last executing test programs: 2m21.098448028s ago: executing program 0 (id=812): r0 = socket(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x2) syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r2) getsockname$packet(r2, &(0x7f0000000680)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=@newqdisc={0x2c, 0x24, 0x5820a61ca228651, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x4000080) 2m20.410613521s ago: executing program 0 (id=817): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) close(0x3) 2m19.835289095s ago: executing program 0 (id=820): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040)) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x36, 0x1, 0x2, 0x180, 0x7f, 0x10, 0xf1, 0x53, 0xf, 0x2, 0x0, 0x2d, 0x0, 0x4, 0x5, 0x8], 0x100000, 0x43100}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000003c0)={[0x60000000002, 0x1000000000, 0x0, 0x43, 0x2000001, 0x6, 0x2004cb, 0x0, 0x1000000, 0x68ff, 0x5, 0x9, 0x3, 0x0, 0x0, 0x20000000000], 0xeeee8000, 0x202}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000001c0)={{0x8080000, 0x5000, 0x8, 0x8, 0x7, 0xe4, 0x40, 0x0, 0x0, 0x2e, 0x80}, {0x5000, 0x4000, 0x0, 0x0, 0x42, 0x5, 0x5, 0x3, 0x5, 0x3, 0x2, 0x86}, {0x6000, 0x1, 0xe, 0x5, 0x3, 0x7, 0x0, 0x9, 0x1, 0x8, 0x5, 0x5}, {0x1, 0xeeee0000, 0xd, 0x6, 0x0, 0x42, 0xb, 0x4, 0x2, 0x7, 0xe}, {0xeeee0000, 0xd000, 0xf, 0x3, 0x15, 0x7, 0xab, 0x8, 0x9, 0x5, 0xf7, 0x83}, {0x1000, 0x3909e40c33606d9c, 0xe, 0xa0, 0xb1, 0x8, 0x1, 0xa0, 0x82, 0xf, 0x1, 0x7}, {0x3000, 0x3000, 0x4, 0x5, 0x7, 0x5, 0x7, 0x3, 0x8, 0x81, 0x40, 0x70}, {0x5000, 0x4000, 0xe, 0x5, 0xcd, 0x7, 0x1, 0x9, 0x2, 0xc, 0x2c, 0x9}, {0xeeef0000, 0x30}, {0x5000, 0x7}, 0x80000031, 0x0, 0xdddd0000, 0x2024, 0x0, 0x1500, 0x3000, [0x6800000000000000, 0x208, 0x5e, 0x8]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2m18.207188762s ago: executing program 0 (id=829): syz_mount_image$iso9660(&(0x7f0000000a80), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f0000000000)=ANY=[@ANYRES64=0x0], 0x0, 0x7b7, &(0x7f00000002c0)="$eJzs3U1sHGf5APBnXbvJ35Wiqv8qjaI0naRFSqXUXa9bF6uHsl2PnWnXu6vdNXKEUBs1TmXFaauWCuoDJZcWEAhx4li49sYNhAQSB+CERA9cuFXqCRUEEgIhJKOZ3XUce/3R1Pmg/f2s+B3PPPO+z7vezLNje2YDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIhSbbZcnixFPWssLiXbjEREcn8/dmH79g2D/n51XbPLuBGl/F8cPhzHequO3X9t89H80+k40fvqRBzOm8Oxds/Re5/+/9GRwf67JHSjTu0zrhTxrTypyxdWV5dfvwmJ3ELf/cVuW0eHrfzXev55Pm1knWa2UJ1Pk6zTTGamp8uPn5vrJHNZPe2c73TThaTWTqvdZjs5U3s0mZyZmUrSifPNxcb8bLWeDlY+9VilXJ5OnptopdV2p9l4/LmJTu1cVq9njfkiplL+euQxTyW12fbzWTfpptWFJLm0sro8tdfs8qDJXbafeOTej9788O8ry/kTcqegUv+JWZmcrFQmp5+cefKpcnm0Uq5cv6K8RWxExEhEHnFTnrTcOYpD5m4O5sANB2CkX/+jHlk0YjGWIhnyMRa1mI12NGMh//qPY9si+gb1/wuP/+X3u427uf4Pqvyxa5uPR1H/T/a+OrlT/R+a60F+jPTz2Wn7G/FWrMXluBCrsRrL8fpNz+hTfowcbH/zkUYjsuhEM7JYiGqxJumvSWImpmM6yvFCnIu56EQSc5FFPdLoxPnoRDfS4hlVi3akUY1uNKMdSZyJWjwaSUzGTMzEVCSRxkScj2YsRiPmYzaqRS+XYqV43Ke25HX0my/+/OU/fPRevrwRNLnLREr5i7k86G+7BG0r9/uv/+vRj1D/P+8O+AgON259UP8BAACAz6xS8dP3/Px/LB4sluayevqV250WAAAAcICK3/yfyJuxfOnBKOXn/+UhkR/c8twAAACAg1EqrrErRcR4PNRbGlwuNeyHAAAAAMD/oOL3/yfzZjzi7WKF838AAAD4jPn2TvfY/3Bwj91O61Dpl3+NdnusdLW19EjpSjWPq165q7dfv/nyRo/dueOlw9HrpOhrenTtnlJEjNbSE6XB3S//c6jXflx8Pj66sftO9/ovbUlgY4+7tk4pT+DI2pYEjhYDfy9O9WJOXey1F/tx/TsSj89l9XSi1qw/XdwSMf/XffOVlW9EMf3vNBaOlOLSyuryxEuvrl4scrma93L1Sv8Gitvuozg8l2LE9f4jEA8On/FYcSFGf9zx3rjlzd+A/r2JR3Yfs7R5zHfidC/m9HivHb9+/ofzMScnnp6MavXISDdd6r65vmn2/SwmP+XM34mHezEPn3m41wzJonJdFq9sz6KyOYv9PRZ7ZjHWf2K9d+rtpX/8pllKp/bKYmpLFoc/YRYAt8ul4q4/16rQ/xVV6N/rPXn9v1Z3k15AX/8o98BGV/lRblAGthzlLsXGlsH+m2rdaGyr7ltfXsSWUXY4op/pxZzpvZ4YPT6krpSHHNFfW3ntt/0j+hPv/+jHXz35u5/eeHV7Px7txfSbuO/XO9TYfM7fbyyMDzpdeqa/8JMdx+3UK6UYi7jra1dei6NvvLX22MqVCy8vv7z8SqUyNV1+olx+shJjxUuFfqP2ADDE3u+xs2dE6Yk9zqrv2/iTgol4KV6N1bgYZ4urDSLioeG9jm/6M4SzcTqKk+UdzlrHN73Dy9k9zi2vxVa2xw5eV2yLndr0iD3ww6L55038pgDATXZ6jzq8n/p/do/z7utr+Zaz49i5lg/zxZv6aADA50Pa/rg03n231G5nrRcmZ2Ymq91zadJu1p5P2tnsfJpkjW7arp2rNubTpNVudpu1wQ+OZ9NO0llstZrtbjLXbCetZidbKt75Pem/9XsnXag2ulmt06qn1U6a1JqNbrXWTWazTi1p3f1sPeucS9vFzp1WWsvmslq1mzUbSae52K6lE0nSSdOktTgIzGbTRjeby/LFRtJqZwvV9tWIqC8upMls2qm1s1a32etwMFbWmGu2F4puJ7ZP/8+3+vEGgDvBG2+tXb6wurr8+idcGI1i4U/7Cb7dcwQArqdKAwAAAAAAAAAAAADAnW/75Xr52hu5InDtUHzyvQ7FDV19aGEfC/k38g5I4/YuvPjMM5d3inn27WPn9tfP8P8pwy51ffdIxN0/+0FvzZdu1Uw/iIgb2H29tEvM7T4yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMB2/w0AAP//naJXlA==") mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) chdir(&(0x7f00000003c0)='./bus\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x42, 0x2) pwrite64(r0, 0x0, 0x0, 0x9000) 2m17.244122838s ago: executing program 0 (id=834): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000380)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) sendmsg$SMC_PNETID_ADD(r0, &(0x7f0000000780)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000740)={0x0}, 0x1, 0x0, 0x0, 0x84}, 0x0) 2m16.67428712s ago: executing program 0 (id=836): r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) write$FUSE_DIRENT(r0, &(0x7f0000002440)=ANY=[@ANYBLOB="1001000000000000", @ANYRESDEC], 0x110) 2m15.278062325s ago: executing program 32 (id=836): r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) write$FUSE_DIRENT(r0, &(0x7f0000002440)=ANY=[@ANYBLOB="1001000000000000", @ANYRESDEC], 0x110) 37.652729093s ago: executing program 5 (id=1298): linkat(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup\x00', 0xffffffffffffff9c, &(0x7f0000000100)='./file7\x00', 0x1000) renameat2(0xffffffffffffff9c, &(0x7f0000000140)='./file7\x00', 0xffffffffffffff9c, &(0x7f00000007c0)='./file1\x00', 0x5) 36.959045577s ago: executing program 5 (id=1302): socket$nl_route(0x10, 0x3, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f00000001c0), 0x88802, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f0000000140)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c0d23266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc}, {0xeda7, 0x4, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xf8}]}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x2710, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x20000000, 0x3, 0x41, 0x0, 0x60000000000000, 0x2004cb, 0x3, 0x0, 0xfffffffffffffff8, 0x0, 0x9, 0x2000000000003ff, 0x2], 0x2000, 0x200202}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 35.973424289s ago: executing program 5 (id=1307): r0 = socket$inet6(0xa, 0x3, 0x3c) setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, 0x0, 0x18) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x10, @loopback, 0x8000005}, 0x1c) writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)="88", 0xfdef}], 0x1) 35.161899405s ago: executing program 5 (id=1314): mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f0000000140)='./file0/../file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000080)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0) mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0) mount$bind(&(0x7f0000000180)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x18d883, 0x0) mount$bind(&(0x7f0000000240)='.\x00', &(0x7f0000000280)='./file0\x00', 0x0, 0x1205848, 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) 34.379588888s ago: executing program 5 (id=1318): socket$nl_route(0x10, 0x3, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f00000001c0), 0x88802, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f0000000140)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c0d23266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc}, {0xeda7, 0x4, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xf8}]}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x2710, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x20000000, 0x3, 0x41, 0x0, 0x60000000000000, 0x2004cb, 0x3, 0x0, 0xfffffffffffffff8, 0x0, 0x9, 0x2000000000003ff, 0x2], 0x2000, 0x200202}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 33.729867259s ago: executing program 5 (id=1322): bpf$ENABLE_STATS(0x20, 0x0, 0x0) ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2003, 0x0) socket$packet(0x11, 0x2, 0x300) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000001fd8)=ANY=[@ANYBLOB="850000002e00000084000000000000009500000000000000"], &(0x7f0000000180)='GPL\x00'}, 0x48) syz_emit_ethernet(0x43, &(0x7f0000000180)={@multicast, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x4, 0x35, 0x67, 0x0, 0x0, 0x1, 0x0, @private=0xa010101, @remote}, @dest_unreach={0x3, 0x4, 0x0, 0x0, 0xf7, 0x801f, {0x5, 0x4, 0x3, 0x14, 0x7ff, 0x64, 0x1ce2, 0xd9, 0xff, 0x0, @private=0xa010102, @loopback}, "00800000e9"}}}}}, 0x0) 31.994573842s ago: executing program 33 (id=1322): bpf$ENABLE_STATS(0x20, 0x0, 0x0) ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2003, 0x0) socket$packet(0x11, 0x2, 0x300) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000001fd8)=ANY=[@ANYBLOB="850000002e00000084000000000000009500000000000000"], &(0x7f0000000180)='GPL\x00'}, 0x48) syz_emit_ethernet(0x43, &(0x7f0000000180)={@multicast, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x4, 0x35, 0x67, 0x0, 0x0, 0x1, 0x0, @private=0xa010101, @remote}, @dest_unreach={0x3, 0x4, 0x0, 0x0, 0xf7, 0x801f, {0x5, 0x4, 0x3, 0x14, 0x7ff, 0x64, 0x1ce2, 0xd9, 0xff, 0x0, @private=0xa010102, @loopback}, "00800000e9"}}}}}, 0x0) 31.96918444s ago: executing program 2 (id=1326): r0 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'syz_tun\x00', 0x0}) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="18020000200000000000000000000000850000004100000095000000000000004be98911ed5a3cf4451d51e400827eef4df9eb3fd52b8f0a456c3a6cfd127868ad3fe3f9a9b946c97f9fc091e4c3f4b0a0d7ed298717a480c48868562f04005972b6a5265519fee4cb1b8b93f0b164770fd40c7a8060ce72beff7cda177e28a1a97b2c8c56a3f15b2f7a9b7ae2cf52d08555d3c3315e95095217bff8c9441a45fd00000000000000979ed4e35d21d13d428af521c553b9420385390207dc1634aee0244045e5c380e6090329d37b29a56c16d5c7bee160b91246bd2c205047bd92581165c774b1fd46072c161f1d33e6d5c1a5db7a714e3ed5468408f279bd9f98ec3c5ffd79cd37810f03000000b65d147fa05253a600adfb03775847b220369339529d434f3190c81c3dd501a780cfaaaa916c8a33ee4b52d18e160428893f33d206d3a7195e7f69c831099bdc940000aa2c2e61509bf6c58b100000000000000000000000005e3210346531c1eb14fbec6eb35d6f3e3853512c6bf186bd8b75d17aeeaa07"], &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, '\x00', 0x0, @xdp}, 0x70) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r2, r1, 0x25, 0x0, @void}, 0x10) syz_emit_ethernet(0x3e, &(0x7f0000000cc0)={@local, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "7428dd", 0x8, 0x3a, 0x1, @remote, @mcast2, {[], @ndisc_rs}}}}}, 0x0) 31.234839464s ago: executing program 2 (id=1331): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000003cc0), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKINFO_SET(r0, &(0x7f0000003d80)={0x0, 0x0, &(0x7f0000003d40)={&(0x7f0000003d00)={0x14, r1, 0x1, 0x70bd29, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x48810) 30.437284905s ago: executing program 2 (id=1334): r0 = openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000004300), 0x1, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = eventfd2(0x6, 0x80800) ioctl$KVM_HYPERV_EVENTFD(r2, 0x4018aebd, &(0x7f0000000280)={0x0, r3}) close_range(r0, 0xffffffffffffffff, 0x0) 29.461806561s ago: executing program 2 (id=1337): syz_mount_image$exfat(&(0x7f0000000680), &(0x7f00000001c0)='./file2\x00', 0x2000000, &(0x7f0000000280)=ANY=[@ANYRES64=0x0, @ANYBLOB, @ANYRES32=0x0, @ANYRES64, @ANYRESHEX=0x0], 0x1, 0x1518, &(0x7f0000004000)="$eJzs3Qu4TtX2MPAx5pyLTdKb5JY55li8yWWSJLkkySVJkiTJLSFJciQhscktCUnIPck9JLeQ3O+33JPkSJIkJCSZ37PrnON06v8/5/+d8/+c7+zxe571vHM8c4255nrHft+11nz2s/fXHQZVqVe1Yh1mhn8K/vKSCgApANAXAK4CgAgASmYrmS2tP5PG1H/uIOJf68Gpl3sG4nKS+qdvUv/0Teqfvkn90zepf/om9U/fpP7pm9RfiPRs67TcV8uWfrd/fv0/5ZeX313/R1n/vxwy/aM7yvU/fZP6/6c5/Q9/9kHq/x/mYgjhf5Yh9U/fpP7pm9Q/fZP6p29S//RN6i9Eena5159lu7zb5f75E0IIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgiRPpwLlxgASHuNLvekhBBCCCGEEEII8S8VMl7uGQghhBBCCCGEEOJ/H4ICDQYiyAAZIQUyQWa4ArLAlZAVroIEXA3Z4BrIDtdCDsgJuSA35IHrIC9YIHDAEEM+yA9JuB4KwA1QEApBYSgCHopCMbgRisNNUAJuhpJwC5SCW6E0lIGyUA5ug/JwO1SAO6Ai3AmVoDJUgapwF1SDu6E63AM14F6oCfdBLbgfasMDUAcehLrwENSDh6E+PAINoCE0gsbQ5P8q/3noAi9AV+gGqdAdesCL0BN6QW/oA33hJegHL0N/eAUGwEAYBK/CYHgNhsDrMBSGwXB4A0bASBgFo2EMjIVx8CaMh7dgArwNE2ESTIYpMBWmwXR4B2bATJgF78JseA/mwFyYB/NhAbwPC2ERLIYPYAl8CEthGSyHFbASVsFqWANrYR2shw2wETbBZtgCW+Ej2AbbYQfshF2wG/bAx7AXPoF98Cnsh8/+h/ln/ya/IwICKlRo0GAGzIApmIKZMTNmwSyYFbNiAhOYDbNhdsyOOTAH5sJcmAfzYF7Mi4SEjIz5MB8mMYkFsAAWxIJYGAujR4/FsBgWx5uwBJbAklgSS2EpLI1lsAyWw3JYHstjBayAFbEiVsJKWAWr4F14F96N1bE61sAaWBNrYi2shbWxNtbBOlgX62I9rIf1sT42wAbYCBthE2yCTbEpNsNm2AJbYEtsia2wFbbG1tgG22BbbIvtsB22x/bYATtgR+yEnfB5fB5fwBewG1ZS3bEH9sCe2BN7Yx/sgy9hP3wZX8ZXcAAOxEH4Kr6Kr+EQPINDcRgOx+FYXo3EUTgaWY3FcTgOx+N4nIATcCJOwkk4BafiNJyO03EGzsSZ+C7OxvfwPZyLc3E+LsAFuBAX4WJcjEvwLC7FZbgcV+BKXIUrcQ2uxTW4HjfgetyEm3ALbsGP8CPcjttxJ+7E3bgbP8aP8RP8BAfgftyPB/AAHsSDeAgP4WE8jEfwCB7Fo3gMj+FxPI4n8CSewpN4Gk/jGTyL5/AcnsfzeAEv4EW8mPbhV2mMMiqDyqBSVIrKrDKrLCqLyqqyqoRKqGwqm8qusqscKofKpXKpPCqPyqvyKlKkWMUqn8qnkiqpCqgCqqAqqAqrwsorr4qpYqq4Kq5KqBKqpLpFlVK3qtKqjGruy6lyqrxq4SuoO1RFVVFVUpVVFVVVVVXVVDVVXVVXNVQNVVPVVLXU/aq26o698UGVVpl6aiDWV4OwgWqoGqnG6jV8VDVVQ7CZaq5aqMfVMByKrVRT31o9pdqoUdhW/UGNxmdUezUWO6jnVEfVSXVWz6suqpnvqrqpidhd9VBTsKfqpXqrPmoGVlZpFauiXlED1EA1SL2q5uNraoh6XQ1Vw9Rw9YYaoUaqUWq0GqPGqnHqTTVevaUmqLfVRDVJTVZT1FQ1TU1P+2pVM9Us9a6ard5Tc9RcNU/NVwvU+2qhWqQWqw/UEvWhWqqWqeVqhVqpVqnVao1aq9ap9WqD2hiB2qy2qK3qI7VNbVc71E61S+1We9THaq/6RO1Tn6r96jN1QP1RHVSfq0PqC3VYfamOqK/UUfW1Oqa+UcfVt+qEOqlOqe/UafW9OqPOqnPqB3Ve/aguqJ/URRUUaNRKa210pDPojDpFZ9KZ9RU6i75SZ9VX6YS+WmfT1+js+lqdQ+fUuXRunUdfp/Nqq0k7zTrW+XR+ndTX6wL6Bl1QF9KFdRHtdVFdTN+oi+ubdAl9sy6pb9Gl9K26tC6jy+py+jZdXt+uK+g7dEV9p66kK+squqq+S1fTd+vq+h5dQ9+ra+r7dC19v66tH9B19IO6rn5I19MP6/r6Ed1AN9SNdGPdRD+qm+rHdDPdXLfQj+uW+gndSj+pW+undBv9tG6r/6Db6Wd0e/2s7qCf0x11J91Z/6Qv6qC76m46VXfXPfSLuqfupXvrPrqvfkn30y/r/voVPUAP1IP0q3qwfk0P0a/roXqYHq7f0CP0SD1Kj9Zj9Fg9Tr+px+u39AT9tp6oJ+nJeoqeqqfp3n8aadY/kP/W7+T3//noW/RW/ZHeprfrHXqn3qV36z16j96r9+p9ep/er/frA/qAztMe4JA+pA/rw/qIPqKP6qP6mD6mj+vj+oQ+qX/Q3+nT+nt9Rp/VZ/UP+rw+ry/86T0Ag0YZbYyJTAaT0aSYTCazucJkMVearOYqkzBXm2zmGpPdXGtymJwml8lt8pjrTF5jDRln2MQmn8lvkuZ6U8DcYAqaQqawKWK8KWqKmRv/6fz/en7Rz/NrYpqYpqapaWaamRamhWlpWppWppVpbVqbNqaNaWvamnamnWlv2psOpoPpaDqazqaz6WK6mAAAqSbV9DAvmp6ml+lt+pi+5iXTz/Qz/U1/M8AMMIPMIDPYDDZDzBAz1Aw1w81wM8KMMKPMKDPGjDHjzDgz3ow3E8wEM9FMNJPNZDPVTDXTzXQzw8wws8wsM9vMNnPMHDPPzDMLzAKz0Cw0i81is8QsMUvNMrPMrDArzCqzyqwxa8w6s85sMBvMJrPJLDV//gXNHWaH2WV2mT1mj9lr9pp9Zp/Zb/abA+aAOWgOmkPmkDlsDpsj5og5ao6aY+aYOW6OmxPmhDllTpnT5rQ5Y86Yc+acOW/OmwvmgrloLqbd9kUqUpGJTJQhyhClRClR5ihzlCXKEmWNskaJKBFli7JF2aNroxxRzihXlDvKE10X5Y1sRJGLOIqjfFH+KBldHxWIbogKRoWiwlGRyEdFo2LRjVHx6KaoRHRzVDK6JSoV3RqVjspEZaNy0W1R+ej2qEJ0R1QxujOqFFWOqkRVo7uiatHdUfXonqhGdG9UM7ovqhXdH9WOHojqRA9GdaOHonrRw1H96JGoQdQwahQ1jpr8S8cP4UzOx3xX282m2u62h33R9rS9bG/bx/a1L9l+9mXb375iB9iBdpB91Q62r9kh9nU71A6zw+0bdoQdaUfZ0XaMHWvH2TftePuWnWDfthPtJDvZTrFT7TQ73b5jZ9iZdpZ9186279k5dq6dZ+fbBfZ9u9AusovtB3aJ/dAutcvscrvCrrSr7Gq7xq616+x6u8FutJvsZrvFbrUf2W12u91hd9pddrfdYz+2e+0ndp/91O63n9kD9o/2oP3cHrJf2MP2S3vEfmWP2q/tMfuNPW6/tSfsSXvKfmdP2+/tGXvWnrM/2PP2R3vB/mQv2pB2c592eSdDhjJQBkqhFMpMmSkLZaGslJUSlKBslI2yU3bKQTkoF+WiPJSH8lJeSsPElI/yUZKSVIAKUEEqSIWpMHnyVIyKUXEqTiWoBJWkklSKSlFpKk1lKe2ieRvdTrfTHXQH3Ul3UmWqTFWpKlWjalSdqlMNqkE1qSbVolpUm2pTHapDdaku1aN6VJ/qUwNqQI2oETWhJtSUmlIzakYtqAW1pJbUilpRa2pNbagNtaW21I7aUXtqTx2oA3WkjtSZOlMX6kJdqSulUir1oB7Uk3pSb+pNfakv9aN+1J/60wAaQINoEA2mwTSEhtBQGkbD6Q0aQSNpFI2mMTSWxtE4Gk/jaQJNoIk0kSbTZJpKU2k6TacZNINm0SyaTbNpDs2heTSPFtACWkgLaTEtpiW0hJbSUlpOy2klraTVtJrW0lpaT+tpI22kzbSZttJW2kbbaAftoF20i/bQHtpLe2kf7aP9tJ8O0AE6SAfpEB2iw3SYjtAROkpH6Rgdo+N0nE7QCTxFp+g0naYzdIbO0Tk6Tz/SBfqJLlKgFJfJZXZXuCzuSpfVXeVSXKZuAPCXOJfL7fK461xeZ10Ol/NXMTnnCrpCrrAr4rwr6oq5G38Tl+5expV15dxtrry73VVwpd2v42rublfd3eNquHtdVXfXr+Ka7j5Xyz3sartHXB3X0NV1jV0997Cr7x5xDVxD18g1di3dE66Ve9K1dk+5Nu7p38QL3SK31q1z690Gt9d94s65H9xR97U77350XV0319e95Pq5l11/94ob4Ab+Jh7u3nAj3Eg3yo12Y9zY38ST3RQ31U1z0907boab+Zt4gXvfzXaL3Rw3181z83+O0+a02H3glrgP3VK3zC13K9xKt8qtdmv+MtcVbpPb7La4Pe5jt81tdzvcTrfL7f45TjuPfe5Tt9995o64r9xB97k75I65w+7Ln+O08zvmvnHH3bfuhDvpTrnv3Gn3vTvjzv58/mnn/p37yV10wQEjK9ZsOOIMnJFTOBNn5is4C1/JWfkqTvDVnI2v4ex8LefgnJyLc3Mevo7zsmVix8wx5+P8nOTruQDfwAW5EBfmIuy5KBfjG7k438Ql+GYuybdwKb6VS3MZLsvl+DYuz7dzBb6DK/KdXIkrcxWuyndxNb6bq/M9XIPv5Zp8H9fi+7k2P8B1+EGuyw9xPX6Y6/Mj3IAbciNuzE34UW7Kj3Ezbs4t+HFuyU9wK36SW/NT3Iaf5rb8B27Hz3B7fpY78HPckTtxZ36eu/AL3JW7cSp35x78IvfkXtyb+3Bffon78cvcn1/hATyQB/GrPJhf4yH8Og/lYTyc3+ARPJJH8Wgew2N5HL/J4/ktnsBv80SexJN5Ck/laTyd3+EZPJNn8bs8m9/jOTyX5/F8XsDv80JexIv5A17CH/JSXsbLeQWv5FW8mtfwWl7H63kDb+RNvJm38Fb+iLfxdt7BO3kX7+Y9/DHv5U94H3/K+/kzPsB/5IP8OR/iL/gwf8lH+Cs+yl/zMf6Gj/O3fIJP8in+jk/z93yGz/I5/oHP8498gX/iixwYYoxVrGMTR3GGOGOcEmeKM8dXxFniK+Os8VVxIr46zhZfE2ePr41zxDnjXHHuOE98XZw3tjHFLuY4jvPF+eNkfH1cIL4hLhgXigvHRWIfF42LxTfGxeOb4hLxzXHJ+Ja4VHxrXDouE5eNy8W3xeXj2+MK8R1xxfjOuFJcOa4SV43viqvFd8fV43viGvG9cYn4vrhWfH9cO34grhM/GNeNH4rrxQ/H9eNH4gZxw7hR3DhuEj8aN40fi5vFzeMW8eNxy/iJuFX8ZNw6fipuEz/9t/0GAH7Vnxp3j3vEL8YvxiHco+cl5ycXJN9PLkwuSi5OfpBckvwwuTS5LLk8uSK5MrkquTq5Jrk2uS65PrkhuTG5Kbk5uSUZQtWM4NErr73xkc/gM/oUn8ln9lf4LP5Kn9Vf5RP+ap/NX+Oz+2t9Dp/T5/K5fR5/nc/rrSfvPPvY5/P5fdJf7wv4G3xBX8gX9kW890V9Md/YN/FNfFP/mG/mm/sW/nH/uH/CP+Gf9E/6p3wb/7Rv6yHRzj/j2/tn/bP+Od/Rd/Kd/fO+i3/Bd/XdfKpP9T18D9/T9/S9fW/f1/f1/Xw/39/39wP8AD/ID/KD/WA/xA/xQ/1QP9wP9yP8CD/Kj/Jj/Bg/zo/z4/14P8FP8BP9RD/ZT/ZT/VQ/3U/3M/wMP8vP8rP9bD/Hz/Hz/Dy/wC/wC/1Cv9gv9kv8Er/UL/XL/XK/0q/0q/1qv9av9ev9er/Rb/Sb/Wa/1W/12/w2v8Pv8Lv8Lr/H7/F7/V6/z+/z+/1+f8Af8Af9QX/If+EP+y/9Ef+VP+q/9sf8N/64/9af8Cf9Kf+dP+2/92f8WX/O/+DP+x/9Bf+Tv+iDH5d4MzE+8VZiQuLtxMTEpMTkxJTE1MS0xPTEO4kZiZmJWYl3E7MT7yXmJOYm5iXmJxYk3k8sTCxKLE58kFiS+DCxNLEssTyxIrEysSoRwnXb4pAv5A/JcH0oEG4IBUOhUDgUCT4UDcXCjaF4uCmUCDeHkuGWUCrcGkqHMqFseCQ0CA1Do9A4NAmPhqbhsdAsNA8twuOhZXgitApPhtbhqdAmPB3ahj+EduGZ0D48GzqE50LH0Cl0Ds+HLuGF0DV0C6mhe+gRXgw9Q6/QO/QJfcNLoV94OfQPr4QBYWAYFF4Ng8NrYUh4PQwNw8Lw8EYYEUaGUWF0GBPGhnHhzTA+vBUmhLfDxDApTA5TwtQwLUwP74QZYWaYFd4Ns8N7YU6YG+aF+WFBeD8sDIvC4vBBWBI+DEvDsrA8rAgrw6qwOqwJa8O6sD5sCBvDprA5bAlbw0dhW9gedoSdYVfYHfaEj8Pe8EnYFz4N+8Nn4UD4YzgYPg+HwhfhcPgyHAlfhaPh63AsfBOOh2/DiXAynArfhdPh+3AmnA3nwg/hfPgxXAg/hYshhMu9ki6EEEII8f8D/Xf6u/8XOepP7R4AcOX23If/tn9jjl/avTLmaZkAgKe6dXjwz1ulSqmpqX/ad6mGKP9cAEhcys8Al+Jl0AKegNbQHIr/pT/lr47VS3U6z//d+ABR8haAzH+Vk5b/5/jS+Df97vn3UiNn/7fja4iScwEK5r+UkwkuxZfGL/G746eqnE3/zviZPh8H0OyvcrLApfjS+MXgMXgaWv9qTyGEEEIIIYQQ4he9VNl2f+/5Nu35PI+5lJMRLsW/93wuhBBCCCGEEEKIfy/PdOr85KOtWzdvJ43/jUYKAISrfnmr/x3mIw1p/IONy/3NJIQQQgghhPhXu3TTf7lnIoQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCpF//L/6c2J+P9ff+16AQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgjxn+r/BAAA//9vSTCt") r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=@base={0xa, 