last executing test programs: 15m23.198276885s ago: executing program 0 (id=68): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000003c0)={'wlan0\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000440)={0x48, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_FRAME={0x22, 0x33, @action={{{}, {}, @device_a, @device_a, @from_mac=@broadcast, {0x0, 0xff}}, @ext_ch_sw={0x4, 0x4, {{0x0, 0x0, 0x2}, @void}}}}, @NL80211_ATTR_CSA_C_OFFSETS_TX={0x6, 0xcd, [0xe00]}]}, 0x48}, 0x1, 0x0, 0x0, 0xc0}, 0x0) 15m23.138860406s ago: executing program 0 (id=70): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)) syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x822b01) pipe2$9p(&(0x7f00000000c0), 0x4080) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue1\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000140)={0x16f, @tick=0x7}) 15m23.020977627s ago: executing program 0 (id=71): move_pages(0x0, 0x20a0, &(0x7f0000000040), &(0x7f0000001180), &(0x7f0000000000), 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}) write$tun(r0, &(0x7f00000002c0)=ANY=[@ANYBLOB="000086dd03000a0000008d0000006809c2b4006806ff00000000000000000000000000000000ff020000000000000000000000000001"], 0x9e) 15m22.842627239s ago: executing program 0 (id=72): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$TCFLSH(r1, 0x400455c8, 0x2) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000140)=0xffffffc0) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000180)=0xdb) ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000001c0)=0xd) 15m22.76886723s ago: executing program 0 (id=73): mkdir(&(0x7f0000000080)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') mkdir(&(0x7f0000000440)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000800), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x100, 0x0) r2 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r1, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29, r2}, './file0\x00'}) 15m22.694947941s ago: executing program 0 (id=74): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text32={0x20, 0x0}], 0x1, 0x50, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000280)="f779003ebaa0c14e004e00b92c08000066baf80cb8fc97388fef66bafc0cedba000000000f3066ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c81d900000095956666440f38826b410f7842280f07f080133b0f01d9c4033921820f47a753fd", 0x62}], 0x1, 0x43, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 15m14.437572835s ago: executing program 32 (id=12): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000180)={0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="01000000000000005300000000000000440f20c0350e000000440f22c0410f32"], 0x53}) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x7, 0xfffffffffffffffe, 0x3e, 0x0, 0x7, 0x2000000000044, 0x2000, 0x8000000000000, 0x5, 0x0, 0x9, 0x0, 0x0, 0x7, 0x1], 0x6000, 0x3c2a10}) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="0100000022000000a5040000a735983f595189b347"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 15m7.112289277s ago: executing program 33 (id=74): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text32={0x20, 0x0}], 0x1, 0x50, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000280)="f779003ebaa0c14e004e00b92c08000066baf80cb8fc97388fef66bafc0cedba000000000f3066ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c81d900000095956666440f38826b410f7842280f07f080133b0f01d9c4033921820f47a753fd", 0x62}], 0x1, 0x43, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14m8.313653863s ago: executing program 1 (id=203): socket$nl_xfrm(0x10, 0x3, 0x6) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec8500000075000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) gettid() timer_create(0x0, 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x8840) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) fcntl$getownex(r3, 0x10, &(0x7f0000000180)) sendto$inet6(r4, 0x0, 0x0, 0x20000841, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @empty}, 0x1c) add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, 0x0, 0x0, 0xffffffffffffffff) add_key$fscrypt_v1(0x0, &(0x7f0000000440)={'fscrypt:', @desc3}, 0x0, 0x0, 0xfffffffffffffffe) write$cgroup_int(0xffffffffffffffff, &(0x7f0000000040)=0x1c9, 0x12) r5 = dup(r0) sendmsg(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000200)="2a5a02ccaa04e90532c795e7fecf1174559bafb8dc5fc19d43586dabdafa4736372358291992cfae5507ffc8830a6ce34648c2", 0x33}], 0x1}, 0x20004800) 14m7.182867166s ago: executing program 1 (id=204): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r3, 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}, 0x7ff}], 0x1, 0x40000040, 0x0) r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000003000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095000000000000"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x2d) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_netfilter(0x10, 0x3, 0xc) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x1e, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x2, 0x1, 0x23}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x2, 0xc, 0x0, 0x0, 0xc1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b000000070000000100010008"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0) 14m6.142959808s ago: executing program 1 (id=206): openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1802, 0x0) r0 = socket$inet6(0xa, 0x800000000000002, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe4000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, &(0x7f00000000c0)="3b76210fb6150f209e44647522663503000000440f22c00fa2660fc7b2d42af30fa7d0440f20c066350d000000440f22c06767f2caab12bad004ec", 0x3b}], 0x1, 0x40, 0x0, 0x0) ioctl$KVM_RUN(r1, 0xae80, 0x0) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000040)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(0xffffffffffffffff, 0x0, 0x0) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sched_switch\x00', r6}, 0x10) syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, 0x0, &(0x7f0000000300)='GPL\x00', 0x2000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) mount$9p_fd(0x0, 0x0, 0x0, 0x800, 0x0) sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x36, 0x0, 0x0, 0x20000000}, 0xa}], 0x400000000000172, 0x0) 14m4.833397962s ago: executing program 1 (id=209): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r3, 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}, 0x7ff}], 0x1, 0x40000040, 0x0) r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000003000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095000000000000"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x2d) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_netfilter(0x10, 0x3, 0xc) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x1e, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x2, 0x1, 0x23}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80) bpf$PROG_LOAD(0x5, &(0x7f00000016c0)={0x2, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0) 14m1.167062944s ago: executing program 1 (id=217): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000002c0)="2e00000010008188040f80ec59acbc0413010048100000", 0x17}], 0x1}, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x12, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x90) r1 = socket$nl_route(0x10, 0x3, 0x0) socket(0x1, 0x803, 0x0) socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=@newlink={0x4c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x300}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @vlan={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}]}}}, @IFLA_LINK={0x8}, @IFLA_MASTER={0x8}]}, 0x4c}}, 0x0) r2 = socket$inet(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket(0x10, 0x803, 0x0) bind$netlink(r5, &(0x7f0000000100)={0x10, 0x0, 0x25dfdbfd, 0x400}, 0xc) getsockname$packet(r5, &(0x7f0000000600)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r4, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=@newlink={0x3c, 0x10, 0x40d, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, r6, 0x40004}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_MODE={0x5, 0x1, 0x4}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40040}, 0x0) r7 = socket$nl_route(0x10, 0x3, 0x0) r8 = socket(0x1, 0x803, 0x0) getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001400)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r3}, @IFLA_MASTER={0x8, 0xa, r9}]}, 0x44}}, 0x0) 13m59.541873433s ago: executing program 1 (id=221): socket$nl_xfrm(0x10, 0x3, 0x6) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5) r0 = socket$inet6(0xa, 0x2, 0x3a) r1 = dup(r0) bind$unix(r1, 0x0, 0x0) connect$unix(r1, &(0x7f00000043c0)=@abs={0x0, 0x0, 0x4e22}, 0x6e) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0) getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000a40)={0x0, @empty, @local}, &(0x7f0000000a80)=0xc) r6 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}}, 0x0, 0x1a}, 0x28) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000045b70457200"/24], &(0x7f0000000080)='GPL\x00', 0x5, 0x1f6, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @sock_ops, r6, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x1}, 0x6d) bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000040), 0x4) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000980)={0x6, 0x2, &(0x7f0000000800)=@raw=[@map_fd={0x18, 0x3, 0x1, 0x0, r1}], &(0x7f00000008c0)='syzkaller\x00', 0x9, 0x0, 0x0, 0x41100, 0x2, '\x00', 0x0, 0x25, r6, 0x8, &(0x7f0000000900)={0x8, 0x5}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000940)=[{0x1, 0x1, 0xf, 0x2}, {0x0, 0x5, 0x9, 0x4}], 0x10, 0x8}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0x18, &(0x7f0000000740)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffff9}, @tail_call={{0x18, 0x2, 0x1, 0x0, r1}}, @initr0={0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x4}, @alu={0x7, 0x1, 0xc, 0x8, 0xa, 0x18, 0x10}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000180)='syzkaller\x00', 0x200, 0x0, 0x0, 0x41000, 0x0, '\x00', r5, @fallback=0x14, r1, 0x8, &(0x7f0000000ac0)={0x0, 0x5}, 0x8, 0x10, &(0x7f0000000b00)={0x2, 0xd, 0x7, 0x2}, 0x10, 0x0, r1, 0x1, 0x0, &(0x7f0000000b40)=[{0x2, 0x2, 0xb, 0x3}], 0x10, 0xc}, 0x94) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x10) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000840)={[{@bh}, {@nolazytime}, {@noblock_validity}, {@barrier}, {@grpjquota}, {@noquota}, {@auto_da_alloc}, {@noload}, {@nodiscard}]}, 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV") 13m43.946713199s ago: executing program 34 (id=221): socket$nl_xfrm(0x10, 0x3, 0x6) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5) r0 = socket$inet6(0xa, 0x2, 0x3a) r1 = dup(r0) bind$unix(r1, 0x0, 0x0) connect$unix(r1, &(0x7f00000043c0)=@abs={0x0, 0x0, 0x4e22}, 0x6e) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0) getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000a40)={0x0, @empty, @local}, &(0x7f0000000a80)=0xc) r6 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}}, 0x0, 0x1a}, 0x28) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000045b70457200"/24], &(0x7f0000000080)='GPL\x00', 0x5, 0x1f6, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @sock_ops, r6, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x1}, 0x6d) bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000040), 0x4) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000980)={0x6, 0x2, &(0x7f0000000800)=@raw=[@map_fd={0x18, 0x3, 0x1, 0x0, r1}], &(0x7f00000008c0)='syzkaller\x00', 0x9, 0x0, 0x0, 0x41100, 0x2, '\x00', 0x0, 0x25, r6, 0x8, &(0x7f0000000900)={0x8, 0x5}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000940)=[{0x1, 0x1, 0xf, 0x2}, {0x0, 0x5, 0x9, 0x4}], 0x10, 0x8}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0x18, &(0x7f0000000740)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffff9}, @tail_call={{0x18, 0x2, 0x1, 0x0, r1}}, @initr0={0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x4}, @alu={0x7, 0x1, 0xc, 0x8, 0xa, 0x18, 0x10}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000180)='syzkaller\x00', 0x200, 0x0, 0x0, 0x41000, 0x0, '\x00', r5, @fallback=0x14, r1, 0x8, &(0x7f0000000ac0)={0x0, 0x5}, 0x8, 0x10, &(0x7f0000000b00)={0x2, 0xd, 0x7, 0x2}, 0x10, 0x0, r1, 0x1, 0x0, &(0x7f0000000b40)=[{0x2, 