0c6bea00e2abee0e1ccc1250ffea6fa9ede6cd13b555297991d82f8c2aeeb579860f98b820079af5f0cded188e80500c593e36ce8c49df7b6a5afde3fe68996f5b1fb9b744c88594e5585c54670e85b2770a0aedb8cbe030b2d5e0ee441b0e8b4328c4a54055c2a28225d92d79d649daf4e9b6e6b4e71357779a36a9d23aded6faa3df03f0a89c3775c710db094dd414aec01faa9cb2665a7db3ffde3e1fa95b74f089cba66030a882df3ba0952395cdc82e8ebff20ff43dd3afb2070ff6aac6337a2e8fcd943fe1713997baa3442a6030d57bdea9a7627da21214ca019364d19096efd3f3398135c4004fa3c642ed847beb1df9fc8fc759ce3f2e5f094b3b2e0f509e0ac58805ae826d15fbee01725b62485a57f534d1161923e0a8a298827366573491dab3840d001052e82416912a1b7e4d590066364303eb5332979be9020211e0594f6a1482753fb2bca08e4bb59b4555cf709dc69a1c3778e5845830b016031fcc4a5b43108e3260b6e2d61e5400e8a4184c8c7c5b69768312c8ab0aa827a1457316a5016a0cdf09e2a5bd83c799f3f4c2c16affc025b1e7d716d39f7b3ae69558afa407bd13d6778aaa0fe1d7bcdc13c0d1e5da19c50bd5748cde3121e423c4be74b5b986c1fd0672fc17c7f5ee8fa910f7f48bbc343da8f9931ecd34678732436554c7f791d803ef8a2dc3eb7b90ade9feacbbe6a980ccd8cdb74407c2daef53fece9cf643f2c66e9c194e5dde6a3b5060129346d2590956ef9bc77e8ead7532aa0a84f10445e0d67f4edfd04d404c716e356263c50c05fd9d75c8ad626bb6388cfda791ae99790563c822cd0a97f5fc0a4ef90fdffe7b95a9d0e848118556486b5e9bd3562e9878cff3f22ea6e316d51173c4e4e8adce8b95985fa453a9a0c42fe7827d19468f01a328b753e65e6fd1cce6207bb50ab3084b4f1cdee753bb399b470fe51872164ed59c86168545d44e249fd4ba82f4b4cba5b88b350081716426a4886c3f9e295f5ad6b9261bab1a7995981d2110f896d8bddafeb2a9cd8399c9842bf1735518a24767237bf47721cef5cbbf45ab81a631ff237938dc056c545a3f553eb5d52161fc53750c26519ad163f30c70a5f609d65546ef71c7fcf9f8e4aff414806a03bc9b19fbf8540a8c1eda0c783713291fe269e42070672d243faaef6b267414bfdc307b0a44887055a2b8544765d0cce88250aee6222d98a2cb741fed7b7ce5ea59971c2c4a907bdd4b7d4c74a50736c73b0152775885eb84f1889580d4f54b95e29236c26b12a102a13a662a86587c8926ad9c2ac975c6b7bf3bd17895ab77b7538686f4b8243d132bc751d11c1c81679aa7165c9c19a5022e9977b062fce3ab9791c41c9c1db4a9cdf0930ff1d2c2b0e1fa558ed0d7511e212ea6f21a002aeb3c86319288b69e805504b94451b35b2c3f85e6e25e5299cfd1730d78c31c231c5031e10b3614ffc64e3a24592a3a9b59be302d75593ffb000f971d79de6dac78f5fe2d3cce01710de1ed606c2852296396cb684e638f965de173a2041a0f1708aa103ddf9c11151712ec56d614a740ed7d838472dd2f67d44471555a9b68973b849baefcb49c58f912de1756cfd4863cd9e56e9aaaf805ae7756023d88fae80d4689d132b4a8c25ce326faf945d10b3933686ad424c6d8e99f9ed1f7d91fd181fcfec06935616bb2c1fe24e14884170d61247edf064d7a858e8a6335274aa50a379ea945038f307a23926e5c9910bb7f413ff1687045be78d9b57300294861c4641ab1a9653f3722eb174f22b724b323367ba30089dc61d81bac14ae5cd3c9aa01dc0c0d67a436d7f46157c80bc7c0eeb218cd161bc79653ece2c29098c853eaa494f95381044a74a5a7a44e9ad6f48526c0ecefd68b951ad7661961df7d6adbbafdeed442daa15553bd32e7afabb55907cd8976bb917d69615241959be9d8a2d9d10880a92eba4938477dc5f091627d90db7b20c4b18641edb2c23bd739d832d7e3e166feb584248883de3940a21ada773aaa4199e1dd01f7d292116d6a90d779ae62af5ca52c8b91f3e647c8a60853d29bd4e286de043736d1eba05e2e7e70a47d50c96f721ac602cb0f183c6e11e00b9a1601caff042202b9133351e4a6ae0178025c8b21486fb33fdff96895d19861f0358b1f2be6f65ebc8fe4de2eec06b9cd606b34b6ef8daf6d8d20baee3b64511828a8270cb655716c11bab4ff73688076256933c06164448fe2c4735b8945e4fa13ca2ad2127ba35ca9ce4eb5b2311b58636596750bea2f80ba6b253aa9aa5191e04d36dcaa82d85135f603c2b8058ae8d8cf9bab67bba395ab6bd0273396e3074661c0a42ec9d055b15c33ad0a686bbe18392245cf683f5e1efa8df09d7efe303244e6850375a82a87e84867bab4eaa50a3652af08fffe5eb8a6c8ae581e5afe213fdec48970fcf74e71b06fd18cef7198998eefc717055e28ab84d45b486613180bb17520921c05088813247b5879ecccdaba9d4bf758fdb269145d2dda167c5c3723540ad7fe9537b9193a27ce8732596aec8aeea8e4839dc878f53c4d3b28ac76a8af4c6e181292b47b6ff87302fa6d3c275776d9e7efb8bacb706eb4a871eea5aef2494b19c7900c0cd51fed50969378f961f4fd92f27f50e2f1e8f8bcbe68ed31f85d2786342f174eeee4bb765daf47f17db49ee4201931cdd4b17a2e57fee497220f44ae762634343401e82bdc6ad7661b18d46174a44c2328222129489dfec4c75096de58cffe77f8cc587ced14852f97ea5722eb123783fdb0b282742bc5d7d0187a423ff44490915131ef638eda5e890dc1b87acd4f0312ed72586aa25d5b0531a4d9d78a0fd55d07333c577a06b135a9a915ea4e593a2dfee293143e56cc87af43d9eb1f2fc3b5249788791ba8ec5fdfacdbd4ed005f219e0a5a6c24e038e0b2257ac023ebf6e765e0ca9bf20bf8c3654f39172adf128d50040d190c282b3b898992fb231aaf622e703cbade69c6e751fc7af9c0f8a1de7d81ed9611b294e05853ba12d74d8fdf0892b62d299da411860c850364ea057a4335d3aef5c654a7c3260af5eade21314d31e053b132a4f89653d4813a998fbd89f6d23fa685b98886cc210b32f301e5694d899cae3463c0a1702798c3e53921932dfa5d3a5b51da1ab2a858d1160a4c034bab5b43b7613f8bbc0fedabd46bd428343935c54f8e8d42ee2779c6f0fc0d7b492060a3c4931a7d60f2f8d2180072cc05737eac609bb4ab51d3add286b0e4e2e997ad5a90f5c5779da28291d7de2bc38f95b9a8fa7d65d0dc941a569d7020ae8d8be305a3c00007c773a37bb8c0422fdbf3e297a38129558154319f4df38de5d9e0c9f3b6c57732e27745643767cd4c34ec88e201cdc1cf4091b2a2da32c99cf4b446f10e3d83994cd747eb4032cc2c43cb5293d24ce08f9e1f27b7d059fdfd462030db2d1ddb71ab15b3b0a64e9fe5e5a3cef95024ee43a01b649d377eaf9ada8d75a89ff7be8619be905c25f4eade15fbf279d02cc0f837b446a002c41ddd197b99a52bc91668fee2c19a9eeabbb621a3aa4fdae960842a223611e0087dbc5400a40d2b5aa761a462cbc5ea292e3ea491ce5f689bf3a14bb9b2e74a00dccb48f297f3cbf8760bde3ce5d5567471a7755dc36332611e3fb9dd96d722792f5da2e3148", 0x1000}, {&(0x7f00000046c0)="b278947516959b05d9306e82e4050a8f1a4d19efda34105d7856c236df948e93ac27b6b928ac96bf26078ee1f20b03e64bb0ccd867527fc8", 0x38}, {&(0x7f0000004700)="e0831ce51ad7e9b257eb2f1fbc0c3f750d92739eeffa9040d0b33d22798ace6dfbd6e9c95b23fb8b539f6da5db9f1fa6f2c690658a75504a638de50186d0012908238c04776eabea9dc5d3f15ec218860af284d805002303c95ddec050d8d843325901df1b2cd7d4b1930b57d1743a0b8615ff9c39c4c73f4cd9fcbd027fda67554dce4d37fb458bb5cdfa19d92648e83a729c6b3e16382af95cec7df826bc8314ff2c3394d73c8d47da8206ba3fac5963ce355961338b4371e0befa277bd42c0a17ad461fcca4f97896b3306a15396e8b8641294c6695f031e4265673ba6c3778be2d36b1662a7da6105b3c3d1dcf8dacfce84fd949ca6193e194bbe5edc081648b02675b5f25d9f6f5e4343b01c0a7e56f2af34227a02b58c0c3322aa4e4fea668cf739f6b71cb788b3f424577490d96760ffb5eb3383fa4487ea583383e2c452e32e7d8b89cc5a0a70362d54a1ecab8283f68216c77c715cb68008b2e0e5cf61bd65c1199ce98817d610a8214158e6d6f7dd0e8150dc94f2f98aa37a5d73d1939e7dc545475237b573de5bb61d91757eb4f1c3172fdfbd58945e41386cf2042c4721753a0b22130bcbb3b2ada867caab102f942175281f84706c3e38cd665f3b58bc6c0f121b75c1bcf69b689950ed007c5444e626fc85b96973a0b2f5543ae5e3ceb9f67acc1ac9087b83a5d04891d6e48ed71c621c6ac1bb16809f1adf80de9bc6fb0972c98bfe949dbd55c439cb898b1134b56fdff46681d772a162ff1f026e762a6bbbc1642ee5bc90c5b1266e2ab725f8eed8460a6ad9c9cba9c397fec2a05a2a8856af16751df3ecc8bc71f1e513118338985742cf326cc282195fe4dd50d59400b1fceb344eb250dcba41cef69b9c556a2da9f4bbfa0da94518211645638d8f3e3a06169bdd4744a564cca03a99f7151a49ed8b06158c4b5bd8be13ae3f0c78add5c9ac1a97ba4a72b0dda13c69c771876a37b7f0e7c0b14031db8d5ac911e2519ec0415039fd7381e975d7bf352c48a87316e9058d8d2e890f1eb5b9f54fd4093ed249655af7061541790b64ac97a01d792a61e990d7fdff6e018884aa1dcc4ae5469a02e216ca7b54b10c742431da23bda9e797de47057aa894db465ded1dfef507596fa98878c6384bb78314f33c93babedfb6845ce8479938a2510e224c5b86a2b7101e9daba8929e67cd47adfeb72e7fed3fb0cc42b8c0d2baa20b98c7858637b6a112861cde9c97a6e78c85081e036788f767716c9f2c94a84bedd5930c76d522b8b01e652dd5e18887352978c2c2245a9e86258ac888292f935907829ee693f7fb3c32d0fd388440a7a4c113402a472662aa906d2b68704f5e922ad10e60f25f8e019fe2029918a28537d793332e33c33aeaed67d105bb09662cfa618ffabacc5ce3d9434c2a748d7abbc856f3d8fc3aedb3ac2f73074595428621c1ab3f9c262d9d4375965728bca8b43e3f416304cb1a7f205f87e1b3fc65208040fc4f236b949e79afaedb95a5479aa2d334fb8ac0b2d35a4b6e2a73219b41cee9a75fd587d82217f2c8802b0f96efd53eae77f16462269f2cc678236cf39442a76180ba6e71cd7e2216f29c5c45c3404e37558a9e487885377fddab9a055da6e0c3df77966eb408371dc59acf6f71d6b46b52814ffc827bb828b5d4a438d16fb1df61d8a9788262ee373a8a1e32a4ec401af629633a67fec4fa4d2d51917d48c1c53d058b6514fb7d277d3766dafaf7950ea865ae499bbad50a23af6e1612c715dd4944df90722f82dcadb5f5935d4214bb7d85b0d1d93f352c0a4e22cc7734763ccd8506c2980e1ee050a8720f0a07a93be2e79d1dfe5e93a771e48385ba968fde01a4550517e2b248fdb96321817928c4032838f921bd02aebd815f9a977eac121744e01bb9e96f8cd725d7de22e1ec62d1c1bf28b0200760da08afb9b4ac1023e501f44688f11a8177849791257e76650b68524cb8d2e8daabcdd2ba22d14f433ebeea47c0f14b6fcb853eaf088a4aab82af2e2abbac4fc04677fbcd81be224b0e09a15e8a2e145ab71da1fbe6d026d04f4f186a44d52bbf19f53c29cb7c61d652acda75c074cd5181e404de168556d53cb5fce2e6819a99bc257354b08e041be3db1e5e57f0d8aaebbc36a34f8b89d801a3d355b60ce81b05cd495eaadfe0fb4f7580ed14ba2c7da04ae5d78d8a749073e3e7b163053987509ff71439eb061a2e42759eade0612cc02479cb6d5dd9be11c4df3fe28fc3b7f4072f902be2f9237ecf751cd275093d234afc0b52fe62850e422293c7e96c76d27c686dfff49d1bfef7ff5c6c35b66e9996b163e7f3ed8328b01c6366d878fc3563e9c811666ab588770ce0c66871c46041157d5cf6163ace0f71cd921c5f75e2ed10707df231aa710a875032be64dffb560edb92c06c9a3c727bd7fdb6e49c7e2411363e9e31a79abdc0d5d876ec1e4b663aff6a09b3c750f0e552faf7f49b0d2bf952850749364cc324a0fb2d9f50247b84f52b64f966ad23c7a0da10199e8f9ff50802f15afbb0ab1c65b89434229513fffe3aeafad724b2bfe8ebd9a469aaf1dc63104f4fb195ff590cacd02ca6bec77ae21bdef9be7fdc9c015982ea94dc2e4a8c82733b1302e155515f755c617df99a7cd2409e66b92fa15e4c0791037b5607733fd92b300a1504ca91e6c9bd1f548b7265a92080039c15edaaffdd38532d1c7bfa77c1ef277db53456292176b5a8956b314a3a6dedc1703eadc9073f45bfebbcec09082d7fae1b2bb6f1a9369bcacb43625a55036c302347704a1f3ed89b0fb377b2e451ac30b8f4c908486c1115c536a4a4f34d1fed0a89a8c14187ec1e206dd0a95cf2763b38b6444667b0203bcb01eccfb2cbd57afde05d3afde5c8103906b35daff7604e7251cefe6ac0ac219bebd839d1aa3ac915613ad4534e17d13dcb7aacc14d740f28706da93b365dafdff2f877248c7792e23f8e3779e8cc321c2b701feadd899e3af402323dd65102c18a081c5b4cb6e6370b5e4780522eb748455cb34bedec3a1cb6086885314e612d94fdb4699f13f1c667cfcb6e2a4d1678c56d7bb34ed2892ac3de1c2cad5ccce889d9c435e3a406ada7b429d1157dd538c15e2a7da93d62de42a3a6f63a7a41bb4eab4e8e166f9241e30513787bb30428cb380f76540b5b8c9f7d36b8b8c599fef7a755360d01c8a42fdd42048ddffadde6ad1f6a8bc42cddc0e22a85a1d8f18b8d53e6d41af1e808cac2a3bc4aad40bc48f42e6a23d66cdb309eb20ae94bc6fbdbc71ff7ec79ec167018b38ae8f4bd67da7a19d16c580baeedd826f29eb452d097d52e64123e59522378524438525702550a31ad715f9c43dd6d2d87ae5441273780697687f1513f05041bc0bd76561ad48b63080bf7d34bffaf926a25662ea57330578a60a09c12f89fbcc220332ad44de44d660f9e7d0e6347fc721ce1b8088494573a332b6e9a8446c8a108cb97596b0d04e738c509580d1d008b4f1f18521b01ec9126c8eeb11a5a44ba718081b4fb17c68e882b746ce3c9dec087d03e769e74588f79e01149379f5a6f1bd5e205f96f79446d7ac6fd0a48feb8ba2675660f20d78d584d345b7b89f959db61b4be67866c1453c91d13bfcc6bda580578841e934921d65409a44b7abdf0e3845b8a639eab71942d22d0df88512fabfeb9f41c7f7d66f159628547bf29bedebce4b0a1412220ea5d771fa679d01274742d58ff24bd0d82fc4d7c91185b135fce9d57ea953060e6c673a30e037eec7cef1231f30e5d0d42d50d4486c3f2e081f693fa202ff1950e7fc90c80a1cae32fd0131dccb508c9dda280bc8caab1d54e4f0dd388947f24c3d156529cb674aef20b8d11618758419e1f0c04b654ad52ba06576dbece4dda7d50d5a4c982ef85f8e2be16b2af8165a289e1ec3caf27f90dae48f3e40a27a752031ae52743cbf7bbe8be7bdfbda55cf864286ea1242a14369f6f36b429ae80babb2b870f228023d42d2d0359b6047283f60af028c334e78d5c3e43bc1e099d2d31e0a921823376c67d834331c8d4b8735cc152ae218cdf0fa6cc90a12bea092b1e2723677234cb87d048621498254d12d25631d24a262abfb520664d1d9ee0e3efc77e1b5323346f16ba792f0a8d2cdac2ece3cbb19e67d12a46ecbc0cdfc9655e73eb1cbdc691a4d4c73bcf4e8413d367d1fc74d2f6033576d278280e527a1969f66e19ba3250398f764563e21b071615006b56a87732154826519cc48f6439716afbb448bec2c8e8bbdaae0658be7b0973de3476550fc913b6fc0af01581041f885524292134eac5b6dd983b446ac2c09d9f2befe4c4b353322978d494de21f1cc358ba1af79235ee17a38a0bad559a97c35e143dd01b455e2181b10449cadf852eeb9f783ccc7cbd2ccb814ad838d4e8b18487be14f4cb8737cb2ab0d32233a59cb9bacda4705750ccbc188a932466f79a2bd60cc002d4c8eafe870ac79062fe6160e4e148e3038393ef9964f6534fd9412f8d95406c8baa11e07da7c114a0da3bc6c1ce13a569b2e535c2963d112c7d3cb9a366c954e8995787cf17f7e614a77786654f56a7762cfd19cd51be57656e6977664dd821ec6e750daa442f1dd89c81e6ed584e411278a195ff9d1d23936b5f1cfb73940c96cd2dbfa9fab572e4415f4700f5974dfdc3183a103b9e33384cc14ffd60e6f83e8993f721760083c29133a55a08ee6d0306493a0c12632fd3e06728a2904697f7abc9038767b38263f4e35b8c0d9d5e4627c94c79c85e7168fd48f9de1f0917b10cfb6d6efbc0f869823a25c0463ad280b24533a5807f5a65ba8faffc5b110d664abb0f5700963ed61f678c54d84903d4a5fd865fcf3206f11200ed94325a1da7e7bf55d03237c9715a6b5952c401a844c0dd2d6ec82ef7e1b5051ddf8fbe0e1233bcf7f46229eff49fb4b3ddf01f47586ebaa10923e8240c78c49c29c8fa51f97c91cef3bb60fd53dc501ea99a93ca8c940065b57c12dc4ba7d83dffd3d661e580436163fb34720bd21d2af9658de159098922a8eb38ecf00409ad766029eebb2445992038dd35d29e2e5cf322637fefa2dfd118d1e862d4c8479d2cce2a43ef692016830256fb45839bacb48fbcd422b556aa69124f641aa0d82ac1dc092e9ab5e8794dd2d89f69ed508a8bf26eb5721ee57f21b4a8ec024375f8240d916f06a249d37df3639f7629124ac9f3ed47fc7ded461b045531d59a7d7cca24f48f61f626af8aa899128b1ffea066d1ffd6dbd3b2409fa86b0bb223def31766b8cc307c8b08de41eb629c7e6fbfeb8400155edff0d48287878fe68eca8ac09ef3f40f436c42acd0b44b226dd9a97e72abfdd58d6c2a33e90fafd6940bddb3ea061e749e757d0c7691b2b6876e9a0b13794014cbb605f8a10d61f0478cc090c2b9757ab19159399fd14d93688a6efccc07a01bb83e13eade8f42a43b1695aacb444fed64b08a1648efc1ff55af34f67b0f3dbb90ff20b4a126e966a4a0971f489c53a1507400a41f8533a57ae7d820582a06f2b3f0f8b5ec0511ec2a3d4dea71eaad3f061506f522386a7e35e8d001137a95764fdd56e5e122377fde51b5db0f8be5f3c58175aece87b825b9f60a8967833bb72b43a078e9190210d418dcc070e8b0e2d641203c60a1d48eec499f395139397f75af31885e9b501d2c2d6b1afd91665f1aef47d519c65dae4e1b1f630aa1c8990dcacb11ded7a55d235b6ddcd98f52e494e23c5d6ab3810942ed5ea2b5924bde52cbe3453b6e7368bca54e2ac9218c74d0c3", 0x1000}, {&(0x7f0000005700)="900100a4fb69b1b00912e335529b7c21c3dec55804b437f71e001cad8731cf4adb", 0x21}, {&(0x7f0000005740)="5abf303d95d0e3eeca650729253a68d893ae08cdddf5befef2621be81331bc84cf99fcad2af55c2b721cebdc0b7538af285e384a47e52b384c10319221d7af1a8730704ef0da501fd72ed8de840c33c5d3159e2c566aff966660593bdc68ba1b8a054598e4ad9a496feb88fd33a158fde4b7e792961ef19fa49173518882f0605fa4ce2e265bcfc85662d4e44da31804e56daccac13fdbc8482d24ecfd12793076f75f08448de44d610a4b2a4a9cf82ccbe543579a02bec0bd5574abf163c55bc4c23edbaf6a2697d582e5c87665a4e73505c55a82c2c76a5aaa24319e0af1d77b91d22adf806b64a54532efb0778fcb2fbb07a4", 0xf4}, {&(0x7f0000005840)="5077fe6c316de64c9f018326e3f5f48e89d7bb1bdefab2772bd20da9375c0a6e586cd6dc98dbdcc2d7739ec2820ef1c07504ea04284904784944605cb622a4a6ee84acbcbd299fddc21e242b40ea639e6a4c37efc1d5", 0x56}], 0x9, &(0x7f0000005cc0)=[@cred={{0x1c, 0x1, 0x2, {0x0, r1, r4}}}, @rights={{0x18, 0x1, 0x1, [r0, r0]}}, @rights={{0x14, 0x1, 0x1, [r0]}}, @rights={{0x1c, 0x1, 0x1, [r0, r0, r0]}}, @rights={{0x28, 0x1, 0x1, [r0, r0, r5, r0, r0, r0]}}, @cred={{0x1c, 0x1, 0x2, {r6, r7, r8}}}], 0xb8, 0x4010}}, {{&(0x7f0000005d80)=@abs={0x0, 0x0, 0x4e22}, 0x6e, &(0x7f0000005e00), 0x0, &(0x7f0000006300)=[@cred={{0x1c, 0x1, 0x2, {r9, 0xffffffffffffffff, r10}}}, @cred={{0x1c, 0x1, 0x2, {r11, 0x0, r12}}}], 0x40, 0x40}}, {{&(0x7f0000006340)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f00000063c0), 0x0, &(0x7f00000064c0)=[@rights={{0x20, 0x1, 0x1, [r13, r0, r0, r0]}}, @rights={{0x18, 0x1, 0x1, [r0, r14]}}, @rights={{0x2c, 0x1, 0x1, [r0, r0, r0, r15, r0, r0, r0]}}], 0x68, 0x10}}], 0x5, 0x40080) (async)
r16 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r17 = ioctl$KVM_CREATE_VCPU(r16, 0xae41, 0x2)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7, 0x13, r17, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x18, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$KVM_SET_REGS(r17, 0x4090ae82, &(0x7f00000000c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x0, 0x0, 0x0, 0x7, 0x6, 0x0, 0x9]})
ioctl$KVM_RUN(r17, 0xae80, 0x0) (async)
syz_mount_image$ext4(&(0x7f0000000340)='ext3\x00', &(0x7f0000000300)='./file0\x00', 0x3008000, &(0x7f0000000380)={[{@quota}, {@resgid={'resgid', 0x3d, 0xee00}}, {@bh}, {@noload}, {@barrier_val={'barrier', 0x3d, 0x8000}}, {@commit={'commit', 0x3d, 0x3}}]}, 0xfe, 0x453, &(0x7f00000004c0)="$eJzs3M1vFOUfAPDvzG7L+6/8EF9A0CoaiS8tLS9y8ILRxIMmJnrAeKptIchCDa2JEKLoAY+GxLvxaOJf4EkvRj2ZeNW7ISGGC+hpzezOlKXdbbvtlq3M55MMPM/Os3me78w8u888z04DKK3h7J8kYntE/B4RQ83s3QWGm//dvnl58u+blyeTqNff+itplLt18/JkUbR437Zmpl7P85va1Hv13YiJWm36Qp4fnTv3wejsxUsvnDk3cXr69PT58ePHjxzeP3hs/GhP4sziurX345l9e15759obkyevvffzt1l7t+f7W+NYkXT5IsPNo9vW011VtvHtaEkn1T42hK5UIiI7XQON/j8Uldgyv28oXv2sr40D1lW9Xq+3+37OXakD97Ek+t0CoD+KL/rs/rfY7tHQY0O4caJ5A5TFfTvfmnuq87f4Awvub3tpOCJOXvnnq2yL1cxDAAB06fts/PN8u/FfGg+1lPtfvoayMyL+HxG7IuKBiNgdEQ9GNMo+HBGPdFn/whWSxeOf9PqqAluhbPz3Ur62dff4L22M+7KQK/lyz45G/APJqTO16UP5MTkYA5uy/NgSdfzwym9fdNrXOv7Ltqz+YiyYt+N6dcEE3dTE3MTaor7jxqcRe6vt4k+iWMZJImJPROxdZR1nnv1mX6d9y8e/hB6sM9W/jnimef6vRL1yV/yFpOP65NiLx8aPjm6O2vSh0eKqWOyXX6++2an+NcXfA9n539r2+p+Pf2eyOWL24qWzjfXa2e7ruPrH5x3vaVZ7/Q8mbzfSg/lrH03MzV0YixhMXl/8+vid9xb5onwW/8ED7fv/ruqdI/FoRGQX8f6IeCwiHs/b/kREPBkRB5aI/6eXn3q/+/iXmJXvoSz+qeXOf7Se/+4TlbM/ftd9/IXs/B9ppA7mr6zk82+lDVzLsQMAAID/irTxG/gkHZlPp+nISPM3/Ltja1qbmZ177tTMh+enmr+V3xkDaTHTNdQyHzqWzw0X+fEF+cP5vPGXlS2N/MjkTG2q38FDyW3r0P8zf1b63Tpg3XleC8pL/4fy0v+hvPR/KC/9H8qrXf//pA/tAO493/9QXvo/lJf+D+Wl/0MpdXw2Pl3TI//rnig+sjZKe+6HxImu3hXpRmhzCRLVFf8xi1UmNrXd1ecPJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgB75NwAA///5/+B8")