0x8, 0x42, 0x40, 0x42}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080), &(0x7f0000000140), 0x1003, r0}, 0x38) bpf$MAP_LOOKUP_ELEM(0x4, &(0x7f0000000240)={r0, &(0x7f0000000100), 0x0}, 0x20) 27.782202356s ago: executing program 2 (id=1343): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) r1 = socket$packet(0x11, 0x3, 0x300) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0xa, &(0x7f0000000200)=@raw=[@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffff364}}, @exit], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000040)=r2, 0x4) r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00'}, 0x80) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xd, 0x0, &(0x7f0000000000)="259a53f271a76d2688ca4c6588", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x4c) 27.092164367s ago: executing program 2 (id=1345): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0) mkdir(&(0x7f0000000400)='./file0\x00', 0xf) mount$bind(0x0, 0x0, 0x0, 0x141091, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00') read$FUSE(r3, &(0x7f0000002780)={0x2020}, 0x5ecfb203) syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000200)='./file0\x00', 0x800, &(0x7f0000000340)=ANY=[@ANYRES32=0x0, @ANYRES64, @ANYRES64, @ANYRES16], 0x1, 0x374, &(0x7f0000000f80)="$eJzs3c9rI2UYwPEnbX5MWrbJQRQF6YNe9DK01bMaZBfEgEt3I+4Kwux2oiFjUmZCJCK2N6/izX9AcNnjgocF9R/oxdt68eLJXgRBFxFH5leapJMfjSmb7n4/0OZJ3veZed/84nkDeXP83pcfN+ueWbc6smKoZEREHoqUZUUSmegiLykO5eX1Px48f+3Gzbcr1erlXdUrleuv7Kjqxub3n3xWjLvdL8hR+YNjMX49evro2eN/r3/U8LThaavdUUtvtX/pWLccW/caXtNUverYlmdro+XZbtTejtrrTnt/v6dWa+/S2r5re55arZ427Z522tpxe2p9aDVaapqmXlpLG+5jzJgjp3Znd9eqzHnC23PmYdH+9n1/QrPrVqxVEbN4qqV251zHBQAAltJI/f91UiOUZaVfUGbitUA+jIeXAUH9n8Rh/R8sFk7q/7sv/NhZf/feRlz/38+n1f+v/hzlD9X/wdkXXv9/O3L9dEV04R2cpfP/qv+xHDaHX5G/nazYY0H9H7wa+iv63Pt3t8KA+h8AAAAAAAAAAAAAAAAAAAAAgIvgoe+XfN8vJZfJ38lXCOLrybVJXzTGhTPu8S/EOwr0nw94LF27cVOM8It72Q0R54turVuLLuP2pOOWlOSf8PkQizacOAwbNVCWH5yDbi0XJ6yG/ysiKo7Ysi0lKQ/lh/GVt6qXtzUS5YfnP+jWMtm1IL8ujTB/R0ryVHr+Tmp+Xl56cSDflJL8dFva4she/D6W5H++rfrmO9WR/GLYL83r5/uQAAAAAACwcKaqES+fy8Pr32j9bpqqae3BWl4G1+enPx/or6+3Utfn2dJz2Uc7dwAAAAAAnhRe/tOm5Ti26/XGBkWZ1qcQH22kKStTjhwE2Rn6DAUPwiA3qc/qwAxnPXI+/gWNWYfhej2ZecxJ8GdBUu/MZAvXoSYj/V6dMUjmP0Nn46wPgeutnH3ututtBuPRuaYzECQfG43rI1fnPfK4INk5d1rnZ7765q/5TpGJd+0dbHrtnjFlpmGQGbnlcMqT9nffD17UE8eTS3+3+G6eH5kBAAAAsCSSor/oJbe8MSVj/fwHBQAAAAAAAAAAAAAAAAAAAAAAAAAAAADAE2ah26SNCR71HAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBl8V8AAAD//1f39NU=") r4 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r5 = open(&(0x7f00000000c0)='./bus\x00', 0x10507e, 0xa6) fallocate(r4, 0x0, 0x0, 0x1000f4) io_setup(0x7d, &(0x7f0000000600)=0x0) io_submit(r6, 0x2, &(0x7f0000001d00)=[&(0x7f0000000080)={0xfffffffffffffdef, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x0, 0x0, r5}, &(0x7f0000000740)={0x0, 0x0, 0x41, 0x3, 0x0, r4, 0x0, 0x0, 0xffffffffffffffff}]) 10.388647317s ago: executing program 34 (id=1345): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0) mkdir(&(0x7f0000000400)='./file0\x00', 0xf) mount$bind(0x0, 0x0, 0x0, 0x141091, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00') read$FUSE(r3, &(0x7f0000002780)={0x2020}, 0x5ecfb203) syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000200)='./file0\x00', 0x800, &(0x7f0000000340)=ANY=[@ANYRES32=0x0, @ANYRES64, @ANYRES64, @ANYRES16], 0x1, 0x374, &(0x7f0000000f80)="$eJzs3c9rI2UYwPEnbX5MWrbJQRQF6YNe9DK01bMaZBfEgEt3I+4Kwux2oiFjUmZCJCK2N6/izX9AcNnjgocF9R/oxdt68eLJXgRBFxFH5leapJMfjSmb7n4/0OZJ3veZed/84nkDeXP83pcfN+ueWbc6smKoZEREHoqUZUUSmegiLykO5eX1Px48f+3Gzbcr1erlXdUrleuv7Kjqxub3n3xWjLvdL8hR+YNjMX49evro2eN/r3/U8LThaavdUUtvtX/pWLccW/caXtNUverYlmdro+XZbtTejtrrTnt/v6dWa+/S2r5re55arZ427Z522tpxe2p9aDVaapqmXlpLG+5jzJgjp3Znd9eqzHnC23PmYdH+9n1/QrPrVqxVEbN4qqV251zHBQAAltJI/f91UiOUZaVfUGbitUA+jIeXAUH9n8Rh/R8sFk7q/7sv/NhZf/feRlz/38+n1f+v/hzlD9X/wdkXXv9/O3L9dEV04R2cpfP/qv+xHDaHX5G/nazYY0H9H7wa+iv63Pt3t8KA+h8AAAAAAAAAAAAAAAAAAAAAgIvgoe+XfN8vJZfJ38lXCOLrybVJXzTGhTPu8S/EOwr0nw94LF27cVOM8It72Q0R54turVuLLuP2pOOWlOSf8PkQizacOAwbNVCWH5yDbi0XJ6yG/ysiKo7Ysi0lKQ/lh/GVt6qXtzUS5YfnP+jWMtm1IL8ujTB/R0ryVHr+Tmp+Xl56cSDflJL8dFva4she/D6W5H++rfrmO9WR/GLYL83r5/uQAAAAAACwcKaqES+fy8Pr32j9bpqqae3BWl4G1+enPx/or6+3Utfn2dJz2Uc7dwAAAAAAnhRe/tOm5Ti26/XGBkWZ1qcQH22kKStTjhwE2Rn6DAUPwiA3qc/qwAxnPXI+/gWNWYfhej2ZecxJ8GdBUu/MZAvXoSYj/V6dMUjmP0Nn46wPgeutnH3ututtBuPRuaYzECQfG43rI1fnPfK4INk5d1rnZ7765q/5TpGJd+0dbHrtnjFlpmGQGbnlcMqT9nffD17UE8eTS3+3+G6eH5kBAAAAsCSSor/oJbe8MSVj/fwHBQAAAAAAAAAAAAAAAAAAAAAAAAAAAADAE2ah26SNCR71HAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBl8V8AAAD//1f39NU=") r4 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r5 = open(&(0x7f00000000c0)='./bus\x00', 0x10507e, 0xa6) fallocate(r4, 0x0, 0x0, 0x1000f4) io_setup(0x7d, &(0x7f0000000600)=0x0) io_submit(r6, 0x2, &(0x7f0000001d00)=[&(0x7f0000000080)={0xfffffffffffffdef, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x0, 0x0, r5}, &(0x7f0000000740)={0x0, 0x0, 0x41, 0x3, 0x0, r4, 0x0, 0x0, 0xffffffffffffffff}]) 8.605208219s ago: executing program 3 (id=1393): r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, 0x0, 0x1, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = eventfd2(0x6, 0x80800) ioctl$KVM_HYPERV_EVENTFD(r2, 0x4018aebd, &(0x7f0000000280)={0x0, r3}) close_range(r0, 0xffffffffffffffff, 0x0) 7.466602413s ago: executing program 3 (id=1397): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@ipv6_newnexthop={0x24, 0x68, 0x309, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NHA_FDB={0x4}, @NHA_ENCAP_TYPE={0x6, 0x7, 0x3}]}, 0x24}}, 0x2000c040) 7.243513266s ago: executing program 1 (id=1398): syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f0000002000)='./file1\x00', 0x180c8, &(0x7f0000000580)=ANY=[@ANYBLOB="6e66732c646f74732c636865636b3d7374726963742c646f74732c6572726f72733d72656d6f756e742d726f2c00fc403bb14281bbfb9b8213bd6284536d64789a24dd73b98b3e33cb47fed8a736464bb62e9e891aa832722dfc28bfa4489b3a127a503e72326b737d0f67c97be6f37ef46154dec39ef8718946ffc8cd4d735a0b101c1722477bbe2f923577ea51f7116f17c3ddf5c497fba2d0bb3272d123b31e9461d4e2d65a42e1174fa269de92e463fc1ca202650fe2628e15341e45dce6c0de2367bdb50cc5b2b462e1d45fc3265f1a88561ab6afb1b73a3b340b5c5fc6e601843a59f3cdeb36991cfa985453287d4c9d2d6e21adddc57a607369c682e821b20dc0efd51d12f386f3f8e53c05e696e50c7c3f79b1b0bd7e5cfaf3f63d8949c8dd2fd94aa0f259a4cb9412c30c45f9d4d63d267d2a43f03a47fa56b3"], 0x1, 0x25c, &(0x7f0000002500)="$eJzs3T9rU1EYB+DXNGlCFzuLwwUXp6JOrkEqiAEhkkEnA9UlFeF2iU75GH4CBz+SH6NTcTliT2zaGkWk8dh7nwfCfeGXP+/JhXsynJP76vbb2cG7ozfpy8cYDKroRixSitiNTmxFdmN57JzW23HeIgCA62Y8ng5L98Df+/QHz6nr4bQXEf2fksnnjTQFAAAAAAAAAADAxq1b/x8n1v8DQJNZ/998dT2c7ix/v11k/T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQzklKN9NvHqX7AwCunvkfANrH/A8A7WP+B4D2ef7i5dPhaLQ/rqpBxPFiPplP8jHnj5+M9u9Vp3ZXrzqezydbZ/n9nFcX817sLPMHa/PtuHsn59+zR89Gl/J+HGx++AAAAAAAAAAAAAAAAAAAAPBf2KvOrN3fv9ePX+S5Ovf/AJf273fjVvefDQMAAAAAAAAAAAAAAAAAAACutaP3H2bTw8PXdania8oKtzHrR7lP7y1PxhW9YTws/WUWKaLgGWxg8eMK0Sl3cQIAAAAAAAAAAAAAAAAAgJZZbfot3QkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlLO6///miohYpKz0cAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAG+xYAAP//Wv2bkg==") r0 = open(&(0x7f0000000180)='./file1\x00', 0x66842, 0x21) pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c11}], 0x1, 0x1a00, 0x0, 0x3) r1 = open(&(0x7f0000000100)='./file1\x00', 0x147842, 0x88) preadv2(r1, &(0x7f0000000040)=[{&(0x7f0000001200)=""/4096, 0xfffffdef}], 0x1, 0x0, 0x0, 0x7) 6.751837992s ago: executing program 3 (id=1399): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, 0x0) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc}, {0xeda7, 0x4, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xf8}]}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x2710, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) 5.571938944s ago: executing program 3 (id=1401): r0 = socket(0x10, 0x803, 0x0) fsopen(&(0x7f0000000180)='proc\x00', 0x1) socket$nl_route(0x10, 0x3, 0x0) socket$inet6(0xa, 0x3, 0x2) socket$nl_route(0x10, 0x3, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) socket$netlink(0x10, 0x3, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x5, 0xa, 0x3, 0x100}, 0x50) socket(0x10, 0x3, 0x0) socket$inet(0x2, 0x3, 0x8) socket$netlink(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$inet_tcp(0x2, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="4400000010001d0025bd7000fadbdf2500000000", @ANYRES32, @ANYBLOB="138000002b9201002400128009000100626f6e6400000000140002800800", @ANYRES64=r1], 0x44}, 0x1, 0x0, 0x0, 0x40448e0}, 0x4000) 5.071533802s ago: executing program 1 (id=1403): socket$pppl2tp(0x18, 0x1, 0x1) r0 = socket$pppl2tp(0x18, 0x1, 0x1) socket$inet6_udp(0xa, 0x2, 0x0) r1 = socket$pppl2tp(0x18, 0x1, 0x1) connect$pppl2tp(r1, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x3, r0, {0x2, 0x4e22, @multicast2}, 0x2, 0x9800}}, 0x2e) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000680), 0x101402, 0x0) ioctl$PPPIOCATTCHAN(r2, 0x40047438, &(0x7f0000000040)=0x1) writev(r2, &(0x7f0000000000)=[{&(0x7f00000026c0)="9586", 0x2}], 0x1) 4.736700819s ago: executing program 3 (id=1404): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[], 0x6c}, 0x1, 0x0, 0x0, 0x20000001}, 0x4004080) sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="380000000203050000000000000000000100000a0800044000000000080003400000000d090002000000000550"], 0x38}, 0x1, 0x0, 0x0, 0x40080}, 0x4040800) 4.372641405s ago: executing program 4 (id=1405): r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000004300), 0x1, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) eventfd2(0x6, 0x80800) ioctl$KVM_HYPERV_EVENTFD(r2, 0x4018aebd, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 4.14348478s ago: executing program 1 (id=1406): r0 = openat$kvm(0x0, &(0x7f0000000100), 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) close_range(r1, 0xffffffffffffffff, 0x2) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) 3.761194925s ago: executing program 3 (id=1407): syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000080)='./file1\x00', 0x0, &(0x7f00000069c0)=ANY=[@ANYBLOB="6c617a7974696d652c6e6f696e6c696e655f78617474722c6c617a7974696d652c6e6f626172726965722c6163746976655f6c6f67733d342c757365725f78617474722c6d6f64653d6c66732c616c6c6f635f6d6f64653d64656661756c742c00be9ee044c45511e65887f6fac9eba6d787c3684a836f23dbf8ad3dd5931c08b4d8bde7e8acbbf3bf3326f2faa5952a332ad2ced40c98a2affa2dad4d623f9ff3ffa81e45095548ab6200f069d0f63d20fd71d3043b0dd5c4cf9785f3f531abc19bc1678f5e0b33006bd1049ca45fd8500d67a5aa6e1c23d900000000007867738729e703bb122283fb2fae9813a0cfefcdf3dc968af1cf80e96649d943198a96d9b1af9c91506b30922be8537f54e65cf60c6b6a5798955796aea325770d6ccc93a95fad93b2c7bad114fcbc55036a301c23b07073c71555791db8919235022bb0ee4294211ab9b43f3fbedecd223722d937aa22b31e2e9c97e5ea94e4ab83d4e5811c7556813c334aec856af0a0c12b3c93ba5aa906c6e2268a0c6cbbb13f496d87c608604eb02b2c031d5ae40c75"], 0x1, 0x5531, &(0x7f0000000b00)="$eJzs3EtvG1UUAODrpOmbEiEW7DpShZRItVWnSQW7AK14iFQRjwUr6tiO5db2RLHjhKxYsEQs+CcIJFYs+Q0sWLNDLEDskIo89wY1PCpQHJsk3ydNz8yd6zPnjqpEZyZyAM6s+ezXn0vhWrgUQpgNIVwNodgvpa2wGsMLIYTrIYSZJ7ZSGv9j4HwI4XII4dooecxZSqc+vzm8sfLTW798892Fc1e++Pr76a0amLYXQwjdrbi/240xb8X4MI3Xhu0idpeHKcYT3UfpOI9xt7lRZNitHcyrFfF2K87Pt3b6o7jZqdVHsdXeLMa3evGC/WHrIE/xgYe17eK40dwoYrufF7G1H+va248/2/b7g5inkfJ9VKQPg8FBjOPNvWZcz9ajItZ7gzQe8+aN5t4oDlNMlwv1vNMo6tg4yp3+f3u73dvZy4bN7X4772UrlepLleqdcnU7bzQHzeVyrdu4s5wttDqjaeVBs9ZdbeV5q9Os1PPuYrbQqtfL1Wq2cLe50a71smq1crtyq7yymPZuZq/ffz/rNLKFUXy13dsZtDv9bDPfzuInFrOlyu2XF7Mb1ezdtfVs/Z1799bW3/vw7gf3X1l787U06S9lZQtLt5aWytVb5aXq4sld/+h3/X9a/yep6DGuH46k9LSTDyZXB8AJov8HpmGi/f9cGHv/H/T/Y6H/P7Prf5wc7QZytj21/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4DT7Ye7LN4qd+Xh8JY0/k4aeS8elEMJMCOHx35gN5w/lnE155v5h/tyfavi2FIoMo2tcSNvlEMJq2n579rjvAgAAAJxeX318/bPYrcd/5qddEJMUH9rMXH0wpnylEMLc/I9jyBLSw6bw/NGrikb/v8+FvTFlKx5gXRxTsvjI7dy4sv0rs4fCxSdCKYaZg5nnJ1oXAABwnA53ApPtQgAAAJikT6ddANNRvGlNf4ufXvNdiCG9ELx06AgAAAA4gUrTLgAAAAA4dkX/7/v/AAAA4HSL3/8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL+zcze5aQNRAICfDS609AdV3fcq3cExeoQuu4y4CkcgV8gFOAPZZZtdBBH2JAoRhBAbE6Lvk+xhbOvxjPDijUcDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABzTdTEbX1787teNs1zV08zdAAAAANssitm4/DCs+oN0/Fs69DP1s4jII2Jb7d6JTxsxOylOseP64lkOVxFlhPV39NL2JSL+pO3ux7F/BQAAAPi45pPpqKrWq93w1AnRpmrQJv/6t6F4WUQUw5uGouXr3a9XXbraPz60/n934/+Os9lhqZUDW1F7ysyDcsit21S0/TrpcX9s+k+arGry9tIBAADaslkJtFiFAAAA0LJ/p06A0yjfeqa5+GkCf69q0gvBzxs9AAAA4AwdOusZAAAAeI8GL54t6/8zWP/v+631/wAAAODNqvX/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOKZFMRvPJ9NR3TjLVT3N3A0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAPfvzjsIwDAZhcJMor07oAr7/Lc2C3bp1MwOCj38rAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABceRwvzzNejZlso9eZ5N3zSvLp1Ph2avw6N/5Jxrr7NwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7+/OSAiEQBFEwZ/zvpO9/WEnQM4gQAQ2PKmrRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAF/3ul/8TU+NMMnfaWDoeSdauGltXjb0HjaMH4+3fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXO/fvGzcVBwD8e+fzlRYQIaAMQYhKDLDQ9FpaujKAIgb+BKQovZbAlR9tBlpVoCxsKHMXBCNCSKCw9X/o3EpdytbhhiIxMYDss5PXo4iDKvaRfD7S8/vacvy+z4mifP2cAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA2fnMvzorNwiTuVsduP7i+XvR3pvrCze27y0Ur4s7fXP+L/Up8/r2Y7nSW2ksEAACAwyOr6/uIfuQ7q0XQXSjr/7w+p6j5v3l6Etf1/HTdX/d17V+0n3+6//zuQAuTcYqLXtgYDU/+NZVeto/znGfP/OMZvfLOl89esvIb0n1n67lxXt7Pzle3br3VL8MjTWQLAPwXJ+q+Cuq/h4p+0GZiABwavaoV7lX1f7bQbk4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAATehvxZN13ImI5d5eXLjz4Pp62U/t39y+u1y3szdubKfXLC6RR8SFjdHwZFMT+R+4cvXah2uj0fBy88FLEdHe6FXw3gznRLSZoeBxg271sz7bVx2PiPZzbj9o+RcTAAAHTl61oq6/l++sFsc6ixF/fPtw/f9KEkda/0/1af1///2zt9Ox0vp/0NgM59/K5qVPVq5cvfbaxqW1i8OLw49ePzV4Y3D63Jkz51bKZyUrnpgAAADwePpVS+v/7mLEeGr9/1gSx4z1/6dfDz5Px8rU/4+0t+jXdiYAAACH27PHf/u184jjnX4/Plvb3Lw8mGx3909Nti2k+q8dqVpa/2eLbWcFAAAANGG81Xlo/f98EseM6/9PfffCD+k1s4g4Wq3/n1j/eHS+uem05PeZzmri34n3faoAAADMtaNVS9f/8/L9/+7uKw/diHj15UlcfQzgTPV/9vaX36djpe//n25uinOpuzS5H2W/FNFbajsjAAAADrInqlYU+7/kO6sf/Hjs3b73/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACa9mcAAAD//6vIRLE=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2143, 0x222) ioctl$F2FS_IOC_WRITE_CHECKPOINT(r0, 0xf507, 0x0) 3.455517242s ago: executing program 4 (id=1408): syz_open_dev$hidraw(&(0x7f0000000100), 0x5, 0x400) syz_usb_connect$cdc_ecm(0x6, 