0x2, 0xb, 0x3}], 0x10, 0xc}, 0x94) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x10) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000840)={[{@bh}, {@nolazytime}, {@noblock_validity}, {@barrier}, {@grpjquota}, {@noquota}, {@auto_da_alloc}, {@noload}, {@nodiscard}]}, 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV") 13m4.10895341s ago: executing program 5 (id=307): setsockopt$MRT_FLUSH(0xffffffffffffffff, 0x0, 0xd4, &(0x7f0000000000)=0xe, 0x4) r0 = socket$l2tp(0x2, 0x2, 0x73) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000240)='wlan0\x00', 0x10) bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10) connect$inet(r0, &(0x7f0000000200)={0x2, 0x0, @local}, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x4, 0x810, r1, 0xe73d9000) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f00000000c0)=ANY=[@ANYBLOB="b17300f7", @ANYRES16, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r2, @ANYBLOB="4000330000000000080211000001080211000000f80cdf283520000000000000000001002d1a00000000000000000000000000000000000000000000000000000800260007170000"], 0x64}}, 0x0) sendmmsg$inet(r0, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000280)={'wlan1\x00', 0x0}) socket(0x2a, 0x2, 0x0) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x24, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) 13m0.984356126s ago: executing program 5 (id=314): bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) pipe(&(0x7f0000000740)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=ANY=[@ANYBLOB="d80000001b0001002dbd7000fddbdf2500000000000000000000000000000000ac1e00010000000000000000000000004e2200004e23000c0a00008032000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00080009000000008000000000000000f8ffffffffffffffff010000000000000100000000000000010000000000008009000000000000000000000080150100"], 0xd8}, 0x1, 0x0, 0x0, 0x2000c0c4}, 0x8010) pipe(&(0x7f0000000000)) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="1801000001ffffeb00000000eb658e0d850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffe, 0x0, 0x20000000000000}, 0x0, &(0x7f0000000400)={0x3ff, 0x0, 0xfffffffffffffffe, 0x8000009, 0x2, 0x4c, 0x7fffffff, 0x3}, 0x0, 0x0) syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r2, &(0x7f0000000040)={0x1f, 0xffff}, 0x6) r3 = socket$inet_smc(0x2b, 0x1, 0x0) ioctl$sock_inet_tcp_SIOCINQ(r3, 0x541b, &(0x7f0000000080)) ioctl$sock_bt_hci(r1, 0x400448ca, 0x0) r4 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_ADD_VIF(r4, 0x0, 0xca, &(0x7f00000002c0)={0x1, 0x4, 0x0, 0x0, @vifc_lcl_ifindex, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$MRT_ADD_MFC_PROXY(r4, 0x0, 0xd2, &(0x7f0000000280)={@broadcast, @empty, 0x0, "ffff01e03d64a831683fdc3fd440829c82cfc400"}, 0x3c) socket$nl_route(0x10, 0x3, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x5, 0x5, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000004830000000000000fa40000007010000080020007500feff0000820095"], &(0x7f0000000100)='GPL\x00', 0x8, 0xfa, &(0x7f00000007c0)=""/250}, 0x94) syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) setsockopt$MRT_FLUSH(r4, 0x0, 0xd4, &(0x7f0000000000)=0xe, 0x4) socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x3, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000fdffffff95000000000000004ad8ce828a0223b2e5192c6dac7abefdb6c210ee02051c1db395ac04f35696d7c0a851cdb52731c147ae9e5640b594a1851e16f2c6aeb1b6025063a4ea16dbcefaf66db70bfc574e46bccb8497ce3b734ff1fbe68eb79f586c660d4df3467fd2ffde1ab7671290890831ecfba5859b85cceb9ed171b5bbaf66fe3298354adf5b3dde0851d2490737dcce02bff4166f428ca8e7deb4f0a6d4ae33e1eb056dfffca8e6f9fc"], &(0x7f0000000000)='GPL\x00', 0xd, 0xfe7, &(0x7f0000001e00)=""/4071}, 0x94) setsockopt$bt_BT_FLUSHABLE(r5, 0x112, 0x8, &(0x7f0000000300)=0x1, 0x4) writev(r5, &(0x7f0000000000)=[{&(0x7f00000000c0)='H', 0x1}], 0x1) 12m56.763867604s ago: executing program 5 (id=320): openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1802, 0x0) r0 = socket$inet6(0xa, 0x800000000000002, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe4000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, &(0x7f00000000c0)="3b76210fb6150f209e44647522663503000000440f22c00fa2660fc7b2d42af30fa7d0440f20c066350d000000440f22c06767f2caab12bad004ec", 0x3b}], 0x1, 0x40, 0x0, 0x0) ioctl$KVM_RUN(r1, 0xae80, 0x0) getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sched_switch\x00', r5}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{0x1}, 0x0, 0x0}, 0x20) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast2, 0x4}, 0x1c) 12m56.127059141s ago: executing program 5 (id=324): ppoll(&(0x7f0000001080)=[{}], 0x13, &(0x7f0000000340)={0x0, 0xff}, 0x0, 0x0) r0 = socket(0x1e, 0x2, 0x0) setsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x81, 0x0, 0x0) r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$RDMA_USER_CM_CMD_JOIN_MCAST(r1, &(0x7f00000004c0)={0x16, 0x98, 0xfa00, {0x0, 0x2, 0xffffffffffffffff, 0x1c, 0x1, @in6={0xa, 0x4e23, 0x7ff, @private1, 0xbeb}}}, 0xa0) r2 = syz_open_dev$vim2m(&(0x7f0000000040), 0x7, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000080)={0x1, @pix={0x0, 0x0, 0x35314258}}) sendmsg$tipc(r0, &(0x7f0000000200)={&(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x3, {0x42, 0x4, 0x1}}, 0x10, &(0x7f0000000080)}, 0x8811) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) brk(0x20ffc004) mbind(&(0x7f000084b000/0x3000)=nil, 0x3000, 0x1, 0x0, 0x400000000000000, 0x2) r3 = socket(0x1e, 0x5, 0x0) setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0xfffffffd, 0x0, 0xfffffffc, 0x0, 0x6}, 0x1c) listen(r3, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) unshare(0x22020600) r4 = getpid() r5 = socket$inet_smc(0x2b, 0x1, 0x0) getsockopt$IP_VS_SO_GET_TIMEOUT(r5, 0x0, 0x486, &(0x7f0000000000), &(0x7f0000000040)=0xc) sched_setaffinity(r4, 0x0, 0x0) pipe2$9p(0x0, 0x80800) r6 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$IP_VS_SO_SET_DELDEST(r6, 0x0, 0x488, &(0x7f0000000280)={{0x84, @empty, 0x4e20, 0x3, 'lblc\x00', 0x1d, 0x2, 0x2a}, {@loopback, 0x4e23, 0x10000, 0xc24, 0x9, 0xfffffffb}}, 0x44) 12m55.947654993s ago: executing program 5 (id=325): syz_open_dev$usbfs(&(0x7f0000000080), 0x75, 0x109301) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x48) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000140)={[0xfffffffffffffff6]}, 0x8, 0x1000) readv(r0, &(0x7f0000000180), 0x0) getpid() r1 = syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x9) r2 = syz_open_dev$MSR(&(0x7f0000000500), 0x0, 0x0) read$msr(r2, &(0x7f0000032680)=""/102400, 0x19000) r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r3) ptrace$pokeuser(0x6, r3, 0x358, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059"], 0x0}, 0x94) r4 = socket$netlink(0x10, 0x3, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socketpair(0x1, 0x20000000000001, 0x0, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000400)=0x14) sendmsg$nl_route_sched(r4, &(0x7f0000006280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=@newtaction={0x68, 0x30, 0x1, 0x0, 0x0, {0x0, 0x0, 0x6a00}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x0, 0x2, 0x0, 0x0, 0x7f}, 0x2, r5}}]}, {0x4, 0xa}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x0) 12m52.435884063s ago: executing program 5 (id=329): openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1802, 0x0) r0 = socket$inet6(0xa, 0x800000000000002, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe4000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, &(0x7f00000000c0)="3b76210fb6150f209e44647522663503000000440f22c00fa2660fc7b2d42af30fa7d0440f20c066350d000000440f22c06767f2caab12bad004ec", 0x3b}], 0x1, 0x40, 0x0, 0x0) ioctl$KVM_RUN(r1, 0xae80, 0x0) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000040)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(0xffffffffffffffff, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{0x1}, 0x0, 0x0}, 0x20) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast2, 0x4}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x36, 0x0, 0x0, 0x20000000}, 0xa}], 0x400000000000172, 0x0) 12m37.355338864s ago: executing program 35 (id=329): openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1802, 0x0) r0 = socket$inet6(0xa, 0x800000000000002, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe4000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, &(0x7f00000000c0)="3b76210fb6150f209e44647522663503000000440f22c00fa2660fc7b2d42af30fa7d0440f20c066350d000000440f22c06767f2caab12bad004ec", 0x3b}], 0x1, 0x40, 0x0, 0x0) ioctl$KVM_RUN(r1, 0xae80, 0x0) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000040)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(0xffffffffffffffff, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{0x1}, 0x0, 0x0}, 0x20) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast2, 0x4}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x36, 0x0, 0x0, 0x20000000}, 0xa}], 0x400000000000172, 0x0) 12m20.542345214s ago: executing program 4 (id=375): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() socketpair$tipc(0x1e, 0x5, 0x0, 0x0) sendmsg$inet(0xffffffffffffffff, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000880)=@raw={'raw\x00', 0x3c1, 0x3, 0x3f8, 0x0, 0x4c, 0x1a, 0x180, 0x73, 0x328, 0x258, 0x258, 0x328, 0x258, 0x3, 0x0, {[{{@ipv6={@private0, @local, [], [], 'wg2\x00', 'macvlan1\x00', {}, {}, 0x73}, 0x0, 0x118, 0x180, 0x0, {}, [@common=@inet=@l2tp={{0x30}, {0x0, 0x0, 0x3, 0x0, 0x3}}, @common=@unspec=@connlimit={{0x40}, {[], 0x0, 0x2}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x23, 0x3, 0x2, 0x3, 'syz1\x00', 'syz0\x00', {0x2}}}}, {{@uncond, 0x0, 0x160, 0x1a8, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@srh1={{0x90}, {0x2e, 0x8, 0xfb, 0x87, 0x3, @remote, @mcast1, @private2={0xfc, 0x2, '\x00', 0x1}, [0xff000000, 0xff, 0x0, 0xffffff00], [0x8982e4c132e3b466, 0xffffffff, 0xffffff00, 0xff000000], [0xffffff00, 0x0, 0xff000000, 0xffffff00], 0x3420, 0x108}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@initdev={0xac, 0x1e, 0x1, 0x0}, 'vlan0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0, 0x0, {0x0, 0x5400}}, {0x28}}}}, 0x458) 12m19.241564679s ago: executing program 4 (id=377): syz_emit_ethernet(0x46, 0x0, 0x0) syz_emit_ethernet(0x46, 0x0, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x0, 0x0) getitimer(0x0, &(0x7f0000000280)) r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r1 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) write$uinput_user_dev(r1, &(0x7f0000000a00)={'syz1\x00', {0x9, 0x27, 0x5, 0x5}, 0x3f, [0x9, 0x2, 0x8, 0x2, 0x5334, 0x400, 0x80000000, 0x5, 0x8, 0x0, 0x6, 0xf3, 0xfbfffffb, 0x39, 0x747d5e13, 0x8, 0x99, 0xfffffffc, 0x4, 0xfffffffb, 0x200, 0x3, 0x4, 0xf252, 0x80, 0x800, 0x0, 0x7, 0xe, 0x4623f, 0xffffffff, 0x0, 0x1ff, 0x8000, 0xfffffffe, 0x3, 0xd, 0x3, 0xba55, 0x8da8, 0x2, 0x200, 0x2, 0x400008, 0xe, 0x4, 0x2, 0xde, 0x8, 0x9, 0x1, 0x199f, 0x8, 0x2, 0x9, 0xffffffff, 0x4, 0x6, 0x1000, 0x5, 0x40, 0x9, 0xa, 0x5], [0x6, 0x1e, 0x3, 0x8000, 0xfffffffe, 0x3, 0x0, 0x25, 0xa, 0xfffffffc, 0x4, 0x7fff, 0x72c, 0x1c33, 0x3, 0x5, 0x10000, 0x400, 0x8001, 0x3, 0x1, 0x297, 0x5, 0x0, 0x981, 0x4, 0x8, 0x3ff, 0x0, 0xfffffffe, 0x0, 0x1000001, 0x10, 0xfffffff9, 0xfffffffd, 0x9, 0x1, 0xffffffff, 0x6, 0x5, 0x800, 0xffff, 0x6, 0x96, 0xfffffff9, 0x2, 0x0, 0x2, 0x401, 0xc, 0x3, 0x379, 0x9, 0xe, 0x5, 0x6, 0x6, 0x2, 0x1, 0x1, 0x8, 0x6, 0x200, 0x3], [0x401, 0xc584, 0xffff, 0xcd3, 0x9, 0x20, 0x404, 0x4, 0x8, 0x10, 0x7, 0x9, 0xe8b, 0x9, 0x80000001, 0x8, 0x3f92, 0x1000, 0x2, 0x10, 0x1, 0xfffffff9, 0xe55, 0x1000, 0x80000001, 0x4, 0x4, 0x5, 0x200003, 0x2, 0x5, 0x80, 0x218c, 0x8001, 0x47, 0x0, 0x3, 0x4, 0x3, 0x6d7e, 0x3, 0x8, 0x3, 0xbf23, 0x6, 0x8, 0x95a, 0x0, 0x3ff, 0x3, 0x6, 0x100fffd, 0x2005, 0x9, 0x4, 0xea, 0x9, 0x20000005, 0x6, 0xd9, 0x0, 0x7d, 0x401, 0x5], [0x108e, 0xffff, 0x3, 0x3, 0x88, 0x2, 0x6, 0x4, 0x50, 0x2, 0x763, 0xb, 0x402, 0x800, 0x5, 0x1000, 0x7f, 0x5, 0x3fa6, 0x100007, 0x0, 0x5, 0x1e2, 0x4, 0x9, 0x3, 0x3, 0x4, 0x200, 0x1000, 0x3b, 0x20000002, 0x5, 0x800, 0xa80a, 0x65f413f9, 0xfffffff8, 0x20008, 0x8a8, 0x2, 0x40, 0x40000409, 0x7, 0x4, 0x4, 0x10, 0x4, 0x0, 0x7fff, 0x0, 0xfffffff8, 0x401, 0x1, 0x200, 0x7, 0x4edf, 0xfffffffd, 0xa, 0xe, 0x2, 0xf, 0xf, 0x136, 0x6]}, 0x45c) ioctl$UI_DEV_CREATE(r1, 0x5501) readv(r1, &(0x7f0000001240)=[{&(0x7f00000012c0)=""/41, 