program did not crash
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$vfat-syz_open_dev$loop-openat$cgroup_ro-ioctl$LOOP_CONFIGURE-ioctl$LOOP_CHANGE_FD-syz_open_dev$MSR
detailed listing:
executing program 0:
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000000)='./bus\x00', 0x280008a, &(0x7f0000000240)=ANY=[@ANYBLOB='shortname=lower,shortname=win95,rodir,iocharset=default,uni_xlate=0,nonumtail=1,utf8=0,flush,rodir,shortname=win95,shortname=winnt,shortname=win95,showexec,uni_xlate=0,utf8=0,utf8=0,uni_xlate=0,shortname=mixed,\x00'], 0x97, 0x2ad, &(0x7f00000007c0)="$eJzs3b9rO2UYAPDn0jQJOiSCkwge6OD05dvv6pIiLRQzKRnUQYttQZogtFDwB8ZOri6Ori6C4OY/4eJ/ILgKbhYsnNzlrklqGpPatP74fJa+fe953nve69uWDvf03eeHxwdpHJ1/8lO0WknUutGNiyQ6UYvKZzGj+0UAAP9mF1kWv2Zjq+QlEdFaX1kAwBqt/Pv/u7WXBACs2RtvvvXadq+383qatmJ3+PlZP//LPv84vr59FO/HIA7jcbTjMiK7Mh7vZlk2qqe5Trw0HJ3188zhOz+U62//ElHkb0U7OsXUbP5eb2crHZvKH+V1PFXev5vnP4l2PDvn/nu9nSdz8qPfiJdfnKr/UbTjx/figxjEQVHEOD9qEZ9upemr2Ze/ffx2Xl6en4zO+s0ibiLbuOcvDQAAAAAAAAAAAAAAAAAAAAAA/2GPyt45zSj69+RTZf+djcv8k81IK53Z/jzj/KRa6Fp/oFEWX1X9eR6naZqVgZP8ejxXj/rD7BoAAAAAAAAAAAAAAAAAAAD+WU4//Oh4fzA4PLmTQdUNoHqt/7brdKdmXojFwc3JvWrlcMHKsVHFJBELy8g3sXTNv5dtD2736J65qeZvvl16na//eu/lYHOJmL85qE7X8X4y/xk2o5ppVYfk++mYRix5r8ZNl7KVjl9j7qX2yntvPF0MRgtiIllU2Cs/j59cOZNc30WjeKpz0zfLwVT6bExr+fOcf6f8SXLVrSO52x9CAAAAAAAAAAAAAAAAAABAYfLS75yL5wtTa1lzbWUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwL2a/P//FQajMnmJ4EacnD7wFgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPgf+CMAAP//SfdjDw==")
r0 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x101000)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f0000000180)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x8000000018, 0xfffffffffffffffe, 0x0, 0x0, 0x1a, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "91be8b1c551265406c7f306003d8a0f4bd004ab3fde500", [0x9, 0x800000000000007b]}})
ioctl$LOOP_CHANGE_FD(r0, 0x4c03, r1)
syz_open_dev$MSR(&(0x7f0000000040), 0x7, 0x0)