0x4d, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/key-users\x00', 0x0, 0x0) syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="043ef50d"], 0xf8) 2.783715553s ago: executing program 1 (id=1409): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, 0x0) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc}, {0xeda7, 0x4, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xf8}]}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x2710, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) 2.131201762s ago: executing program 4 (id=1410): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x1, 0x3, 0x8, 0x8, 0x40, 0xffffffffffffffff, 0x20}, 0x50) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0xca, r0}, 0x38) bpf$PROG_LOAD(0x2, &(0x7f0000000680)={0x3, 0x3, &(0x7f0000000740)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 1.779927449s ago: executing program 1 (id=1411): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="300000004a0001002bbd7000ffdbdf250a008000", @ANYRES32=0x0, @ANYBLOB="07000000140001000000000001"], 0x30}, 0x1, 0x0, 0x0, 0xc0}, 0x4000000) 1.340337062s ago: executing program 4 (id=1412): r0 = socket(0x10, 0x803, 0x0) fsopen(&(0x7f0000000180)='proc\x00', 0x1) socket$nl_route(0x10, 0x3, 0x0) socket$inet6(0xa, 0x3, 0x2) socket$nl_route(0x10, 0x3, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) socket$netlink(0x10, 0x3, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x5, 0xa, 0x3, 0x100}, 0x50) socket(0x10, 0x3, 0x0) socket$inet(0x2, 0x3, 0x8) socket$netlink(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$inet_tcp(0x2, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="4400000010001d0025bd7000fadbdf2500000000", @ANYRES32, @ANYBLOB="138000002b9201002400128009000100626f6e6400000000140002800800", @ANYRES64=r1], 0x44}, 0x1, 0x0, 0x0, 0x40448e0}, 0x4000) 979.482603ms ago: executing program 1 (id=1413): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000180), 0x2982, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) sendfile(r0, r1, 0x0, 0x20000023896) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000000)={0xf, 0x40, 0x6, 0x3, 0x4, "a0e1c6beeb439eff56c42676bae174bc012837"}) close(0x3) 593.231843ms ago: executing program 4 (id=1414): creat(&(0x7f00000003c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x166) link(&(0x7f00000006c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) creat(&(0x7f0000000140)='./file0\x00', 0x49) name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="14"], &(0x7f0000000180), 0x0) unlink(&(0x7f00000001c0)='./file0\x00') open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x0) 0s ago: executing program 4 (id=1415): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB], 0x6c}, 0x1, 0x0, 0x0, 0x20000001}, 0x4004080) sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="380000000203050000000000000000000100000a0800044000000000080003400000000d090002000000000550"], 0x38}, 0x1, 0x0, 0x0, 0x40080}, 0x4040800) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.254' (ED25519) to the list of known hosts. [ 155.649752][ T5557] cgroup: Unknown subsys name 'net' [ 155.777240][ T5557] cgroup: Unknown subsys name 'cpuset' [ 155.791007][ T5557] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 161.359153][ T5557] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 166.460529][ T5576] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 166.471805][ T5576] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 166.483084][ T5576] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 166.499230][ T5576] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 166.513031][ T5576] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 166.601627][ T5576] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 166.612548][ T5576] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 166.624652][ T5576] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 166.646587][ T5583] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 166.656940][ T5586] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 166.688150][ T5586] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 166.690101][ T5585] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 166.706322][ T5585] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 166.715498][ T5585] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 166.729987][ T5585] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 166.740852][ T5585] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 166.745154][ T4870] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 166.762137][ T4870] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 166.777220][ T5585] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 166.780231][ T5586] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 166.794352][ T5585] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 166.805349][ T5586] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 166.805761][ T5585] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 166.837411][ T5585] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 166.852704][ T5585] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 168.581736][ T5585] Bluetooth: hci0: command tx timeout [ 168.739324][ T5585] Bluetooth: hci1: command tx timeout [ 168.819307][ T5585] Bluetooth: hci3: command tx timeout [ 168.901403][ T5585] Bluetooth: hci2: command tx timeout [ 168.901455][ T4870] Bluetooth: hci4: command tx timeout [ 170.659334][ T5585] Bluetooth: hci0: command tx timeout [ 170.820679][ T5585] Bluetooth: hci1: command tx timeout [ 170.862915][ T5591] bridge0: port 1(bridge_slave_0) entered blocking state [ 170.879611][ T5591] bridge0: port 1(bridge_slave_0) entered disabled state [ 170.899223][ T5585] Bluetooth: hci3: command tx timeout [ 170.906274][ T5591] bridge_slave_0: entered allmulticast mode [ 170.935958][ T5591] bridge_slave_0: entered promiscuous mode [ 170.982360][ T4870] Bluetooth: hci4: command tx timeout [ 170.988004][ T5585] Bluetooth: hci2: command tx timeout [ 171.017467][ T5591] bridge0: port 2(bridge_slave_1) entered blocking state [ 171.026828][ T5591] bridge0: port 2(bridge_slave_1) entered disabled state [ 171.042134][ T5591] bridge_slave_1: entered allmulticast mode [ 171.063539][ T5591] bridge_slave_1: entered promiscuous mode [ 171.281659][ T5591] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 171.345914][ T5584] bridge0: port 1(bridge_slave_0) entered blocking state [ 171.354703][ T5584] bridge0: port 1(bridge_slave_0) entered disabled state [ 171.363919][ T5584] bridge_slave_0: entered allmulticast mode [ 171.374206][ T5584] bridge_slave_0: entered promiscuous mode [ 171.394492][ T5591] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 171.426996][ T5575] bridge0: port 1(bridge_slave_0) entered blocking state [ 171.436570][ T5575] bridge0: port 1(bridge_slave_0) entered disabled state [ 171.444157][ T5575] bridge_slave_0: entered allmulticast mode [ 171.452195][ T5575] bridge_slave_0: entered promiscuous mode [ 171.462981][ T5582] bridge0: port 1(bridge_slave_0) entered blocking state [ 171.470915][ T5582] bridge0: port 1(bridge_slave_0) entered disabled state [ 171.478251][ T5582] bridge_slave_0: entered allmulticast mode [ 171.487082][ T5582] bridge_slave_0: entered promiscuous mode [ 171.497329][ T5584] bridge0: port 2(bridge_slave_1) entered blocking state [ 171.505206][ T5584] bridge0: port 2(bridge_slave_1) entered disabled state [ 171.512714][ T5584] bridge_slave_1: entered allmulticast mode [ 171.521324][ T5584] bridge_slave_1: entered promiscuous mode [ 171.575781][ T5575] bridge0: port 2(bridge_slave_1) entered blocking state [ 171.583214][ T5575] bridge0: port 2(bridge_slave_1) entered disabled state [ 171.590777][ T5575] bridge_slave_1: entered allmulticast mode [ 171.598671][ T5575] bridge_slave_1: entered promiscuous mode [ 171.609644][ T5582] bridge0: port 2(bridge_slave_1) entered blocking state [ 171.617280][ T5582] bridge0: port 2(bridge_slave_1) entered disabled state [ 171.624878][ T5582] bridge_slave_1: entered allmulticast mode [ 171.632883][ T5582] bridge_slave_1: entered promiscuous mode [ 171.694116][ T5591] team0: Port device team_slave_0 added [ 171.839929][ T5580] bridge0: port 1(bridge_slave_0) entered blocking state [ 171.847584][ T5580] bridge0: port 1(bridge_slave_0) entered disabled state [ 171.856580][ T5580] bridge_slave_0: entered allmulticast mode [ 171.866271][ T5580] bridge_slave_0: entered promiscuous mode [ 171.882903][ T5591] team0: Port device team_slave_1 added [ 171.916673][ T5582] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 171.935238][ T5584] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 171.945224][ T5580] bridge0: port 2(bridge_slave_1) entered blocking state [ 171.953171][ T5580] bridge0: port 2(bridge_slave_1) entered disabled state [ 171.960811][ T5580] bridge_slave_1: entered allmulticast mode [ 171.969106][ T5580] bridge_slave_1: entered promiscuous mode [ 172.006161][ T5575] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 172.022833][ T5582] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 172.038388][ T5584] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 172.095173][ T5575] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 172.175366][ T5591] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 172.183223][ T5591] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 172.209681][ T5591] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 172.293695][ T5580] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 172.305161][ T5591] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 172.312428][ T5591] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 172.338644][ T5591] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 172.380168][ T5582] team0: Port device team_slave_0 added [ 172.392765][ T5584] team0: Port device team_slave_0 added [ 172.406151][ T5580] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 172.435932][ T5575] team0: Port device team_slave_0 added [ 172.448404][ T5582] team0: Port device team_slave_1 added [ 172.490413][ T5584] team0: Port device team_slave_1 added [ 172.525305][ T5575] team0: Port device team_slave_1 added [ 172.606276][ T5580] team0: Port device team_slave_0 added [ 172.636434][ T5582] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 172.643697][ T5582] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 172.669916][ T5582] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 172.732031][ T5580] team0: Port device team_slave_1 added [ 172.739193][ T5585] Bluetooth: hci0: command tx timeout [ 172.763443][ T5582] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 172.770717][ T5582] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 172.797621][ T5582] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 172.812184][ T5584] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 172.819657][ T5584] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 172.845900][ T5584] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 172.899438][ T5585] Bluetooth: hci1: command tx timeout [ 172.929366][ T5575] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 172.936408][ T5575] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 172.962633][ T5575] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 172.979246][ T5585] Bluetooth: hci3: command tx timeout [ 172.993340][ T5584] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 173.001000][ T5584] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 173.027307][ T5584] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 173.049499][ T5591] hsr_slave_0: entered promiscuous mode [ 173.057670][ T5591] hsr_slave_1: entered promiscuous mode [ 173.059305][ T5585] Bluetooth: hci2: command tx timeout [ 173.063618][ T4870] Bluetooth: hci4: command tx timeout [ 173.098073][ T5575] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 173.105653][ T5575] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 173.131985][ T5575] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 173.164790][ T5580] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 173.175955][ T5580] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 173.202289][ T5580] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 173.240130][ T5580] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 173.247231][ T5580] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 173.273674][ T5580] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 173.443779][ T5582] hsr_slave_0: entered promiscuous mode [ 173.452036][ T5582] hsr_slave_1: entered promiscuous mode [ 173.459656][ T5582] debugfs: 'hsr0' already exists in 'hsr' [ 173.465519][ T5582] Cannot create hsr debugfs directory [ 173.551590][ T5575] hsr_slave_0: entered promiscuous mode [ 173.560582][ T5575] hsr_slave_1: entered promiscuous mode [ 173.567890][ T5575] debugfs: 'hsr0' already exists in 'hsr' [ 173.573938][ T5575] Cannot create hsr debugfs directory [ 173.593229][ T5584] hsr_slave_0: entered promiscuous mode [ 173.601992][ T5584] hsr_slave_1: entered promiscuous mode [ 173.609580][ T5584] debugfs: 'hsr0' already exists in 'hsr' [ 173.615417][ T5584] Cannot create hsr debugfs directory [ 173.695153][ T5580] hsr_slave_0: entered promiscuous mode [ 173.703990][ T5580] hsr_slave_1: entered promiscuous mode [ 173.711930][ T5580] debugfs: 'hsr0' already exists in 'hsr' [ 173.717746][ T5580] Cannot create hsr debugfs directory [ 174.805088][ T5591] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 174.819185][ T4870] Bluetooth: hci0: command tx timeout [ 174.831679][ T5591] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 174.845017][ T5591] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 174.869208][ T5591] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 174.878492][ T5591] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 174.894896][ T5591] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 174.918066][ T5591] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 174.934945][ T5591] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 174.980102][ T4870] Bluetooth: hci1: command tx timeout [ 175.046381][ T5582] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 175.059242][ T4870] Bluetooth: hci3: command tx timeout [ 175.073017][ T5582] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 175.100193][ T5582] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 175.118640][ T5582] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 175.128702][ T5582] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 175.140212][ T4870] Bluetooth: hci2: command tx timeout [ 175.148840][ T5582] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 175.149154][ T4870] Bluetooth: hci4: command tx timeout [ 175.182218][ T5582] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 175.202238][ T5582] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 175.357005][ T5584] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 175.378079][ T5584] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 175.389998][ T5584] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 175.407492][ T5584] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 175.442412][ T5584] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 175.475902][ T5584] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 175.528707][ T5584] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 175.558239][ T5584] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 175.827973][ T5575] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 175.850333][ T5575] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 175.876922][ T5575] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 175.895821][ T5575] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 175.905636][ T5575] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 175.922634][ T5575] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 175.962923][ T5575] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 175.980569][ T5575] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 176.167823][ T5580] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 176.194499][ T5580] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 176.204581][ T5580] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 176.220100][ T5580] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 176.247570][ T5580] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 176.265797][ T5580] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 176.276614][ T5580] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 176.299375][ T5580] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 176.443086][ T5591] 8021q: adding VLAN 0 to HW filter on device bond0 [ 176.606770][ T5591] 8021q: adding VLAN 0 to HW filter on device team0 [ 176.722979][ T167] bridge0: port 1(bridge_slave_0) entered blocking state [ 176.730327][ T167] bridge0: port 1(bridge_slave_0) entered forwarding state [ 176.796946][ T5582] 8021q: adding VLAN 0 to HW filter on device bond0 [ 176.818834][ T3313] bridge0: port 2(bridge_slave_1) entered blocking state [ 176.826229][ T3313] bridge0: port 2(bridge_slave_1) entered forwarding state [ 176.894991][ T5584] 8021q: adding VLAN 0 to HW filter on device bond0 [ 177.023648][ T5582] 8021q: adding VLAN 0 to HW filter on device team0 [ 177.096910][ T5584] 8021q: adding VLAN 0 to HW filter on device team0 [ 177.141107][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 177.148445][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 177.198614][ T5575] 8021q: adding VLAN 0 to HW filter on device bond0 [ 177.227197][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 177.234555][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 177.252820][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 177.260248][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 177.347165][ T5580] 8021q: adding VLAN 0 to HW filter on device bond0 [ 177.377702][ T3313] bridge0: port 2(bridge_slave_1) entered blocking state [ 177.385060][ T3313] bridge0: port 2(bridge_slave_1) entered forwarding state [ 177.464719][ T5575] 8021q: adding VLAN 0 to HW filter on device team0 [ 177.573664][ T3313] bridge0: port 1(bridge_slave_0) entered blocking state [ 177.581246][ T3313] bridge0: port 1(bridge_slave_0) entered forwarding state [ 177.667229][ T5580] 8021q: adding VLAN 0 to HW filter on device team0 [ 177.709026][ T3313] bridge0: port 2(bridge_slave_1) entered blocking state [ 177.716464][ T3313] bridge0: port 2(bridge_slave_1) entered forwarding state [ 177.844314][ T3313] bridge0: port 1(bridge_slave_0) entered blocking state [ 177.851857][ T3313] bridge0: port 1(bridge_slave_0) entered forwarding state [ 177.940912][ T56] bridge0: port 2(bridge_slave_1) entered blocking state [ 177.948220][ T56] bridge0: port 2(bridge_slave_1) entered forwarding state [ 179.935434][ T5591] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 180.656936][ T5591] veth0_vlan: entered promiscuous mode [ 180.865867][ T5591] veth1_vlan: entered promiscuous mode [ 181.065699][ T5582] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 181.158482][ T5584] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 181.458022][ T5591] veth0_macvtap: entered promiscuous mode [ 181.599575][ T5575] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 181.608667][ T5591] veth1_macvtap: entered promiscuous mode [ 181.819330][ T5582] veth0_vlan: entered promiscuous mode [ 181.876710][ T5580] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 181.898158][ T5591] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 182.027650][ T5591] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 182.105448][ T5582] veth1_vlan: entered promiscuous mode [ 182.183365][ T133] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 182.196746][ T133] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 182.233552][ T133] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 182.272301][ T133] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 182.513374][ T5575] veth0_vlan: entered promiscuous mode [ 182.657026][ T5582] veth0_macvtap: entered promiscuous mode [ 182.700968][ T5580] veth0_vlan: entered promiscuous mode [ 182.716499][ T5575] veth1_vlan: entered promiscuous mode [ 182.743776][ T5582] veth1_macvtap: entered promiscuous mode [ 182.886442][ T5580] veth1_vlan: entered promiscuous mode [ 183.016690][ T5584] veth0_vlan: entered promiscuous mode [ 183.075910][ T5582] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 183.186589][ T5582] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 183.228401][ T5584] veth1_vlan: entered promiscuous mode [ 183.306524][ T12] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 183.316360][ T12] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 183.358339][ T12] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 183.371200][ T12] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 183.403745][ T5575] veth0_macvtap: entered promiscuous mode [ 183.544554][ T5575] veth1_macvtap: entered promiscuous mode [ 183.707726][ T5580] veth0_macvtap: entered promiscuous mode [ 183.764077][ T5575] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 183.838181][ T5580] veth1_macvtap: entered promiscuous mode [ 183.886543][ T5575] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 184.016913][ T167] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 184.049285][ T167] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 184.062239][ T167] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 184.073795][ T167] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 184.118524][ T5584] veth0_macvtap: entered promiscuous mode [ 184.224424][ T5584] veth1_macvtap: entered promiscuous mode [ 184.307352][ T5580] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 184.428756][ T5580] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 184.538710][ T5584] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 184.616692][ T56] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 184.639416][ T13] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 184.673206][ T13] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 184.712941][ T13] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 184.769310][ T5584] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 184.953811][ T167] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 184.983508][ T167] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 185.037923][ T167] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 185.069181][ T167] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 186.180682][ T3313] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 186.246348][ T3313] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 186.445137][ T56] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 186.478635][ T56] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 186.995098][ T5591] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 188.336041][ T34] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 188.385251][ T34] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 188.608522][ T179] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 188.629338][ T179] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 190.004956][ T3313] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 190.047939][ T3313] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 190.289957][ T54] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 190.330151][ T54] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 190.373668][ T5840] loop1: detected capacity change from 0 to 8192 [ 190.573284][ T34] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 190.613084][ T34] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 190.924759][ T54] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 190.967376][ T54] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 191.310403][ T133] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 191.347425][ T133] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 191.585577][ T5854] loop2: detected capacity change from 0 to 7 [ 191.612365][ T179] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 191.633440][ T5854] loop2: [ 191.665448][ T179] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 191.668527][ T5854] loop2: partition table partially beyond EOD, truncated [ 195.844886][ T5906] netlink: 44 bytes leftover after parsing attributes in process `syz.0.30'. [ 198.883607][ T5940] netlink: 44 bytes leftover after parsing attributes in process `syz.4.44'. [ 199.661409][ T5945] loop4: detected capacity change from 0 to 512 [ 199.695660][ T5945] ======================================================= [ 199.695660][ T5945] WARNING: The mand mount option has been deprecated and [ 199.695660][ T5945] and is ignored by this kernel. Remove the mand [ 199.695660][ T5945] option from the mount to silence this warning. [ 199.695660][ T5945] ======================================================= [ 200.862929][ T5956] fuse: Unknown parameter 'fd0x0000000000000003' [ 202.068666][ T5971] netlink: 44 bytes leftover after parsing attributes in process `syz.1.56'. [ 203.055058][ T5983] loop0: detected capacity change from 0 to 128 [ 203.852813][ T5993] netlink: 'syz.3.66': attribute type 12 has an invalid length. [ 203.958426][ T1309] ieee802154 phy0 wpan0: encryption failed: -22 [ 203.968128][ T1309] ieee802154 phy1 wpan1: encryption failed: -22 [ 204.484520][ T6001] netlink: 44 bytes leftover after parsing attributes in process `syz.4.70'. [ 205.173124][ T6012] loop4: detected capacity change from 0 to 136 [ 206.105199][ T6025] fuse: Bad value for 'fd' [ 206.160444][ T6027] netlink: 'syz.0.81': attribute type 12 has an invalid length. [ 206.793165][ T6033] netlink: 44 bytes leftover after parsing attributes in process `syz.4.84'. [ 208.494282][ T6056] fuse: Bad value for 'fd' [ 208.663045][ T6059] 9p: Bad value for 'wfdno' [ 208.936090][ T6065] netlink: 44 bytes leftover after parsing attributes in process `syz.4.98'. [ 211.358698][ T6093] netlink: 44 bytes leftover after parsing attributes in process `syz.2.110'. [ 211.598527][ T6098] fuse: Bad value for 'fd' [ 211.710398][ T6101] netlink: 8 bytes leftover after parsing attributes in process `syz.0.113'. [ 212.009856][ T6103] 9p: Bad value for 'wfdno' [ 212.782335][ T6108] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 214.717916][ T6135] 9p: Bad value for 'wfdno' [ 217.306460][ T6175] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 218.124290][ T6182] fuse: Bad value for 'fd' [ 218.949020][ T6194] Zero length message leads to an empty skb [ 218.972779][ T6194] netlink: 'syz.2.154': attribute type 12 has an invalid length. [ 220.367261][ T6214] fuse: Bad value for 'fd' [ 221.261781][ T6229] netlink: 'syz.0.168': attribute type 12 has an invalid length. [ 222.549587][ T6233] syz.2.169 (6233) used greatest stack depth: 2080 bytes left [ 223.460849][ T6264] netlink: 'syz.3.182': attribute type 12 has an invalid length. [ 226.098070][ T6298] fuse: Bad value for 'fd' [ 227.270155][ T6315] netlink: 12 bytes leftover after parsing attributes in process `syz.3.204'. [ 232.245405][ T6392] fuse: Bad value for 'fd' [ 233.719706][ T29] audit: type=1800 audit(1777614956.500:2): pid=6412 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.238" name="bus" dev="tmpfs" ino=308 res=0 errno=0 [ 234.813868][ T6427] fuse: Bad value for 'fd' [ 237.564686][ T6473] fuse: Bad value for 'fd' [ 238.808532][ T6494] fuse: root generation should be zero [ 241.552958][ T6522] fuse: fd is not a fuse device [ 244.480396][ T6544] bridge0: port 2(bridge_slave_1) entered disabled state [ 245.162293][ T29] audit: type=1326 audit(1777614967.940:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6553 comm="syz.2.294" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701f00c code=0x7ffc0000 [ 245.282421][ T29] audit: type=1326 audit(1777614967.950:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6553 comm="syz.2.294" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701f00c code=0x7ffc0000 [ 245.401919][ T29] audit: type=1326 audit(1777614967.990:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6553 comm="syz.2.294" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701f00c code=0x7ffc0000 [ 245.549922][ T29] audit: type=1326 audit(1777614967.990:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6553 comm="syz.2.294" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701f00c code=0x7ffc0000 [ 245.677463][ T29] audit: type=1326 audit(1777614967.990:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6553 comm="syz.2.294" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=425 compat=1 ip=0xf701f00c code=0x7ffc0000 [ 245.796062][ T29] audit: type=1326 audit(1777614968.020:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6553 comm="syz.2.294" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701f00c code=0x7ffc0000 [ 245.916968][ T29] audit: type=1326 audit(1777614968.020:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6553 comm="syz.2.294" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701f00c code=0x7ffc0000 [ 246.023646][ T29] audit: type=1326 audit(1777614968.020:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6553 comm="syz.2.294" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701f00c code=0x7ffc0000 [ 246.145414][ T29] audit: type=1326 audit(1777614968.030:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6553 comm="syz.2.294" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=85 compat=1 ip=0xf701f00c code=0x7ffc0000 [ 246.303656][ T29] audit: type=1326 audit(1777614968.030:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6553 comm="syz.2.294" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701f00c code=0x7ffc0000 [ 247.789914][ T6585] bridge0: port 2(bridge_slave_1) entered disabled state [ 255.011521][ T29] kauditd_printk_skb: 9 callbacks suppressed [ 255.011588][ T29] audit: type=1326 audit(1777614977.800:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6686 comm="syz.0.349" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc500c code=0x7ffc0000 [ 255.203454][ T29] audit: type=1326 audit(1777614977.840:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6686 comm="syz.0.349" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc500c code=0x7ffc0000 [ 255.320497][ T29] audit: type=1326 audit(1777614977.850:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6686 comm="syz.0.349" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc500c code=0x7ffc0000 [ 255.445677][ T29] audit: type=1326 audit(1777614977.850:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6686 comm="syz.0.349" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc500c code=0x7ffc0000 [ 255.579481][ T29] audit: type=1326 audit(1777614977.850:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6686 comm="syz.0.349" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=425 compat=1 ip=0xf7fc500c code=0x7ffc0000 [ 255.708175][ T29] audit: type=1326 audit(1777614977.860:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6686 comm="syz.0.349" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc500c code=0x7ffc0000 [ 255.869174][ T29] audit: type=1326 audit(1777614977.860:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6686 comm="syz.0.349" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc500c code=0x7ffc0000 [ 255.979517][ T29] audit: type=1326 audit(1777614977.860:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6686 comm="syz.0.349" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc500c code=0x7ffc0000 [ 256.113479][ T29] audit: type=1326 audit(1777614977.870:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6686 comm="syz.0.349" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=85 compat=1 ip=0xf7fc500c code=0x7ffc0000 [ 256.235511][ T29] audit: type=1326 audit(1777614977.870:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6686 comm="syz.0.349" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc500c code=0x7ffc0000 [ 256.574273][ T6707] process 'syz.1.356' launched '/dev/fd/4' with NULL argv: empty string added [ 258.959998][ T6741] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2182154216 (4364308432 ns) > initial count (507749598 ns). Using initial count to start timer. [ 261.306079][ T29] kauditd_printk_skb: 13 callbacks suppressed [ 261.306147][ T29] audit: type=1326 audit(1777614984.090:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6773 comm="syz.1.381" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70bf00c code=0x0 [ 265.198510][ T6831] netlink: 28 bytes leftover after parsing attributes in process `syz.1.402'. [ 265.389895][ T1309] ieee802154 phy0 wpan0: encryption failed: -22 [ 265.396699][ T1309] ieee802154 phy1 wpan1: encryption failed: -22 [ 267.164762][ T6856] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 267.754946][ T6866] netlink: 28 bytes leftover after parsing attributes in process `syz.1.417'. [ 279.393687][ T29] audit: type=1326 audit(1777615002.180:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7038 comm="syz.2.486" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701f00c code=0x7ffc0000 [ 279.507576][ T29] audit: type=1326 audit(1777615002.220:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7038 comm="syz.2.486" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701f00c code=0x7ffc0000 [ 282.780087][ T29] audit: type=1326 audit(1777615005.560:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7086 comm="syz.3.506" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705f00c code=0x7ffc0000 [ 282.894891][ T29] audit: type=1326 audit(1777615005.560:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7086 comm="syz.3.506" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705f00c code=0x7ffc0000 [ 285.947389][ T7133] fuse: fd is not a fuse device [ 287.780072][ T7159] netem: incorrect ge model size [ 287.785244][ T7159] netem: change failed [ 287.953422][ T7161] netlink: 24 bytes leftover after parsing attributes in process `syz.4.537'. [ 290.335533][ T7197] evm: overlay not supported [ 290.458614][ T7200] netlink: 'syz.3.550': attribute type 17 has an invalid length. [ 290.467964][ T7200] netlink: 8 bytes leftover after parsing attributes in process `syz.3.550'. [ 290.789927][ T7202] netlink: 36 bytes leftover after parsing attributes in process `syz.1.551'. [ 292.110549][ T29] audit: type=1326 audit(1777615014.900:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7218 comm="syz.2.559" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701f00c code=0x7ffc0000 [ 292.212544][ T29] audit: type=1326 audit(1777615014.930:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7218 comm="syz.2.559" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701f00c code=0x7ffc0000 [ 292.309120][ T29] audit: type=1326 audit(1777615014.930:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7218 comm="syz.2.559" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701f00c code=0x7ffc0000 [ 292.416754][ T29] audit: type=1326 audit(1777615014.940:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7218 comm="syz.2.559" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf701f00c code=0x7ffc0000 [ 292.536385][ T29] audit: type=1326 audit(1777615014.940:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7218 comm="syz.2.559" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701f00c code=0x7ffc0000 [ 292.665106][ T29] audit: type=1326 audit(1777615014.950:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7218 comm="syz.2.559" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701f00c code=0x7ffc0000 [ 292.749463][ T29] audit: type=1326 audit(1777615014.950:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7218 comm="syz.2.559" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701f00c code=0x7ffc0000 [ 292.805857][ T29] audit: type=1326 audit(1777615014.940:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7218 comm="syz.2.559" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701f00c code=0x7ffc0000 [ 292.875405][ T29] audit: type=1326 audit(1777615014.970:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7218 comm="syz.2.559" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=324 compat=1 ip=0xf701f00c code=0x7ffc0000 [ 292.984008][ T29] audit: type=1326 audit(1777615014.970:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7218 comm="syz.2.559" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=436 compat=1 ip=0xf701f00c code=0x7ffc0000 [ 293.065491][ T7207] Bluetooth: hci0: command 0x0406 tx timeout [ 293.072999][ T7207] Bluetooth: hci1: command 0x0406 tx timeout [ 293.085588][ T7207] Bluetooth: hci2: command 0x0406 tx timeout [ 293.092843][ T7207] Bluetooth: hci3: command 0x0406 tx timeout [ 293.100127][ T7207] Bluetooth: hci4: command 0x0406 tx timeout [ 293.518074][ T7237] Driver unsupported XDP return value 0 on prog (id 28) dev N/A, expect packet loss! [ 294.070155][ T7245] capability: warning: `syz.4.570' uses 32-bit capabilities (legacy support in use) [ 295.319986][ T7265] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 296.448686][ T7282] netlink: 16 bytes leftover after parsing attributes in process `syz.2.585'. [ 299.433204][ T7335] netlink: 'syz.2.608': attribute type 11 has an invalid length. [ 302.273513][ T7374] netlink: 40 bytes leftover after parsing attributes in process `syz.3.623'. [ 302.315052][ T7371] netlink: 40 bytes leftover after parsing attributes in process `syz.3.623'. [ 302.356806][ T7371] netlink: 40 bytes leftover after parsing attributes in process `syz.3.623'. [ 302.407874][ T7371] netlink: 40 bytes leftover after parsing attributes in process `syz.3.623'. [ 302.493152][ T7371] netlink: 40 bytes leftover after parsing attributes in process `syz.3.623'. [ 302.645451][ T7371] netlink: 40 bytes leftover after parsing attributes in process `syz.3.623'. [ 302.673233][ T7371] netlink: 40 bytes leftover after parsing attributes in process `syz.3.623'. [ 302.737232][ T7372] ------------[ cut here ]------------ [ 302.742837][ T7372] WARNING: kernel/signal.c:2174 at do_notify_parent+0x1d9/0xf30, CPU#0: syz.0.605/7372 [ 302.752749][ T7372] Modules linked in: [ 302.756825][ T7372] CPU: 0 UID: 0 PID: 7372 Comm: syz.0.605 Not tainted syzkaller #0 PREEMPT(full) [ 302.766194][ T7372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 302.776400][ T7372] RIP: 0010:do_notify_parent+0x1d9/0xf30 [ 302.782263][ T7372] Code: e9 4c 31 f1 48 f7 d0 48 21 c8 0f 84 3b 0d 00 00 4d 39 f5 4c 8b 7d b8 0f 85 58 0d 00 00 e8 cf 35 5f 00 eb 60 e8 c8 35 5f 00 90 <0f> 0b 90 31 c0 45 31 ed 45 31 ff e9 56 0c 00 00 44 89 ef e8 2f 59 [ 302.802042][ T7372] RSP: 0000:ffff88805485fcb8 EFLAGS: 00010093 [ 302.808289][ T7372] RAX: ffffffff81a174a8 RBX: ffff8881160c0bb8 RCX: ffff8881160c0000 [ 302.816413][ T7372] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 0000000000000040 [ 302.824524][ T7372] RBP: ffff88805485fd80 R08: ffffea000000000f R09: 0000000000000000 [ 302.832646][ T7372] R10: ffff88805405fcc8 R11: ffffffff82bbd880 R12: 0000000000000000 [ 302.840761][ T7372] R13: ffff8881160c0000 R14: 0000000000000080 R15: ffff8881160c0000 [ 302.848878][ T7372] FS: 0000000000000000(0000) GS:ffff8881aa60d000(0000) knlGS:0000000000000000 [ 302.857965][ T7372] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 302.864694][ T7372] CR2: 0000000080004280 CR3: 000000012bfca000 CR4: 00000000003526f0 [ 302.872828][ T7372] Call Trace: [ 302.876218][ T7372] [ 302.879258][ T7372] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 302.885309][ T7372] ? kill_orphaned_pgrp+0x273/0xa70 [ 302.890706][ T7372] ? kmsan_get_metadata+0xf1/0x160 [ 302.896026][ T7372] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 302.902059][ T7372] do_exit+0x2430/0x3c30 [ 302.906516][ T7372] __ia32_sys_exit+0x35/0x40 [ 302.911293][ T7372] ia32_sys_call+0x4341/0x4360 [ 302.916287][ T7372] __do_fast_syscall_32+0x180/0x460 [ 302.921723][ T7372] do_fast_syscall_32+0x37/0x80 [ 302.926771][ T7372] do_SYSENTER_32+0x1f/0x30 [ 302.931482][ T7372] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 302.938052][ T7372] RIP: 0023:0xf7fc500c [ 302.942271][ T7372] Code: Unable to access opcode bytes at 0xf7fc4fe2. [ 302.949052][ T7372] RSP: 002b:000000008000012c EFLAGS: 00000206 ORIG_RAX: 0000000000000001 [ 302.957659][ T7372] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 000000008000020c [ 302.965771][ T7372] RDX: 000000008000020c RSI: 0000000000000000 RDI: 0000000000000000 [ 302.973883][ T7372] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 302.981988][ T7372] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 302.990097][ T7372] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 302.998231][ T7372] [ 303.001359][ T7372] ---[ end trace 0000000000000000 ]--- [ 303.054997][ T7371] netlink: 40 bytes leftover after parsing attributes in process `syz.3.623'. [ 303.101962][ T7371] netlink: 40 bytes leftover after parsing attributes in process `syz.3.623'. [ 303.150692][ T7371] netlink: 40 bytes leftover after parsing attributes in process `syz.3.623'. [ 305.866056][ T7421] loop0: detected capacity change from 0 to 164 [ 306.991667][ T7435] 9p: Bad value for 'wfdno' [ 309.765538][ T29] kauditd_printk_skb: 62 callbacks suppressed [ 309.765606][ T29] audit: type=1326 audit(1777615032.550:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7480 comm="syz.2.667" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf701f00c code=0x0 [ 309.788777][ T7483] vlan2: entered promiscuous mode [ 309.849803][ T7483] bridge0: entered promiscuous mode [ 312.741158][ T7525] macvlan2: entered promiscuous mode [ 312.789290][ T7525] bridge0: entered promiscuous mode [ 313.610443][ T7537] loop2: detected capacity change from 0 to 7 [ 313.664143][ T7537] Dev loop2: unable to read RDB block 7 [ 313.695634][ T7537] loop2: AHDI p1 p2 p3 [ 313.726183][ T7537] loop2: partition table partially beyond EOD, truncated [ 313.766725][ T7537] loop2: p1 start 1818582900 is beyond EOD, truncated [ 313.814870][ T7537] loop2: p3 start 335544320 is beyond EOD, truncated [ 314.810186][ T7551] team0 (unregistering): Port device team_slave_0 removed [ 314.953343][ T7551] team0 (unregistering): Port device team_slave_1 removed [ 315.083389][ T7558] __nla_validate_parse: 25 callbacks suppressed [ 315.083456][ T7558] netlink: 12 bytes leftover after parsing attributes in process `syz.4.700'. [ 315.550706][ T7563] loop3: detected capacity change from 0 to 16 [ 315.617394][ T7563] erofs (device loop3): mounted with root inode @ nid 36. [ 318.008318][ T7592] netlink: 12 bytes leftover after parsing attributes in process `syz.4.715'. [ 326.841616][ T1309] ieee802154 phy0 wpan0: encryption failed: -22 [ 326.850387][ T1309] ieee802154 phy1 wpan1: encryption failed: -22 [ 330.340237][ T7773] bridge0: port 2(bridge_slave_1) entered disabled state [ 330.349997][ T7773] bridge0: port 1(bridge_slave_0) entered disabled state [ 331.492374][ T7773] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 331.614426][ T7773] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 332.030032][ T7804] loop2: detected capacity change from 0 to 128 [ 332.081598][ T7804] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 332.158751][ T7804] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 333.025168][ T3313] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 333.082373][ T179] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 333.125633][ T179] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 333.154458][ T179] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 334.976489][ T7849] netlink: 12 bytes leftover after parsing attributes in process `syz.0.812'. [ 337.152186][ T7878] netlink: 20 bytes leftover after parsing attributes in process `syz.3.826'. [ 337.550424][ T7883] netlink: 'syz.2.827': attribute type 16 has an invalid length. [ 337.593952][ T7883] netlink: 8 bytes leftover after parsing attributes in process `syz.2.827'. [ 337.828095][ T7885] loop0: detected capacity change from 0 to 764 [ 337.889218][ T7885] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 338.894010][ T7899] netlink: 44 bytes leftover after parsing attributes in process `syz.2.835'. [ 340.537431][ T7916] team0: No ports can be present during mode change [ 341.335655][ T5586] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 341.346851][ T5586] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 341.356036][ T5586] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 341.401150][ T5586] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 341.413241][ T5586] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 341.869413][ T7935] netlink: 44 bytes leftover after parsing attributes in process `syz.3.849'. [ 342.671583][ T7948] loop2: detected capacity change from 0 to 764 [ 343.540743][ T5586] Bluetooth: hci0: command tx timeout [ 344.073477][ T7968] loop2: detected capacity change from 0 to 164 [ 344.162932][ T7968] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 344.267412][ T7968] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 344.300967][ T7968] Symlink component flag not implemented [ 344.325125][ T7968] Symlink component flag not implemented [ 344.362866][ T7968] Symlink component flag not implemented (7) [ 344.407930][ T7968] Symlink component flag not implemented (116) [ 345.108438][ T7975] netlink: 44 bytes leftover after parsing attributes in process `syz.4.862'. [ 345.399780][ T7978] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 345.619266][ T5586] Bluetooth: hci0: command tx timeout [ 347.330403][ T8013] netlink: 44 bytes leftover after parsing attributes in process `syz.2.875'. [ 347.442173][ T7930] bridge0: port 1(bridge_slave_0) entered blocking state [ 347.467048][ T7930] bridge0: port 1(bridge_slave_0) entered disabled state [ 347.484692][ T7930] bridge_slave_0: entered allmulticast mode [ 347.522174][ T7930] bridge_slave_0: entered promiscuous mode [ 347.589561][ T7930] bridge0: port 2(bridge_slave_1) entered blocking state [ 347.627286][ T7930] bridge0: port 2(bridge_slave_1) entered disabled state [ 347.667169][ T7930] bridge_slave_1: entered allmulticast mode [ 347.699384][ T5586] Bluetooth: hci0: command tx timeout [ 347.720097][ T7930] bridge_slave_1: entered promiscuous mode [ 348.008712][ T7930] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 348.094774][ T7930] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 348.413806][ T7930] team0: Port device team_slave_0 added [ 348.484479][ T7930] team0: Port device team_slave_1 added [ 348.791065][ T7930] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 348.816888][ T7930] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 348.952685][ T7930] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 348.987691][ T7930] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 349.001981][ T7930] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 349.033512][ T7930] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 349.330002][ T8038] netlink: 44 bytes leftover after parsing attributes in process `syz.3.885'. [ 349.405592][ T7930] hsr_slave_0: entered promiscuous mode [ 349.439419][ T7930] hsr_slave_1: entered promiscuous mode [ 349.473918][ T7930] debugfs: 'hsr0' already exists in 'hsr' [ 349.492557][ T7930] Cannot create hsr debugfs directory [ 349.779310][ T5586] Bluetooth: hci0: command tx timeout [ 351.224756][ T7930] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 351.339756][ T7930] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 351.372487][ T7930] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 351.432880][ T7930] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 351.497918][ T7930] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 351.584362][ T7930] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 351.595714][ T7930] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 351.658316][ T7930] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 351.693961][ T8065] netlink: 44 bytes leftover after parsing attributes in process `syz.2.897'. [ 352.659872][ T7930] 8021q: adding VLAN 0 to HW filter on device bond0 [ 352.863457][ T7930] 8021q: adding VLAN 0 to HW filter on device team0 [ 352.967002][ T133] bridge0: port 1(bridge_slave_0) entered blocking state [ 352.974623][ T133] bridge0: port 1(bridge_slave_0) entered forwarding state [ 353.093086][ T179] bridge0: port 2(bridge_slave_1) entered blocking state [ 353.100813][ T179] bridge0: port 2(bridge_slave_1) entered forwarding state [ 353.932693][ T8096] netlink: 44 bytes leftover after parsing attributes in process `syz.2.909'. [ 355.108375][ T8109] kvm: vcpu 6: requested lapic timer restore with starting count register 0x390=198462431 (396924862 ns) > initial count (148514 ns). Using initial count to start timer. [ 355.198473][ T8113] kvm: vcpu 6: requested lapic timer restore with starting count register 0x390=3128413300 (25027306400 ns) > initial count (17556638496 ns). Using initial count to start timer. [ 355.520791][ T29] audit: type=1326 audit(1777615078.300:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8115 comm="syz.3.915" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf705f00c code=0x0 [ 357.245338][ T7930] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 357.279280][ T807] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 357.459497][ T807] usb 2-1: Using ep0 maxpacket: 8 [ 357.493581][ T807] usb 2-1: config 0 has an invalid interface number: 8 but max is 0 [ 357.518618][ T807] usb 2-1: config 0 has no interface number 0 [ 357.535217][ T807] usb 2-1: config 0 interface 8 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 357.584260][ T807] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 357.612524][ T807] usb 2-1: New USB device strings: Mfr=0, Product=128, SerialNumber=0 [ 357.641581][ T807] usb 2-1: Product: syz [ 357.678013][ T807] usb 2-1: config 0 descriptor?? [ 357.773232][ T807] iowarrior 2-1:0.8: IOWarrior product=0x1512, serial= interface=8 now attached to iowarrior0 [ 357.983605][ T807] usb 2-1: USB disconnect, device number 2 [ 358.073363][ T8156] syz.2.927 uses obsolete (PF_INET,SOCK_PACKET) [ 358.363393][ T8159] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 358.583585][ T8159] kvm: pic: non byte read [ 358.633903][ T8159] kvm: pic: level sensitive irq not supported [ 358.634248][ T8159] kvm: pic: non byte read [ 358.733898][ T8159] kvm: pic: level sensitive irq not supported [ 358.734235][ T8159] kvm: pic: non byte read [ 359.317207][ T8168] raw_sendmsg: syz.4.930 forgot to set AF_INET. Fix it! [ 359.531292][ T7930] veth0_vlan: entered promiscuous mode [ 359.687701][ T7930] veth1_vlan: entered promiscuous mode [ 360.028152][ T7930] veth0_macvtap: entered promiscuous mode [ 360.124212][ T7930] veth1_macvtap: entered promiscuous mode [ 360.292018][ T8180] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 360.572200][ T7930] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 360.710876][ T7930] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 360.886103][ T3313] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 360.920709][ T3313] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 360.936895][ T8190] netlink: 'syz.3.938': attribute type 16 has an invalid length. [ 360.968099][ T3313] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 360.980529][ T8190] netlink: 8 bytes leftover after parsing attributes in process `syz.3.938'. [ 361.007938][ T3313] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 361.097451][ T8190] 8021q: adding VLAN 0 to HW filter on device bond0 [ 361.853810][ T8203] tipc: Started in network mode [ 361.881267][ T8203] tipc: Node identity , cluster identity 4711 [ 361.907249][ T8203] tipc: Failed to set node id, please configure manually [ 361.940827][ T8203] tipc: Enabling of bearer rejected, failed to enable media [ 362.082387][ T8208] capability: warning: `syz.4.943' uses deprecated v2 capabilities in a way that may be insecure [ 362.212740][ T8208] overlayfs: failed to clone upperpath [ 362.839551][ T5676] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 363.030249][ T5676] usb 4-1: Using ep0 maxpacket: 8 [ 363.067966][ T5676] usb 4-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 363.121800][ T5676] usb 4-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0 [ 363.158317][ T5676] usb 4-1: config 0 interface 0 has no altsetting 0 [ 363.190517][ T5676] usb 4-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 363.243058][ T5676] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 363.323423][ T5676] usb 4-1: config 0 descriptor?? [ 363.842836][ T5676] mcp2221 0003:04D8:00DD.0001: unknown main item tag 0x0 [ 363.871976][ T5676] mcp2221 0003:04D8:00DD.0001: unknown main item tag 0x0 [ 363.893098][ T5676] mcp2221 0003:04D8:00DD.0001: unknown main item tag 0x0 [ 363.921196][ T5676] mcp2221 0003:04D8:00DD.0001: unknown main item tag 0x0 [ 363.948464][ T5676] mcp2221 0003:04D8:00DD.0001: unknown main item tag 0x0 [ 363.986795][ T5676] mcp2221 0003:04D8:00DD.0001: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.3-1/input0 [ 364.240413][ T5676] usb 4-1: USB disconnect, device number 2 [ 366.107466][ T5586] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 366.116261][ T5586] Bluetooth: hci2: Injecting HCI hardware error event [ 366.123901][ T5586] Bluetooth: hci2: hardware error 0x00 [ 367.466411][ T54] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 367.518782][ T54] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 367.780594][ T54] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 367.845106][ T54] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 368.149178][ T8296] netlink: 'syz.4.969': attribute type 3 has an invalid length. [ 368.262688][ T5586] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 368.515834][ T8302] overlayfs: failed to clone upperpath [ 369.052455][ T8307] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 369.083666][ T8307] block device autoloading is deprecated and will be removed. [ 371.195842][ T8343] Bluetooth: MGMT ver 1.23 [ 371.868202][ T807] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 372.060484][ T807] usb 6-1: Using ep0 maxpacket: 8 [ 372.109715][ T807] usb 6-1: config index 0 descriptor too short (expected 301, got 45) [ 372.137915][ T807] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 372.170746][ T807] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 372.212659][ T807] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 372.265775][ T807] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 372.323363][ T807] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 372.360921][ T807] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 372.693409][ T807] usb 6-1: usb_control_msg returned -32 [ 372.723118][ T807] usbtmc 6-1:16.0: can't read capabilities [ 373.277812][ T5670] IPVS: starting estimator thread 0... [ 373.409770][ T8370] IPVS: using max 240 ests per chain, 12000 per kthread [ 373.968131][ T8379] netlink: 36 bytes leftover after parsing attributes in process `syz.2.995'. [ 374.916991][ T5670] usb 6-1: USB disconnect, device number 2 [ 376.455531][ T8407] 8021q: adding VLAN 0 to HW filter on device ipvlan2 [ 377.363000][ T8421] vxcan0: tx address claim with dlc 0 [ 377.461019][ T9] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 377.634093][ T9] usb 3-1: Using ep0 maxpacket: 8 [ 377.670025][ T9] usb 3-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 377.689723][ T807] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 377.706107][ T9] usb 3-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0 [ 377.759883][ T9] usb 3-1: config 0 interface 0 has no altsetting 0 [ 377.794245][ T9] usb 3-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 377.837868][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 377.860380][ T8429] netlink: 'syz.5.1016': attribute type 16 has an invalid length. [ 377.887284][ T8429] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1016'. [ 377.888160][ T9] usb 3-1: config 0 descriptor?? [ 377.917101][ T807] usb 2-1: Using ep0 maxpacket: 8 [ 377.957438][ T807] usb 2-1: config index 0 descriptor too short (expected 5924, got 36) [ 377.998027][ T807] usb 2-1: config 250 has an invalid interface number: 228 but max is -1 [ 378.034635][ T807] usb 2-1: config 250 has 1 interface, different from the descriptor's value: 0 [ 378.085260][ T807] usb 2-1: config 250 has no interface number 0 [ 378.115764][ T807] usb 2-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17 [ 378.168050][ T807] usb 2-1: config 250 interface 228 has no altsetting 0 [ 378.198969][ T807] usb 2-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07 [ 378.220399][ T807] usb 2-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59 [ 378.250704][ T807] usb 2-1: Product: syz [ 378.262958][ T807] usb 2-1: SerialNumber: syz [ 378.351299][ T807] hub 2-1:250.228: bad descriptor, ignoring hub [ 378.386439][ T807] hub 2-1:250.228: probe with driver hub failed with error -5 [ 378.410799][ T29] audit: type=1800 audit(1777615101.158:124): pid=8435 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1018" name="nullb0" dev="tmpfs" ino=1225 res=0 errno=0 [ 378.477486][ T9] mcp2221 0003:04D8:00DD.0002: unknown main item tag 0x0 [ 378.505882][ T9] mcp2221 0003:04D8:00DD.0002: unknown main item tag 0x0 [ 378.514069][ T9] mcp2221 0003:04D8:00DD.0002: unknown main item tag 0x0 [ 378.531722][ T9] mcp2221 0003:04D8:00DD.0002: unknown main item tag 0x0 [ 378.550151][ T9] mcp2221 0003:04D8:00DD.0002: unknown main item tag 0x0 [ 378.573565][ T807] usblp 2-1:250.228: usblp0: USB Bidirectional printer dev 3 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292 [ 378.630373][ T9] mcp2221 0003:04D8:00DD.0002: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.2-1/input0 [ 378.870535][ T9] usb 3-1: USB disconnect, device number 2 [ 379.408923][ T5670] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 379.607989][ T8425] usb 2-1: reset high-speed USB device number 3 using dummy_hcd [ 379.620653][ T5670] usb 4-1: config index 0 descriptor too short (expected 45, got 36) [ 379.648556][ T5670] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 379.682415][ T5670] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 379.710403][ T5670] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 379.747404][ T5670] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 379.759225][ T5670] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 379.794150][ T5670] usb 4-1: config 0 descriptor?? [ 380.149855][ C0] usblp0: nonzero read bulk status received: -71 [ 380.392686][ T5675] usb 2-1: USB disconnect, device number 3 [ 380.414164][ T5670] plantronics 0003:047F:FFFF.0003: reserved main item tag 0xd [ 380.487147][ T5675] usblp0: removed [ 380.622359][ T5670] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 380.693436][ T5670] usb 4-1: USB disconnect, device number 3 [ 381.428239][ T8463] netlink: 'syz.4.1029': attribute type 16 has an invalid length. [ 381.463084][ T8457] fido_id[8457]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory [ 381.484524][ T8463] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1029'. [ 381.564544][ T8465] program syz.1.1030 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 382.439182][ T8476] faux_driver vkms: [drm] Unknown color mode 6; guessing buffer size. [ 383.638270][ T807] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 383.832612][ T807] usb 6-1: Using ep0 maxpacket: 32 [ 383.870400][ T807] usb 6-1: config 155 has an invalid descriptor of length 0, skipping remainder of the config [ 383.897397][ T807] usb 6-1: config 155 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82 [ 383.926186][ T807] usb 6-1: config 155 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 383.965162][ T807] usb 6-1: config 155 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 11 [ 384.012645][ T5676] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 384.028087][ T807] usb 6-1: New USB device found, idVendor=15c2, idProduct=ffdc, bcdDevice=bd.30 [ 384.042208][ T807] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 384.052056][ T807] usb 6-1: Product: syz [ 384.057237][ T807] usb 6-1: Manufacturer: syz [ 384.062275][ T807] usb 6-1: SerialNumber: syz [ 384.136261][ C1] imon 6-1:155.0: imon usb_rx_callback_intf0: status(-71) [ 384.154899][ T807] input: iMON Panel, Knob and Mouse(15c2:ffdc) as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:155.0/input/input6 [ 384.201416][ T5676] usb 2-1: Using ep0 maxpacket: 8 [ 384.227506][ T5676] usb 2-1: config 179 has an invalid interface number: 65 but max is 0 [ 384.262059][ T5676] usb 2-1: config 179 has no interface number 0 [ 384.290628][ T5676] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 384.329049][ T5676] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 384.367279][ T5676] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 384.398782][ T807] imon 6-1:155.0: Unknown 0xffdc device, defaulting to VFD and iMON IR [ 384.408130][ T5676] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 384.426234][ T807] (id 0x00) [ 384.442627][ T5676] usb 2-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 384.459918][ T8499] loop2: detected capacity change from 0 to 1024 [ 384.484543][ T5676] usb 2-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 384.531764][ T5676] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 384.605687][ T8499] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 384.672652][ T8493] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 385.113489][ T807] rc_core: IR keymap rc-imon-pad not found [ 385.126993][ T807] Registered IR keymap rc-empty [ 385.167440][ T807] imon 6-1:155.0: Looks like you're trying to use an IR protocol this device does not support [ 385.249922][ T5676] usb 2-1: USB disconnect, device number 4 [ 385.256111][ C1] xpad 2-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 385.256319][ C1] xpad 2-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 385.284282][ T807] imon 6-1:155.0: Unsupported IR protocol specified, overriding to iMON IR protocol [ 385.315063][ T807] imon:send_packet: packet tx failed (-71) [ 385.343690][ T807] imon 6-1:155.0: remote input dev register failed [ 385.368092][ T5582] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 385.397512][ T807] imon 6-1:155.0: imon_init_intf0: rc device setup failed [ 385.458722][ T807] imon 6-1:155.0: unable to initialize intf0, err 0 [ 385.484345][ T807] imon:imon_probe: failed to initialize context! [ 385.531984][ T807] imon 6-1:155.0: unable to register, err -19 [ 385.580109][ T807] usb 6-1: USB disconnect, device number 3 [ 386.606621][ T29] audit: type=1326 audit(1777615108.822:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8512 comm="syz.2.1051" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf701f00c code=0x0 [ 387.250127][ T5675] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 387.453207][ T5675] usb 4-1: Using ep0 maxpacket: 8 [ 387.520489][ T5675] usb 4-1: config index 0 descriptor too short (expected 74, got 45) [ 387.550604][ T5675] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024 [ 387.587681][ T5675] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 387.610791][ T5675] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 65535, setting to 1024 [ 387.681269][ T5675] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 387.743413][ T5675] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 387.767557][ T8529] netlink: 'syz.1.1056': attribute type 21 has an invalid length. [ 387.777582][ T5675] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 387.824727][ T5675] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 388.125866][ T5675] usb 4-1: GET_CAPABILITIES returned f8 [ 388.151417][ T5675] usbtmc 4-1:16.0: can't read capabilities [ 388.399362][ T5675] usb 4-1: USB disconnect, device number 4 [ 388.500564][ T807] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 388.722327][ T807] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 388.747549][ T807] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 388.776753][ T807] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 388.801643][ T807] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 388.858602][ T8534] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22 [ 388.915087][ T807] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 389.010777][ T1309] ieee802154 phy0 wpan0: encryption failed: -22 [ 389.022029][ T1309] ieee802154 phy1 wpan1: encryption failed: -22 [ 389.664040][ T807] usb 6-1: USB disconnect, device number 4 [ 390.889156][ T8558] netlink: 'syz.2.1070': attribute type 1 has an invalid length. [ 391.092416][ T8560] syzkaller0: entered promiscuous mode [ 392.216272][ T8572] fuse: fd is not a fuse device [ 393.568971][ T8584] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1082'. [ 394.771539][ T8594] PF_CAN: dropped non conform CAN XL skbuff: dev type 280, len 40 [ 397.054316][ T8628] loop1: detected capacity change from 0 to 256 [ 398.898242][ T8651] overlayfs: failed to clone upperpath [ 399.335137][ T8657] netlink: 'syz.5.1112': attribute type 3 has an invalid length. [ 399.345576][ T8657] netlink: 'syz.5.1112': attribute type 3 has an invalid length. [ 400.213144][ T5676] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 400.406702][ T5676] usb 6-1: Using ep0 maxpacket: 16 [ 400.436328][ T5676] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 400.489889][ T5676] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 400.532790][ T5676] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 400.600311][ T5676] usb 6-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00 [ 400.622228][ T5676] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 400.666601][ T5676] usb 6-1: config 0 descriptor?? [ 400.908684][ T8678] loop1: detected capacity change from 0 to 2048 [ 401.044338][ T8678] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 401.114283][ T8678] ext4 filesystem being mounted at /238/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 401.182814][ T5676] appleir 0003:05AC:8241.0004: item fetching failed at offset 3/5 [ 401.199462][ T5676] appleir 0003:05AC:8241.0004: parse failed [ 401.206905][ T5676] appleir 0003:05AC:8241.0004: probe with driver appleir failed with error -22 [ 401.412382][ T5676] usb 6-1: USB disconnect, device number 5 [ 401.745739][ T5591] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 402.073032][ T29] audit: type=1326 audit(1777615123.308:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8695 comm="syz.2.1129" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701f00c code=0x7ffc0000 [ 402.184062][ T29] audit: type=1326 audit(1777615123.346:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8695 comm="syz.2.1129" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701f00c code=0x7ffc0000 [ 402.289291][ T29] audit: type=1326 audit(1777615123.364:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8695 comm="syz.2.1129" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=245 compat=1 ip=0xf701f00c code=0x7ffc0000 [ 402.399060][ T29] audit: type=1326 audit(1777615123.364:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8695 comm="syz.2.1129" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701f00c code=0x7ffc0000 [ 402.536641][ T29] audit: type=1326 audit(1777615123.374:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8695 comm="syz.2.1129" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=385 compat=1 ip=0xf701f00c code=0x7ffc0000 [ 402.631398][ T29] audit: type=1326 audit(1777615123.449:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8695 comm="syz.2.1129" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701f00c code=0x7ffc0000 [ 402.759914][ T29] audit: type=1326 audit(1777615123.449:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8695 comm="syz.2.1129" exe="/root/ci-upstream-kmsan-gce-386-root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701f00c code=0x7ffc0000 [ 403.596828][ T8713] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1135'. [ 404.508880][ T5676] usb 6-1: new full-speed USB device number 6 using dummy_hcd [ 404.553024][ T8721] loop2: detected capacity change from 0 to 4096 [ 404.648873][ T8721] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 404.714653][ T5676] usb 6-1: unable to get BOS descriptor or descriptor too short [ 404.729714][ T5676] usb 6-1: not running at top speed; connect to a high speed hub [ 404.750343][ T5676] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 404.764417][ T5676] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 147, changing to 4 [ 404.782443][ T5676] usb 6-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 404.822241][ T5676] usb 6-1: string descriptor 0 read error: -22 [ 404.841901][ T5676] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 404.843857][ T29] audit: type=1800 audit(1777615125.891:133): pid=8721 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1137" name="file0" dev="loop2" ino=13 res=0 errno=0 [ 404.952415][ T5676] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 405.743658][ T5582] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 405.837224][ T5676] usb 6-1: USB disconnect, device number 6 [ 406.751545][ T8741] netlink: 64 bytes leftover after parsing attributes in process `syz.5.1145'. [ 406.799454][ T8741] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1145'. [ 407.562725][ T8752] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1150'. [ 408.970056][ T8768] loop2: detected capacity change from 0 to 256 [ 409.148959][ T8768] support for the xor transformation has been removed. [ 410.045707][ T8777] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 410.260084][ T5675] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 410.451382][ T5675] usb 6-1: Using ep0 maxpacket: 8 [ 410.473425][ T5675] usb 6-1: config 0 interface 0 altsetting 3 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 410.511472][ T5675] usb 6-1: config 0 interface 0 has no altsetting 0 [ 410.526478][ T5675] usb 6-1: New USB device found, idVendor=048d, idProduct=8595, bcdDevice= 0.00 [ 410.537165][ T5675] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 410.595935][ T5675] usb 6-1: config 0 descriptor?? [ 411.169048][ T5675] itetech 0003:048D:8595.0005: unknown main item tag 0x2 [ 411.223630][ T5675] itetech 0003:048D:8595.0005: unknown main item tag 0x6 [ 411.250073][ T5675] itetech 0003:048D:8595.0005: ignoring exceeding usage max [ 411.343199][ T5675] itetech 0003:048D:8595.0005: unknown main item tag 0x2 [ 411.424870][ T5675] itetech 0003:048D:8595.0005: hidraw0: USB HID v0.08 Device [HID 048d:8595] on usb-dummy_hcd.5-1/input0 [ 412.602055][ T8808] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 413.149810][ T5203] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 413.249548][ T5676] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 413.371487][ T5203] usb 3-1: config 63 has an invalid interface number: 66 but max is 0 [ 413.419386][ T5203] usb 3-1: config 63 has an invalid descriptor of length 0, skipping remainder of the config [ 413.442087][ T807] usb 6-1: USB disconnect, device number 7 [ 413.458050][ T8820] loop1: detected capacity change from 0 to 512 [ 413.470090][ T5203] usb 3-1: config 63 has no interface number 0 [ 413.476689][ T5676] usb 4-1: Using ep0 maxpacket: 8 [ 413.485230][ T8820] EXT4-fs: quotafile must be on filesystem root [ 413.515213][ T5203] usb 3-1: config 63 interface 66 has no altsetting 0 [ 413.534638][ T5676] usb 4-1: unable to get BOS descriptor or descriptor too short [ 413.568640][ T5676] usb 4-1: config 0 has an invalid interface number: 88 but max is 0 [ 413.594941][ T5203] usb 3-1: New USB device found, idVendor=174f, idProduct=8acf, bcdDevice=39.f4 [ 413.619316][ T5676] usb 4-1: config 0 has no interface number 0 [ 413.636880][ T5203] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 413.660576][ T5676] usb 4-1: config 0 interface 88 altsetting 8 endpoint 0x86 has an invalid bInterval 0, changing to 7 [ 413.700646][ T5203] usb 3-1: Product: syz [ 413.725524][ T5203] usb 3-1: Manufacturer: syz [ 413.735234][ T5676] usb 4-1: config 0 interface 88 has no altsetting 0 [ 413.760198][ T5203] usb 3-1: SerialNumber: syz [ 413.793702][ T5676] usb 4-1: string descriptor 0 read error: -22 [ 413.824913][ T5676] usb 4-1: New USB device found, idVendor=0460, idProduct=0004, bcdDevice=96.31 [ 413.865638][ T5676] usb 4-1: New USB device strings: Mfr=1, Product=84, SerialNumber=3 [ 413.921863][ T5676] usb 4-1: config 0 descriptor?? [ 413.999682][ T5676] input: USB Acecad Flair Tablet 0460:0004 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.88/input/input8 [ 414.146280][ T5203] uvcvideo 3-1:63.66: Found UVC 0.07 device syz (174f:8acf) [ 414.191124][ T5203] uvcvideo 3-1:63.66: No valid video chain found. [ 414.232676][ T5203] usb 3-1: USB disconnect, device number 3 [ 414.287217][ T5675] usb 4-1: USB disconnect, device number 5 [ 414.517961][ T5877] udevd[5877]: Error opening device "/dev/input/event4": No such file or directory [ 414.549778][ T5877] udevd[5877]: Unable to EVIOCGABS device "/dev/input/event4" [ 414.569255][ T5877] udevd[5877]: Unable to EVIOCGABS device "/dev/input/event4" [ 417.059558][ T8855] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1197'. [ 417.063056][ T8854] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1198'. [ 420.581416][ T5203] usb 4-1: new full-speed USB device number 6 using dummy_hcd [ 420.813335][ T5203] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 420.853513][ T5203] usb 4-1: config 0 has no interfaces? [ 420.853887][ T8900] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1216'. [ 420.894017][ T5203] usb 4-1: New USB device found, idVendor=0925, idProduct=8066, bcdDevice= 0.00 [ 420.932526][ T5203] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 420.992426][ T5203] usb 4-1: config 0 descriptor?? [ 421.361750][ T5675] usb 4-1: USB disconnect, device number 6 [ 423.748374][ T8929] netlink: 'syz.4.1227': attribute type 16 has an invalid length. [ 423.793309][ T8929] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1227'. [ 424.392989][ T8939] loop2: detected capacity change from 0 to 512 [ 424.498514][ T8939] EXT4-fs error (device loop2): ext4_orphan_get:1397: inode #15: comm syz.2.1230: inode has both inline data and extents flags [ 424.590787][ T8939] loop2: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 424.595392][ T8939] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz.2.1230: couldn't read orphan inode 15 (err -117) [ 424.605008][ C0] EXT4-fs (loop2): error count since last fsck: 1 [ 424.605096][ C0] EXT4-fs (loop2): initial error at time 1777615144: ext4_orphan_get:1397: inode 15 [ 424.605254][ C0] EXT4-fs (loop2): last error at time 1777615144: ext4_orphan_get:1397: inode 15 [ 424.748365][ T8939] loop2: lost filesystem error report for type 5 error -117 [ 424.766262][ T8939] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 425.007938][ T8939] EXT4-fs warning (device loop2): ext4_block_to_path:107: block 1769366884 > max in inode 18 [ 425.332405][ T5582] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 425.486052][ T9] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 425.706793][ T9] usb 4-1: config index 0 descriptor too short (expected 65088, got 120) [ 425.742139][ T9] usb 4-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 425.746733][ T8955] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1236'. [ 425.802887][ T9] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 425.843056][ T9] usb 4-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 425.888650][ T9] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 425.922844][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 425.946330][ T9] usb 4-1: Product: syz [ 425.956562][ T9] usb 4-1: Manufacturer: syz [ 425.967535][ T9] usb 4-1: SerialNumber: syz [ 426.015274][ T9] cdc_ncm 4-1:1.0: CDC Union missing and no IAD found [ 426.050352][ T9] cdc_ncm 4-1:1.0: bind() failure [ 426.240169][ T9] usb 4-1: USB disconnect, device number 7 [ 427.471480][ T8976] netlink: 'syz.3.1242': attribute type 16 has an invalid length. [ 427.519253][ T8976] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1242'. [ 428.285992][ T5203] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 428.370553][ T5203] hid-generic 0000:0000:0000.0006: hidraw0: HID v0.00 Device [syz1] on syz0 [ 430.667799][ T9012] loop1: detected capacity change from 0 to 4096 [ 430.723354][ T9012] EXT4-fs: Ignoring removed mblk_io_submit option [ 430.757225][ T9012] ext4: Bad value for 'stripe' [ 430.818797][ T9019] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1260'. [ 430.927464][ T9019] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1260'. [ 430.960060][ T9019] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1260'. [ 431.047743][ T9019] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1260'. [ 431.084173][ T9019] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1260'. [ 431.171364][ T9019] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1260'. [ 431.213851][ T9019] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1260'. [ 431.269488][ T9019] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1260'. [ 431.323155][ T9019] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1260'. [ 431.366457][ T9019] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1260'. [ 431.736654][ T9] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 431.928653][ T9] usb 3-1: Using ep0 maxpacket: 16 [ 431.963931][ T9] usb 3-1: config 1 has an invalid interface number: 105 but max is 0 [ 432.005267][ T9] usb 3-1: config 1 has no interface number 0 [ 432.028690][ T9] usb 3-1: config 1 interface 105 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16 [ 432.073271][ T9] usb 3-1: config 1 interface 105 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64 [ 432.115820][ T9] usb 3-1: config 1 interface 105 has no altsetting 0 [ 432.154519][ T9] usb 3-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d [ 432.191333][ T9] usb 3-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3 [ 432.239347][ T9] usb 3-1: Product: syz [ 432.267089][ T9] usb 3-1: Manufacturer: syz [ 432.285279][ T9] usb 3-1: SerialNumber: syz [ 432.338892][ T9024] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 432.396222][ T9024] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 432.907369][ T9024] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 432.945362][ T9024] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 433.201272][ T9] aqc111 3-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x20) reg index 0x0000: -71 [ 433.254141][ T9] aqc111 3-1:1.105: probe with driver aqc111 failed with error -71 [ 433.359641][ T9] usb 3-1: USB disconnect, device number 4 [ 433.580642][ T9051] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 434.505064][ T9065] loop5: detected capacity change from 0 to 512 [ 434.564924][ T9065] ext4: Unknown parameter 'noacl' [ 434.567181][ T9066] Bluetooth: hci0: invalid len left 7, exp >= 108 [ 434.859286][ T9] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 435.099223][ T9] usb 3-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00 [ 435.136565][ T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 435.189541][ T9] usb 3-1: Product: syz [ 435.213883][ T9] usb 3-1: Manufacturer: syz [ 435.228765][ T9] usb 3-1: SerialNumber: syz [ 435.539847][ T9080] support for the xor transformation has been removed. [ 435.973464][ T9] rtl8150 3-1:1.0: couldn't reset the device [ 436.007622][ T9] rtl8150 3-1:1.0: probe with driver rtl8150 failed with error -5 [ 436.101208][ T9] usb 3-1: USB disconnect, device number 5 [ 436.391479][ T9089] __nla_validate_parse: 59 callbacks suppressed [ 436.391549][ T9089] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1286'. [ 437.221225][ T9102] Bluetooth: hci0: invalid len left 7, exp >= 108 [ 437.568017][ T9108] loop2: detected capacity change from 0 to 512 [ 437.614196][ T9108] EXT4-fs: Ignoring removed nomblk_io_submit option [ 437.652916][ T9108] EXT4-fs: Ignoring removed nomblk_io_submit option [ 437.774816][ T9108] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 437.826216][ T9108] ext4 filesystem being mounted at /270/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 438.220788][ T9108] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 438.800344][ T9128] loop2: detected capacity change from 0 to 512 [ 438.830254][ T9128] ext2: Bad value for 'sb' [ 439.737823][ T9140] Bluetooth: hci0: unsupported parameter 255 [ 439.750988][ T9140] Bluetooth: hci0: unsupported parameter 255 [ 441.312056][ T9168] overlayfs: failed to clone upperpath [ 441.982938][ T13] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 442.198362][ T13] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 442.264274][ T9181] loop3: detected capacity change from 0 to 128 [ 442.360308][ T9181] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 442.443492][ T9181] ext4 filesystem being mounted at /231/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 442.458156][ T13] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 442.541438][ T9181] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1323'. [ 442.570279][ T13] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 442.743452][ T5580] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 443.073631][ T13] bridge_slave_1: left allmulticast mode [ 443.096183][ T13] bridge_slave_1: left promiscuous mode [ 443.108711][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 443.147284][ T13] bridge_slave_0: left allmulticast mode [ 443.170093][ T13] bridge_slave_0: left promiscuous mode [ 443.188956][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 443.741695][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 443.801701][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 443.831925][ T9189] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1327'. [ 443.850635][ T13] bond0 (unregistering): Released all slaves [ 444.650807][ T9200] netlink: 392 bytes leftover after parsing