0x29}], 0x1) 12m17.813068515s ago: executing program 4 (id=379): syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000080)='./file0\x00', 0x400, &(0x7f00000004c0)=ANY=[@ANYBLOB="6e6f626172726965722c6e6f657874656e745f63616368652c6673796e635f6d6f64653d7374726963742c696e6c696e655f78617474720000693a653d3078303030303030303030303030303766662c736d61636b6673726f6f080000006673f52b00e58abba2d0cc27be339f6f4fe5ad35a724e1531a622f050000008586eb5ba3614d2c24abf5a2614c0f111e057112dafd66336a5e3b6512b81cda80be6e9a34ccc2b88c0100008000000000e3f5def862b95c20ee847008000b0c22653d2ff39b36732e46b56357afe57094f42ba61c5e8b4e184d7dd50000000000000000c0469264c247cd3c7fcb39043dda97538456bc294ae31e525d3b664cf8e83b52b1885b866b58698b3f132aced62a4fc7c8c400b805173d7488a35708d2523190c0014689f57be6ee3f5d28935a0000000000000000000000000000000000000059c1403d010001008ab61fa90695a8b268c277645c1e357ec9316354f659d4244fe126a8364eaa0de6bf4ba21c767782a04bdbb8c86d0cc7e3f03f8ef15c0ee311768cccb8affb0ae5d7cd0000000097676c046a6c754c98dd5f400ad99a588d983ae6e07b4e0e0907266aca53b30a815a84295fb5eab2f263613d36994dc15562892c33ed149270907e9c2e4d0cac7dd9735621a0c6768d4f70c664699157854bb1b85ce3f6ea44456e4f1ae1575315d77f2b995ce4d6ce21b17ca891c155ddd9916e997c32e78231e8d54675e4edf480980023b9736180ff98cf93f888eb70abb728b7e91a5d75b7e43e54f92b6e679249576f12533bef1c93aa993977f15c0a7b595423444db6e87480c46c408f6d48afa1ba"], 0x1, 0x5514, &(0x7f0000005d80)="$eJzs3M1rI2UYAPAn7Xa/XYt48LYDi9DCJmy67aK3qrv4gV3KqgdPmiZpyG6SKU2a1p48eBQPnv0nRMGTR/8GD569iQfFm6BkZqpbP8ClSWPb3w8mz7xv3jzzvGFZeGZKAjiz5pNffirFtbgUEbMRcTUiOy8VR2Y1D89FxPWImHnsKBXzf0ycj4jLEXFtlDzPWSre+vTm8MbKj2/8/PW3F85d+fyr76a3a2Dano+I7lZ+vtvNY9rK48NivjZsZ7G7PCxi/kb3UTFO87jb3Mgy7NYO1tWyeLuVr0+3dvqjuNmp1Uex1d7M5rd6+QX7w9ZBnuwDD2vb2bjR3Mhiu59msbWf17W3n//ftt8f5HkaRb4PsvQxGBzEfL6518z3s/Uoi/XeoJjP86aN5t4oDotYXC7qaaeR1bFxlG/6/+3Ndm9nLxk2t/vttJesVKovVKp3ytXttNEcNJfLtW7jznKy0OqMlpUHzVp3tZWmrU6zUk+7i8lCq14vV6vJwt3mRrvWS6rVyu3KrfLKYnF2M3n1/jtJp5EsjOLL7d7OoN3pJ5vpdpJ/YjFZqtx+cTG5UU3eWltP1h/cu7e2/vZ7d9+9/9La668Ui/5WVrKwdGtpqVy9VV6qLp6h/X9UFD3G/cORlJ5s+YVJ1QFwguj/gWmYXP+//SBi8v1/6P/H4kT1vxPr/z87s/uHI3nC/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNPj+7kvXstO5vPxlWL+qWLqmWJcioiZiPjtH8zG+UM5Z4s8c/+yfu4vNXxTiizD6BoXiuNyRKwWx69PT/pbAAAAgNPryw+vf5J36/nL/LQL4jjlN21mrr4/pnyliJib/2FM2WZGL8+OKVn27/tc7I0pW3YD6+KYkuW33M6NK9t/MnsoXHwslPIwc6zlAAAAx+JwJ3C8XQgAAADH6eNpF8B0lOLgUebBs+DsL+//fCB46dAIAAAAOIFK0y4AAAAAmLis//f7fwAAAHC65b//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAv7NzP7lpA1EcgJ8NLvSfiqru26N0B8foEbrssuIAvQRHoFfIBTgD2eUIEUR4HBSiJIrisa2Q75PMMBb8/IzwYmakAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALp0Wa0X//9+/9c2Z7dv54WX/dG2bgAAAHgLttV6Ub+Zpf7H5vzn5tTXpl9ERBkRD43dR/HuJHPU5FSPfL66V8NFRJ1wuMakOT5ExM/muP7S9a8AAAAA52uzXM3TaD29zIYuiD6lSZvy069MeUVEVLOrTGnlIe9bprD6/z2OP5nS6gmsaaawNOU2zpX2LPXjfpy1m95pitSUT38/270DAAA9Gp00/Y5CAAAA6NPvoQtgGEXcLmUelwInqWmW996f9AAAAIBXqBi6AAAAAKBz9fjf/n8AAABw3tL+fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHRpW60Xm+Vq3jZnt28nz90AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADADfvzjgIhEAZhsHd9ZzL3P6w0aGpqUgXCx98YDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvPndX/5PTI0zydxrY+l5JFk7NbZOjb1z4+gP4+vXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABc7M9tCoAgEIbBrezrX3j/w8YLeoYIZkB42EVBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBH7hnLOLXO2BJPVbVME3vGvaqOrBJnVokrF/p4sPUPfwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMvO/bzGUcUBAH8zs7NJq+IaZQ8RseBBLzbd1tbexIMSPPgnCCHd1titP9ocbClCLt4k515EjyKCEm/9H3puoZd662EPFTxX5lcy+XFYhZ3ZZD8fePO+Mwzzvm8WQr77XgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADsM/5wL06yQ6+I4/Law2d317P+0YE+c3/78XLWsjhqMunj4Y36SdSvnSw2nwwAAADzIanq+xDCk3RnNevjXl7/p9U9Wc3/00tFXNXzB+v+qq9q/6z9+cfT13YH6hXjZA+9ujEanjucSmd6s5xhz1+e4KZO/ubz716S/AOJP9l6dZzm7zP64cGDj7p5uDD9dAGA/+ds1ZdB9ftQ1g/aTAyAudGpFd5V/Z/02s0JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAnjrfBCFUchhOXOXpx59Ozu+lH9/e3Hy1W7dO/edv2Z2SPSEMLVjdHwXFhscDaz7dbtO9fXRqPhzeaDN0MIbY3+QTn9659NcHMIU0rjTEtvfs6CuPywZyWf4xG0+EMJAIATKS1bVtc/SXdWs2vRUgjPf95f/79di8OE9f/Tzy89rI9Vr/8Hjc1w9q1s3vh65dbtO+9u3Fi7Nrw2/PK984P3BxcuX7x4eSX/rqQ4tp0mAAAAx1i3bPX6P146vP5/uhaHCev/b34cfFcfK1H/H2lv0a/tTAAAAObbK2f++Ts64nrU7YZv1zY3bw6K4+75+eLYQqr/2ULZ6vV/stR2VgAAAEATxlvRvvX/K7U4TLj+/+Ivr/9Wf2YSQjhVrv+fXf9qdKW56cy0qfzx8EL5cDsLAAAAKOvxUwfW/9N8/3+8u+UhDiG881YRl/8GcKL6P/n4+1/rY9X3/19oboozKe4X7yPv+yF0+m1nBAAAwEm2mLdeXv//le6sfvH76U+79v8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANO3fAAAA///FdTwZ") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0) fdatasync(r4) 12m16.600204229s ago: executing program 4 (id=382): socket$nl_xfrm(0x10, 0x3, 0x6) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ff"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) gettid() timer_create(0x0, 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x8840) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) fcntl$getownex(r4, 0x10, &(0x7f0000000180)) sendto$inet6(r5, 0x0, 0x0, 0x20000841, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @empty}, 0x1c) add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, 0x0, 0x0, 0xffffffffffffffff) add_key$fscrypt_v1(0x0, &(0x7f0000000440)={'fscrypt:', @desc3}, 0x0, 0x0, 0xfffffffffffffffe) write$cgroup_int(0xffffffffffffffff, &(0x7f0000000040)=0x1c9, 0x12) r6 = dup(r0) sendmsg(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000200)="2a5a02ccaa04e90532c795e7fecf1174559bafb8dc5fc19d43586dabdafa4736372358291992cfae5507ffc8830a6ce34648c2", 0x33}], 0x1}, 0x20004800) 12m14.555274862s ago: executing program 4 (id=385): prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r1, &(0x7f0000000040)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2d}}, 0x10) sendto$inet(r1, 0x0, 0x0, 0xc806, &(0x7f0000000180)={0x2, 0x4e21, @multicast1}, 0x10) sendto$inet(r1, &(0x7f0000000100)='J', 0xfdbe, 0x4004084, 0x0, 0x11000a00) 12m11.783827622s ago: executing program 4 (id=391): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0) keyctl$link(0x8, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000940)={0x3, 0xc, &(0x7f0000000800)=ANY=[], 0x0}, 0x94) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18) r5 = socket(0x10, 0x80803, 0x0) sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000900)=ANY=[@ANYBLOB="1c0000005e000102000000000000000000000000682ce665c9"], 0x1c}, 0x1, 0x0, 0x0, 0x4008001}, 0x0) recvmmsg(r5, &(0x7f0000001bc0)=[{{0x0, 0x0, 0x0}}], 0x7, 0x0, 0x0) r6 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800019f00000000000000000a000000000000000800010001000000040004"], 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000740)={[{@bsdgroups}, {@nodiscard}, {@noblock_validity}, {@grpjquota}, {@grpjquota}, {@noquota}, {@auto_da_alloc}, {@noload}, {@nodiscard}]}, 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV") mkdirat(0xffffffffffffff9c, 0x0, 0x0) close(0xffffffffffffffff) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES64=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94) 12m9.011757286s ago: executing program 8 (id=350): bpf$PROG_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x18) r4 = socket(0xa, 0x3, 0x87) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'lo\x00', 0x0}) ioctl$sock_inet6_SIOCSIFADDR(r4, 0x8916, &(0x7f0000000000)={@private1={0xfc, 0x1, '\x00', 0x1}, 0xb, r6}) ioctl$sock_inet6_tcp_SIOCINQ(r4, 0x8936, &(0x7f0000000000)) getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r7, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0) r9 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00"/11], 0x48) openat$vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x347002, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) socketpair(0x2c, 0x3, 0x0, &(0x7f0000000380)) 12m6.86142242s ago: executing program 8 (id=399): sched_setscheduler(0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x0, 0x0) getitimer(0x0, &(0x7f0000000280)) r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r1 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) write$uinput_user_dev(r1, &(0x7f0000000a00)={'syz1\x00', {0x9, 0x27, 0x5, 0x5}, 0x3f, [0x9, 0x2, 0x8, 0x2, 0x5334, 0x400, 0x80000000, 0x5, 0x8, 0x0, 0x6, 0xf3, 0xfbfffffb, 0x39, 0x747d5e13, 0x8, 0x99, 0xfffffffc, 0x4, 0xfffffffb, 0x200, 0x3, 0x4, 0xf252, 0x80, 0x800, 0x0, 0x7, 0xe, 0x4623f, 0xffffffff, 0x0, 0x1ff, 0x8000, 0xfffffffe, 0x3, 0xd, 0x3, 0xba55, 0x8da8, 0x2, 0x200, 0x2, 0x400008, 0xe, 0x4, 0x2, 0xde, 0x8, 0x9, 0x1, 0x199f, 0x8, 0x2, 0x9, 0xffffffff, 0x4, 0x6, 0x1000, 0x5, 0x40, 0x9, 0xa, 0x5], [0x6, 0x1e, 0x3, 0x8000, 0xfffffffe, 0x3, 0x0, 0x25, 0xa, 0xfffffffc, 0x4, 0x7fff, 0x72c, 0x1c33, 0x3, 0x5, 0x10000, 0x400, 0x8001, 0x3, 0x1, 0x297, 0x5, 0x0, 0x981, 0x4, 0x8, 0x3ff, 0x0, 0xfffffffe, 0x0, 0x1000001, 0x10, 0xfffffff9, 0xfffffffd, 0x9, 0x1, 0xffffffff, 0x6, 0x5, 0x800, 0xffff, 0x6, 0x96, 0xfffffff9, 0x2, 0x0, 0x2, 0x401, 0xc, 0x3, 0x379, 0x9, 0xe, 0x5, 0x6, 0x6, 0x2, 0x1, 0x1, 0x8, 0x6, 0x200, 0x3], [0x401, 0xc584, 0xffff, 0xcd3, 0x9, 0x20, 0x404, 0x4, 0x8, 0x10, 0x7, 0x9, 0xe8b, 0x9, 0x80000001, 0x8, 0x3f92, 0x1000, 0x2, 0x10, 0x1, 0xfffffff9, 0xe55, 0x1000, 0x80000001, 0x4, 0x4, 0x5, 0x200003, 0x2, 0x5, 0x80, 0x218c, 0x8001, 0x47, 0x0, 0x3, 0x4, 0x3, 0x6d7e, 0x3, 0x8, 0x3, 0xbf23, 0x6, 0x8, 0x95a, 0x0, 0x3ff, 0x3, 0x6, 0x100fffd, 0x2005, 0x9, 0x4, 0xea, 0x9, 0x20000005, 0x6, 0xd9, 0x0, 0x7d, 0x401, 0x5], [0x108e, 0xffff, 0x3, 0x3, 0x88, 0x2, 0x6, 0x4, 0x50, 0x2, 0x763, 0xb, 0x402, 0x800, 0x5, 0x1000, 0x7f, 0x5, 0x3fa6, 0x100007, 0x0, 0x5, 0x1e2, 0x4, 0x9, 0x3, 0x3, 0x4, 0x200, 0x1000, 0x3b, 0x20000002, 0x5, 0x800, 0xa80a, 0x65f413f9, 0xfffffff8, 0x20008, 0x8a8, 0x2, 0x40, 0x40000409, 0x7, 0x4, 0x4, 0x10, 0x4, 0x0, 0x7fff, 0x0, 0xfffffff8, 0x401, 0x1, 0x200, 0x7, 0x4edf, 0xfffffffd, 0xa, 0xe, 0x2, 0xf, 0xf, 0x136, 0x6]}, 0x45c) ioctl$UI_DEV_CREATE(r1, 0x5501) readv(r1, &(0x7f0000001240)=[{&(0x7f00000012c0)=""/41, 0x29}], 0x1) 12m4.433888367s ago: executing program 8 (id=402): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r1, &(0x7f0000000040)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2d}}, 0x10) sendto$inet(r1, 0x0, 0x0, 0xc806, &(0x7f0000000180)={0x2, 0x4e21, @multicast1}, 0x10) sendto$inet(r1, &(0x7f0000000100)='J', 0xfdbe, 0x4004084, 0x0, 0x11000a00) 12m1.581585472s ago: executing program 8 (id=409): socket$nl_xfrm(0x10, 0x3, 0x6) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5) r0 = socket$inet6(0xa, 0x2, 0x3a) r1 = dup(r0) bind$unix(r1, 0x0, 0x0) connect$unix(r1, &(0x7f00000043c0)=@abs={0x0, 0x0, 0x4e22}, 0x6e) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0) r5 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}}, 0x0, 0x1a}, 0x28) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000045b70457200"/24], &(0x7f0000000080)='GPL\x00', 0x5, 0x1f6, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @sock_ops, r5, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x1}, 0x6d) bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000040), 0x4) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000980)={0x6, 0x2, &(0x7f0000000800)=@raw=[@map_fd={0x18, 0x3, 0x1, 0x0, r1}], &(0x7f00000008c0)='syzkaller\x00', 0x9, 0x0, 0x0, 0x41100, 0x2, '\x00', 0x0, 0x25, r5, 0x8, &(0x7f0000000900)={0x8, 0x5}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000940)=[{0x1, 0x1, 0xf, 0x2}, {0x0, 0x5, 0x9, 0x4}], 0x10, 0x8}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0x18, &(0x7f0000000740)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffff9}, @tail_call={{0x18, 0x2, 0x1, 0x0, r1}}, @initr0={0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x4}, @alu={0x7, 0x1, 0xc, 0x8, 0xa, 0x18, 0x10}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000180)='syzkaller\x00', 0x200, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x14, r1, 0x8, &(0x7f0000000ac0)={0x0, 0x5}, 0x8, 0x10, &(0x7f0000000b00)={0x2, 0xd, 0x7, 0x2}, 0x10, 0x0, r1, 0x1, 0x0, &(0x7f0000000b40)=[{0x2, 0x2, 0xb, 0x3}], 0x10, 0xc}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000840)={[{@bh}, {@nolazytime}, {@noblock_validity}, {@barrier}, {@grpjquota}, {@noquota}, {@auto_da_alloc}, {@noload}, {@nodiscard}]}, 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV") 11m56.202408026s ago: executing program 36 (id=391): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0) keyctl$link(0x8, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000940)={0x3, 