program crashed: KASAN: use-after-free Read in lo_open
single: successfully extracted reproducer
found reproducer with 6 syscalls
minimizing guilty program
testing program (duration=57.094443928s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$vfat-syz_open_dev$loop-openat$cgroup_ro-ioctl$LOOP_CONFIGURE-ioctl$LOOP_CHANGE_FD
detailed listing:
executing program 0:
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000000)='./bus\x00', 0x280008a, &(0x7f0000000240)=ANY=[@ANYBLOB='shortname=lower,shortname=win95,rodir,iocharset=default,uni_xlate=0,nonumtail=1,utf8=0,flush,rodir,shortname=win95,shortname=winnt,shortname=win95,showexec,uni_xlate=0,utf8=0,utf8=0,uni_xlate=0,shortname=mixed,\x00'], 0x97, 0x2ad, &(0x7f00000007c0)="$eJzs3b9rO2UYAPDn0jQJOiSCkwge6OD05dvv6pIiLRQzKRnUQYttQZogtFDwB8ZOri6Ori6C4OY/4eJ/ILgKbhYsnNzlrklqGpPatP74fJa+fe953nve69uWDvf03eeHxwdpHJ1/8lO0WknUutGNiyQ6UYvKZzGj+0UAAP9mF1kWv2Zjq+QlEdFaX1kAwBqt/Pv/u7WXBACs2RtvvvXadq+383qatmJ3+PlZP//LPv84vr59FO/HIA7jcbTjMiK7Mh7vZlk2qqe5Trw0HJ3188zhOz+U62//ElHkb0U7OsXUbP5eb2crHZvKH+V1PFXev5vnP4l2PDvn/nu9nSdz8qPfiJdfnKr/UbTjx/figxjEQVHEOD9qEZ9upemr2Ze/ffx2Xl6en4zO+s0ibiLbuOcvDQAAAAAAAAAAAAAAAAAAAAAA/2GPyt45zSj69+RTZf+djcv8k81IK53Z/jzj/KRa6Fp/oFEWX1X9eR6naZqVgZP8ejxXj/rD7BoAAAAAAAAAAAAAAAAAAAD+WU4//Oh4fzA4PLmTQdUNoHqt/7brdKdmXojFwc3JvWrlcMHKsVHFJBELy8g3sXTNv5dtD2736J65qeZvvl16na//eu/lYHOJmL85qE7X8X4y/xk2o5ppVYfk++mYRix5r8ZNl7KVjl9j7qX2yntvPF0MRgtiIllU2Cs/j59cOZNc30WjeKpz0zfLwVT6bExr+fOcf6f8SXLVrSO52x9CAAAAAAAAAAAAAAAAAABAYfLS75yL5wtTa1lzbWUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwL2a/P//FQajMnmJ4EacnD7wFgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPgf+CMAAP//SfdjDw==")
r0 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x101000)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f0000000180)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x8000000018, 0xfffffffffffffffe, 0x0, 0x0, 0x1a, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "91be8b1c551265406c7f306003d8a0f4bd004ab3fde500", [0x9, 0x800000000000007b]}})
ioctl$LOOP_CHANGE_FD(r0, 0x4c03, r1)

