Extracting prog: 35.645338374s
Minimizing prog: 20m46.274968077s
Simplifying prog options: 0s
Extracting C: 1m15.691013794s
Simplifying C: 9m43.021407646s
extracting reproducer from 37 programs
first checking the prog from the crash report
single: executing 1 programs separately with timeout 30s
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$ext4-pipe2-syz_open_dev$vivid-ioctl$VIDIOC_S_EXT_CTRLS-openat$ptmx-ioctl$TIOCSETD-fcntl$dupfd-ioctl$TCFLSH-ioctl$TIOCSETD-ioctl$TIOCSTI-ioctl$VIDIOC_REQBUFS-syz_mount_image$ocfs2
detailed listing:
executing program 0:
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000a00)='./file0\x00', 0x1008413, &(0x7f00000003c0), 0x0, 0x510, &(0x7f0000001640)="$eJzs3c9vG1kdAPDvOHG2adJNFjjASuwu7KK0gtrJRruNOJQiIThVAsq9hMSJojhxFTttE1U0FX8AEkKAxAkuXJD4A5BQJS4cEVIlOIMAgRC0cAAJOsj2OE0T28m2rp0mn480nffDM9/33M543sx0JoBT60o2PU7T9EJETGTluWz6ZD2zE/FWRDx6eGehPiWRptf+nkSSlbXWlTa8EmPNRRor+OqXIr6RHIxb3dpenS+XSxtZvlhbu1Gsbm1fXFmbXy4tl9ZnZ2fen7s0997c9PN0b2ksS5yLiMtf+PP3vv2TL17+xWdu/eH6X89/M2m2+e7+fnxAw90qm99nPs7sKavH23jGYMfR8N7E6NGWuZf9EwEAoL/qx6Ufyo7zL8REDHU/nAUAAABeQunnxuO/Seva3QEjHcoBAACAl0guIsYjyRWy+33HI5crFKJxD+9H4myuXKnWPr1U2VxfrNdFTEY+t7RSLk1n97ZORj6p52ca6Sf5d/flZyPitYj47sRoI19YqJQXB33yAwAAAE6JsX3j/39NNMf/AAAAwAkzOegGAAAAAC+c8T8AAACcfMb/AAAAcKJ9+erV+pS23n+9eHNrc7Vy8+JiqbpaWNtcKCxUNm4UliuV5cYz+9a6rmz31YHrm7eLtVK1VqxubV9fq2yu166vPPUKbAAAAKCPXnvz/u+SiNj57GhjqhvZU/+f7D0BA2sg8MLsnrKLJJuPHPzQ719tzv/Up0YBfTE06AYAAzM86AYAA5MfdAOAgUsOqe94886vs/knetseAACg96Y+1vn6f67rkjvdq4Fjz0YMp5fr/3B6Na7/t7nlry0HC3Ci5B0BwKn33Nf/D+X/EAEAwKCNN6YkV8hO741HLlcoRJxrvBYgnyytlEvTEfFqRPx2Iv9KPT/TWDI5dMwAAAAAAAAAAAAAAAAAAAAAAAAAADSlaRIpAAAAcKJF5P6S/LL5LP+piXfG958fGEn+PRHZK0Jv/fDa92/P12obM/Xyf+yW136Qlb87iDMYAAAAwH6tcXprHA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvfTo4Z2F1tTPuH/7fERMtos/HGca8zORj4iz/0xieM9ySUQM9SD+zr2I+Gi7+Em9Wbsh28UfffHxYzL7FtrFH+tBfDjN7tf3P1fabX+5eKsxb7/9DUc8lX9Wnfd/sbv/G+qw/Z87YozXH/ys2DH+vYjXh9vvf1rxkw7x3z5i/K9/bXu7U136o4iptr8/yVOxirW1G8Xq1vbFlbX55dJyaX12dub9uUtz781NF5dWyqXsz7YxvvPxnz/u1v+zHeJPHtL/d47Y//89uP3ww81kvl3882+3if+rH2efOBg/l/32fSpL1+unWumdZnqvN376mze69X+xQ/8P+/s/f8T+X/jKt/54xI8CAH1Q3dpenS+XSxsnNlEfpR+DZkgcw8Tdg1VvRselkqT7CtM0Tevb1HM0LOkcvT+JZLdk0HsmAACg154c/Q+6JQAAAAAAAAAAAAAAAAAAAHB69eO5Yvtj7uymkl48QhsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoCf+HwAA//9Rsuhj")
pipe2(0x0, 0x84880) (async)
r0 = syz_open_dev$vivid(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_S_EXT_CTRLS(r0, 0xc0205648, &(0x7f0000000e00)={0xa00000, 0xfadb, 0x5, 0xffffffffffffffff, 0x0, 0x0})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$TCFLSH(r2, 0x400455c8, 0x1) (async)
ioctl$TIOCSETD(r2, 0x5412, &(0x7f0000000140)=0xffffffc0)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000100)=0xdb) (async)
ioctl$VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f0000000040)={0x2d, 0x6, 0x4, 0x0, 0x40}) (async)
syz_mount_image$ocfs2(&(0x7f0000004740), &(0x7f0000004780)='./file0\x00', 0x100000a, &(0x7f0000000440)=ANY=[@ANYBLOB='journal_async_commit,heartbeat=none,grpquota,inode64\x00\x00\x00\x00,localflocks,\x00'], 0x0, 0x4703, &(0x7f0000004800)="$eJzs212IXFcBB/BzJ6vZpMl2P9ImafoxSQQXLcumT9X6ENeqjabNh7bVVFlnN9vN6uzMujujBYPUIIiCoARBxQ+qQulLLYiBvtQiFPxAWoVSUbS+iBSq4INBG+jKzNybnXtntneyk7S0/f2gnb3n3nPumf3vPXfOPZNCrHZqYaW4sFIsVYrV2ftXbil+rlquL86FwqvktT4/vbkSOcn+tXPkfR/4yD23hPCHY1/70Orq6mpoGA5dHWj7+fy/T8+2vyYKmTqNdru31vLH+iMv/fwtr3REnhMhhB0d/WrYFEL42C9C2BxCGInLRuPXLSGEbSGEKITw6G/+9ePBfrrQ5uy9Lzx37MzhfWemHn/smQvzR9c9MArhu+XdN88vvrh/023Pv+MynR4AAF7RB48fufvo5IHwZBSGzg10fl7fGb8mn4/vfNun7np4YG3/Kr3Z9CqGCgAAABlr8//h6OUu63XJylqyJPjEAyfufipa229i+/p26K4jt79/8kC8/ht17L81Lvrnezc111Cz677Z9d+RTP3u679r53n4q8/+svLWjfc/6V9y3uEQFSZS24XCxEQIx6Za27uirYVydaX2zvur9crJjZ/3jSKdf3b1fm1Bv9f8RzPV89b/d3/i8z/bMtDPOxgL2b/axnax80+ZLtL5rz+W/+RLUU/5j2Xq5eV/x9Pbz/9qcz/vIHtGLkU6/9aFuK/9gGJrAGjk/82B/Px3ZNrPy//7U+cePbGB7/80xpnhqNHXwdQI8HJcvs5XmMhI598KIjV0xr/I9a7//2XyvybTfl7+d1b/8bu/9XH/X2/8H5/qp803j3T+rSCKqSPWrv+RQv71f22m/bz8f3vqz89+sq97dWf+jf6Pu//3JJ1/fCNOD57N32Sv4//OTPt5+e8au++hhQ30+8Nb4n4ORWGs7Vun5xq3sKG19ermlKaxe2kDJ3kTSOff+q2lLp2h1kvz+h/OH/93ZdrPy/+hPV9/z+m+vv/bffyfNP73JJ3/lmbZpeT/Uib/3Zn28/L/4em//+W+yzz+N7YPyr8n6fy3duxfe/5T6Gn+d12mft7zn32jTz3y1z7m/0n/kvMmz3+S5xDjUev5D92l879q3eN6vf/vydTLu/6/9Z/nn97fz/gfDXoC0Id0/ttahV0mgL3mf32m/bz8v3DPlz/+pw3M/5qf+AaT/Nvm/5tb5UeN/z1J57+9VZj6x1APNv/fvP9Hnbn/N5P/DZn28/K/cGhi4CuX+f7f6P94l0fZdErnP7TucY38f9/D/f/GTL28/L+496cv3tzX5/8QJs31Nyyd/9XrHte8/gfz878pUy8v/+9849dPPNhH/9/eR12y+bfu9anLKf5s3uv8v5hpPy//H42fP7v/Csz/bnX/70k6/9aq+aXkn53/7820n5f/9478YHngCjz/uUP+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGzIavw6HqDCR2i4UJiZCGIu3d4Wt0Uzp5PRMuTr7mZUQdsTlxTAazZerM6Xy9EKlenJuulQuV2dDuCbevyMMRivlam16sbR07cW2tkSn5krLtZm5Ui2EsDMuvz5sT9qaWagtlpaaxyZ1ropKn61Xa6WJ+srccth9sXxbUj6/XK0vXXexrasL1eWlU6XK9MmF5XdPTk5Ohj0X+zwSzT1Qm6vUWr1t7W3USeoOR21vprn7hrbzfbpaX66Uys3yG9vqlKuzpXJbnZvazldbrldmS7W56XJ1Pjlfsa1u23tr7t4b7xsPI6n3l9TNOhi/3n7o+EePHz7Qsb8YpfOu1BfnJrd3/5sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4I3rydve9e0QwkBrqxBCOJj8EMX/pZy994Xnjp05vO/M1OOPPXNh/mi3YwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4PztwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYuZ+XKro4DsBnxve+FkgpbYRcBoaI6E7Cgn4RSeU1smWb1kGtEjIoCgwjWhYEQVC7qCBoFVT+BVELl62qTS1aGERQMTqTlzvCDS90zHkeGM4Mc++ZLwzcO3M+hwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALB+nN2x2JW1l3ZtXtq6+0PozM/9H0IYTZb3P+/tCD0hhK9fZk6HVdpCT1P/bybnxstXTX7v7R9/eH00WXv9xXeL63aHJB1qON6ZpOnQ0Nr736juDD6bHkxCSGMXQhQLY0/O1EIIHbELIYqfH+cvZr/v/8UuhCj6P9ztyu5/LXYhRLF196e+Wv6MR/Wcr18YbPzvb/UI3sYjOuvQ25NX3qVuauW9zN//k3zzPlgNsyeOvH8euwiimZ2bOhq7BgAA4O861yL/D1uW9+9fTkJPdzn3/9aU//c29b96/r/i3vYbYzNthRDbSmOT2fHwvnb63PhODVy9/bpmvKeq5P/VJv+vNvl/tcn/q03+X23yfzKv5P+V9PjmnsUXsYsgGvk/AABUz6HjE1P14ZHs5X/Tj85yXt+Xt/U8T39wa3rgUcO4kfzw33b42MSBg8Mj+X0vDwiurP+QLp39ns/3aG4Lk03zLlqt/9D7dGH+Wmf5E/U/nL9R1Fdc1/oPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAvdueehkEwCsPod1sRtdGqaMLCT4IPNDAiACnMaEAHEwZgIAQUMJBzlnuTZ3kBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA5/tXeV18f2mM9Foj0lR22bV/jqfZz9y3w/I+e9y4FQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADZ24EAGAAAAQJi/dR7tBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4KkAAAD//8Oayzs=")
program crashed: BUG: unable to handle kernel paging request in bcsp_recv
single: successfully extracted reproducer
found reproducer with 12 syscalls
minimizing guilty program
testing program (duration=45.073229436s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$ext4-pipe2-syz_open_dev$vivid-ioctl$VIDIOC_S_EXT_CTRLS-openat$ptmx-ioctl$TIOCSETD-fcntl$dupfd-ioctl$TCFLSH-ioctl$TIOCSETD-ioctl$TIOCSTI-ioctl$VIDIOC_REQBUFS
detailed listing:
executing program 0:
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000a00)='./file0\x00', 0x1008413, &(0x7f00000003c0), 0x0, 0x510, &(0x7f0000001640)="$eJzs3c9vG1kdAPDvOHG2adJNFjjASuwu7KK0gtrJRruNOJQiIThVAsq9hMSJojhxFTttE1U0FX8AEkKAxAkuXJD4A5BQJS4cEVIlOIMAgRC0cAAJOsj2OE0T28m2rp0mn480nffDM9/33M543sx0JoBT60o2PU7T9EJETGTluWz6ZD2zE/FWRDx6eGehPiWRptf+nkSSlbXWlTa8EmPNRRor+OqXIr6RHIxb3dpenS+XSxtZvlhbu1Gsbm1fXFmbXy4tl9ZnZ2fen7s0997c9PN0b2ksS5yLiMtf+PP3vv2TL17+xWdu/eH6X89/M2m2+e7+fnxAw90qm99nPs7sKavH23jGYMfR8N7E6NGWuZf9EwEAoL/qx6Ufyo7zL8REDHU/nAUAAABeQunnxuO/Seva3QEjHcoBAACAl0guIsYjyRWy+33HI5crFKJxD+9H4myuXKnWPr1U2VxfrNdFTEY+t7RSLk1n97ZORj6p52ca6Sf5d/flZyPitYj47sRoI19YqJQXB33yAwAAAE6JsX3j/39NNMf/AAAAwAkzOegGAAAAAC+c8T8AAACcfMb/AAAAcKJ9+erV+pS23n+9eHNrc7Vy8+JiqbpaWNtcKCxUNm4UliuV5cYz+9a6rmz31YHrm7eLtVK1VqxubV9fq2yu166vPPUKbAAAAKCPXnvz/u+SiNj57GhjqhvZU/+f7D0BA2sg8MLsnrKLJJuPHPzQ719tzv/Up0YBfTE06AYAAzM86AYAA5MfdAOAgUsOqe94886vs/knetseAACg96Y+1vn6f67rkjvdq4Fjz0YMp5fr/3B6Na7/t7nlry0HC3Ci5B0BwKn33Nf/D+X/EAEAwKCNN6YkV8hO741HLlcoRJxrvBYgnyytlEvTEfFqRPx2Iv9KPT/TWDI5dMwAAAAAAAAAAAAAAAAAAAAAAAAAADSlaRIpAAAAcKJF5P6S/LL5LP+piXfG958fGEn+PRHZK0Jv/fDa92/P12obM/Xyf+yW136Qlb87iDMYAAAAwH6tcXprHA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvfTo4Z2F1tTPuH/7fERMtos/HGca8zORj4iz/0xieM9ySUQM9SD+zr2I+Gi7+Em9Wbsh28UfffHxYzL7FtrFH+tBfDjN7tf3P1fabX+5eKsxb7/9DUc8lX9Wnfd/sbv/G+qw/Z87YozXH/ys2DH+vYjXh9vvf1rxkw7x3z5i/K9/bXu7U136o4iptr8/yVOxirW1G8Xq1vbFlbX55dJyaX12dub9uUtz781NF5dWyqXsz7YxvvPxnz/u1v+zHeJPHtL/d47Y//89uP3ww81kvl3882+3if+rH2efOBg/l/32fSpL1+unWumdZnqvN376mze69X+xQ/8P+/s/f8T+X/jKt/54xI8CAH1Q3dpenS+XSxsnNlEfpR+DZkgcw8Tdg1VvRselkqT7CtM0Tevb1HM0LOkcvT+JZLdk0HsmAACg154c/Q+6JQAAAAAAAAAAAAAAAAAAAHB69eO5Yvtj7uymkl48QhsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoCf+HwAA//9Rsuhj")
pipe2(0x0, 0x84880) (async)
r0 = syz_open_dev$vivid(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_S_EXT_CTRLS(r0, 0xc0205648, &(0x7f0000000e00)={0xa00000, 0xfadb, 0x5, 0xffffffffffffffff, 0x0, 0x0})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$TCFLSH(r2, 0x400455c8, 0x1) (async)
ioctl$TIOCSETD(r2, 0x5412, &(0x7f0000000140)=0xffffffc0)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000100)=0xdb) (async)
ioctl$VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f0000000040)={0x2d, 0x6, 0x4, 0x0, 0x40}) (async)
program crashed: BUG: unable to handle kernel paging request in bcsp_recv
testing program (duration=45.073229436s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$ext4-pipe2-syz_open_dev$vivid-ioctl$VIDIOC_S_EXT_CTRLS-openat$ptmx-ioctl$TIOCSETD-fcntl$dupfd-ioctl$TCFLSH-ioctl$TIOCSETD-ioctl$TIOCSTI
detailed listing:
executing program 0:
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000a00)='./file0\x00', 0x1008413, &(0x7f00000003c0), 0x0, 0x510, &(0x7f0000001640)="$eJzs3c9vG1kdAPDvOHG2adJNFjjASuwu7KK0gtrJRruNOJQiIThVAsq9hMSJojhxFTttE1U0FX8AEkKAxAkuXJD4A5BQJS4cEVIlOIMAgRC0cAAJOsj2OE0T28m2rp0mn480nffDM9/33M543sx0JoBT60o2PU7T9EJETGTluWz6ZD2zE/FWRDx6eGehPiWRptf+nkSSlbXWlTa8EmPNRRor+OqXIr6RHIxb3dpenS+XSxtZvlhbu1Gsbm1fXFmbXy4tl9ZnZ2fen7s0997c9PN0b2ksS5yLiMtf+PP3vv2TL17+xWdu/eH6X89/M2m2+e7+fnxAw90qm99nPs7sKavH23jGYMfR8N7E6NGWuZf9EwEAoL/qx6Ufyo7zL8REDHU/nAUAAABeQunnxuO/Seva3QEjHcoBAACAl0guIsYjyRWy+33HI5crFKJxD+9H4myuXKnWPr1U2VxfrNdFTEY+t7RSLk1n97ZORj6p52ca6Sf5d/flZyPitYj47sRoI19YqJQXB33yAwAAAE6JsX3j/39NNMf/AAAAwAkzOegGAAAAAC+c8T8AAACcfMb/AAAAcKJ9+erV+pS23n+9eHNrc7Vy8+JiqbpaWNtcKCxUNm4UliuV5cYz+9a6rmz31YHrm7eLtVK1VqxubV9fq2yu166vPPUKbAAAAKCPXnvz/u+SiNj57GhjqhvZU/+f7D0BA2sg8MLsnrKLJJuPHPzQ719tzv/Up0YBfTE06AYAAzM86AYAA5MfdAOAgUsOqe94886vs/knetseAACg96Y+1vn6f67rkjvdq4Fjz0YMp5fr/3B6Na7/t7nlry0HC3Ci5B0BwKn33Nf/D+X/EAEAwKCNN6YkV8hO741HLlcoRJxrvBYgnyytlEvTEfFqRPx2Iv9KPT/TWDI5dMwAAAAAAAAAAAAAAAAAAAAAAAAAADSlaRIpAAAAcKJF5P6S/LL5LP+piXfG958fGEn+PRHZK0Jv/fDa92/P12obM/Xyf+yW136Qlb87iDMYAAAAwH6tcXprHA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvfTo4Z2F1tTPuH/7fERMtos/HGca8zORj4iz/0xieM9ySUQM9SD+zr2I+Gi7+Em9Wbsh28UfffHxYzL7FtrFH+tBfDjN7tf3P1fabX+5eKsxb7/9DUc8lX9Wnfd/sbv/G+qw/Z87YozXH/ys2DH+vYjXh9vvf1rxkw7x3z5i/K9/bXu7U136o4iptr8/yVOxirW1G8Xq1vbFlbX55dJyaX12dub9uUtz781NF5dWyqXsz7YxvvPxnz/u1v+zHeJPHtL/d47Y//89uP3ww81kvl3882+3if+rH2efOBg/l/32fSpL1+unWumdZnqvN376mze69X+xQ/8P+/s/f8T+X/jKt/54xI8CAH1Q3dpenS+XSxsnNlEfpR+DZkgcw8Tdg1VvRselkqT7CtM0Tevb1HM0LOkcvT+JZLdk0HsmAACg154c/Q+6JQAAAAAAAAAAAAAAAAAAAHB69eO5Yvtj7uymkl48QhsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoCf+HwAA//9Rsuhj")