0xc, &(0x7f0000000800)=ANY=[], 0x0}, 0x94) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18) r5 = socket(0x10, 0x80803, 0x0) sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000900)=ANY=[@ANYBLOB="1c0000005e000102000000000000000000000000682ce665c9"], 0x1c}, 0x1, 0x0, 0x0, 0x4008001}, 0x0) recvmmsg(r5, &(0x7f0000001bc0)=[{{0x0, 0x0, 0x0}}], 0x7, 0x0, 0x0) r6 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800019f00000000000000000a000000000000000800010001000000040004"], 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000740)={[{@bsdgroups}, {@nodiscard}, {@noblock_validity}, {@grpjquota}, {@grpjquota}, {@noquota}, {@auto_da_alloc}, {@noload}, {@nodiscard}]}, 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV") mkdirat(0xffffffffffffff9c, 0x0, 0x0) close(0xffffffffffffffff) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES64=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94) 11m46.541430738s ago: executing program 37 (id=409): socket$nl_xfrm(0x10, 0x3, 0x6) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5) r0 = socket$inet6(0xa, 0x2, 0x3a) r1 = dup(r0) bind$unix(r1, 0x0, 0x0) connect$unix(r1, &(0x7f00000043c0)=@abs={0x0, 0x0, 0x4e22}, 0x6e) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0) r5 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}}, 0x0, 0x1a}, 0x28) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000045b70457200"/24], &(0x7f0000000080)='GPL\x00', 0x5, 0x1f6, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @sock_ops, r5, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x1}, 0x6d) bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000040), 0x4) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000980)={0x6, 0x2, &(0x7f0000000800)=@raw=[@map_fd={0x18, 0x3, 0x1, 0x0, r1}], &(0x7f00000008c0)='syzkaller\x00', 0x9, 0x0, 0x0, 0x41100, 0x2, '\x00', 0x0, 0x25, r5, 0x8, &(0x7f0000000900)={0x8, 0x5}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000940)=[{0x1, 0x1, 0xf, 0x2}, {0x0, 0x5, 0x9, 0x4}], 0x10, 0x8}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0x18, &(0x7f0000000740)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffff9}, @tail_call={{0x18, 0x2, 0x1, 0x0, r1}}, @initr0={0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x4}, @alu={0x7, 0x1, 0xc, 0x8, 0xa, 0x18, 0x10}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000180)='syzkaller\x00', 0x200, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x14, r1, 0x8, &(0x7f0000000ac0)={0x0, 0x5}, 0x8, 0x10, &(0x7f0000000b00)={0x2, 0xd, 0x7, 0x2}, 0x10, 0x0, r1, 0x1, 0x0, &(0x7f0000000b40)=[{0x2, 0x2, 0xb, 0x3}], 0x10, 0xc}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000840)={[{@bh}, {@nolazytime}, {@noblock_validity}, {@barrier}, {@grpjquota}, {@noquota}, {@auto_da_alloc}, {@noload}, {@nodiscard}]}, 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV") 14.465272664s ago: executing program 9 (id=1984): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) io_setup(0x6, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) r1 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$inet6_IPV6_HOPOPTS(r1, 0x29, 0x36, &(0x7f0000000600)=ANY=[@ANYBLOB], 0x8) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e2a, 0xffffffff, @mcast2, 0x9}, 0x1c) r2 = socket$netlink(0x10, 0x3, 0xc) bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)={0x58, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @mcast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}]}, 0x58}}, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0) sendmsg$IPCTNL_MSG_CT_DELETE(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="140000000201f7ffffff3f050000000000000008"], 0x14}, 0x1, 0x0, 0x0, 0x20044804}, 0x40040) sendmsg$IPCTNL_MSG_CT_GET_DYING(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x14, 0x6, 0x1, 0x101, 0x0, 0x0, {0x3, 0x0, 0x4}}, 0x14}, 0x1, 0x0, 0x0, 0x2404c031}, 0x20000000) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a78000000060a0b0400000000000000000200fffe4c0004802800018007000100637400001c000280080001400000000208000240000000ff000003000000000020000180070001006374000014000280080002400000000d080004400000000c0900010073797a30000000000900020073797a32"], 0xa0}, 0x1, 0x0, 0x0, 0x840}, 0x0) mkdir(&(0x7f0000000000)='./bus\x00', 0x0) read$FUSE(0xffffffffffffffff, &(0x7f0000002000)={0x2020}, 0x2020) r5 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) ioctl$SNDCTL_DSP_GETOPTR(r5, 0x800c5012, &(0x7f0000000040)) 13.926660582s ago: executing program 6 (id=1985): prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x87}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) r2 = socket$l2tp(0x2, 0x2, 0x73) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000240)='wlan0\x00', 0x10) bind$inet(r2, 0x0, 0x0) connect$inet(r2, &(0x7f0000000200)={0x2, 0x0, @local}, 0x10) sendmmsg$inet(r2, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0) 13.554611368s ago: executing program 2 (id=1986): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000000c0)='devtmpfs\x00', 0x0, 0x0) mount$overlay(0x0, &(0x7f0000001340)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) r1 = openat2$dir(0xffffffffffffff9c, 0x0, &(0x7f0000000080), 0x18) getdents64(r1, &(0x7f0000000300)=""/152, 0x98) 12.545560624s ago: executing program 3 (id=1987): socket$nl_xfrm(0x10, 0x3, 0x6) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5) r0 = socket$inet6(0xa, 0x2, 0x3a) r1 = dup(r0) bind$unix(r1, 0x0, 0x0) r2 = getpid() sched_setscheduler(r2, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000a40)={0x0, @empty, @local}, &(0x7f0000000a80)=0xc) r6 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}}, 0x0, 0x1a}, 0x28) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000045b70457200"/24], 0x0, 0x5, 0xa8, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @sock_ops, r6, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x10}, 0x94) bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000040), 0x4) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000980)={0x6, 0x2, &(0x7f0000000800)=@raw=[@map_fd={0x18, 0x3, 0x1, 0x0, r1}], &(0x7f00000008c0)='syzkaller\x00', 0x9, 0x0, 0x0, 0x41100, 0x2, '\x00', 0x0, 0x25, r6, 0x8, &(0x7f0000000900)={0x8, 0x5}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000940)=[{0x1, 0x1, 0xf, 0x2}, {0x0, 0x5, 0x9, 0x4}], 0x10, 0x8}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0x18, &(0x7f0000000740)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffff9}, @tail_call={{0x18, 0x2, 0x1, 0x0, r1}}, @initr0={0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x4}, @alu={0x7, 0x1, 0xc, 0x8, 0xa, 0x18, 0x10}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000180)='syzkaller\x00', 0x200, 0x0, 0x0, 0x41000, 0x0, '\x00', r5, @fallback=0x14, r1, 0x8, &(0x7f0000000ac0)={0x0, 0x5}, 0x8, 0x10, &(0x7f0000000b00)={0x2, 0xd, 0x7, 0x2}, 0x10, 0x0, r1, 0x1, 0x0, &(0x7f0000000b40)=[{0x2, 0x2, 0xb, 0x3}], 0x10, 0xc}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x10) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000840)={[{@bh}, {@nolazytime}, {@noblock_validity}, {@barrier}, {@grpjquota}, {@noquota}, {@auto_da_alloc}, {@noload}, {@nodiscard}]}, 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV") 11.48304454s ago: executing program 9 (id=1989): openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000400)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) socket$xdp(0x2c, 0x3, 0x0) inotify_add_watch(0xffffffffffffffff, 0x0, 0x42000773) write$uinput_user_dev(r0, 0x0, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB], 0x4c}, 0x1, 0x0, 0x0, 0x488c0}, 0x4000080) ioctl$UI_DEV_CREATE(r0, 0x5501) lseek(0xffffffffffffffff, 0x3, 0x1) socket$can_j1939(0x1d, 0x2, 0x7) syz_mount_image$udf(&(0x7f00000002c0), &(0x7f0000000080)='./file0\x00', 0x14, &(0x7f0000002440)=ANY=[], 0xff, 0xc19, &(0x7f0000002140)="$eJzs3VFsXeddAPD/d2zHToq2S9ek3Yim2yJ1IWPBdtamlSfRUGMxlrWmjjegPPQmvimXOPaV7XRpBVt46gNImCEhJIaEhIYqHiYjtAd4GhISrxbaG0IKYypFCOk+rNoLWtA597vxteM0IY5jJ/n9pOR/7jn/75zvfN/pOeee754mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICIX/rl06Njaa9rAQDcT6/MvDY67voPAI+Us77/AwAAAAAAAAAAAADAfpeiiA8ixdeOdtIb1eeukTOthctXZienti92MFUlB6r88s/I2PjJzz/3/KkXevGjy99rn4xXZ86err+8eKm91Fxebs7VZxda5xfnmne8hp2W3+p41QD1Sxcvz124sFwfP3Fy0+IrtfeHHztSmzg19vrhXu7s5NTUTF/O4NBdb/0mt3rD40AUcSFSXHzvg9SIiCJ23ha3OXZ228FqJ45XOzE7OVXtyHyrsbBSLpzuNUQRUesr9FKvje5DX+xIPeJqWf2ywsfL3ZtpN5Ya5+ab9enG0kprpbW4MJ26tU1VehEvpIh2RHSGb17dUBTx9Ujx7rc66VxEDPTa4bPVi8G3r0+xC/t4BwYjojYUsV48AH22jw1HEd+JFN/8xmicz+1aNduzEV8u45GIy2W8FrFaxk9HpPIAeSLiw22OJx4sg1HEH0SKH0100lyv76vzypmv1L+4cGGxL7d3Xrnr60M+V+z59eF+2ufnppEoolGd8Tvp7m92AAAAAADYf4r440jx9PePpXb0jym2Ft6sn22cm+8+Fe49+6/nUtevX79eS904muN0ju0cV3Ncy3G9jLGxglqRy+c4nWM7x9Uc13Jcz7GTY20gl89xOsd2jqs5ruW4nmMnx9pgLp/j9GBVs6vt/Hk1x7Uc13PsDO5FPwEAAAAAAADArR2MIr4aKZ79hbeq94qjei/94xOnXjvxq/3vjD91m/WUuSciYq24s3dyD+TXAafTdEp79A4x3ff/fi+///f7t0sFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeakUU8UykeOu7nRQpIuoRb0Q3Xhve69oBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD3wkgq4sNI8adfGqk+rxcRvxkRP+kuHozr99re7i8AAAAAAAAAPJRSEW9Himde66RaRFypvT/82JHaxKmx1w8PxECkMqU//9WZs6frLy9eai81l5ebc/XZhdb5xbnmnW5u5Exr4fKV2cmpXdmZ2zq4y/U/OPLyYvvtpdabv72y7fJDI6fPLa8sNc5vvzgORhFR759zvKrw7ORUVen5VmOhKjqd7rTGAAAAAAAAADwKhlIRP4kU7/71ezfGnQe7Y/6DW3O//YWIIk9P5vHnG8PQ1e8GPlb9bqA7/fGJU782/qn+6W2HrI9XA+r12cmpqZm+2YNDN6eO5O2O7myX6VP2/0qk+MO/qKen87zN/T9wI/fbv7vR31e3rugWff7/6P9NPd7r/5/um1duM6Ui/jZS/MyvPxVPV/U8FDf9ZiLnfSlS/Mba0ZwXB8q8Z/Lyx6u/Ry605pujZe6VSPGPlzfnPptzP7GRO3an7fqgKPv/mUjx37+1dqNtcv/nHtjotf7+/9TWo2Pn/b/tf/+P982r5e3+7L3ZdSJi+e13Ljbm55tLj+LEwP6oxt5P/NmebL13PtgnjbAPJ+Lq3m19j09M3Bfl9f+rkeIf/uRfb9zv5Ov/T0V1W7Vx//fjr29c/ye2rmiXrv+f6Js3ke9GhgYjRlYutYeejBhZfvudz7UuNd5svtlcOHnqxefHR18cGz05dKB3c7cxtXXLN32/eRSV/f87keI7P/ib+Eyet/n+b/v7/0NbV7RL/f9E37xDm+5Xdrzr5P7/30jxz5Pfi2N53kfd//e+/x/LN+E37s93qf8P982rvuN9LOLn+uYdOxzx0H0pAwAAgHsspSK+l8dTR28znvpPkeKd//r5nJeOlHkv5eW16u+RVxYXPnd6fn7xfGOlcW6+WZ9pN843y7I/jBSdvzoao1FEiqIaX+2NN3fHeDfGYv8lUrz4K0fzdrpjsb1nU09s5I6VuScixR+9sjm39xzj8EbueJn7b5Fi7PXtc49s5J4sc/8zUvz4z+u93ENl7hdy7pMbuSfOL87P7UK3AAAAAADAjgylIp6PFH9/cjD1nm/fye8/b3rovUu//3uyb97cfXpfZfuW8j/cBeDhUV7/j5XXtl/8yxtj+Zuv/xvvyfRf/7fq/3cDbjV9N9f/2r3ZTQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBHTooiFiPF14520rXh8nPXyJnWwuUrs5NT2xc7mKqSA1V++WdkbPzk5597/tQLvfjR5e+1T8arM2dP119evNReai4vN+fqswut84tzzTtew07Lb3W8aoD6pYuX5y5ciBg/cXLT4iu194cfO1KbODX2+uFe7uzk1NRMX87g0F1v/Sa9fi22zD8QRfxPpLj43gfp34fz8h22xW2Ond12MIr4u4god2J2cqrakflWY2GlXDjd1xC1vkIv9droPvTFjtQjrpbVLyt8vNy9mXZjqXFuvlmfbiyttFZaiwvTqVvbVKUX8UKKaEdEZ/jm1Q1FEUOR4t1vddIPhiMGeu3w2VdmXhsdv0UlRjYmtx5Q98lgRNSGItaLB6DP9rHhKOK5SPHNb4zGfwx327VqtmcjvlzGIxGXy3gtYrWMn45I5QHyRMSH2xxPPFgGo4jHI8WPJjrph8O576vzypmv1L+4cGGxL7d3Xnngrw/30z4/N41EER/EPqkMAAAAAAD3UBFPRYqnv38sVeODx2cnp65n9bONc/Pdx/q9Z//1XKpcXEvdOJrjdI7tHFdzXMtxPcdOjrUil89xOsd2jqs5ruW4nmMnx9pALp/jdI7tHFdzXMtxPcdOjrXBXD7H6RzbOa7muJbjeo6dwb3sLwAAAAAAAIDtFVHEZyLFW9/tpOvD3QHeN6Ibr3m/76H3fwEAAP//F35MkQ==") truncate(&(0x7f0000000080)='./file2\x00', 0x7f) sendmsg$ETHTOOL_MSG_TSINFO_GET(0xffffffffffffffff, 0x0, 0x4886) 11.466323661s ago: executing program 3 (id=1990): openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x85}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = socket$packet(0x11, 0x2, 0x300) syz_emit_ethernet(0x4a, 0x0, 0x0) ioctl$sock_TIOCINQ(r1, 0x541b, &(0x7f0000000340)) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) openat$sequencer2(0xffffffffffffff9c, 0x0, 0x141000, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$afs(0x0, &(0x7f0000002840)='./file0\x00', &(0x7f0000002880), 0x700, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn']) 11.298250993s ago: executing program 6 (id=1991): syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000740)='./file0\x00', 0x10040, &(0x7f0000000200)={[{@journal_dev}, {@nouid32}]}, 0xfe, 