program crashed: KASAN: use-after-free Read in lo_open
testing program (duration=57.094443928s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$vfat-syz_open_dev$loop-openat$cgroup_ro-ioctl$LOOP_CONFIGURE
detailed listing:
executing program 0:
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000000)='./bus\x00', 0x280008a, &(0x7f0000000240)=ANY=[@ANYBLOB='shortname=lower,shortname=win95,rodir,iocharset=default,uni_xlate=0,nonumtail=1,utf8=0,flush,rodir,shortname=win95,shortname=winnt,shortname=win95,showexec,uni_xlate=0,utf8=0,utf8=0,uni_xlate=0,shortname=mixed,\x00'], 0x97, 0x2ad, &(0x7f00000007c0)="$eJzs3b9rO2UYAPDn0jQJOiSCkwge6OD05dvv6pIiLRQzKRnUQYttQZogtFDwB8ZOri6Ori6C4OY/4eJ/ILgKbhYsnNzlrklqGpPatP74fJa+fe953nve69uWDvf03eeHxwdpHJ1/8lO0WknUutGNiyQ6UYvKZzGj+0UAAP9mF1kWv2Zjq+QlEdFaX1kAwBqt/Pv/u7WXBACs2RtvvvXadq+383qatmJ3+PlZP//LPv84vr59FO/HIA7jcbTjMiK7Mh7vZlk2qqe5Trw0HJ3188zhOz+U62//ElHkb0U7OsXUbP5eb2crHZvKH+V1PFXev5vnP4l2PDvn/nu9nSdz8qPfiJdfnKr/UbTjx/figxjEQVHEOD9qEZ9upemr2Ze/ffx2Xl6en4zO+s0ibiLbuOcvDQAAAAAAAAAAAAAAAAAAAAAA/2GPyt45zSj69+RTZf+djcv8k81IK53Z/jzj/KRa6Fp/oFEWX1X9eR6naZqVgZP8ejxXj/rD7BoAAAAAAAAAAAAAAAAAAAD+WU4//Oh4fzA4PLmTQdUNoHqt/7brdKdmXojFwc3JvWrlcMHKsVHFJBELy8g3sXTNv5dtD2736J65qeZvvl16na//eu/lYHOJmL85qE7X8X4y/xk2o5ppVYfk++mYRix5r8ZNl7KVjl9j7qX2yntvPF0MRgtiIllU2Cs/j59cOZNc30WjeKpz0zfLwVT6bExr+fOcf6f8SXLVrSO52x9CAAAAAAAAAAAAAAAAAABAYfLS75yL5wtTa1lzbWUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwL2a/P//FQajMnmJ4EacnD7wFgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPgf+CMAAP//SfdjDw==")
r0 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x101000)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f0000000180)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x8000000018, 0xfffffffffffffffe, 0x0, 0x0, 0x1a, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "91be8b1c551265406c7f306003d8a0f4bd004ab3fde500", [0x9, 0x800000000000007b]}})