pipe2(0x0, 0x84880) (async)
r0 = syz_open_dev$vivid(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_S_EXT_CTRLS(r0, 0xc0205648, &(0x7f0000000e00)={0xa00000, 0xfadb, 0x5, 0xffffffffffffffff, 0x0, 0x0})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$TCFLSH(r2, 0x400455c8, 0x1) (async)
ioctl$TIOCSETD(r2, 0x5412, &(0x7f0000000140)=0xffffffc0)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000100)=0xdb) (async)
program crashed: BUG: unable to handle kernel paging request in bcsp_recv
testing program (duration=45.073229436s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$ext4-pipe2-syz_open_dev$vivid-ioctl$VIDIOC_S_EXT_CTRLS-openat$ptmx-ioctl$TIOCSETD-fcntl$dupfd-ioctl$TCFLSH-ioctl$TIOCSETD
detailed listing:
executing program 0:
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000a00)='./file0\x00', 0x1008413, &(0x7f00000003c0), 0x0, 0x510, &(0x7f0000001640)="$eJzs3c9vG1kdAPDvOHG2adJNFjjASuwu7KK0gtrJRruNOJQiIThVAsq9hMSJojhxFTttE1U0FX8AEkKAxAkuXJD4A5BQJS4cEVIlOIMAgRC0cAAJOsj2OE0T28m2rp0mn480nffDM9/33M543sx0JoBT60o2PU7T9EJETGTluWz6ZD2zE/FWRDx6eGehPiWRptf+nkSSlbXWlTa8EmPNRRor+OqXIr6RHIxb3dpenS+XSxtZvlhbu1Gsbm1fXFmbXy4tl9ZnZ2fen7s0997c9PN0b2ksS5yLiMtf+PP3vv2TL17+xWdu/eH6X89/M2m2+e7+fnxAw90qm99nPs7sKavH23jGYMfR8N7E6NGWuZf9EwEAoL/qx6Ufyo7zL8REDHU/nAUAAABeQunnxuO/Seva3QEjHcoBAACAl0guIsYjyRWy+33HI5crFKJxD+9H4myuXKnWPr1U2VxfrNdFTEY+t7RSLk1n97ZORj6p52ca6Sf5d/flZyPitYj47sRoI19YqJQXB33yAwAAAE6JsX3j/39NNMf/AAAAwAkzOegGAAAAAC+c8T8AAACcfMb/AAAAcKJ9+erV+pS23n+9eHNrc7Vy8+JiqbpaWNtcKCxUNm4UliuV5cYz+9a6rmz31YHrm7eLtVK1VqxubV9fq2yu166vPPUKbAAAAKCPXnvz/u+SiNj57GhjqhvZU/+f7D0BA2sg8MLsnrKLJJuPHPzQ719tzv/Up0YBfTE06AYAAzM86AYAA5MfdAOAgUsOqe94886vs/knetseAACg96Y+1vn6f67rkjvdq4Fjz0YMp5fr/3B6Na7/t7nlry0HC3Ci5B0BwKn33Nf/D+X/EAEAwKCNN6YkV8hO741HLlcoRJxrvBYgnyytlEvTEfFqRPx2Iv9KPT/TWDI5dMwAAAAAAAAAAAAAAAAAAAAAAAAAADSlaRIpAAAAcKJF5P6S/LL5LP+piXfG958fGEn+PRHZK0Jv/fDa92/P12obM/Xyf+yW136Qlb87iDMYAAAAwH6tcXprHA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvfTo4Z2F1tTPuH/7fERMtos/HGca8zORj4iz/0xieM9ySUQM9SD+zr2I+Gi7+Em9Wbsh28UfffHxYzL7FtrFH+tBfDjN7tf3P1fabX+5eKsxb7/9DUc8lX9Wnfd/sbv/G+qw/Z87YozXH/ys2DH+vYjXh9vvf1rxkw7x3z5i/K9/bXu7U136o4iptr8/yVOxirW1G8Xq1vbFlbX55dJyaX12dub9uUtz781NF5dWyqXsz7YxvvPxnz/u1v+zHeJPHtL/d47Y//89uP3ww81kvl3882+3if+rH2efOBg/l/32fSpL1+unWumdZnqvN376mze69X+xQ/8P+/s/f8T+X/jKt/54xI8CAH1Q3dpenS+XSxsnNlEfpR+DZkgcw8Tdg1VvRselkqT7CtM0Tevb1HM0LOkcvT+JZLdk0HsmAACg154c/Q+6JQAAAAAAAAAAAAAAAAAAAHB69eO5Yvtj7uymkl48QhsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoCf+HwAA//9Rsuhj")
pipe2(0x0, 0x84880) (async)
r0 = syz_open_dev$vivid(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_S_EXT_CTRLS(r0, 0xc0205648, &(0x7f0000000e00)={0xa00000, 0xfadb, 0x5, 0xffffffffffffffff, 0x0, 0x0})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$TCFLSH(r2, 0x400455c8, 0x1) (async)
ioctl$TIOCSETD(r2, 0x5412, &(0x7f0000000140)=0xffffffc0)
program crashed: BUG: unable to handle kernel paging request in bcsp_recv
testing program (duration=45.073229436s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$ext4-pipe2-syz_open_dev$vivid-ioctl$VIDIOC_S_EXT_CTRLS-openat$ptmx-ioctl$TIOCSETD-fcntl$dupfd-ioctl$TCFLSH
detailed listing:
executing program 0:
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000a00)='./file0\x00', 0x1008413, &(0x7f00000003c0), 0x0, 0x510, &(0x7f0000001640)="$eJzs3c9vG1kdAPDvOHG2adJNFjjASuwu7KK0gtrJRruNOJQiIThVAsq9hMSJojhxFTttE1U0FX8AEkKAxAkuXJD4A5BQJS4cEVIlOIMAgRC0cAAJOsj2OE0T28m2rp0mn480nffDM9/33M543sx0JoBT60o2PU7T9EJETGTluWz6ZD2zE/FWRDx6eGehPiWRptf+nkSSlbXWlTa8EmPNRRor+OqXIr6RHIxb3dpenS+XSxtZvlhbu1Gsbm1fXFmbXy4tl9ZnZ2fen7s0997c9PN0b2ksS5yLiMtf+PP3vv2TL17+xWdu/eH6X89/M2m2+e7+fnxAw90qm99nPs7sKavH23jGYMfR8N7E6NGWuZf9EwEAoL/qx6Ufyo7zL8REDHU/nAUAAABeQunnxuO/Seva3QEjHcoBAACAl0guIsYjyRWy+33HI5crFKJxD+9H4myuXKnWPr1U2VxfrNdFTEY+t7RSLk1n97ZORj6p52ca6Sf5d/flZyPitYj47sRoI19YqJQXB33yAwAAAE6JsX3j/39NNMf/AAAAwAkzOegGAAAAAC+c8T8AAACcfMb/AAAAcKJ9+erV+pS23n+9eHNrc7Vy8+JiqbpaWNtcKCxUNm4UliuV5cYz+9a6rmz31YHrm7eLtVK1VqxubV9fq2yu166vPPUKbAAAAKCPXnvz/u+SiNj57GhjqhvZU/+f7D0BA2sg8MLsnrKLJJuPHPzQ719tzv/Up0YBfTE06AYAAzM86AYAA5MfdAOAgUsOqe94886vs/knetseAACg96Y+1vn6f67rkjvdq4Fjz0YMp5fr/3B6Na7/t7nlry0HC3Ci5B0BwKn33Nf/D+X/EAEAwKCNN6YkV8hO741HLlcoRJxrvBYgnyytlEvTEfFqRPx2Iv9KPT/TWDI5dMwAAAAAAAAAAAAAAAAAAAAAAAAAADSlaRIpAAAAcKJF5P6S/LL5LP+piXfG958fGEn+PRHZK0Jv/fDa92/P12obM/Xyf+yW136Qlb87iDMYAAAAwH6tcXprHA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvfTo4Z2F1tTPuH/7fERMtos/HGca8zORj4iz/0xieM9ySUQM9SD+zr2I+Gi7+Em9Wbsh28UfffHxYzL7FtrFH+tBfDjN7tf3P1fabX+5eKsxb7/9DUc8lX9Wnfd/sbv/G+qw/Z87YozXH/ys2DH+vYjXh9vvf1rxkw7x3z5i/K9/bXu7U136o4iptr8/yVOxirW1G8Xq1vbFlbX55dJyaX12dub9uUtz781NF5dWyqXsz7YxvvPxnz/u1v+zHeJPHtL/d47Y//89uP3ww81kvl3882+3if+rH2efOBg/l/32fSpL1+unWumdZnqvN376mze69X+xQ/8P+/s/f8T+X/jKt/54xI8CAH1Q3dpenS+XSxsnNlEfpR+DZkgcw8Tdg1VvRselkqT7CtM0Tevb1HM0LOkcvT+JZLdk0HsmAACg154c/Q+6JQAAAAAAAAAAAAAAAAAAAHB69eO5Yvtj7uymkl48QhsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoCf+HwAA//9Rsuhj")