attributes in process `syz.3.1330'. [ 445.021992][ T48] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 445.031880][ T48] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 445.041705][ T48] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 445.071480][ T48] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 445.101762][ T48] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 445.117852][ T13] hsr_slave_0: left promiscuous mode [ 445.179254][ T13] hsr_slave_1: left promiscuous mode [ 445.187104][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 445.194756][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 445.202702][ T9210] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1332'. [ 445.215061][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 445.225291][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 445.284744][ T13] veth1_macvtap: left promiscuous mode [ 445.313419][ T13] veth0_macvtap: left promiscuous mode [ 445.356587][ T13] veth1_vlan: left promiscuous mode [ 445.379813][ T13] veth0_vlan: left promiscuous mode [ 446.581424][ T9228] loop2: detected capacity change from 0 to 256 [ 446.675201][ T9228] exFAT-fs (loop2): error, The cluster chain has a loop [ 446.701233][ T9228] exFAT-fs (loop2): Filesystem has been set read-only [ 446.724774][ T9228] exFAT-fs (loop2): failed to count the number of clusters in root [ 446.770366][ T5586] Bluetooth: hci4: adv larger than maximum supported [ 446.770460][ T5586] Bluetooth: hci4: Malformed LE Event: 0x0d [ 446.771715][ T9228] exFAT-fs (loop2): failed to recognize exfat type [ 446.904328][ T9234] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1339'. [ 447.369919][ T5586] Bluetooth: hci0: command tx timeout [ 447.407356][ T13] team0 (unregistering): Port device team_slave_1 removed [ 447.494098][ T9239] 9p: Bad value for 'wfdno' [ 447.588607][ T13] team0 (unregistering): Port device team_slave_0 removed [ 449.053234][ T5225] 8021q: adding VLAN 0 to HW filter on device eth1 [ 449.592623][ T5586] Bluetooth: hci0: command tx timeout [ 449.954872][ T9269] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1349'. [ 450.090356][ T5586] Bluetooth: hci3: adv larger than maximum supported [ 450.090452][ T5586] Bluetooth: hci3: Malformed LE Event: 0x0d [ 450.177332][ T9274] 9p: Bad value for 'wfdno' [ 451.494940][ T9] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 451.725998][ T9] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16 [ 451.801723][ T9] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 255 [ 451.815529][ T5586] Bluetooth: hci0: command tx timeout [ 451.876809][ T9] usb 2-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32 [ 451.929670][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 451.965980][ T9] usb 2-1: Product: syz [ 451.984084][ T9] usb 2-1: Manufacturer: syz [ 452.005188][ T9] usb 2-1: SerialNumber: syz [ 452.044836][ T9] usb 2-1: config 0 descriptor?? [ 452.066299][ T9291] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 452.104387][ T9291] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 452.271201][ T9305] loop2: detected capacity change from 0 to 128 [ 452.396757][ T9291] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 452.436527][ T9291] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 452.466126][ T29] audit: type=1800 audit(1777615170.454:134): pid=9305 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1345" name="bus" dev="loop2" ino=1048616 res=0 errno=0 [ 453.313566][ T9316] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1361'. [ 453.415158][ T9] dm9601 2-1:0.0 (unnamed net_device) (uninitialized): MDIO read error: -71 [ 453.467511][ T5225] 8021q: adding VLAN 0 to HW filter on device eth2 [ 453.573663][ T9] dm9601 2-1:0.0 eth5: register 'dm9601' at usb-dummy_hcd.1-1, Davicom DM96xx USB 10/100 Ethernet, b8:1e:da:87:20:78 [ 453.605924][ T9318] 9p: Bad value for 'wfdno' [ 453.641278][ T9] usb 2-1: USB disconnect, device number 5 [ 453.695607][ T9] dm9601 2-1:0.0 eth5: unregister 'dm9601' usb-dummy_hcd.1-1, Davicom DM96xx USB 10/100 Ethernet [ 453.985392][ T5586] Bluetooth: hci1: adv larger than maximum supported [ 453.987279][ T5586] Bluetooth: hci1: Malformed LE Event: 0x0d [ 454.037976][ T5586] Bluetooth: hci0: command tx timeout [ 454.653185][ T1309] ieee802154 phy0 wpan0: encryption failed: -22 [ 454.660065][ T1309] ieee802154 phy1 wpan1: encryption failed: -22 [ 454.675620][ T9208] bridge0: port 1(bridge_slave_0) entered blocking state [ 454.694681][ T9208] bridge0: port 1(bridge_slave_0) entered disabled state [ 454.715226][ T9208] bridge_slave_0: entered allmulticast mode [ 454.747370][ T9208] bridge_slave_0: entered promiscuous mode [ 454.815839][ T9208] bridge0: port 2(bridge_slave_1) entered blocking state [ 454.846291][ T9208] bridge0: port 2(bridge_slave_1) entered disabled state [ 454.884729][ T9208] bridge_slave_1: entered allmulticast mode [ 454.932273][ T9208] bridge_slave_1: entered promiscuous mode [ 455.263739][ T9208] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 455.352788][ T9208] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 455.670928][ T9208] team0: Port device team_slave_0 added [ 455.750395][ T9208] team0: Port device team_slave_1 added [ 456.060019][ T9208] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 456.089085][ T9208] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 456.164368][ T9208] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 456.207659][ T9208] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 456.216849][ T9208] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 456.279037][ T9341] loop3: detected capacity change from 0 to 2048 [ 456.319998][ T9208] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 456.993292][ T9208] hsr_slave_0: entered promiscuous mode [ 457.034257][ T9208] hsr_slave_1: entered promiscuous mode [ 457.071816][ T9208] debugfs: 'hsr0' already exists in 'hsr' [ 457.106227][ T9208] Cannot create hsr debugfs directory [ 457.904403][ T9357] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1372'. [ 458.312740][ T5225] 8021q: adding VLAN 0 to HW filter on device eth3 [ 458.785002][ T5586] Bluetooth: hci3: adv larger than maximum supported [ 458.785099][ T5586] Bluetooth: hci3: Malformed LE Event: 0x0d [ 459.011827][ T9208] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 459.099382][ T9208] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 459.138653][ T9208] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 459.187069][ T9208] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 459.217792][ T9208] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 459.292118][ T9208] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 459.315564][ T9208] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 459.405057][ T9208] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 460.579551][ T9208] 8021q: adding VLAN 0 to HW filter on device bond0 [ 460.743698][ T9208] 8021q: adding VLAN 0 to HW filter on device team0 [ 460.851655][ T167] bridge0: port 1(bridge_slave_0) entered blocking state [ 460.859203][ T167] bridge0: port 1(bridge_slave_0) entered forwarding state [ 461.021246][ T34] bridge0: port 2(bridge_slave_1) entered blocking state [ 461.028924][ T34] bridge0: port 2(bridge_slave_1) entered forwarding state [ 463.034047][ T5225] 8021q: adding VLAN 0 to HW filter on device eth4 [ 464.193474][ T9412] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1383'. [ 464.799587][ T5586] Bluetooth: hci3: adv larger than maximum supported [ 464.799686][ T5586] Bluetooth: hci3: Malformed LE Event: 0x0d [ 465.223206][ T9208] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 466.590316][ T48] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 466.604058][ T48] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 466.620834][ T48] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 466.647581][ T48] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 466.665856][ T48] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 467.591054][ T9453] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1394'. [ 467.669493][ T9208] veth0_vlan: entered promiscuous mode [ 467.817531][ T9208] veth1_vlan: entered promiscuous mode [ 468.191704][ T9208] veth0_macvtap: entered promiscuous mode [ 468.281311][ T9208] veth1_macvtap: entered promiscuous mode [ 468.348856][ T48] Bluetooth: hci3: adv larger than maximum supported [ 468.348951][ T48] Bluetooth: hci3: Malformed LE Event: 0x0d [ 468.610037][ T9208] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 468.694848][ T9208] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 468.724467][ T9465] loop1: detected capacity change from 0 to 512 [ 468.813643][ T8315] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 468.887535][ T8315] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 468.913683][ T48] Bluetooth: hci5: command tx timeout [ 468.933331][ T29] audit: type=1800 audit(1777615185.848:135): pid=9465 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1398" name="file1" dev="loop1" ino=1048617 res=0 errno=0 [ 468.934203][ T8315] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 469.237672][ T8315] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 469.611721][ T9465] syz.1.1398: attempt to access beyond end of device [ 469.611721][ T9465] loop1: rw=2049, sector=560, nr_sectors = 32 limit=512 [ 469.694327][ T9465] syz.1.1398: attempt to access beyond end of device [ 469.694327][ T9465] loop1: rw=2049, sector=624, nr_sectors = 32 limit=512 [ 469.791577][ T9465] syz.1.1398: attempt to access beyond end of device [ 469.791577][ T9465] loop1: rw=2049, sector=688, nr_sectors = 32 limit=512 [ 469.860137][ T9465] syz.1.1398: attempt to access beyond end of device [ 469.860137][ T9465] loop1: rw=2049, sector=752, nr_sectors = 32 limit=512 [ 469.925357][ T9465] syz.1.1398: attempt to access beyond end of device [ 469.925357][ T9465] loop1: rw=2049, sector=816, nr_sectors = 32 limit=512 [ 470.011324][ T9465] syz.1.1398: attempt to access beyond end of device [ 470.011324][ T9465] loop1: rw=2049, sector=880, nr_sectors = 32 limit=512 [ 470.048088][ T9465] syz.1.1398: attempt to access beyond end of device [ 470.048088][ T9465] loop1: rw=2049, sector=944, nr_sectors = 16 limit=512 [ 470.152620][ T29] audit: type=1800 audit(1777615187.008:136): pid=9468 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1398" name="file1" dev="loop1" ino=1048617 res=0 errno=0 [ 470.557181][ T9483] netlink: 'syz.3.1401': attribute type 17 has an invalid length. [ 470.587036][ T9483] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1401'. [ 471.136281][ T48] Bluetooth: hci5: command tx timeout [ 471.412842][ T9496] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1404'. [ 472.077933][ T9505] KVM: debugfs: duplicate directory 9505-6 [ 472.628588][ T48] Bluetooth: hci3: adv larger than maximum supported [ 472.628685][ T48] Bluetooth: hci3: Malformed LE Event: 0x0d [ 473.360059][ T48] Bluetooth: hci5: command tx timeout [ 474.438931][ T9437] bridge0: port 1(bridge_slave_0) entered blocking state [ 474.475841][ T9437] bridge0: port 1(bridge_slave_0) entered disabled state [ 474.505715][ T9437] bridge_slave_0: entered allmulticast mode [ 474.538859][ T9437] bridge_slave_0: entered promiscuous mode [ 474.602582][ T9437] bridge0: port 2(bridge_slave_1) entered blocking state [ 474.628706][ T9437] bridge0: port 2(bridge_slave_1) entered disabled state [ 474.654158][ T9534] netlink: 'syz.4.1412': attribute type 17 has an invalid length. [ 474.663341][ T9437] bridge_slave_1: entered allmulticast mode [ 474.692953][ T9534] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1412'. [ 474.707655][ T9437] bridge_slave_1: entered promiscuous mode [ 475.066057][ T9437] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 475.135711][ T9437] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 475.581556][ T48] Bluetooth: hci5: command tx timeout [ 475.611160][ T9437] team0: Port device team_slave_0 added [ 475.684590][ T9437] team0: Port device team_slave_1 added [ 475.767245][ T167] ===================================================== [ 475.776676][ T167] BUG: KMSAN: uninit-value in n_tty_lookahead_flow_ctrl+0x372/0x6e0 [ 475.785607][ T167] n_tty_lookahead_flow_ctrl+0x372/0x6e0 [ 475.791991][ T167] tty_port_default_lookahead_buf+0x146/0x200 [ 475.798834][ T167] flush_to_ldisc+0x808/0xe40 [ 475.804120][ T167] process_scheduled_works+0xb65/0x1e40 [ 475.810377][ T167] worker_thread+0xee4/0x1590 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 475.815693][ T167] kthread+0x53f/0x600 [ 475.820539][ T167] ret_from_fork+0x20f/0x8d0 [ 475.825728][ T167] ret_from_fork_asm+0x1a/0x30 [ 475.831320][ T167] [ 475.841324][ T167] Uninit was created at: [ 475.853239][ T167] __kmalloc_noprof+0x482/0x1660 [ 475.858714][ T167] __tty_buffer_request_room+0x3d4/0x7a0 [ 475.864987][ T167] __tty_insert_flip_string_flags+0x157/0x6e0 [ 475.876155][ T167] uart_insert_char+0x368/0x930 [ 475.883769][ T167] serial8250_read_char+0x1ba/0x670 [ 475.889580][ T167] serial8250_handle_irq_locked+0x6d4/0xa40 [ 475.896238][ T167] serial8250_handle_irq+0x189/0x710 [ 475.902332][ T167] serial8250_default_handle_irq+0x116/0x350 [ 475.909056][ T167] serial8250_interrupt+0xcb/0x3f0 [ 475.914949][ T167] __handle_irq_event_percpu+0x118/0xf30 [ 475.921265][ T167] handle_irq_event+0xe0/0x2a0 [ 475.926908][ T167] handle_edge_irq+0x2a9/0xaf0 [ 475.932315][ T167] __common_interrupt+0x9d/0x180 [ 475.938095][ T167] common_interrupt+0x94/0xb0 [ 475.943403][ T167] asm_common_interrupt+0x2b/0x40 [ 475.949301][ T167] [ 475.952183][ T167] CPU: 0 UID: 0 PID: 167 Comm: kworker/u8:6 Tainted: G W syzkaller #0 PREEMPT(full) [ 475.963963][ T167] Tainted: [W]=WARN [ 475.968411][ T167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 475.979222][ T167] Workqueue: ttyS-serial_8250 flush_to_ldisc [ 475.990108][ T167] ===================================================== [ 475.999262][ T167] Disabling lock debugging due to kernel taint [ 476.006425][ T167] Kernel panic - not syncing: kmsan.panic set ... [ 476.012943][ T167] CPU: 0 UID: 0 PID: 167 Comm: kworker/u8:6 Tainted: G B W syzkaller #0 PREEMPT(full) [ 476.024053][ T167] Tainted: [B]=BAD_PAGE, [W]=WARN [ 476.029143][ T167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 476.039295][ T167] Workqueue: ttyS-serial_8250 flush_to_ldisc [ 476.045436][ T167] Call Trace: [ 476.048780][ T167] [ 476.051774][ T167] __dump_stack+0x26/0x30 [ 476.056238][ T167] dump_stack_lvl+0x50/0x1c0 [ 476.060959][ T167] ? dump_stack+0x12/0x25 [ 476.065424][ T167] dump_stack+0x1e/0x25 [ 476.069706][ T167] vpanic+0x7b4/0x1430 [ 476.073941][ T167] panic+0x15d/0x160 [ 476.078030][ T167] kmsan_report+0x31a/0x320 [ 476.082696][ T167] ? __msan_warning+0x1b/0x30 [ 476.087523][ T167] ? n_tty_lookahead_flow_ctrl+0x372/0x6e0 [ 476.093507][ T167] ? tty_port_default_lookahead_buf+0x146/0x200 [ 476.099935][ T167] ? flush_to_ldisc+0x808/0xe40 [ 476.104934][ T167] ? process_scheduled_works+0xb65/0x1e40 [ 476.110804][ T167] ? worker_thread+0xee4/0x1590 [ 476.115790][ T167] ? kthread+0x53f/0x600 [ 476.120184][ T167] ? ret_from_fork+0x20f/0x8d0 [ 476.125073][ T167] ? ret_from_fork_asm+0x1a/0x30 [ 476.130159][ T167] ? up_read+0x6a/0xf0 [ 476.134353][ T167] ? n_tty_receive_buf_common+0x239e/0x25a0 [ 476.140422][ T167] ? kmsan_get_metadata+0xf1/0x160 [ 476.145708][ T167] ? kmsan_get_metadata+0xf1/0x160 [ 476.151007][ T167] __msan_warning+0x1b/0x30 [ 476.155653][ T167] n_tty_lookahead_flow_ctrl+0x372/0x6e0 [ 476.161462][ T167] ? kmsan_get_metadata+0xf1/0x160 [ 476.166750][ T167] ? __pfx_n_tty_lookahead_flow_ctrl+0x10/0x10 [ 476.173085][ T167] tty_port_default_lookahead_buf+0x146/0x200 [ 476.179331][ T167] flush_to_ldisc+0x808/0xe40 [ 476.184165][ T167] ? __pfx_tty_port_default_lookahead_buf+0x10/0x10 [ 476.190924][ T167] ? __pfx_flush_to_ldisc+0x10/0x10 [ 476.196273][ T167] process_scheduled_works+0xb65/0x1e40 [ 476.202032][ T167] worker_thread+0xee4/0x1590 [ 476.206896][ T167] kthread+0x53f/0x600 [ 476.211134][ T167] ? __pfx_worker_thread+0x10/0x10 [ 476.216414][ T167] ? __pfx_kthread+0x10/0x10 [ 476.221158][ T167] ret_from_fork+0x20f/0x8d0 [ 476.225889][ T167] ? __switch_to+0x573/0x7a0 [ 476.230643][ T167] ? __pfx_kthread+0x10/0x10 [ 476.235396][ T167] ret_from_fork_asm+0x1a/0x30 [ 476.240338][ T167] [ 476.243777][ T167] Kernel Offset: disabled [ 476.248140][ T167] Rebooting in 86400 seconds..