program did not crash
testing program (duration=57.094443928s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$vfat-syz_open_dev$loop-openat$cgroup_ro-ioctl$LOOP_CHANGE_FD
detailed listing:
executing program 0:
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000000)='./bus\x00', 0x280008a, &(0x7f0000000240)=ANY=[@ANYBLOB='shortname=lower,shortname=win95,rodir,iocharset=default,uni_xlate=0,nonumtail=1,utf8=0,flush,rodir,shortname=win95,shortname=winnt,shortname=win95,showexec,uni_xlate=0,utf8=0,utf8=0,uni_xlate=0,shortname=mixed,\x00'], 0x97, 0x2ad, &(0x7f00000007c0)="$eJzs3b9rO2UYAPDn0jQJOiSCkwge6OD05dvv6pIiLRQzKRnUQYttQZogtFDwB8ZOri6Ori6C4OY/4eJ/ILgKbhYsnNzlrklqGpPatP74fJa+fe953nve69uWDvf03eeHxwdpHJ1/8lO0WknUutGNiyQ6UYvKZzGj+0UAAP9mF1kWv2Zjq+QlEdFaX1kAwBqt/Pv/u7WXBACs2RtvvvXadq+383qatmJ3+PlZP//LPv84vr59FO/HIA7jcbTjMiK7Mh7vZlk2qqe5Trw0HJ3188zhOz+U62//ElHkb0U7OsXUbP5eb2crHZvKH+V1PFXev5vnP4l2PDvn/nu9nSdz8qPfiJdfnKr/UbTjx/figxjEQVHEOD9qEZ9upemr2Ze/ffx2Xl6en4zO+s0ibiLbuOcvDQAAAAAAAAAAAAAAAAAAAAAA/2GPyt45zSj69+RTZf+djcv8k81IK53Z/jzj/KRa6Fp/oFEWX1X9eR6naZqVgZP8ejxXj/rD7BoAAAAAAAAAAAAAAAAAAAD+WU4//Oh4fzA4PLmTQdUNoHqt/7brdKdmXojFwc3JvWrlcMHKsVHFJBELy8g3sXTNv5dtD2736J65qeZvvl16na//eu/lYHOJmL85qE7X8X4y/xk2o5ppVYfk++mYRix5r8ZNl7KVjl9j7qX2yntvPF0MRgtiIllU2Cs/j59cOZNc30WjeKpz0zfLwVT6bExr+fOcf6f8SXLVrSO52x9CAAAAAAAAAAAAAAAAAABAYfLS75yL5wtTa1lzbWUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwL2a/P//FQajMnmJ4EacnD7wFgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPgf+CMAAP//SfdjDw==")
r0 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x101000)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0)
ioctl$LOOP_CHANGE_FD(r0, 0x4c03, r1)

program did not crash
testing program (duration=57.094443928s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$vfat-syz_open_dev$loop-ioctl$LOOP_CONFIGURE-ioctl$LOOP_CHANGE_FD
detailed listing:
executing program 0:
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000000)='./bus\x00', 0x280008a, &(0x7f0000000240)=ANY=[@ANYBLOB='shortname=lower,shortname=win95,rodir,iocharset=default,uni_xlate=0,nonumtail=1,utf8=0,flush,rodir,shortname=win95,shortname=winnt,shortname=win95,showexec,uni_xlate=0,utf8=0,utf8=0,uni_xlate=0,shortname=mixed,\x00'], 0x97, 0x2ad, &(0x7f00000007c0)="$eJzs3b9rO2UYAPDn0jQJOiSCkwge6OD05dvv6pIiLRQzKRnUQYttQZogtFDwB8ZOri6Ori6C4OY/4eJ/ILgKbhYsnNzlrklqGpPatP74fJa+fe953nve69uWDvf03eeHxwdpHJ1/8lO0WknUutGNiyQ6UYvKZzGj+0UAAP9mF1kWv2Zjq+QlEdFaX1kAwBqt/Pv/u7WXBACs2RtvvvXadq+383qatmJ3+PlZP//LPv84vr59FO/HIA7jcbTjMiK7Mh7vZlk2qqe5Trw0HJ3188zhOz+U62//ElHkb0U7OsXUbP5eb2crHZvKH+V1PFXev5vnP4l2PDvn/nu9nSdz8qPfiJdfnKr/UbTjx/figxjEQVHEOD9qEZ9upemr2Ze/ffx2Xl6en4zO+s0ibiLbuOcvDQAAAAAAAAAAAAAAAAAAAAAA/2GPyt45zSj69+RTZf+djcv8k81IK53Z/jzj/KRa6Fp/oFEWX1X9eR6naZqVgZP8ejxXj/rD7BoAAAAAAAAAAAAAAAAAAAD+WU4//Oh4fzA4PLmTQdUNoHqt/7brdKdmXojFwc3JvWrlcMHKsVHFJBELy8g3sXTNv5dtD2736J65qeZvvl16na//eu/lYHOJmL85qE7X8X4y/xk2o5ppVYfk++mYRix5r8ZNl7KVjl9j7qX2yntvPF0MRgtiIllU2Cs/j59cOZNc30WjeKpz0zfLwVT6bExr+fOcf6f8SXLVrSO52x9CAAAAAAAAAAAAAAAAAABAYfLS75yL5wtTa1lzbWUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwL2a/P//FQajMnmJ4EacnD7wFgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPgf+CMAAP//SfdjDw==")
r0 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x101000)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f0000000180)={0xffffffffffffffff, 0x0, {0x2a00, 0x80010000, 0x0, 0x8000000018, 0xfffffffffffffffe, 0x0, 0x0, 0x1a, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "91be8b1c551265406c7f306003d8a0f4bd004ab3fde500", [0x9, 0x800000000000007b]}})
ioctl$LOOP_CHANGE_FD(r0, 0x4c03, 0xffffffffffffffff)