pipe2(0x0, 0x84880) (async)
r0 = syz_open_dev$vivid(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_S_EXT_CTRLS(r0, 0xc0205648, &(0x7f0000000e00)={0xa00000, 0xfadb, 0x5, 0xffffffffffffffff, 0x0, 0x0})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$TCFLSH(r2, 0x400455c8, 0x1) (async)
program did not crash
testing program (duration=45.073229436s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$ext4-pipe2-syz_open_dev$vivid-ioctl$VIDIOC_S_EXT_CTRLS-openat$ptmx-ioctl$TIOCSETD-fcntl$dupfd-ioctl$TIOCSETD
detailed listing:
executing program 0:
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000a00)='./file0\x00', 0x1008413, &(0x7f00000003c0), 0x0, 0x510, &(0x7f0000001640)="$eJzs3c9vG1kdAPDvOHG2adJNFjjASuwu7KK0gtrJRruNOJQiIThVAsq9hMSJojhxFTttE1U0FX8AEkKAxAkuXJD4A5BQJS4cEVIlOIMAgRC0cAAJOsj2OE0T28m2rp0mn480nffDM9/33M543sx0JoBT60o2PU7T9EJETGTluWz6ZD2zE/FWRDx6eGehPiWRptf+nkSSlbXWlTa8EmPNRRor+OqXIr6RHIxb3dpenS+XSxtZvlhbu1Gsbm1fXFmbXy4tl9ZnZ2fen7s0997c9PN0b2ksS5yLiMtf+PP3vv2TL17+xWdu/eH6X89/M2m2+e7+fnxAw90qm99nPs7sKavH23jGYMfR8N7E6NGWuZf9EwEAoL/qx6Ufyo7zL8REDHU/nAUAAABeQunnxuO/Seva3QEjHcoBAACAl0guIsYjyRWy+33HI5crFKJxD+9H4myuXKnWPr1U2VxfrNdFTEY+t7RSLk1n97ZORj6p52ca6Sf5d/flZyPitYj47sRoI19YqJQXB33yAwAAAE6JsX3j/39NNMf/AAAAwAkzOegGAAAAAC+c8T8AAACcfMb/AAAAcKJ9+erV+pS23n+9eHNrc7Vy8+JiqbpaWNtcKCxUNm4UliuV5cYz+9a6rmz31YHrm7eLtVK1VqxubV9fq2yu166vPPUKbAAAAKCPXnvz/u+SiNj57GhjqhvZU/+f7D0BA2sg8MLsnrKLJJuPHPzQ719tzv/Up0YBfTE06AYAAzM86AYAA5MfdAOAgUsOqe94886vs/knetseAACg96Y+1vn6f67rkjvdq4Fjz0YMp5fr/3B6Na7/t7nlry0HC3Ci5B0BwKn33Nf/D+X/EAEAwKCNN6YkV8hO741HLlcoRJxrvBYgnyytlEvTEfFqRPx2Iv9KPT/TWDI5dMwAAAAAAAAAAAAAAAAAAAAAAAAAADSlaRIpAAAAcKJF5P6S/LL5LP+piXfG958fGEn+PRHZK0Jv/fDa92/P12obM/Xyf+yW136Qlb87iDMYAAAAwH6tcXprHA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvfTo4Z2F1tTPuH/7fERMtos/HGca8zORj4iz/0xieM9ySUQM9SD+zr2I+Gi7+Em9Wbsh28UfffHxYzL7FtrFH+tBfDjN7tf3P1fabX+5eKsxb7/9DUc8lX9Wnfd/sbv/G+qw/Z87YozXH/ys2DH+vYjXh9vvf1rxkw7x3z5i/K9/bXu7U136o4iptr8/yVOxirW1G8Xq1vbFlbX55dJyaX12dub9uUtz781NF5dWyqXsz7YxvvPxnz/u1v+zHeJPHtL/d47Y//89uP3ww81kvl3882+3if+rH2efOBg/l/32fSpL1+unWumdZnqvN376mze69X+xQ/8P+/s/f8T+X/jKt/54xI8CAH1Q3dpenS+XSxsnNlEfpR+DZkgcw8Tdg1VvRselkqT7CtM0Tevb1HM0LOkcvT+JZLdk0HsmAACg154c/Q+6JQAAAAAAAAAAAAAAAAAAAHB69eO5Yvtj7uymkl48QhsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoCf+HwAA//9Rsuhj")
pipe2(0x0, 0x84880) (async)
r0 = syz_open_dev$vivid(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_S_EXT_CTRLS(r0, 0xc0205648, &(0x7f0000000e00)={0xa00000, 0xfadb, 0x5, 0xffffffffffffffff, 0x0, 0x0})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$TIOCSETD(r2, 0x5412, &(0x7f0000000140)=0xffffffc0)
program did not crash
testing program (duration=45.073229436s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$ext4-pipe2-syz_open_dev$vivid-ioctl$VIDIOC_S_EXT_CTRLS-openat$ptmx-ioctl$TIOCSETD-ioctl$TCFLSH-ioctl$TIOCSETD
detailed listing:
executing program 0:
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000a00)='./file0\x00', 0x1008413, &(0x7f00000003c0), 0x0, 0x510, &(0x7f0000001640)="$eJzs3c9vG1kdAPDvOHG2adJNFjjASuwu7KK0gtrJRruNOJQiIThVAsq9hMSJojhxFTttE1U0FX8AEkKAxAkuXJD4A5BQJS4cEVIlOIMAgRC0cAAJOsj2OE0T28m2rp0mn480nffDM9/33M543sx0JoBT60o2PU7T9EJETGTluWz6ZD2zE/FWRDx6eGehPiWRptf+nkSSlbXWlTa8EmPNRRor+OqXIr6RHIxb3dpenS+XSxtZvlhbu1Gsbm1fXFmbXy4tl9ZnZ2fen7s0997c9PN0b2ksS5yLiMtf+PP3vv2TL17+xWdu/eH6X89/M2m2+e7+fnxAw90qm99nPs7sKavH23jGYMfR8N7E6NGWuZf9EwEAoL/qx6Ufyo7zL8REDHU/nAUAAABeQunnxuO/Seva3QEjHcoBAACAl0guIsYjyRWy+33HI5crFKJxD+9H4myuXKnWPr1U2VxfrNdFTEY+t7RSLk1n97ZORj6p52ca6Sf5d/flZyPitYj47sRoI19YqJQXB33yAwAAAE6JsX3j/39NNMf/AAAAwAkzOegGAAAAAC+c8T8AAACcfMb/AAAAcKJ9+erV+pS23n+9eHNrc7Vy8+JiqbpaWNtcKCxUNm4UliuV5cYz+9a6rmz31YHrm7eLtVK1VqxubV9fq2yu166vPPUKbAAAAKCPXnvz/u+SiNj57GhjqhvZU/+f7D0BA2sg8MLsnrKLJJuPHPzQ719tzv/Up0YBfTE06AYAAzM86AYAA5MfdAOAgUsOqe94886vs/knetseAACg96Y+1vn6f67rkjvdq4Fjz0YMp5fr/3B6Na7/t7nlry0HC3Ci5B0BwKn33Nf/D+X/EAEAwKCNN6YkV8hO741HLlcoRJxrvBYgnyytlEvTEfFqRPx2Iv9KPT/TWDI5dMwAAAAAAAAAAAAAAAAAAAAAAAAAADSlaRIpAAAAcKJF5P6S/LL5LP+piXfG958fGEn+PRHZK0Jv/fDa92/P12obM/Xyf+yW136Qlb87iDMYAAAAwH6tcXprHA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvfTo4Z2F1tTPuH/7fERMtos/HGca8zORj4iz/0xieM9ySUQM9SD+zr2I+Gi7+Em9Wbsh28UfffHxYzL7FtrFH+tBfDjN7tf3P1fabX+5eKsxb7/9DUc8lX9Wnfd/sbv/G+qw/Z87YozXH/ys2DH+vYjXh9vvf1rxkw7x3z5i/K9/bXu7U136o4iptr8/yVOxirW1G8Xq1vbFlbX55dJyaX12dub9uUtz781NF5dWyqXsz7YxvvPxnz/u1v+zHeJPHtL/d47Y//89uP3ww81kvl3882+3if+rH2efOBg/l/32fSpL1+unWumdZnqvN376mze69X+xQ/8P+/s/f8T+X/jKt/54xI8CAH1Q3dpenS+XSxsnNlEfpR+DZkgcw8Tdg1VvRselkqT7CtM0Tevb1HM0LOkcvT+JZLdk0HsmAACg154c/Q+6JQAAAAAAAAAAAAAAAAAAAHB69eO5Yvtj7uymkl48QhsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoCf+HwAA//9Rsuhj")
pipe2(0x0, 0x84880) (async)
r0 = syz_open_dev$vivid(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_S_EXT_CTRLS(r0, 0xc0205648, &(0x7f0000000e00)={0xa00000, 0xfadb, 0x5, 0xffffffffffffffff, 0x0, 0x0})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(0xffffffffffffffff, 0x400455c8, 0x1) (async)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000140)=0xffffffc0)