0x269, &(0x7f0000000780)="$eJzs3U9oHFUcB/Df7B/jJotEvQjiHxARDYR4E7zEi0JAQhARVIiIeJJEiAnesp68eNCzSkDwEkpvTXssvYReWgo9pW0O6aXQhh4aemgPW3Znt2ySDW33b9n5fGCYmbz35r0J832zLMxsAJk1GRGzEZGPiKmIKEZE0lrh7XSZbOxulLYXI6rVL+4m9XrpfqrZbiIiKhHxUUShWba29c3e/Z3P3vtjtfju/1tflwZ1fq3293Y/P/h3/vczcx+uXb56ez6J2Sg3ylrPo5eSNn8rJBGv9KOz50RSGPYIeBoLv56+Vsv9qxHxTj3/xcg1IvvnygsXivHBPye1/evOldcHOVag96rVYu0eWKkCmZOLiHIkuemISLdzuenp9DP89fx47qfllV+mflxeXfph2DMV0CvlSHY/PTd2duJI/m/l0/wDo6scsfvlwuaN2vZBftijAfqm9dv2N9JVLf9T362/H/IPmSP/kF3yD9kl/zACOsyu/EN2dZP/F/s0JmAw3P9hhBWbG5W2xfIP2SX/MKL+a/fU6WHyD9nVmn8AIFuqY8N+AhkYlmHPPwAAAAAAAAAAAAAAAAAAwHEbpe3F5jKoPi/+HbH/SUQU2vWfr/8ecfNt4+P3klq1x5K0WVe+favLA3TpVM+evi511Oqlm73qvzOX3uzPcX87vHviP2d9KaJSqzxTKBy//pLG9de5l59QXvy+yw6e0dG3An781WD7P+rh5nD7n9uJOF+bf2bazT+5eK2+bj//lFtfsdyhnx90eQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG5lEAAAD//4oibec=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100"/13], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) setsockopt$bt_rfcomm_RFCOMM_LM(0xffffffffffffffff, 0x12, 0x3, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000140)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x5, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x4}, 0x50) socket$inet6(0x10, 0x3, 0x0) fsetxattr$trusted_overlay_redirect(r0, &(0x7f0000000040), 0x0, 0x0, 0x0) llistxattr(&(0x7f0000000280)='./file1\x00', 0x0, 0x7) 9.815326016s ago: executing program 9 (id=1992): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, 0xffffffffffffffff, 0x0, 0x81}, 0x18) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) ioctl$IOC_PR_PREEMPT(0xffffffffffffffff, 0x401870cb, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x24008804) socket$inet_sctp(0x2, 0x1, 0x84) ioctl$AUTOFS_IOC_FAIL(r0, 0x4c80, 0xffffffffffffffb6) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a300000000088000000090a01"], 0xd0}}, 0x20050800) socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x14, 0x4, 0x65bf, 0x9, 0x0, 0x1, 0xcafe}, 0x50) openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) 9.704094528s ago: executing program 3 (id=1993): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000180)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x0, 0x7ffc0004}]}) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b703000010000000850000001b000000b7000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0}, 0x18) r3 = syz_open_dev$usbfs(&(0x7f0000000140), 0x76, 0x1701) r4 = openat$binfmt_register(0xffffffffffffff9c, 0x0, 0x1, 0x0) write$binfmt_register(r4, 0x0, 0x0) ioctl$USBDEVFS_SUBMITURB(r3, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x44, &(0x7f0000000080)={0x40, 0x3, 0x17, 0xff81}, 0x8, 0x20, 0x3, 0x0, 0x4bf, 0x404, 0x0}) 9.691424109s ago: executing program 7 (id=1994): prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000008c0)={'wlan0\x00'}) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) inotify_init() r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) syz_open_dev$video4linux(0x0, 0x7, 0x2000) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) openat$sndseq(0xffffffffffffff9c, 0x0, 0x800) pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f00000002c0)={0x3ff}, &(0x7f0000000300)={0x0, 0x3938700}, 0x0) mount(0x0, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, &(0x7f0000000400)) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, 0x0) r2 = socket$rxrpc(0x21, 0x2, 0xa) connect$rxrpc(r2, &(0x7f0000000000)=@in6={0x21, 0x2, 0x2, 0x1c, {0xa, 0x4e20, 0x200, @ipv4={'\x00', '\xff\xff', @remote}, 0x1}}, 0x24) sendmsg$inet(r2, &(0x7f0000000180)={0x0, 0xfffffffffffffd6b, 0x0, 0x0, &(0x7f00000000c0)=[@ip_tos_int={{0x18, 0x110}}], 0x18, 0x4c00}, 0x0) recvfrom$rxrpc(r2, 0x0, 0x0, 0xe8ce25b3ffff0000, 0x0, 0x0) syz_usb_connect$hid(0x0, 0x0, 0x0, 0x0) r3 = syz_open_dev$vim2m(&(0x7f0000000280), 0x8, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r3, 0xc0145608, &(0x7f0000000040)={0x40effe, 0x2, 0x2}) setsockopt$MRT6_ADD_MIF(0xffffffffffffffff, 0x29, 0xca, &(0x7f0000000180)={0xffffffffffffffff, 0x1, 0x5, 0x0, 0x7}, 0xc) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) userfaultfd(0x801) 9.666351189s ago: executing program 2 (id=1995): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_io_uring_setup(0x4ee6, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002) socket$inet6_sctp(0xa, 0x1, 0x84) mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000, 0x0, &(0x7f00008b5000/0x1000)=nil) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002ac0)={0x1a, 0x3, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x2008}, 0x94) r2 = syz_open_dev$vbi(&(0x7f00000001c0), 0x1, 0x2) r3 = fcntl$dupfd(r2, 0x0, r2) write$binfmt_script(r3, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0xc, &(0x7f0000000480)=@assoc_value, &(0x7f0000000040)=0x8) socket(0x2, 0x80805, 0x0) 8.032174554s ago: executing program 3 (id=1996): bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) pipe(&(0x7f0000000740)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=ANY=[@ANYBLOB="d80000001b0001002dbd7000fddbdf2500000000000000000000000000000000ac1e00010000000000000000000000004e2200004e23000c0a00008032000000", @ANYRES32=0x0, @ANYBLOB="00080009000000008000000000000000f8ffffffffffffffff010000000000000100000000000000010000000000008009000000000000000000000080150100"], 0xd8}, 0x1, 0x0, 0x0, 0x2000c0c4}, 0x8010) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="1801000001ffffeb00000000eb658e0d850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffe, 0x0, 0x20000000000000}, 0x0, &(0x7f0000000400)={0x3ff, 0x0, 0xfffffffffffffffe, 0x8000009, 0x2, 0x4c, 0x7fffffff, 0x3}, 0x0, 0x0) syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r3, &(0x7f0000000040)={0x1f, 0xffff}, 0x6) r4 = socket$inet_smc(0x2b, 0x1, 0x0) ioctl$sock_inet_tcp_SIOCINQ(r4, 0x541b, &(0x7f0000000080)) ioctl$sock_bt_hci(r2, 0x400448ca, 0x0) r5 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_ADD_VIF(r5, 0x0, 0xca, &(0x7f00000002c0)={0x1, 0x4, 0x0, 0x0, @vifc_lcl_ifindex, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$MRT_ADD_MFC_PROXY(r5, 0x0, 0xd2, &(0x7f0000000280)={@broadcast, @empty, 0x0, "ffff01e03d64a831683fdc3fd440829c82cfc400"}, 0x3c) socket$nl_route(0x10, 0x3, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x5, 0x5, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000004830000000000000fa40000007010000080020007500feff0000820095"], &(0x7f0000000100)='GPL\x00', 0x8, 0xfa, &(0x7f00000007c0)=""/250}, 0x94) syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) setsockopt$MRT_FLUSH(r5, 0x0, 0xd4, &(0x7f0000000000)=0xe, 0x4) vmsplice(r0, &(0x7f0000000180)=[{&(0x7f00000003c0)="9516", 0x2}], 0x1, 0x8) socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x3, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000fdffffff95000000000000004ad8ce828a0223b2e5192c6dac7abefdb6c210ee02051c1db395ac04f35696d7c0a851cdb52731c147ae9e5640b594a1851e16f2c6aeb1b6025063a4ea16dbcefaf66db70bfc574e46bccb8497ce3b734ff1fbe68eb79f586c660d4df3467fd2ffde1ab7671290890831ecfba5859b85cceb9ed171b5bbaf66fe3298354adf5b3dde0851d2490737dcce02bff4166f428ca8e7deb4f0a6d4ae33e1eb056dfffca8e6f9fc"], &(0x7f0000000000)='GPL\x00', 0xd, 0xfe7, &(0x7f0000001e00)=""/4071}, 0x94) setsockopt$bt_BT_FLUSHABLE(r6, 0x112, 0x8, &(0x7f0000000300)=0x1, 0x4) writev(r6, &(0x7f0000000000)=[{&(0x7f00000000c0)='H', 0x1}], 0x1) 8.001316405s ago: executing program 6 (id=1997): prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r0) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, 0x0, 0xc2010) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) inotify_init() r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) syz_open_dev$video4linux(0x0, 0x7, 0x2000) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) openat$sndseq(0xffffffffffffff9c, 0x0, 0x800) pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f00000002c0)={0x3ff}, &(0x7f0000000300)={0x0, 0x3938700}, 0x0) mount(0x0, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, &(0x7f0000000400)) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, 0x0) r2 = socket$rxrpc(0x21, 0x2, 0xa) connect$rxrpc(r2, &(0x7f0000000000)=@in6={0x21, 0x2, 0x2, 0x1c, {0xa, 0x4e20, 0x200, @ipv4={'\x00', '\xff\xff', @remote}, 0x1}}, 0x24) sendmsg$inet(r2, &(0x7f0000000180)={0x0, 0xfffffffffffffd6b, 0x0, 0x0, &(0x7f00000000c0)=[@ip_tos_int={{0x18, 0x110}}], 0x18, 0x4c00}, 0x0) recvfrom$rxrpc(r2, 0x0, 0x0, 0xe8ce25b3ffff0000, 0x0, 0x0) syz_usb_connect$hid(0x0, 0x0, 0x0, 0x0) r3 = syz_open_dev$vim2m(&(0x7f0000000280), 0x8, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r3, 0xc0145608, &(0x7f0000000040)={0x40effe, 0x2, 0x2}) setsockopt$MRT6_ADD_MIF(0xffffffffffffffff, 0x29, 0xca, &(0x7f0000000180)={0xffffffffffffffff, 0x1, 0x5, 0x0, 0x7}, 0xc) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) userfaultfd(0x801) 7.507878163s ago: executing program 9 (id=1998): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) ioctl$TCFLSH(0xffffffffffffffff, 0x400455c8, 0x2) mount$cgroup(0x0, &(0x7f0000000600)='.\x00', &(0x7f0000000640), 0x2208010, 0x0) bind$bt_hci(0xffffffffffffffff, 0x0, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00') socketpair$unix(0x1, 0x2, 0x0, 0x0) lseek(r3, 0x10000000005, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0) 6.873356922s ago: executing program 2 (id=1999): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x50) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r1 = socket$inet6(0xa, 0x1, 0x8010000000000084) ioctl$USBDEVFS_ALLOW_SUSPEND(0xffffffffffffffff, 0x5522) bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @empty}, 0x1c) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x14}}}, 0x1c) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021bc0000000c0a01010000000000000000070000000900020073797a31000000000900010073797a3000000000900003808c000080080003400000000280000b807c000180090001006c617374000000006c000280080001400000000508000140000000090c00"], 0x140}}, 0x0) r3 = openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0) mbind(&(0x7f00005b4000/0x4000)=nil, 0x100000000004000, 0x0, 0x0, 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r3, 0xc0145608, 0x0) mmap(&(0x7f0000fed000/0x12000)=nil, 0x12000, 0x2, 0x11, 0xffffffffffffffff, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r3, 0xc0585609, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}) r4 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r4, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000300)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x317, 0x1, 0x34, 0x9}, 0x9c) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xb058}, 0x0) 6.093905525s ago: executing program 7 (id=2000): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_io_uring_setup(0x4ee6, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r2, 0x84, 0x80, 0x0, 0x0) mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000, 0x0, &(0x7f00008b5000/0x1000)=nil) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002ac0)={0x1a, 0x3, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x2008}, 0x94) r3 = syz_open_dev$vbi(&(0x7f00000001c0), 0x1, 0x2) r4 = fcntl$dupfd(r3, 0x0, r3) write$binfmt_script(r4, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0xc, &(0x7f0000000480)=@assoc_value, &(0x7f0000000040)=0x8) socket(0x2, 0x80805, 0x0) 6.092933355s ago: executing program 9 (id=2001): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32], 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r1}, 0x18) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f066bbeef, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x10012, r2, 0x0) madvise(&(0x7f0000003000/0x1000)=nil, 0x1000, 0x3) bind$pptp(0xffffffffffffffff, &(0x7f0000000000)={0x18, 0x2, {0x0, @local}}, 0x1e) openat$ppp(0xffffffffffffff9c, &(0x7f00000015c0), 0x2300, 0x0) 5.529968433s ago: executing program 7 (id=2002): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x50) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r1 = socket$inet6(0xa, 0x1, 0x8010000000000084) ioctl$USBDEVFS_ALLOW_SUSPEND(0xffffffffffffffff, 0x5522) bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @empty}, 0x1c) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x14}}}, 0x1c) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021bc0000000c0a01010000000000000000070000000900020073797a31000000000900010073797a3000000000900003808c000080080003400000000280000b807c000180090001006c617374000000006c000280080001400000000508000140000000090c00"], 0x140}}, 0x0) r3 = openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0) mbind(&(0x7f00005b4000/0x4000)=nil, 0x100000000004000, 0x0, 0x0, 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r3, 0xc0145608, 0x0) mmap(&(0x7f0000fed000/0x12000)=nil, 0x12000, 0x2, 0x11, 0xffffffffffffffff, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r3, 