program did not crash
testing program (duration=57.094443928s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$vfat-openat$cgroup_ro-ioctl$LOOP_CONFIGURE-ioctl$LOOP_CHANGE_FD
detailed listing:
executing program 0:
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000000)='./bus\x00', 0x280008a, &(0x7f0000000240)=ANY=[@ANYBLOB='shortname=lower,shortname=win95,rodir,iocharset=default,uni_xlate=0,nonumtail=1,utf8=0,flush,rodir,shortname=win95,shortname=winnt,shortname=win95,showexec,uni_xlate=0,utf8=0,utf8=0,uni_xlate=0,shortname=mixed,\x00'], 0x97, 0x2ad, &(0x7f00000007c0)="$eJzs3b9rO2UYAPDn0jQJOiSCkwge6OD05dvv6pIiLRQzKRnUQYttQZogtFDwB8ZOri6Ori6C4OY/4eJ/ILgKbhYsnNzlrklqGpPatP74fJa+fe953nve69uWDvf03eeHxwdpHJ1/8lO0WknUutGNiyQ6UYvKZzGj+0UAAP9mF1kWv2Zjq+QlEdFaX1kAwBqt/Pv/u7WXBACs2RtvvvXadq+383qatmJ3+PlZP//LPv84vr59FO/HIA7jcbTjMiK7Mh7vZlk2qqe5Trw0HJ3188zhOz+U62//ElHkb0U7OsXUbP5eb2crHZvKH+V1PFXev5vnP4l2PDvn/nu9nSdz8qPfiJdfnKr/UbTjx/figxjEQVHEOD9qEZ9upemr2Ze/ffx2Xl6en4zO+s0ibiLbuOcvDQAAAAAAAAAAAAAAAAAAAAAA/2GPyt45zSj69+RTZf+djcv8k81IK53Z/jzj/KRa6Fp/oFEWX1X9eR6naZqVgZP8ejxXj/rD7BoAAAAAAAAAAAAAAAAAAAD+WU4//Oh4fzA4PLmTQdUNoHqt/7brdKdmXojFwc3JvWrlcMHKsVHFJBELy8g3sXTNv5dtD2736J65qeZvvl16na//eu/lYHOJmL85qE7X8X4y/xk2o5ppVYfk++mYRix5r8ZNl7KVjl9j7qX2yntvPF0MRgtiIllU2Cs/j59cOZNc30WjeKpz0zfLwVT6bExr+fOcf6f8SXLVrSO52x9CAAAAAAAAAAAAAAAAAABAYfLS75yL5wtTa1lzbWUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwL2a/P//FQajMnmJ4EacnD7wFgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPgf+CMAAP//SfdjDw==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(0xffffffffffffffff, 0x4c0a, &(0x7f0000000180)={r0, 0x0, {0x2a00, 0x80010000, 0x0, 0x8000000018, 0xfffffffffffffffe, 0x0, 0x0, 0x1a, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "91be8b1c551265406c7f306003d8a0f4bd004ab3fde500", [0x9, 0x800000000000007b]}})
ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c03, r0)

program did not crash
testing program (duration=57.094443928s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_open_dev$loop-openat$cgroup_ro-ioctl$LOOP_CONFIGURE-ioctl$LOOP_CHANGE_FD
detailed listing:
executing program 0:
r0 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x101000)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f0000000180)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x8000000018, 0xfffffffffffffffe, 0x0, 0x0, 0x1a, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "91be8b1c551265406c7f306003d8a0f4bd004ab3fde500", [0x9, 0x800000000000007b]}})
ioctl$LOOP_CHANGE_FD(r0, 0x4c03, r1)

program crashed: KASAN: use-after-free Read in lo_open
testing program (duration=57.094443928s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_open_dev$loop-openat$cgroup_ro-ioctl$LOOP_CONFIGURE-ioctl$LOOP_CHANGE_FD
detailed listing:
executing program 0:
r0 = syz_open_dev$loop(0x0, 0x81, 0x101000)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f0000000180)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x8000000018, 0xfffffffffffffffe, 0x0, 0x0, 0x1a, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "91be8b1c551265406c7f306003d8a0f4bd004ab3fde500", [0x9, 0x800000000000007b]}})
ioctl$LOOP_CHANGE_FD(r0, 0x4c03, r1)

program did not crash
testing program (duration=57.094443928s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_open_dev$loop-openat$cgroup_ro-ioctl$LOOP_CONFIGURE-ioctl$LOOP_CHANGE_FD
detailed listing:
executing program 0:
r0 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x101000)
r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f0000000180)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x8000000018, 0xfffffffffffffffe, 0x0, 0x0, 0x1a, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "91be8b1c551265406c7f306003d8a0f4bd004ab3fde500", [0x9, 0x800000000000007b]}})
ioctl$LOOP_CHANGE_FD(r0, 0x4c03, r1)

program did not crash
testing program (duration=57.094443928s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_open_dev$loop-openat$cgroup_ro-ioctl$LOOP_CONFIGURE-ioctl$LOOP_CHANGE_FD
detailed listing:
executing program 0:
r0 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x101000)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, 0x0)
ioctl$LOOP_CHANGE_FD(r0, 0x4c03, r1)

program did not crash
extracting C reproducer
testing compiled C program (duration=57.094443928s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_open_dev$loop-openat$cgroup_ro-ioctl$LOOP_CONFIGURE-ioctl$LOOP_CHANGE_FD
program did not crash
simplifying guilty program options
testing program (duration=57.094443928s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_open_dev$loop-openat$cgroup_ro-ioctl$LOOP_CONFIGURE-ioctl$LOOP_CHANGE_FD
detailed listing:
executing program 0:
r0 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x101000)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f0000000180)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x8000000018, 0xfffffffffffffffe, 0x0, 0x0, 0x1a, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "91be8b1c551265406c7f306003d8a0f4bd004ab3fde500", [0x9, 0x800000000000007b]}})
ioctl$LOOP_CHANGE_FD(r0, 0x4c03, r1)

program did not crash
testing program (duration=57.094443928s, {Threaded:true Repeat:false RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:false Cgroups:false BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_open_dev$loop-openat$cgroup_ro-ioctl$LOOP_CONFIGURE-ioctl$LOOP_CHANGE_FD
detailed listing:
executing program 0:
r0 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x101000)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f0000000180)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x8000000018, 0xfffffffffffffffe, 0x0, 0x0, 0x1a, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "91be8b1c551265406c7f306003d8a0f4bd004ab3fde500", [0x9, 0x800000000000007b]}})
ioctl$LOOP_CHANGE_FD(r0, 0x4c03, r1)

program did not crash
testing program (duration=57.094443928s, {Threaded:true Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_open_dev$loop-openat$cgroup_ro-ioctl$LOOP_CONFIGURE-ioctl$LOOP_CHANGE_FD
detailed listing:
executing program 0:
r0 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x101000)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f0000000180)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x8000000018, 0xfffffffffffffffe, 0x0, 0x0, 0x1a, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "91be8b1c551265406c7f306003d8a0f4bd004ab3fde500", [0x9, 0x800000000000007b]}})
ioctl$LOOP_CHANGE_FD(r0, 0x4c03, r1)

program crashed: KASAN: use-after-free Read in lo_open
extracting C reproducer
testing compiled C program (duration=57.094443928s, {Threaded:true Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_open_dev$loop-openat$cgroup_ro-ioctl$LOOP_CONFIGURE-ioctl$LOOP_CHANGE_FD
program did not crash
reproducing took 20m52.235470697s
repro crashed as (corrupted=false):
==================================================================
BUG: KASAN: use-after-free in mutex_can_spin_on_owner kernel/locking/mutex.c:617 [inline]
BUG: KASAN: use-after-free in mutex_optimistic_spin kernel/locking/mutex.c:661 [inline]
BUG: KASAN: use-after-free in __mutex_lock_common kernel/locking/mutex.c:973 [inline]
BUG: KASAN: use-after-free in __mutex_lock+0xcd7/0x1060 kernel/locking/mutex.c:1114
Read of size 4 at addr ffff8881edf73f38 by task syz-executor/523