program did not crash
testing program (duration=45.073229436s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$ext4-pipe2-syz_open_dev$vivid-ioctl$VIDIOC_S_EXT_CTRLS-openat$ptmx-fcntl$dupfd-ioctl$TCFLSH-ioctl$TIOCSETD
detailed listing:
executing program 0:
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000a00)='./file0\x00', 0x1008413, &(0x7f00000003c0), 0x0, 0x510, &(0x7f0000001640)="$eJzs3c9vG1kdAPDvOHG2adJNFjjASuwu7KK0gtrJRruNOJQiIThVAsq9hMSJojhxFTttE1U0FX8AEkKAxAkuXJD4A5BQJS4cEVIlOIMAgRC0cAAJOsj2OE0T28m2rp0mn480nffDM9/33M543sx0JoBT60o2PU7T9EJETGTluWz6ZD2zE/FWRDx6eGehPiWRptf+nkSSlbXWlTa8EmPNRRor+OqXIr6RHIxb3dpenS+XSxtZvlhbu1Gsbm1fXFmbXy4tl9ZnZ2fen7s0997c9PN0b2ksS5yLiMtf+PP3vv2TL17+xWdu/eH6X89/M2m2+e7+fnxAw90qm99nPs7sKavH23jGYMfR8N7E6NGWuZf9EwEAoL/qx6Ufyo7zL8REDHU/nAUAAABeQunnxuO/Seva3QEjHcoBAACAl0guIsYjyRWy+33HI5crFKJxD+9H4myuXKnWPr1U2VxfrNdFTEY+t7RSLk1n97ZORj6p52ca6Sf5d/flZyPitYj47sRoI19YqJQXB33yAwAAAE6JsX3j/39NNMf/AAAAwAkzOegGAAAAAC+c8T8AAACcfMb/AAAAcKJ9+erV+pS23n+9eHNrc7Vy8+JiqbpaWNtcKCxUNm4UliuV5cYz+9a6rmz31YHrm7eLtVK1VqxubV9fq2yu166vPPUKbAAAAKCPXnvz/u+SiNj57GhjqhvZU/+f7D0BA2sg8MLsnrKLJJuPHPzQ719tzv/Up0YBfTE06AYAAzM86AYAA5MfdAOAgUsOqe94886vs/knetseAACg96Y+1vn6f67rkjvdq4Fjz0YMp5fr/3B6Na7/t7nlry0HC3Ci5B0BwKn33Nf/D+X/EAEAwKCNN6YkV8hO741HLlcoRJxrvBYgnyytlEvTEfFqRPx2Iv9KPT/TWDI5dMwAAAAAAAAAAAAAAAAAAAAAAAAAADSlaRIpAAAAcKJF5P6S/LL5LP+piXfG958fGEn+PRHZK0Jv/fDa92/P12obM/Xyf+yW136Qlb87iDMYAAAAwH6tcXprHA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvfTo4Z2F1tTPuH/7fERMtos/HGca8zORj4iz/0xieM9ySUQM9SD+zr2I+Gi7+Em9Wbsh28UfffHxYzL7FtrFH+tBfDjN7tf3P1fabX+5eKsxb7/9DUc8lX9Wnfd/sbv/G+qw/Z87YozXH/ys2DH+vYjXh9vvf1rxkw7x3z5i/K9/bXu7U136o4iptr8/yVOxirW1G8Xq1vbFlbX55dJyaX12dub9uUtz781NF5dWyqXsz7YxvvPxnz/u1v+zHeJPHtL/d47Y//89uP3ww81kvl3882+3if+rH2efOBg/l/32fSpL1+unWumdZnqvN376mze69X+xQ/8P+/s/f8T+X/jKt/54xI8CAH1Q3dpenS+XSxsnNlEfpR+DZkgcw8Tdg1VvRselkqT7CtM0Tevb1HM0LOkcvT+JZLdk0HsmAACg154c/Q+6JQAAAAAAAAAAAAAAAAAAAHB69eO5Yvtj7uymkl48QhsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoCf+HwAA//9Rsuhj")
pipe2(0x0, 0x84880) (async)
r0 = syz_open_dev$vivid(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_S_EXT_CTRLS(r0, 0xc0205648, &(0x7f0000000e00)={0xa00000, 0xfadb, 0x5, 0xffffffffffffffff, 0x0, 0x0})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$TCFLSH(r2, 0x400455c8, 0x1) (async)
ioctl$TIOCSETD(r2, 0x5412, &(0x7f0000000140)=0xffffffc0)
program did not crash
testing program (duration=45.073229436s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$ext4-pipe2-syz_open_dev$vivid-ioctl$VIDIOC_S_EXT_CTRLS-ioctl$TIOCSETD-fcntl$dupfd-ioctl$TCFLSH-ioctl$TIOCSETD
detailed listing:
executing program 0:
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000a00)='./file0\x00', 0x1008413, &(0x7f00000003c0), 0x0, 0x510, &(0x7f0000001640)="$eJzs3c9vG1kdAPDvOHG2adJNFjjASuwu7KK0gtrJRruNOJQiIThVAsq9hMSJojhxFTttE1U0FX8AEkKAxAkuXJD4A5BQJS4cEVIlOIMAgRC0cAAJOsj2OE0T28m2rp0mn480nffDM9/33M543sx0JoBT60o2PU7T9EJETGTluWz6ZD2zE/FWRDx6eGehPiWRptf+nkSSlbXWlTa8EmPNRRor+OqXIr6RHIxb3dpenS+XSxtZvlhbu1Gsbm1fXFmbXy4tl9ZnZ2fen7s0997c9PN0b2ksS5yLiMtf+PP3vv2TL17+xWdu/eH6X89/M2m2+e7+fnxAw90qm99nPs7sKavH23jGYMfR8N7E6NGWuZf9EwEAoL/qx6Ufyo7zL8REDHU/nAUAAABeQunnxuO/Seva3QEjHcoBAACAl0guIsYjyRWy+33HI5crFKJxD+9H4myuXKnWPr1U2VxfrNdFTEY+t7RSLk1n97ZORj6p52ca6Sf5d/flZyPitYj47sRoI19YqJQXB33yAwAAAE6JsX3j/39NNMf/AAAAwAkzOegGAAAAAC+c8T8AAACcfMb/AAAAcKJ9+erV+pS23n+9eHNrc7Vy8+JiqbpaWNtcKCxUNm4UliuV5cYz+9a6rmz31YHrm7eLtVK1VqxubV9fq2yu166vPPUKbAAAAKCPXnvz/u+SiNj57GhjqhvZU/+f7D0BA2sg8MLsnrKLJJuPHPzQ719tzv/Up0YBfTE06AYAAzM86AYAA5MfdAOAgUsOqe94886vs/knetseAACg96Y+1vn6f67rkjvdq4Fjz0YMp5fr/3B6Na7/t7nlry0HC3Ci5B0BwKn33Nf/D+X/EAEAwKCNN6YkV8hO741HLlcoRJxrvBYgnyytlEvTEfFqRPx2Iv9KPT/TWDI5dMwAAAAAAAAAAAAAAAAAAAAAAAAAADSlaRIpAAAAcKJF5P6S/LL5LP+piXfG958fGEn+PRHZK0Jv/fDa92/P12obM/Xyf+yW136Qlb87iDMYAAAAwH6tcXprHA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvfTo4Z2F1tTPuH/7fERMtos/HGca8zORj4iz/0xieM9ySUQM9SD+zr2I+Gi7+Em9Wbsh28UfffHxYzL7FtrFH+tBfDjN7tf3P1fabX+5eKsxb7/9DUc8lX9Wnfd/sbv/G+qw/Z87YozXH/ys2DH+vYjXh9vvf1rxkw7x3z5i/K9/bXu7U136o4iptr8/yVOxirW1G8Xq1vbFlbX55dJyaX12dub9uUtz781NF5dWyqXsz7YxvvPxnz/u1v+zHeJPHtL/d47Y//89uP3ww81kvl3882+3if+rH2efOBg/l/32fSpL1+unWumdZnqvN376mze69X+xQ/8P+/s/f8T+X/jKt/54xI8CAH1Q3dpenS+XSxsnNlEfpR+DZkgcw8Tdg1VvRselkqT7CtM0Tevb1HM0LOkcvT+JZLdk0HsmAACg154c/Q+6JQAAAAAAAAAAAAAAAAAAAHB69eO5Yvtj7uymkl48QhsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoCf+HwAA//9Rsuhj")
pipe2(0x0, 0x84880) (async)
r0 = syz_open_dev$vivid(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_S_EXT_CTRLS(r0, 0xc0205648, &(0x7f0000000e00)={0xa00000, 0xfadb, 0x5, 0xffffffffffffffff, 0x0, 0x0})
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$TCFLSH(r1, 0x400455c8, 0x1) (async)
ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000140)=0xffffffc0)
program did not crash
testing program (duration=45.073229436s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$ext4-pipe2-syz_open_dev$vivid-openat$ptmx-ioctl$TIOCSETD-fcntl$dupfd-ioctl$TCFLSH-ioctl$TIOCSETD
detailed listing:
executing program 0:
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000a00)='./file0\x00', 0x1008413, &(0x7f00000003c0), 0x0, 0x510, &(0x7f0000001640)="$eJzs3c9vG1kdAPDvOHG2adJNFjjASuwu7KK0gtrJRruNOJQiIThVAsq9hMSJojhxFTttE1U0FX8AEkKAxAkuXJD4A5BQJS4cEVIlOIMAgRC0cAAJOsj2OE0T28m2rp0mn480nffDM9/33M543sx0JoBT60o2PU7T9EJETGTluWz6ZD2zE/FWRDx6eGehPiWRptf+nkSSlbXWlTa8EmPNRRor+OqXIr6RHIxb3dpenS+XSxtZvlhbu1Gsbm1fXFmbXy4tl9ZnZ2fen7s0997c9PN0b2ksS5yLiMtf+PP3vv2TL17+xWdu/eH6X89/M2m2+e7+fnxAw90qm99nPs7sKavH23jGYMfR8N7E6NGWuZf9EwEAoL/qx6Ufyo7zL8REDHU/nAUAAABeQunnxuO/Seva3QEjHcoBAACAl0guIsYjyRWy+33HI5crFKJxD+9H4myuXKnWPr1U2VxfrNdFTEY+t7RSLk1n97ZORj6p52ca6Sf5d/flZyPitYj47sRoI19YqJQXB33yAwAAAE6JsX3j/39NNMf/AAAAwAkzOegGAAAAAC+c8T8AAACcfMb/AAAAcKJ9+erV+pS23n+9eHNrc7Vy8+JiqbpaWNtcKCxUNm4UliuV5cYz+9a6rmz31YHrm7eLtVK1VqxubV9fq2yu166vPPUKbAAAAKCPXnvz/u+SiNj57GhjqhvZU/+f7D0BA2sg8MLsnrKLJJuPHPzQ719tzv/Up0YBfTE06AYAAzM86AYAA5MfdAOAgUsOqe94886vs/knetseAACg96Y+1vn6f67rkjvdq4Fjz0YMp5fr/3B6Na7/t7nlry0HC3Ci5B0BwKn33Nf/D+X/EAEAwKCNN6YkV8hO741HLlcoRJxrvBYgnyytlEvTEfFqRPx2Iv9KPT/TWDI5dMwAAAAAAAAAAAAAAAAAAAAAAAAAADSlaRIpAAAAcKJF5P6S/LL5LP+piXfG958fGEn+PRHZK0Jv/fDa92/P12obM/Xyf+yW136Qlb87iDMYAAAAwH6tcXprHA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvfTo4Z2F1tTPuH/7fERMtos/HGca8zORj4iz/0xieM9ySUQM9SD+zr2I+Gi7+Em9Wbsh28UfffHxYzL7FtrFH+tBfDjN7tf3P1fabX+5eKsxb7/9DUc8lX9Wnfd/sbv/G+qw/Z87YozXH/ys2DH+vYjXh9vvf1rxkw7x3z5i/K9/bXu7U136o4iptr8/yVOxirW1G8Xq1vbFlbX55dJyaX12dub9uUtz781NF5dWyqXsz7YxvvPxnz/u1v+zHeJPHtL/d47Y//89uP3ww81kvl3882+3if+rH2efOBg/l/32fSpL1+unWumdZnqvN376mze69X+xQ/8P+/s/f8T+X/jKt/54xI8CAH1Q3dpenS+XSxsnNlEfpR+DZkgcw8Tdg1VvRselkqT7CtM0Tevb1HM0LOkcvT+JZLdk0HsmAACg154c/Q+6JQAAAAAAAAAAAAAAAAAAAHB69eO5Yvtj7uymkl48QhsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoCf+HwAA//9Rsuhj")
pipe2(0x0, 0x84880) (async)
syz_open_dev$vivid(&(0x7f0000000000), 0x1, 0x2)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x1) (async)
ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000140)=0xffffffc0)
program crashed: BUG: unable to handle kernel paging request in bcsp_recv
testing program (duration=45.073229436s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$ext4-pipe2-openat$ptmx-ioctl$TIOCSETD-fcntl$dupfd-ioctl$TCFLSH-ioctl$TIOCSETD
detailed listing:
executing program 0:
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000a00)='./file0\x00', 0x1008413, &(0x7f00000003c0), 0x0, 0x510, &(0x7f0000001640)="$eJzs3c9vG1kdAPDvOHG2adJNFjjASuwu7KK0gtrJRruNOJQiIThVAsq9hMSJojhxFTttE1U0FX8AEkKAxAkuXJD4A5BQJS4cEVIlOIMAgRC0cAAJOsj2OE0T28m2rp0mn480nffDM9/33M543sx0JoBT60o2PU7T9EJETGTluWz6ZD2zE/FWRDx6eGehPiWRptf+nkSSlbXWlTa8EmPNRRor+OqXIr6RHIxb3dpenS+XSxtZvlhbu1Gsbm1fXFmbXy4tl9ZnZ2fen7s0997c9PN0b2ksS5yLiMtf+PP3vv2TL17+xWdu/eH6X89/M2m2+e7+fnxAw90qm99nPs7sKavH23jGYMfR8N7E6NGWuZf9EwEAoL/qx6Ufyo7zL8REDHU/nAUAAABeQunnxuO/Seva3QEjHcoBAACAl0guIsYjyRWy+33HI5crFKJxD+9H4myuXKnWPr1U2VxfrNdFTEY+t7RSLk1n97ZORj6p52ca6Sf5d/flZyPitYj47sRoI19YqJQXB33yAwAAAE6JsX3j/39NNMf/AAAAwAkzOegGAAAAAC+c8T8AAACcfMb/AAAAcKJ9+erV+pS23n+9eHNrc7Vy8+JiqbpaWNtcKCxUNm4UliuV5cYz+9a6rmz31YHrm7eLtVK1VqxubV9fq2yu166vPPUKbAAAAKCPXnvz/u+SiNj57GhjqhvZU/+f7D0BA2sg8MLsnrKLJJuPHPzQ719tzv/Up0YBfTE06AYAAzM86AYAA5MfdAOAgUsOqe94886vs/knetseAACg96Y+1vn6f67rkjvdq4Fjz0YMp5fr/3B6Na7/t7nlry0HC3Ci5B0BwKn33Nf/D+X/EAEAwKCNN6YkV8hO741HLlcoRJxrvBYgnyytlEvTEfFqRPx2Iv9KPT/TWDI5dMwAAAAAAAAAAAAAAAAAAAAAAAAAADSlaRIpAAAAcKJF5P6S/LL5LP+piXfG958fGEn+PRHZK0Jv/fDa92/P12obM/Xyf+yW136Qlb87iDMYAAAAwH6tcXprHA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvfTo4Z2F1tTPuH/7fERMtos/HGca8zORj4iz/0xieM9ySUQM9SD+zr2I+Gi7+Em9Wbsh28UfffHxYzL7FtrFH+tBfDjN7tf3P1fabX+5eKsxb7/9DUc8lX9Wnfd/sbv/G+qw/Z87YozXH/ys2DH+vYjXh9vvf1rxkw7x3z5i/K9/bXu7U136o4iptr8/yVOxirW1G8Xq1vbFlbX55dJyaX12dub9uUtz781NF5dWyqXsz7YxvvPxnz/u1v+zHeJPHtL/d47Y//89uP3ww81kvl3882+3if+rH2efOBg/l/32fSpL1+unWumdZnqvN376mze69X+xQ/8P+/s/f8T+X/jKt/54xI8CAH1Q3dpenS+XSxsnNlEfpR+DZkgcw8Tdg1VvRselkqT7CtM0Tevb1HM0LOkcvT+JZLdk0HsmAACg154c/Q+6JQAAAAAAAAAAAAAAAAAAAHB69eO5Yvtj7uymkl48QhsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoCf+HwAA//9Rsuhj")
pipe2(0x0, 0x84880) (async)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x1) (async)
ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000140)=0xffffffc0)
program crashed: BUG: unable to handle kernel paging request in bcsp_recv
testing program (duration=45.073229436s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$ext4-openat$ptmx-ioctl$TIOCSETD-fcntl$dupfd-ioctl$TCFLSH-ioctl$TIOCSETD
detailed listing:
executing program 0:
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000a00)='./file0\x00', 0x1008413, &(0x7f00000003c0), 0x0, 