0xc0585609, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}) r4 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r4, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000300)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x317, 0x1, 0x34, 0x9}, 0x9c) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xb058}, 0x0) 5.412638956s ago: executing program 3 (id=2003): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mkdir(&(0x7f0000000100)='./file1\x00', 0x13b) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) io_setup(0x6, 0x0) r1 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$inet6_IPV6_HOPOPTS(r1, 0x29, 0x36, &(0x7f0000000600)=ANY=[@ANYBLOB], 0x8) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e2a, 0xffffffff, @mcast2, 0x9}, 0x1c) r2 = socket$netlink(0x10, 0x3, 0xc) bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000200), 0x4) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)={0x58, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @mcast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}]}, 0x58}}, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_DELETE(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="140000000201f7ffffff3f050000000000000008"], 0x14}, 0x1, 0x0, 0x0, 0x20044804}, 0x40040) sendmsg$IPCTNL_MSG_CT_GET_DYING(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x14, 0x6, 0x1, 0x101, 0x0, 0x0, {0x3, 0x0, 0x4}}, 0x14}, 0x1, 0x0, 0x0, 0x2404c031}, 0x20000000) sendmmsg$inet6(r1, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171, 0x0, 0x0, 0x3a}}], 0x400000000000172, 0x4001c00) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a78000000060a0b0400000000000000000200fffe4c0004802800018007000100637400001c000280080001400000000208000240000000ff000003000000000020000180070001006374000014000280080002400000000d080004400000000c0900010073797a30000000000900020073797a32"], 0xa0}, 0x1, 0x0, 0x0, 0x840}, 0x0) mkdir(&(0x7f0000000000)='./bus\x00', 0x0) read$FUSE(0xffffffffffffffff, &(0x7f0000002000)={0x2020}, 0x2020) r5 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) ioctl$SNDCTL_DSP_GETOPTR(r5, 0x800c5012, &(0x7f0000000040)) 5.401280696s ago: executing program 2 (id=2004): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) ioctl$TCFLSH(0xffffffffffffffff, 0x400455c8, 0x2) mount$cgroup(0x0, &(0x7f0000000600)='.\x00', &(0x7f0000000640), 0x2208010, 0x0) bind$bt_hci(0xffffffffffffffff, 0x0, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00') socketpair$unix(0x1, 0x2, 0x0, 0x0) lseek(r3, 0x10000000005, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0) 5.197130789s ago: executing program 6 (id=2005): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000000c0)='devtmpfs\x00', 0x0, 0x0) mount$overlay(0x0, &(0x7f0000001340)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) r1 = openat2$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000080), 0x18) getdents64(r1, &(0x7f0000000300)=""/152, 0x98) 4.011110287s ago: executing program 2 (id=2006): r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sched_switch\x00', r1}, 0x18) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) waitid$P_PIDFD(0x3, 0xffffffffffffffff, 0x0, 0x8, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x6) open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0) r5 = socket$tipc(0x1e, 0x5, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x18) bind$tipc(r5, &(0x7f0000000340)=@name={0x1e, 0x2, 0x0, {{0x42, 0x3}, 0x100000}}, 0x10) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, 0x0, 0x0) setsockopt$IP_VS_SO_SET_ADDDEST(0xffffffffffffffff, 0x0, 0x487, &(0x7f0000000000)={{0x84, @private=0xa010101, 0x4e21, 0x3, 'lc\x00', 0x7, 0x5, 0x77}, {@private=0xa010101, 0x4e23, 0x1, 0xcd, 0x12d5f, 0x3}}, 0x44) accept4$bt_l2cap(0xffffffffffffffff, 0x0, 0x0, 0x1000) socket(0x2, 0x80805, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x0) ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f00000000c0)={'pcl818\x00', [0x4f27, 0x5, 0x2, 0x3ff, 0x2, 0xcc6, 0xfff, 0x5c952399, 0x5, 0x3ff, 0x2, 0x1, 0x1, 0x1, 0x1, 0xe1cc, 0x4, 0xbf, 0x3, 0x40000003, 0x89, 0xfffffffd, 0x2, 0x30001e56, 0xa, 0xe65, 0x3c, 0x8, 0x7f, 0x8000000, 0xdffffff8]}) ioctl$COMEDI_SETWSUBD(r0, 0x6411) socket$can_bcm(0x1d, 0x2, 0x2) 2.506274781s ago: executing program 7 (id=2007): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000180)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x0, 0x7ffc0004}]}) setfsuid(0x0) bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0}, 0x18) r3 = syz_open_dev$usbfs(&(0x7f0000000140), 0x76, 0x1701) r4 = openat$binfmt_register(0xffffffffffffff9c, 0x0, 0x1, 0x0) write$binfmt_register(r4, 0x0, 0x0) ioctl$USBDEVFS_SUBMITURB(r3, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x44, &(0x7f0000000080)={0x40, 0x3, 0x17, 0xff81}, 0x8, 0x20, 0x3, 0x0, 0x4bf, 0x404, 0x0}) 1.813633722s ago: executing program 6 (id=2008): bpf$PROG_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x18) r4 = socket(0xa, 0x3, 0x87) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'lo\x00', 0x0}) ioctl$sock_inet6_SIOCSIFADDR(r4, 0x8916, &(0x7f0000000000)={@private1={0xfc, 0x1, '\x00', 0x1}, 0xb, r6}) ioctl$sock_inet6_tcp_SIOCINQ(r4, 0x8936, &(0x7f0000000000)) getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r7, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0) r9 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00"/11], 0x48) openat$vsock(0xffffffffffffff9c, 0x0, 0x347002, 0x0) r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r10}, 0x2d) socketpair(0x2c, 0x3, 0x0, &(0x7f0000000380)) 774.172998ms ago: executing program 7 (id=2009): r0 = openat(0xffffffffffffffff, 0x0, 0x404002, 0x58) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/syz1\x00', 0x200002, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x8000) r2 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x180300, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$smc(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$SMC_PNETID_DEL(r0, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000300)={0x4c, r3, 0x1, 0x70bd25, 0x25dfdbfc, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz1\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'veth0_to_bridge\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20000800}, 0x4800) ioctl$FBIOPUT_VSCREENINFO(r2, 0x4601, &(0x7f0000000040)={0x191, 0x258, 0x1e0, 0x3f, 0x32, 0x1, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x7}) 767.939498ms ago: executing program 2 (id=2010): syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000740)='./file0\x00', 0x10040, &(0x7f0000000200)={[{@journal_dev}, {@nouid32}]}, 0xfe, 0x269, &(0x7f0000000780)="$eJzs3U9oHFUcB/Df7B/jJotEvQjiHxARDYR4E7zEi0JAQhARVIiIeJJEiAnesp68eNCzSkDwEkpvTXssvYReWgo9pW0O6aXQhh4aemgPW3Znt2ySDW33b9n5fGCYmbz35r0J832zLMxsAJk1GRGzEZGPiKmIKEZE0lrh7XSZbOxulLYXI6rVL+4m9XrpfqrZbiIiKhHxUUShWba29c3e/Z3P3vtjtfju/1tflwZ1fq3293Y/P/h3/vczcx+uXb56ez6J2Sg3ylrPo5eSNn8rJBGv9KOz50RSGPYIeBoLv56+Vsv9qxHxTj3/xcg1IvvnygsXivHBPye1/evOldcHOVag96rVYu0eWKkCmZOLiHIkuemISLdzuenp9DP89fx47qfllV+mflxeXfph2DMV0CvlSHY/PTd2duJI/m/l0/wDo6scsfvlwuaN2vZBftijAfqm9dv2N9JVLf9T362/H/IPmSP/kF3yD9kl/zACOsyu/EN2dZP/F/s0JmAw3P9hhBWbG5W2xfIP2SX/MKL+a/fU6WHyD9nVmn8AIFuqY8N+AhkYlmHPPwAAAAAAAAAAAAAAAAAAwHEbpe3F5jKoPi/+HbH/SUQU2vWfr/8ecfNt4+P3klq1x5K0WVe+favLA3TpVM+evi511Oqlm73qvzOX3uzPcX87vHviP2d9KaJSqzxTKBy//pLG9de5l59QXvy+yw6e0dG3An781WD7P+rh5nD7n9uJOF+bf2bazT+5eK2+bj//lFtfsdyhnx90eQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG5lEAAAD//4oibec=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) setsockopt$bt_rfcomm_RFCOMM_LM(0xffffffffffffffff, 0x12, 0x3, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000140)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x5, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x4}, 0x50) socket$inet6(0x10, 0x3, 0x0) fsetxattr$trusted_overlay_redirect(r0, &(0x7f0000000040), 0x0, 0x0, 0x0) llistxattr(&(0x7f0000000280)='./file1\x00', 0x0, 0x7) 749.586389ms ago: executing program 3 (id=2011): syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000740)='./file0\x00', 0x10040, &(0x7f0000000200)={[{@journal_dev}, {@nouid32}]}, 0xfe, 0x269, &(0x7f0000000780)="$eJzs3U9oHFUcB/Df7B/jJotEvQjiHxARDYR4E7zEi0JAQhARVIiIeJJEiAnesp68eNCzSkDwEkpvTXssvYReWgo9pW0O6aXQhh4aemgPW3Znt2ySDW33b9n5fGCYmbz35r0J832zLMxsAJk1GRGzEZGPiKmIKEZE0lrh7XSZbOxulLYXI6rVL+4m9XrpfqrZbiIiKhHxUUShWba29c3e/Z3P3vtjtfju/1tflwZ1fq3293Y/P/h3/vczcx+uXb56ez6J2Sg3ylrPo5eSNn8rJBGv9KOz50RSGPYIeBoLv56+Vsv9qxHxTj3/xcg1IvvnygsXivHBPye1/evOldcHOVag96rVYu0eWKkCmZOLiHIkuemISLdzuenp9DP89fx47qfllV+mflxeXfph2DMV0CvlSHY/PTd2duJI/m/l0/wDo6scsfvlwuaN2vZBftijAfqm9dv2N9JVLf9T362/H/IPmSP/kF3yD9kl/zACOsyu/EN2dZP/F/s0JmAw3P9hhBWbG5W2xfIP2SX/MKL+a/fU6WHyD9nVmn8AIFuqY8N+AhkYlmHPPwAAAAAAAAAAAAAAAAAAwHEbpe3F5jKoPi/+HbH/SUQU2vWfr/8ecfNt4+P3klq1x5K0WVe+favLA3TpVM+evi511Oqlm73qvzOX3uzPcX87vHviP2d9KaJSqzxTKBy//pLG9de5l59QXvy+yw6e0dG3An781WD7P+rh5nD7n9uJOF+bf2bazT+5eK2+bj//lFtfsdyhnx90eQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG5lEAAAD//4oibec=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100"/13], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) setsockopt$bt_rfcomm_RFCOMM_LM(0xffffffffffffffff, 0x12, 0x3, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000140)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x5, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x4}, 0x50) socket$inet6(0x10, 0x3, 0x0) fsetxattr$trusted_overlay_redirect(r0, &(0x7f0000000040), 0x0, 0x0, 0x0) llistxattr(&(0x7f0000000280)='./file1\x00', 0x0, 0x7) 541.772072ms ago: executing program 9 (id=2012): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_io_uring_setup(0x4ee6, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r2, 0x84, 0x80, 0x0, 0x0) mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000, 0x0, &(0x7f00008b5000/0x1000)=nil) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002ac0)={0x1a, 0x3, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x2008}, 0x94) r3 = syz_open_dev$vbi(&(0x7f00000001c0), 0x1, 0x2) r4 = fcntl$dupfd(r3, 0x0, r3) write$binfmt_script(r4, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0xc, &(0x7f0000000480)=@assoc_value, &(0x7f0000000040)=0x8) socket(0x2, 0x80805, 0x0) 436.474603ms ago: executing program 7 (id=2013): bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) pipe(&(0x7f0000000740)) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=ANY=[@ANYBLOB="d80000001b0001002dbd7000fddbdf2500000000000000000000000000000000ac1e00010000000000000000000000004e2200004e23000c0a00008032000000", @ANYRES32=0x0, @ANYBLOB="00080009000000008000000000000000f8ffffffffffffffff010000000000000100000000000000010000000000008009000000000000000000000080150100"], 0xd8}, 0x1, 0x0, 0x0, 0x2000c0c4}, 0x8010) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="1801000001ffffeb00000000eb658e0d850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffe, 0x0, 0x20000000000000}, 0x0, &(0x7f0000000400)={0x3ff, 0x0, 0xfffffffffffffffe, 0x8000009, 0x2, 0x4c, 0x7fffffff, 0x3}, 0x0, 0x0) syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r3, &(0x7f0000000040)={0x1f, 0xffff}, 0x6) r4 = socket$inet_smc(0x2b, 0x1, 0x0) ioctl$sock_inet_tcp_SIOCINQ(r4, 0x541b, &(0x7f0000000080)) ioctl$sock_bt_hci(r2, 0x400448ca, 0x0) r5 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_ADD_VIF(r5, 0x0, 0xca, &(0x7f00000002c0)={0x1, 0x4, 0x0, 0x0, @vifc_lcl_ifindex, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$MRT_ADD_MFC_PROXY(r5, 0x0, 0xd2, &(0x7f0000000280)={@broadcast, @empty, 0x0, "ffff01e03d64a831683fdc3fd440829c82cfc400"}, 0x3c) socket$nl_route(0x10, 0x3, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x5, 0x5, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000004830000000000000fa40000007010000080020007500feff0000820095"], &(0x7f0000000100)='GPL\x00', 0x8, 0xfa, &(0x7f00000007c0)=""/250}, 0x94) syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) setsockopt$MRT_FLUSH(r5, 0x0, 0xd4, &(0x7f0000000000)=0xe, 0x4) vmsplice(r0, &(0x7f0000000180)=[{&(0x7f00000003c0)="9516", 0x2}], 0x1, 