CPU: 1 PID: 523 Comm: syz-executor Not tainted 5.4.290-syzkaller-00002-g41adfeb3d639 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x1d8/0x241 lib/dump_stack.c:118
 print_address_description+0x8c/0x600 mm/kasan/report.c:384
 __kasan_report+0xf3/0x120 mm/kasan/report.c:516
 kasan_report+0x30/0x60 mm/kasan/common.c:653
 mutex_can_spin_on_owner kernel/locking/mutex.c:617 [inline]
 mutex_optimistic_spin kernel/locking/mutex.c:661 [inline]
 __mutex_lock_common kernel/locking/mutex.c:973 [inline]
 __mutex_lock+0xcd7/0x1060 kernel/locking/mutex.c:1114
 mutex_lock_killable+0xd8/0x110 kernel/locking/mutex.c:1348
 lo_open+0x18/0xc0 drivers/block/loop.c:1899
 __blkdev_get+0x3c8/0x1160 fs/block_dev.c:1581
 blkdev_get+0x2de/0x3a0 fs/block_dev.c:1714
 do_dentry_open+0x964/0x1130 fs/open.c:806
 do_last fs/namei.c:3565 [inline]
 path_openat+0x29bf/0x34b0 fs/namei.c:3683
 do_filp_open+0x20b/0x450 fs/namei.c:3713
 do_sys_open+0x39c/0x810 fs/open.c:1123
 do_syscall_64+0xca/0x1c0 arch/x86/entry/common.c:290
 entry_SYSCALL_64_after_hwframe+0x5c/0xc1
RIP: 0033:0x7fd273e35a51
Code: 75 57 89 f0 25 00 00 41 00 3d 00 00 41 00 74 49 80 3d fa 1a 1f 00 00 74 6d 89 da 48 89 ee bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 93 00 00 00 48 8b 54 24 28 64 48 2b 14 25
RSP: 002b:00007fff26b91640 EFLAGS: 00000202 ORIG_RAX: 0000000000000101
RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fd273e35a51
RDX: 0000000000000002 RSI: 00007fff26b91750 RDI: 00000000ffffff9c
RBP: 00007fff26b91750 R08: 000000000000000a R09: 00007fff26b91407
R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
R13: 00007fd274020260 R14: 0000000000000003 R15: 00007fff26b91750

Allocated by task 502:
 save_stack mm/kasan/common.c:70 [inline]
 set_track mm/kasan/common.c:78 [inline]
 __kasan_kmalloc+0x171/0x210 mm/kasan/common.c:529
 slab_post_alloc_hook mm/slab.h:584 [inline]
 slab_alloc_node mm/slub.c:2829 [inline]
 slab_alloc mm/slub.c:2837 [inline]
 kmem_cache_alloc+0xd9/0x250 mm/slub.c:2842
 kmem_cache_alloc_node include/linux/slab.h:427 [inline]
 alloc_task_struct_node kernel/fork.c:171 [inline]
 dup_task_struct+0x4f/0x600 kernel/fork.c:882
 copy_process+0x56d/0x3230 kernel/fork.c:1889
 _do_fork+0x197/0x900 kernel/fork.c:2399
 __do_sys_clone3 kernel/fork.c:2688 [inline]
 __se_sys_clone3 kernel/fork.c:2675 [inline]
 __x64_sys_clone3+0x2da/0x300 kernel/fork.c:2675
 do_syscall_64+0xca/0x1c0 arch/x86/entry/common.c:290
 entry_SYSCALL_64_after_hwframe+0x5c/0xc1

Freed by task 10:
 save_stack mm/kasan/common.c:70 [inline]
 set_track mm/kasan/common.c:78 [inline]
 kasan_set_free_info mm/kasan/common.c:345 [inline]
 __kasan_slab_free+0x1b5/0x270 mm/kasan/common.c:487
 slab_free_hook mm/slub.c:1455 [inline]
 slab_free_freelist_hook mm/slub.c:1494 [inline]
 slab_free mm/slub.c:3080 [inline]
 kmem_cache_free+0x10b/0x2c0 mm/slub.c:3096
 __rcu_reclaim kernel/rcu/rcu.h:222 [inline]
 rcu_do_batch+0x492/0xa00 kernel/rcu/tree.c:2167
 rcu_core+0x4c8/0xcb0 kernel/rcu/tree.c:2387
 __do_softirq+0x23b/0x6b7 kernel/softirq.c:292

The buggy address belongs to the object at ffff8881edf73f00
 which belongs to the cache task_struct of size 3904
The buggy address is located 56 bytes inside of
 3904-byte region [ffff8881edf73f00, ffff8881edf74e40)
The buggy address belongs to the page:
page:ffffea0007b7dc00 refcount:1 mapcount:0 mapping:ffff8881f5cf0000 index:0x0 compound_mapcount: 0
flags: 0x8000000000010200(slab|head)
raw: 8000000000010200 ffffea0007b7c200 0000000300000003 ffff8881f5cf0000
raw: 0000000000000000 0000000000080008 00000001ffffffff 0000000000000000
page dumped because: kasan: bad access detected
page_owner tracks the page as allocated
page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC)
 set_page_owner include/linux/page_owner.h:31 [inline]
 post_alloc_hook mm/page_alloc.c:2165 [inline]
 prep_new_page+0x18f/0x370 mm/page_alloc.c:2171
 get_page_from_freelist+0x2d13/0x2d90 mm/page_alloc.c:3794
 __alloc_pages_nodemask+0x393/0x840 mm/page_alloc.c:4893
 alloc_slab_page+0x39/0x3c0 mm/slub.c:343
 allocate_slab mm/slub.c:1683 [inline]
 new_slab+0x97/0x440 mm/slub.c:1749
 new_slab_objects mm/slub.c:2505 [inline]
 ___slab_alloc+0x2fe/0x490 mm/slub.c:2667
 __slab_alloc+0x62/0xa0 mm/slub.c:2707
 slab_alloc_node mm/slub.c:2792 [inline]
 slab_alloc mm/slub.c:2837 [inline]
 kmem_cache_alloc+0x109/0x250 mm/slub.c:2842
 kmem_cache_alloc_node include/linux/slab.h:427 [inline]
 alloc_task_struct_node kernel/fork.c:171 [inline]
 dup_task_struct+0x4f/0x600 kernel/fork.c:882
 copy_process+0x56d/0x3230 kernel/fork.c:1889
 _do_fork+0x197/0x900 kernel/fork.c:2399
 kernel_thread+0x16a/0x1d0 kernel/fork.c:2489
 create_kthread kernel/kthread.c:311 [inline]
 kthreadd+0x3b1/0x4f0 kernel/kthread.c:654
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:354
page last free stack trace:
 reset_page_owner include/linux/page_owner.h:24 [inline]
 free_pages_prepare mm/page_alloc.c:1176 [inline]
 __free_pages_ok+0x847/0x950 mm/page_alloc.c:1438
 free_the_page mm/page_alloc.c:4955 [inline]
 __free_pages+0x91/0x140 mm/page_alloc.c:4961
 free_thread_stack kernel/fork.c:299 [inline]
 release_task_stack kernel/fork.c:439 [inline]
 put_task_stack+0x212/0x260 kernel/fork.c:450
 finish_task_switch+0x24a/0x590 kernel/sched/core.c:3479
 context_switch kernel/sched/core.c:3611 [inline]
 __schedule+0xb0d/0x1320 kernel/sched/core.c:4307
 schedule_idle+0x50/0x80 kernel/sched/core.c:4403
 do_idle+0x609/0x660 kernel/sched/idle.c:288
 cpu_startup_entry+0x14/0x20 kernel/sched/idle.c:356
 start_secondary+0x3a5/0x460 arch/x86/kernel/smpboot.c:277
 secondary_startup_64+0xa4/0xb0 arch/x86/kernel/head_64.S:241