0x510, &(0x7f0000001640)="$eJzs3c9vG1kdAPDvOHG2adJNFjjASuwu7KK0gtrJRruNOJQiIThVAsq9hMSJojhxFTttE1U0FX8AEkKAxAkuXJD4A5BQJS4cEVIlOIMAgRC0cAAJOsj2OE0T28m2rp0mn480nffDM9/33M543sx0JoBT60o2PU7T9EJETGTluWz6ZD2zE/FWRDx6eGehPiWRptf+nkSSlbXWlTa8EmPNRRor+OqXIr6RHIxb3dpenS+XSxtZvlhbu1Gsbm1fXFmbXy4tl9ZnZ2fen7s0997c9PN0b2ksS5yLiMtf+PP3vv2TL17+xWdu/eH6X89/M2m2+e7+fnxAw90qm99nPs7sKavH23jGYMfR8N7E6NGWuZf9EwEAoL/qx6Ufyo7zL8REDHU/nAUAAABeQunnxuO/Seva3QEjHcoBAACAl0guIsYjyRWy+33HI5crFKJxD+9H4myuXKnWPr1U2VxfrNdFTEY+t7RSLk1n97ZORj6p52ca6Sf5d/flZyPitYj47sRoI19YqJQXB33yAwAAAE6JsX3j/39NNMf/AAAAwAkzOegGAAAAAC+c8T8AAACcfMb/AAAAcKJ9+erV+pS23n+9eHNrc7Vy8+JiqbpaWNtcKCxUNm4UliuV5cYz+9a6rmz31YHrm7eLtVK1VqxubV9fq2yu166vPPUKbAAAAKCPXnvz/u+SiNj57GhjqhvZU/+f7D0BA2sg8MLsnrKLJJuPHPzQ719tzv/Up0YBfTE06AYAAzM86AYAA5MfdAOAgUsOqe94886vs/knetseAACg96Y+1vn6f67rkjvdq4Fjz0YMp5fr/3B6Na7/t7nlry0HC3Ci5B0BwKn33Nf/D+X/EAEAwKCNN6YkV8hO741HLlcoRJxrvBYgnyytlEvTEfFqRPx2Iv9KPT/TWDI5dMwAAAAAAAAAAAAAAAAAAAAAAAAAADSlaRIpAAAAcKJF5P6S/LL5LP+piXfG958fGEn+PRHZK0Jv/fDa92/P12obM/Xyf+yW136Qlb87iDMYAAAAwH6tcXprHA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvfTo4Z2F1tTPuH/7fERMtos/HGca8zORj4iz/0xieM9ySUQM9SD+zr2I+Gi7+Em9Wbsh28UfffHxYzL7FtrFH+tBfDjN7tf3P1fabX+5eKsxb7/9DUc8lX9Wnfd/sbv/G+qw/Z87YozXH/ys2DH+vYjXh9vvf1rxkw7x3z5i/K9/bXu7U136o4iptr8/yVOxirW1G8Xq1vbFlbX55dJyaX12dub9uUtz781NF5dWyqXsz7YxvvPxnz/u1v+zHeJPHtL/d47Y//89uP3ww81kvl3882+3if+rH2efOBg/l/32fSpL1+unWumdZnqvN376mze69X+xQ/8P+/s/f8T+X/jKt/54xI8CAH1Q3dpenS+XSxsnNlEfpR+DZkgcw8Tdg1VvRselkqT7CtM0Tevb1HM0LOkcvT+JZLdk0HsmAACg154c/Q+6JQAAAAAAAAAAAAAAAAAAAHB69eO5Yvtj7uymkl48QhsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoCf+HwAA//9Rsuhj")
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x1) (async)
ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000140)=0xffffffc0)
program crashed: BUG: unable to handle kernel paging request in bcsp_recv
testing program (duration=45.073229436s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$ptmx-ioctl$TIOCSETD-fcntl$dupfd-ioctl$TCFLSH-ioctl$TIOCSETD
detailed listing:
executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x1) (async)
ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000140)=0xffffffc0)
program crashed: BUG: unable to handle kernel paging request in bcsp_recv
testing program (duration=45.073229436s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$ptmx-ioctl$TIOCSETD-fcntl$dupfd-ioctl$TCFLSH-ioctl$TIOCSETD
detailed listing:
executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x1)
ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000140)=0xffffffc0)
program did not crash
testing program (duration=45.073229436s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$ptmx-ioctl$TIOCSETD-fcntl$dupfd-ioctl$TCFLSH-ioctl$TIOCSETD
detailed listing:
executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x1) (async)
ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000140)=0xffffffc0)
program did not crash
testing program (duration=45.073229436s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$ptmx-ioctl$TIOCSETD-fcntl$dupfd-ioctl$TCFLSH-ioctl$TIOCSETD
detailed listing:
executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x1) (async)
ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000140)=0xffffffc0)
program did not crash
testing program (duration=45.073229436s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$ptmx-ioctl$TIOCSETD-fcntl$dupfd-ioctl$TCFLSH-ioctl$TIOCSETD
detailed listing:
executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x1) (async)
ioctl$TIOCSETD(r1, 0x5412, 0x0)
program did not crash
extracting C reproducer
testing compiled C program (duration=45.073229436s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$ptmx-ioctl$TIOCSETD-fcntl$dupfd-ioctl$TCFLSH-ioctl$TIOCSETD
program crashed: BUG: unable to handle kernel paging request in bcsp_recv
simplifying C reproducer
testing compiled C program (duration=45.073229436s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$ptmx-ioctl$TIOCSETD-fcntl$dupfd-ioctl$TCFLSH-ioctl$TIOCSETD
program did not crash
testing compiled C program (duration=45.073229436s, {Threaded:true Repeat:false RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:false Cgroups:false BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$ptmx-ioctl$TIOCSETD-fcntl$dupfd-ioctl$TCFLSH-ioctl$TIOCSETD
program did not crash
testing compiled C program (duration=45.073229436s, {Threaded:true Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$ptmx-ioctl$TIOCSETD-fcntl$dupfd-ioctl$TCFLSH-ioctl$TIOCSETD
program crashed: BUG: unable to handle kernel paging request in bcsp_recv
testing compiled C program (duration=45.073229436s, {Threaded:true Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:true Sysctl:true Swap:false UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$ptmx-ioctl$TIOCSETD-fcntl$dupfd-ioctl$TCFLSH-ioctl$TIOCSETD
program crashed: BUG: unable to handle kernel paging request in bcsp_recv
testing compiled C program (duration=45.073229436s, {Threaded:true Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$ptmx-ioctl$TIOCSETD-fcntl$dupfd-ioctl$TCFLSH-ioctl$TIOCSETD
program crashed: BUG: unable to handle kernel paging request in bcsp_recv
testing compiled C program (duration=45.073229436s, {Threaded:true Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:false HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$ptmx-ioctl$TIOCSETD-fcntl$dupfd-ioctl$TCFLSH-ioctl$TIOCSETD
program crashed: BUG: unable to handle kernel paging request in bcsp_recv
testing compiled C program (duration=45.073229436s, {Threaded:true Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:false HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$ptmx-ioctl$TIOCSETD-fcntl$dupfd-ioctl$TCFLSH-ioctl$TIOCSETD
program did not crash
testing compiled C program (duration=45.073229436s, {Threaded:true Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:false HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$ptmx-ioctl$TIOCSETD-fcntl$dupfd-ioctl$TCFLSH-ioctl$TIOCSETD