Memory state around the buggy address:
 ffff8881edf73e00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
 ffff8881edf73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
>ffff8881edf73f00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
                                        ^
 ffff8881edf73f80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
 ffff8881edf74000: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
==================================================================

final repro crashed as (corrupted=false):
==================================================================
BUG: KASAN: use-after-free in mutex_can_spin_on_owner kernel/locking/mutex.c:617 [inline]
BUG: KASAN: use-after-free in mutex_optimistic_spin kernel/locking/mutex.c:661 [inline]
BUG: KASAN: use-after-free in __mutex_lock_common kernel/locking/mutex.c:973 [inline]
BUG: KASAN: use-after-free in __mutex_lock+0xcd7/0x1060 kernel/locking/mutex.c:1114
Read of size 4 at addr ffff8881edf73f38 by task syz-executor/523

CPU: 1 PID: 523 Comm: syz-executor Not tainted 5.4.290-syzkaller-00002-g41adfeb3d639 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x1d8/0x241 lib/dump_stack.c:118
 print_address_description+0x8c/0x600 mm/kasan/report.c:384
 __kasan_report+0xf3/0x120 mm/kasan/report.c:516
 kasan_report+0x30/0x60 mm/kasan/common.c:653
 mutex_can_spin_on_owner kernel/locking/mutex.c:617 [inline]
 mutex_optimistic_spin kernel/locking/mutex.c:661 [inline]
 __mutex_lock_common kernel/locking/mutex.c:973 [inline]
 __mutex_lock+0xcd7/0x1060 kernel/locking/mutex.c:1114
 mutex_lock_killable+0xd8/0x110 kernel/locking/mutex.c:1348
 lo_open+0x18/0xc0 drivers/block/loop.c:1899
 __blkdev_get+0x3c8/0x1160 fs/block_dev.c:1581
 blkdev_get+0x2de/0x3a0 fs/block_dev.c:1714
 do_dentry_open+0x964/0x1130 fs/open.c:806
 do_last fs/namei.c:3565 [inline]
 path_openat+0x29bf/0x34b0 fs/namei.c:3683
 do_filp_open+0x20b/0x450 fs/namei.c:3713
 do_sys_open+0x39c/0x810 fs/open.c:1123
 do_syscall_64+0xca/0x1c0 arch/x86/entry/common.c:290
 entry_SYSCALL_64_after_hwframe+0x5c/0xc1
RIP: 0033:0x7fd273e35a51
Code: 75 57 89 f0 25 00 00 41 00 3d 00 00 41 00 74 49 80 3d fa 1a 1f 00 00 74 6d 89 da 48 89 ee bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 93 00 00 00 48 8b 54 24 28 64 48 2b 14 25
RSP: 002b:00007fff26b91640 EFLAGS: 00000202 ORIG_RAX: 0000000000000101
RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fd273e35a51
RDX: 0000000000000002 RSI: 00007fff26b91750 RDI: 00000000ffffff9c
RBP: 00007fff26b91750 R08: 000000000000000a R09: 00007fff26b91407
R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
R13: 00007fd274020260 R14: 0000000000000003 R15: 00007fff26b91750

Allocated by task 502:
 save_stack mm/kasan/common.c:70 [inline]
 set_track mm/kasan/common.c:78 [inline]
 __kasan_kmalloc+0x171/0x210 mm/kasan/common.c:529
 slab_post_alloc_hook mm/slab.h:584 [inline]
 slab_alloc_node mm/slub.c:2829 [inline]
 slab_alloc mm/slub.c:2837 [inline]
 kmem_cache_alloc+0xd9/0x250 mm/slub.c:2842
 kmem_cache_alloc_node include/linux/slab.h:427 [inline]
 alloc_task_struct_node kernel/fork.c:171 [inline]
 dup_task_struct+0x4f/0x600 kernel/fork.c:882
 copy_process+0x56d/0x3230 kernel/fork.c:1889
 _do_fork+0x197/0x900 kernel/fork.c:2399
 __do_sys_clone3 kernel/fork.c:2688 [inline]
 __se_sys_clone3 kernel/fork.c:2675 [inline]
 __x64_sys_clone3+0x2da/0x300 kernel/fork.c:2675
 do_syscall_64+0xca/0x1c0 arch/x86/entry/common.c:290
 entry_SYSCALL_64_after_hwframe+0x5c/0xc1

Freed by task 10:
 save_stack mm/kasan/common.c:70 [inline]
 set_track mm/kasan/common.c:78 [inline]
 kasan_set_free_info mm/kasan/common.c:345 [inline]
 __kasan_slab_free+0x1b5/0x270 mm/kasan/common.c:487
 slab_free_hook mm/slub.c:1455 [inline]
 slab_free_freelist_hook mm/slub.c:1494 [inline]
 slab_free mm/slub.c:3080 [inline]
 kmem_cache_free+0x10b/0x2c0 mm/slub.c:3096
 __rcu_reclaim kernel/rcu/rcu.h:222 [inline]
 rcu_do_batch+0x492/0xa00 kernel/rcu/tree.c:2167
 rcu_core+0x4c8/0xcb0 kernel/rcu/tree.c:2387
 __do_softirq+0x23b/0x6b7 kernel/softirq.c:292

The buggy address belongs to the object at ffff8881edf73f00
 which belongs to the cache task_struct of size 3904
The buggy address is located 56 bytes inside of
 3904-byte region [ffff8881edf73f00, ffff8881edf74e40)
The buggy address belongs to the page:
page:ffffea0007b7dc00 refcount:1 mapcount:0 mapping:ffff8881f5cf0000 index:0x0 compound_mapcount: 0
flags: 0x8000000000010200(slab|head)
raw: 8000000000010200 ffffea0007b7c200 0000000300000003 ffff8881f5cf0000
raw: 0000000000000000 0000000000080008 00000001ffffffff 0000000000000000
page dumped because: kasan: bad access detected
page_owner tracks the page as allocated
page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC)
 set_page_owner include/linux/page_owner.h:31 [inline]
 post_alloc_hook mm/page_alloc.c:2165 [inline]
 prep_new_page+0x18f/0x370 mm/page_alloc.c:2171
 get_page_from_freelist+0x2d13/0x2d90 mm/page_alloc.c:3794
 __alloc_pages_nodemask+0x393/0x840 mm/page_alloc.c:4893
 alloc_slab_page+0x39/0x3c0 mm/slub.c:343
 allocate_slab mm/slub.c:1683 [inline]
 new_slab+0x97/0x440 mm/slub.c:1749
 new_slab_objects mm/slub.c:2505 [inline]
 ___slab_alloc+0x2fe/0x490 mm/slub.c:2667
 __slab_alloc+0x62/0xa0 mm/slub.c:2707
 slab_alloc_node mm/slub.c:2792 [inline]
 slab_alloc mm/slub.c:2837 [inline]
 kmem_cache_alloc+0x109/0x250 mm/slub.c:2842
 kmem_cache_alloc_node include/linux/slab.h:427 [inline]
 alloc_task_struct_node kernel/fork.c:171 [inline]
 dup_task_struct+0x4f/0x600 kernel/fork.c:882
 copy_process+0x56d/0x3230 kernel/fork.c:1889
 _do_fork+0x197/0x900 kernel/fork.c:2399
 kernel_thread+0x16a/0x1d0 kernel/fork.c:2489
 create_kthread kernel/kthread.c:311 [inline]
 kthreadd+0x3b1/0x4f0 kernel/kthread.c:654
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:354
page last free stack trace:
 reset_page_owner include/linux/page_owner.h:24 [inline]
 free_pages_prepare mm/page_alloc.c:1176 [inline]
 __free_pages_ok+0x847/0x950 mm/page_alloc.c:1438
 free_the_page mm/page_alloc.c:4955 [inline]
 __free_pages+0x91/0x140 mm/page_alloc.c:4961
 free_thread_stack kernel/fork.c:299 [inline]
 release_task_stack kernel/fork.c:439 [inline]
 put_task_stack+0x212/0x260 kernel/fork.c:450
 finish_task_switch+0x24a/0x590 kernel/sched/core.c:3479
 context_switch kernel/sched/core.c:3611 [inline]
 __schedule+0xb0d/0x1320 kernel/sched/core.c:4307
 schedule_idle+0x50/0x80 kernel/sched/core.c:4403
 do_idle+0x609/0x660 kernel/sched/idle.c:288
 cpu_startup_entry+0x14/0x20 kernel/sched/idle.c:356
 start_secondary+0x3a5/0x460 arch/x86/kernel/smpboot.c:277
 secondary_startup_64+0xa4/0xb0 arch/x86/kernel/head_64.S:241

Memory state around the buggy address:
 ffff8881edf73e00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
 ffff8881edf73e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
>ffff8881edf73f00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
                                        ^
 ffff8881edf73f80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
 ffff8881edf74000: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
==================================================================