program did not crash
reproducing took 32m20.632761091s
repro crashed as (corrupted=false):
Unable to handle kernel paging request at virtual address dfff800000000021
KASAN: null-ptr-deref in range [0x0000000000000108-0x000000000000010f]
Mem abort info:
ESR = 0x0000000096000006
EC = 0x25: DABT (current EL), IL = 32 bits
SET = 0, FnV = 0
EA = 0, S1PTW = 0
FSC = 0x06: level 2 translation fault
Data abort info:
ISV = 0, ISS = 0x00000006
CM = 0, WnR = 0
[dfff800000000021] address between user and kernel address ranges
Internal error: Oops: 0000000096000006 [#1] PREEMPT SMP
Modules linked in:
CPU: 0 PID: 4316 Comm: syz-executor505 Not tainted 6.1.135-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : bcsp_recv+0x9c/0x1164 drivers/bluetooth/hci_bcsp.c:590
lr : bcsp_recv+0x70/0x1164 drivers/bluetooth/hci_bcsp.c:589
sp : ffff800020717b20
x29: ffff800020717b70 x28: 000000000000017c x27: 0000000000000178
x26: 000000000000002f x25: dfff800000000000 x24: 0000000000000110
x23: 0000000000000021 x22: 0000000000000108 x21: ffff0000cefa05b8
x20: ffff800020717c40 x19: 0000000000000001 x18: 0000000000000000
x17: 0000000000000000 x16: ffff8000082d0758 x15: 0000000000000000
x14: 0000000080045440 x13: 1ffff00002a0e0b1 x12: 0000000000ff0100
x11: ff0080000eaebb8c x10: 0000000000000000 x9 : ffff0000d9d1d340
x8 : 0000000000000182 x7 : ffff80000eae73cc x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000000001 x3 : ffff8000131ed2a0
x2 : 0000000000000001 x1 : 0000000000000001 x0 : 0000000000000000
Call trace:
bcsp_recv+0x9c/0x1164 drivers/bluetooth/hci_bcsp.c:-1
hci_uart_tty_receive+0x140/0x1d4 drivers/bluetooth/hci_ldisc.c:624
tiocsti+0x234/0x2d8 drivers/tty/tty_io.c:2288
tty_ioctl+0x35c/0xd8c drivers/tty/tty_io.c:2690
vfs_ioctl fs/ioctl.c:51 [inline]
__do_sys_ioctl fs/ioctl.c:870 [inline]
__se_sys_ioctl fs/ioctl.c:856 [inline]
__arm64_sys_ioctl+0x14c/0x1c8 fs/ioctl.c:856
__invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
invoke_syscall+0x98/0x2bc arch/arm64/kernel/syscall.c:52
el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:140
do_el0_svc+0x58/0x13c arch/arm64/kernel/syscall.c:204
el0_svc+0x58/0x138 arch/arm64/kernel/entry-common.c:637
el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655
el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:585
Code: d343ff7a f90017e8 a93e5fbb a93f73ba (38796ae8)
---[ end trace 0000000000000000 ]---
----------------
Code disassembly (best guess):
0: d343ff7a lsr x26, x27, #3
4: f90017e8 str x8, [sp, #40]
8: a93e5fbb stp x27, x23, [x29, #-32]
c: a93f73ba stp x26, x28, [x29, #-16]
* 10: 38796ae8 ldrb w8, [x23, x25] <-- trapping instruction
final repro crashed as (corrupted=false):
Unable to handle kernel paging request at virtual address dfff800000000021
KASAN: null-ptr-deref in range [0x0000000000000108-0x000000000000010f]
Mem abort info:
ESR = 0x0000000096000006
EC = 0x25: DABT (current EL), IL = 32 bits
SET = 0, FnV = 0
EA = 0, S1PTW = 0
FSC = 0x06: level 2 translation fault
Data abort info:
ISV = 0, ISS = 0x00000006
CM = 0, WnR = 0
[dfff800000000021] address between user and kernel address ranges
Internal error: Oops: 0000000096000006 [#1] PREEMPT SMP
Modules linked in:
CPU: 0 PID: 4316 Comm: syz-executor505 Not tainted 6.1.135-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : bcsp_recv+0x9c/0x1164 drivers/bluetooth/hci_bcsp.c:590
lr : bcsp_recv+0x70/0x1164 drivers/bluetooth/hci_bcsp.c:589
sp : ffff800020717b20
x29: ffff800020717b70 x28: 000000000000017c x27: 0000000000000178
x26: 000000000000002f x25: dfff800000000000 x24: 0000000000000110
x23: 0000000000000021 x22: 0000000000000108 x21: ffff0000cefa05b8
x20: ffff800020717c40 x19: 0000000000000001 x18: 0000000000000000
x17: 0000000000000000 x16: ffff8000082d0758 x15: 0000000000000000
x14: 0000000080045440 x13: 1ffff00002a0e0b1 x12: 0000000000ff0100
x11: ff0080000eaebb8c x10: 0000000000000000 x9 : ffff0000d9d1d340
x8 : 0000000000000182 x7 : ffff80000eae73cc x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000000001 x3 : ffff8000131ed2a0
x2 : 0000000000000001 x1 : 0000000000000001 x0 : 0000000000000000
Call trace:
bcsp_recv+0x9c/0x1164 drivers/bluetooth/hci_bcsp.c:-1
hci_uart_tty_receive+0x140/0x1d4 drivers/bluetooth/hci_ldisc.c:624
tiocsti+0x234/0x2d8 drivers/tty/tty_io.c:2288
tty_ioctl+0x35c/0xd8c drivers/tty/tty_io.c:2690
vfs_ioctl fs/ioctl.c:51 [inline]
__do_sys_ioctl fs/ioctl.c:870 [inline]
__se_sys_ioctl fs/ioctl.c:856 [inline]
__arm64_sys_ioctl+0x14c/0x1c8 fs/ioctl.c:856
__invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
invoke_syscall+0x98/0x2bc arch/arm64/kernel/syscall.c:52
el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:140
do_el0_svc+0x58/0x13c arch/arm64/kernel/syscall.c:204
el0_svc+0x58/0x138 arch/arm64/kernel/entry-common.c:637
el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655
el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:585
Code: d343ff7a f90017e8 a93e5fbb a93f73ba (38796ae8)
---[ end trace 0000000000000000 ]---
----------------
Code disassembly (best guess):
0: d343ff7a lsr x26, x27, #3
4: f90017e8 str x8, [sp, #40]
8: a93e5fbb stp x27, x23, [x29, #-32]
c: a93f73ba stp x26, x28, [x29, #-16]
* 10: 38796ae8 ldrb w8, [x23, x25] <-- trapping instruction