0x8) socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x3, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000fdffffff95000000000000004ad8ce828a0223b2e5192c6dac7abefdb6c210ee02051c1db395ac04f35696d7c0a851cdb52731c147ae9e5640b594a1851e16f2c6aeb1b6025063a4ea16dbcefaf66db70bfc574e46bccb8497ce3b734ff1fbe68eb79f586c660d4df3467fd2ffde1ab7671290890831ecfba5859b85cceb9ed171b5bbaf66fe3298354adf5b3dde0851d2490737dcce02bff4166f428ca8e7deb4f0a6d4ae33e1eb056dfffca8e6f9fc"], &(0x7f0000000000)='GPL\x00', 0xd, 0xfe7, &(0x7f0000001e00)=""/4071}, 0x94) setsockopt$bt_BT_FLUSHABLE(r6, 0x112, 0x8, &(0x7f0000000300)=0x1, 0x4) writev(r6, &(0x7f0000000000)=[{&(0x7f00000000c0)='H', 0x1}], 0x1) 0s ago: executing program 6 (id=2014): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000000c0)='./bus\x00', 0xc618, &(0x7f0000000580)=ANY=[@ANYBLOB="6e6f646973636172642c7573726a71756f74613d6e6f646973636172642c61636c2c616c6c6f635f6d6f64653d72657573652c617467632c64697361626c655f726f6c6c5f666f72776172642c6261636b67726f756e645f67633d6f6e2c6e6f757365725f78617474722c636865636b706f696e743d64697361626c652c6e6f757365725f78617474722c6673796e635f6d6f64653d7374726963742c6d6f64653d61646170746976652c6a71666d743d7666736f6c642c7768696e745f6d6f64653d6f66662c00c63c750eaf211665e6acd398f0fe4593610577379e92e078522b52791067f2936db05424a1906752b5531653d979b38a77add4af917a3177"], 0x1, 0x5519, &(0x7f00000079c0)="$eJzs3M1rI2UYAPAn7Xa/XYt48LYDi9DCJmy6H+ht1V38wF3KqgdPmiZpyG6SKU2a1p48eBQP/iei4Mmjf4MHz97Eg+JNUDLvVLe6gtC0sdvfDybPzDtvnnneUArPTEgAJ9Zi9uvPlbgU5yJiPiIuRhT7lXIr3E7hhYi4HBFzj22VcvzPgdMRcT4iLk2Sp5yV8tTnV8dXbv701i/ffHfm1IUvvv5+dqsGZu3FiOhvpP3tfop5J8WH5Xhj3C1i/8a4jOlE72w638/T+HZ7rciw3dib1yji9U6an29sDSdxvddoTmKnu16MbwzSBYfjzl6e4g0PG5vFcau9VsTuMC9iZzddd2c3/W/bHY5SnlaZ76MifYxGezGNt3faaT0bj4rYHIzK8ZQ3b7V3JnFcxvJy0cx7raKOtQN80P9zb3cHWzvZuL057OaD7Gat/lKtfqta38xb7VH7RrXRb926kS11epNp1VG70b/dyfNOr11r5v3lbKnTbFbr9WzpTnut2xhk9Xrteu1a9eZyuXc1e/3+e1mvlS1N4qvdwdao2xtm6/lmlt6xnK3Urr+8nF2pZ+/cW81WH9y9e2/13Q/uvH//lXtvvlZO+kdZ2dLKtZWVav1adaW+fILW/0lZ9BTXDwdSmXUBAMeP/h+YhYP0//1H5fET+//NBxGH3/+H/n8qjlX/e9L7/0NYPxyI/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4MT6YeHLN4qdxXR8oRx/phx6rjyuRMRcRPz+BPNxel/O+TLPwr/MX/hbDd9WosgwucaZcjsfEbfL7bdnD/tTAAAAgKfXVx9f/ix16+llcdYFcZTSTZu5ix9OKV8lIhYWf5xStrnJy/NTSlb8fZ+KnSllK25gnZ1SsnTL7dS0sv0n8/vC2cdCJYW5Iy0HAAA4Evs7gaPtQgAAADhKn866AGajEnuPMveeBRffvP/rgeC5fUcAAADAMVSZdQEAAADAoSv6f7//BwAAAE+39Pt/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8wc793CYORHEAfjZ4Yf9p0Wrv28reoIwtIcccIwpIExSQAzWkAWogt5QQQYTHIRBxiOSxrUTfJzmTscyPNwgOMyMNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQJceqnUVN39v2+bs9u3kGQ0AAABwybZaL+p/Zqn/vbn/s7n1u+kXEVFGxKW5+yi+nGWOmpzq9fm70+erNzXcR9QJh/eYNNe3iPjXXE+/uv4UAAAA4PPaLFfzNFtPf2ZDF0Sf0qJN+eN/prwiIqrZY6a08pD3J1NY/f0ex3WmtHoBa5opLC25jXOlvUv9cz+u2k1PmiI15cWXHYvMNnYAAKBHo7Om31kIAAAAfboaugCGUcTLVuZxK3CSmmZ77+tZDwAAAPiAiqELAAAAADpXz/97Ov9v7/w/AAAAGEY6/w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAubav1YrNczdvm7Pbt5BkNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADP7M87CoRAGITB3vWdydz/sNKgqalJFQgff2MwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJvf/eX/xNQ4k8y9NpaeR5K1U2Pr1Ng7N47+ML5+DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCxPy8pEAJBEAVzxv9O+v6HlQQ9gwgR0PCoohYNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwRb/75f/E1DiTzJ02lo5HkrWrxtZVY+9B4+jBePs3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCxcz8vclNxAMBfksnUVsVxlTmsiIIHvdjptLb2Jh6UxYN/grBsp3Xt1B/tHmwp4l68yZ57ET2KCMp66//Qcwu91FsPc6ggHkeSSWbSdtFZwSTd/Xzg5X0TQt73JbDsNy+7AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFCavLuIk2zTm8Vxcez2g+sbWX/nkT5zc+fuatayOKoz6SfDy9WdqN9cIgAAABweSVnfhxDupbtrWR/38vo/Lc/Jav7vn53FZT3/aN1f9mXtn7Xffr3/4nyg3myc7KLnN8ejE4+n0vn/Ztluz/3rGZ38zufvXpL8gcQfbL8wSfP7GX1769Z73Tw8Uke2AMB/cbzsi6D8fSjrh00mBsCh0akU3mX9n/SazQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgDpPt8HQZRyGE1c4iztx5cH1jr/7mzt3Vsp25cWMnfL24ZnaJNIRwfnM8OlHrbNrtytVrF9fH49Hl+oNXQghNjf5OMf2LHy1xcgiN3J/9B3+1I422BXHxsNuSz5MRNPhDCQCAAyktWlbX30t317Jj0UoI0x8erv9fr8Rhyfr//sdnblfHqtb/w9pm2H6DrUufD65cvfbm5qX1C6MLo0/fOjl8e3jq7OnTZwf5u5KBNyYAAADs23Q6nc53ukWr1v/xyuPr/8cqcViy/v/iu+FX1YET9f+eFot+TWcCAABwuD3/6p9/RHscj7rd8OX61tbl4Ww73z852zaQ6r4dKVq1/k9Wms4KAAAAqMNkO3po/f9cJQ5Lrv8/8+NLP1evmYQQjhbr/8c3Phufq286rVbHnxM3PUcAAACadbRo1fX/NP/+P55/8hCHEN54bRYX/wbwH+v/tKj/k/e/+ak6VvX7/1P1TbGV4v7sfuR9P4ROv+mMAAAAOMieKlpW7P+e7q598suxD7u+/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACo298BAAD//y5wQIQ=") r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_open_procfs$pagemap(0xffffffffffffffff, &(0x7f0000000780)) mremap(&(0x7f0000002000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000ffb000/0x2000)=nil) r3 = syz_open_procfs(0x0, &(0x7f0000000440)='net/route\x00') preadv(r3, 0x0, 0x0, 0x0, 0x0) r4 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) ioctl$sock_netrom_SIOCADDRT(r4, 0x890b, &(0x7f0000000040)={0x0, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bpq0, 0x80000000, 'syz0\x00', @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, 0x1, 0x3, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}]}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0x5, 0x0, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94) getsockopt$inet_tcp_buf(0xffffffffffffffff, 0x6, 0x1f, &(0x7f0000000680)=""/170, &(0x7f0000000740)=0xaa) bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0xe, 0x6, &(0x7f0000000340)=ANY=[@ANYBLOB="b4000000000000005f10000000000000c30000000000000018000000a522000000000000f8ffffff8e00050000000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x0, 0x0, 0xf2ec}, 0x10}, 0x94) prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000236000/0x3000)=nil, 0x3000, &(0x7f0000000540)='\x00') openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) syz_mount_image$ext4(&(0x7f0000000380)='ext4\x00', &(0x7f00000007c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4000, &(0x7f0000000840)={[{@nodiscard}, {@test_dummy_encryption}, {@sysvgroups}, {@delalloc}, {@debug}, {@errors_remount}, {@delalloc}, {@quota}]}, 0xa, 0xbc2, &(0x7f0000002a40)="$eJzs3M9rXNUeAPDvvZlM0zbvTfp4PF7f5kVEWhCnSSXFFsFWKm5cCLoVGtJJCZn+IInUpAEn+g+IuhbcCGpRXNh1N4pu3Wi7VVwIRWKjIKKROz+S2GTS1M70punnA2fuOffM3PP9zmXmngNzJ4AH1mD2kEbsj4hTSUSpuT+NiGK91hdRazxvaXF+7JfF+bEklpdf+DGJJCJuLs6PtY6VNLd7m42+iPjq6ST+9fr6cadn5yZHq9XKVLN9aObshUPTs3OPTZwdPVM5Uzk3fOSJkcMjR4aOjnQs11+/PX7l54ee/b722we/X/7prfeSOB79zb61eXTKYAyuvCcNr9YfCxEx2unBctLTzGdtnknhNi9KuxwUAABtpWvmcP+JUvTE6uStFJ99nWtwAAAAQEcs90QsAwAAADtcYv0PAAAAO1zrdwA3F+fHWiXfXyTcWzdORMRAI/+lZmn0FKJW3/ZFb0TsuZnE2ttak8bL7tpgRHx3/ejHWYku3Ye8mdpCRPx3o/Of1PMfqN/FvT7/NCKGOjD+4C3t+yn/4x0YP+/8AXgwXT3RuJCtv/6lK/Of2OD6V9jg2vV35H39a83/ltbN/1bz72kz/3t+i2Ncev+di+36svyfvPLMR62SjZ9t7yqpO3BjIeJ/hY3yT1byT9rkf2qLY5T+uFhp15d3/svvRhyIjfNvSTb/f6JD4xPVylDjccMxFr4c+bDd+Hnnn53/PW3yb/3/U7vzf2GLY7x08uQn63ZeX61unn/6QzF5sV4rNve8MjozMzUcUUyeW7//8OaxtJ7TOkaW/8GHN//8b5R/9p1Qa74P2VpgobnN2q/dMuZTly992i6e1vovz/N/us35X5v/F4X15/+NLY7xyOdvHmzXt3b9m5Vs/NZaGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABa0ojojyQtr9TTtFyO2BsR/449afX89Myj4+dfPnc664sYiN50fKJaGYqIUqOdZO3hen21ffiW9uMRsS8i3i7trrfLY+erp/NOHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgBV7I6I/krQcEWlELJXStFzOOyoAAACg4wbyDgAAAADoOut/AAAA2Pms/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiyff+/ei2JiNqx3fWSKTb7enONDOi2NO8AgNz05B0AkJtC3gEAubnDNb7pAuxAyW36+9r27Op4LAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABsXwf2X72WRETt2O56yRSbfb25RgZ0W5p3AEBuejbrLNy7OIB7z0ccHlzW+EBym/6+1efU/tqzq2sxAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALD99NdLkpYjotjcVy5H/CMiBqI3GZ+oVoYi4p8R8U2pd1fWHs45ZgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADpvenZucrRarUxllTSalZU993Olr5lipw6YNA5XyzsvlQ5VirEtwtimlTy/lQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyMv07NzkaLVamZrOOxIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgb9Ozc5Oj1WplqouVvHMEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/fwYAAP//aKcHlA==") r5 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0) fallocate(r5, 0x0, 0x0, 0x1001f0) r6 = open(&(0x7f0000000040)='./bus\x00', 0x145142, 0x0) sendfile(r6, r6, 0x0, 0x800000009) kernel console output (not intermixed with test programs): d op=collect_data cause=failed(directio) comm="syz.3.579" name="file1" dev="loop3" ino=1048645 res=0 errno=0 [ 353.235409][ T7316] loop6: detected capacity change from 0 to 40427 [ 355.160973][ T7366] loop9: detected capacity change from 0 to 1024 [ 355.230021][ T7366] EXT4-fs (loop9): inline encryption not supported [ 355.333608][ T7366] EXT4-fs (loop9): Ignoring removed bh option [ 355.339987][ T7369] device bond_slave_0 entered promiscuous mode [ 355.340063][ T7369] device bond_slave_1 entered promiscuous mode [ 355.409188][ T7366] EXT4-fs (loop9): mounted filesystem without journal. Opts: dioread_nolock,data_err=abort,inlinecrypt,dioread_lock,data_err=ignore,discard,data_err=ignore,grpquota,noblock_validity,user_xattr,bh,errors=remount-ro,. Quota mode: writeback. [ 355.458174][ T7369] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 355.488627][ T7369] bond1: (slave macvlan2): Enslaving as a backup interface with an up link [ 356.540652][ T7408] loop6: detected capacity change from 0 to 512 [ 356.768504][ T7408] EXT4-fs (loop6): orphan cleanup on readonly fs [ 356.854059][ T7408] EXT4-fs error (device loop6): ext4_validate_block_bitmap:438: comm syz.6.594: bg 0: block 248: padding at end of block bitmap is not set [ 356.894157][ T7408] Quota error (device loop6): write_blk: dquota write failed [ 356.902362][ T7408] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota [ 356.912895][ T7408] EXT4-fs error (device loop6): ext4_acquire_dquot:6207: comm syz.6.594: Failed to acquire dquot type 1 [ 356.956622][ T7408] EXT4-fs (loop6): 1 truncate cleaned up [ 357.179253][ T7408] EXT4-fs (loop6): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,auto_da_alloc,noload,nodiscard,,errors=continue. Quota mode: writeback. [ 359.161474][ T7419] loop9: detected capacity change from 0 to 128 [ 359.339134][ T7425] tipc: Enabled bearer , priority 0 [ 359.389561][ T7419] EXT4-fs (loop9): mounted filesystem without journal. Opts: sysvgroups,inode_readahead_blks=0x0000000000004000,usrjquota=,acl,grpjquota=,,errors=continue. Quota mode: none. [ 359.459337][ T7419] ext4 filesystem being mounted at /20/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 359.559950][ T7426] device syzkaller0 entered promiscuous mode [ 359.580713][ T7437] loop3: detected capacity change from 0 to 256 [ 359.589976][ T7425] tipc: Resetting bearer [ 359.685667][ T7437] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 359.704697][ T7422] tipc: Disabling bearer [ 359.757399][ T26] audit: type=1800 audit(1753811743.701:20): pid=7437 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.602" name="file1" dev="loop3" ino=1048646 res=0 errno=0 [ 360.781825][ T7462] loop7: detected capacity change from 0 to 128 [ 361.057560][ T7462] EXT4-fs (loop7): mounted filesystem without journal. Opts: sysvgroups,inode_readahead_blks=0x0000000000004000,usrjquota=,acl,grpjquota=,,errors=continue. Quota mode: none. [ 361.075810][ T7462] ext4 filesystem being mounted at /65/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 361.380448][ T7479] netlink: 136 bytes leftover after parsing attributes in process `syz.3.608'. [ 363.365412][ T7502] loop9: detected capacity change from 0 to 128 [ 363.452053][ T7503] device syzkaller0 entered promiscuous mode [ 363.460283][ T7502] EXT4-fs (loop9): mounted filesystem without journal. Opts: sysvgroups,inode_readahead_blks=0x0000000000004000,usrjquota=,acl,grpjquota=,,errors=continue. Quota mode: none. [ 363.562747][ T7502] ext4 filesystem being mounted at /24/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 363.759499][ T7514] device bond_slave_0 entered promiscuous mode [ 363.766057][ T7514] device bond_slave_1 entered promiscuous mode [ 363.825277][ T7514] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 363.861337][ T7514] bond1: (slave macvlan2): Enslaving as a backup interface with an up link [ 363.979308][ T7486] loop3: detected capacity change from 0 to 40427 [ 364.056852][ T7532] loop9: detected capacity change from 0 to 256 [ 364.175968][ T7532] exFAT-fs (loop9): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 364.213048][ T7486] F2FS-fs (loop3): Found nat_bits in checkpoint [ 364.262416][ T26] audit: type=1800 audit(1753811748.201:21): pid=7532 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.621" name="file1" dev="loop9" ino=1048647 res=0 errno=0 [ 364.266308][ T7535] loop7: detected capacity change from 0 to 256 [ 365.905539][ T7535] exFAT-fs (loop7): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 365.986616][ T26] audit: type=1800 audit(1753811749.921:22): pid=7535 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.620" name="file1" dev="loop7" ino=1048648 res=0 errno=0 [ 366.303727][ T7549] loop6: detected capacity change from 0 to 512 [ 369.289791][ T7559] loop2: detected capacity change from 0 to 40427 [ 369.616312][ T7559] F2FS-fs (loop2): Found nat_bits in checkpoint [ 369.663581][ T7559] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 369.699131][ T7559] attempt to access beyond end of device [ 369.699131][ T7559] loop2: rw=2049, want=45104, limit=40427 [ 369.865354][ T4186] attempt to access beyond end of device [ 369.865354][ T4186] loop2: rw=2049, want=45112, limit=40427 [ 370.332732][ T7576] netlink: 136 bytes leftover after parsing attributes in process `syz.7.625'. [ 371.030819][ T7580] loop7: detected capacity change from 0 to 256 [ 371.100249][ T7586] device syzkaller0 entered promiscuous mode [ 371.144212][ T7580] exFAT-fs (loop7): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 371.353704][ T26] audit: type=1800 audit(1753811755.291:23): pid=7580 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.630" name="file1" dev="loop7" ino=1048649 res=0 errno=0 [ 371.591586][ T7599] netlink: 136 bytes leftover after parsing attributes in process `syz.6.632'. [ 372.466405][ T7609] loop3: detected capacity change from 0 to 512 [ 372.652415][ T7609] EXT4-fs (loop3): Ignoring removed bh option [ 372.908775][ T7609] EXT4-fs (loop3): orphan cleanup on readonly fs [ 372.917691][ T7609] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.634: bg 0: block 248: padding at end of block bitmap is not set [ 372.936128][ T7609] Quota error (device loop3): write_blk: dquota write failed [ 372.943966][ T7609] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 372.954020][ T7609] EXT4-fs error (device loop3): ext4_acquire_dquot:6207: comm syz.3.634: Failed to acquire dquot type 1 [ 372.975555][ T7609] EXT4-fs (loop3): 1 truncate cleaned up [ 373.005040][ T7609] EXT4-fs (loop3): mounted filesystem without journal. Opts: bh,nolazytime,noblock_validity,barrier,grpjquota=,noquota,auto_da_alloc,noload,nodiscard,,errors=continue. Quota mode: writeback. [ 373.047774][ T7615] loop9: detected capacity change from 0 to 128 [ 373.135132][ T7615] EXT4-fs (loop9): mounted filesystem without journal. Opts: sysvgroups,inode_readahead_blks=0x0000000000004000,usrjquota=,acl,grpjquota=,,errors=continue. Quota mode: none. [ 373.176469][ T7615] ext4 filesystem being mounted at /31/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 373.491232][ T7626] device syzkaller0 entered promiscuous mode [ 373.603215][ T7631] netlink: 136 bytes leftover after parsing attributes in process `syz.7.636'. [ 374.333818][ T7632] loop3: detected capacity change from 0 to 40427 [ 374.608986][ T7632] F2FS-fs (loop3): Found nat_bits in checkpoint [ 374.671822][ T7632] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 374.704854][ T7632] attempt to access beyond end of device [ 374.704854][ T7632] loop3: rw=2049, want=45104, limit=40427 [ 375.832645][ T6618] attempt to access beyond end of device [ 375.832645][ T6618] loop3: rw=2049, want=45112, limit=40427 [ 375.970059][ T7661] loop6: detected capacity change from 0 to 512 [ 376.304562][ T7661] EXT4-fs (loop6): orphan cleanup on readonly fs [ 376.323482][ T7661] EXT4-fs error (device loop6): ext4_validate_block_bitmap:438: comm syz.6.645: bg 0: block 248: padding at end of block bitmap is not set [ 376.346362][ T7661] Quota error (device loop6): write_blk: dquota write failed [ 376.354184][ T7661] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota [ 376.367027][ T7661] EXT4-fs error (device loop6): ext4_acquire_dquot:6207: comm syz.6.645: Failed to acquire dquot type 1 [ 376.399601][ T7661] EXT4-fs (loop6): 1 truncate cleaned up [ 376.409877][ T7661] EXT4-fs (loop6): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,auto_da_alloc,noload,nodiscard,,errors=continue. Quota mode: writeback. [ 377.179252][ T7667] tipc: Enabled bearer , priority 0 [ 377.192881][ T7667] tipc: Resetting bearer [ 377.294782][ T7666] tipc: Disabling bearer [ 378.773771][ T7687] loop6: detected capacity change from 0 to 256 [ 379.209424][ T1428] ieee802154 phy0 wpan0: encryption failed: -22 [ 379.215841][ T1428] ieee802154 phy1 wpan1: encryption failed: -22 [ 379.375880][ T7695] loop7: detected capacity change from 0 to 512 [ 379.397803][ T7687] exFAT-fs (loop6): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 379.472822][ T7695] EXT4-fs (loop7): Ignoring removed bh option [ 379.511974][ T7695] EXT4-fs (loop7): orphan cleanup on readonly fs [ 379.520441][ T7695] EXT4-fs error (device loop7): ext4_validate_block_bitmap:438: comm syz.7.653: bg 0: block 248: padding at end of block bitmap is not set [ 379.538181][ T7695] Quota error (device loop7): write_blk: dquota write failed [ 379.545975][ T7695] Quota error (device loop7): qtree_write_dquot: Error -117 occurred while creating quota [ 379.556891][ T7695] EXT4-fs error (device loop7): ext4_acquire_dquot:6207: comm syz.7.653: Failed to acquire dquot type 1 [ 379.829609][ T7695] EXT4-fs (loop7): 1 truncate cleaned up [ 379.872187][ T7695] EXT4-fs (loop7): mounted filesystem without journal. Opts: bh,nolazytime,noblock_validity,barrier,grpjquota=,noquota,auto_da_alloc,noload,nodiscard,,errors=continue. Quota mode: writeback. [ 380.380120][ T7703] device syzkaller0 entered promiscuous mode [ 383.392684][ T7724] loop2: detected capacity change from 0 to 512 [ 383.547623][ T7724] EXT4-fs (loop2): orphan cleanup on readonly fs [ 383.555948][ T7724] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.658: bg 0: block 248: padding at end of block bitmap is not set [ 383.577002][ T7724] Quota error (device loop2): write_blk: dquota write failed [ 383.584991][ T7724] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 383.595122][ T7724] EXT4-fs error (device loop2): ext4_acquire_dquot:6207: comm syz.2.658: Failed to acquire dquot type 1 [ 383.608510][ T7724] EXT4-fs (loop2): 1 truncate cleaned up [ 383.615502][ T7724] EXT4-fs (loop2): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,auto_da_alloc,noload,nodiscard,,errors=continue. Quota mode: writeback. [ 383.972004][ T7743] loop3: detected capacity change from 0 to 512 [ 384.233925][ T7743] EXT4-fs (loop3): Ignoring removed bh option [ 385.027551][ T7743] EXT4-fs (loop3): orphan cleanup on readonly fs [ 385.033324][ T7743] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.662: bg 0: block 248: padding at end of block bitmap is not set [ 385.038369][ T7743] Quota error (device loop3): write_blk: dquota write failed [ 385.038471][ T7743] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 385.038501][ T7743] EXT4-fs error (device loop3): ext4_acquire_dquot:6207: comm syz.3.662: Failed to acquire dquot type 1 [ 385.055042][ T7743] EXT4-fs (loop3): 1 truncate cleaned up [ 385.059759][ T7747] loop6: detected capacity change from 0 to 256 [ 385.087140][ T7743] EXT4-fs (loop3): mounted filesystem without journal. Opts: bh,nolazytime,noblock_validity,barrier,grpjquota=,noquota,auto_da_alloc,noload,nodiscard,,errors=continue. Quota mode: writeback. [ 385.138322][ T7747] exFAT-fs (loop6): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 385.157124][ T26] audit: type=1800 audit(1753811769.091:24): pid=7747 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.663" name="file1" dev="loop6" ino=1048650 res=0 errno=0 [ 386.897379][ T7763] loop3: detected capacity change from 0 to 256 [ 386.918064][ T7763] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 387.646615][ T26] audit: type=1800 audit(1753811771.561:25): pid=7763 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.666" name="file1" dev="loop3" ino=1048651 res=0 errno=0 [ 389.502035][ T7775] device syzkaller0 entered promiscuous mode [ 389.528415][ T7788] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 390.508966][ T7800] loop6: detected capacity change from 0 to 256 [ 390.676246][ T7800] exFAT-fs (loop6): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 390.771199][ T26] audit: type=1800 audit(1753811774.711:26): pid=7800 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.677" name="file1" dev="loop6" ino=1048652 res=0 errno=0 [ 391.817735][ T7819] loop3: detected capacity change from 0 to 256 [ 391.883777][ T7819] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 391.979238][ T26] audit: type=1800 audit(1753811775.921:27): pid=7819 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.683" name="file1" dev="loop3" ino=1048653 res=0 errno=0 [ 393.440028][ T7842] loop7: detected capacity change from 0 to 512 [ 393.499533][ T7842] EXT4-fs (loop7): Test dummy encryption mode enabled [ 393.715711][ T7842] EXT4-fs (loop7): Can't change test_dummy_encryption on remount [ 393.759886][ T7850] device syzkaller0 entered promiscuous mode [ 394.648570][ T7865] loop7: detected capacity change from 0 to 1024 [ 394.730161][ T7865] EXT4-fs (loop7): inline encryption not supported [ 394.761963][ T7865] EXT4-fs (loop7): Ignoring removed bh option [ 394.902304][ T7865] EXT4-fs (loop7): mounted filesystem without journal. Opts: dioread_nolock,data_err=abort,inlinecrypt,dioread_lock,data_err=ignore,discard,data_err=ignore,grpquota,noblock_validity,user_xattr,bh,errors=remount-ro,. Quota mode: writeback. [ 394.911831][ T7871] loop3: detected capacity change from 0 to 40427 [ 395.222120][ T7871] F2FS-fs (loop3): Found nat_bits in checkpoint [ 395.296867][ T7871] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 395.329811][ T7871] attempt to access beyond end of device [ 395.329811][ T7871] loop3: rw=2049, want=45104, limit=40427 [ 395.463334][ T6618] attempt to access beyond end of device [ 395.463334][ T6618] loop3: rw=2049, want=45112, limit=40427 [ 396.304670][ T7914] loop9: detected capacity change from 0 to 128 [ 396.395789][ T7914] EXT4-fs (loop9): mounted filesystem without journal. Opts: sysvgroups,inode_readahead_blks=0x0000000000004000,usrjquota=,acl,grpjquota=,,errors=continue. Quota mode: none. [ 396.425983][ T7914] ext4 filesystem being mounted at /41/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 396.967517][ T7901] loop6: detected capacity change from 0 to 40427 [ 397.072054][ T7901] F2FS-fs (loop6): Found nat_bits in checkpoint [ 397.286218][ T7901] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5 [ 399.458989][ T4644] attempt to access beyond end of device [ 399.458989][ T4644] loop6: rw=2049, want=45104, limit=40427 [ 400.787114][ T7954] device syzkaller0 entered promiscuous mode [ 402.167548][ T7971] tipc: Started in network mode [ 402.200631][ T7971] tipc: Node identity 1a1aa569fa64, cluster identity 4711 [ 402.243570][ T7971] tipc: Enabled bearer , priority 0 [ 402.275356][ T7965] tipc: Resetting bearer [ 402.367941][ T7964] tipc: Disabling bearer [ 402.842989][ T7985] loop3: detected capacity change from 0 to 512 [ 403.091030][ T7983] loop6: detected capacity change from 0 to 512 [ 403.954803][ T7983] EXT4-fs (loop6): Ignoring removed bh option [ 405.051106][ T7985] EXT4-fs (loop3): orphan cleanup on readonly fs [ 405.090703][ T7985] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.711: bg 0: block 248: padding at end of block bitmap is not set [ 405.113077][ T7985] Quota error (device loop3): write_blk: dquota write failed [ 405.121561][ T7985] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 405.132648][ T7985] EXT4-fs error (device loop3): ext4_acquire_dquot:6207: comm syz.3.711: Failed to acquire dquot type 1 [ 405.162302][ T7985] EXT4-fs (loop3): 1 truncate cleaned up [ 405.179672][ T7985] EXT4-fs (loop3): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,auto_da_alloc,noload,nodiscard,,errors=continue. Quota mode: writeback. [ 405.829158][ T7983] EXT4-fs: failed to create workqueue [ 405.834656][ T7983] EXT4-fs (loop6): mount failed [ 407.688569][ T4290] Bluetooth: hci3: command 0x0406 tx timeout [ 408.268138][ T8016] overlayfs: missing 'lowerdir' [ 409.193061][ T8027] netlink: 'syz.6.724': attribute type 12 has an invalid length. [ 409.215671][ T8026] loop2: detected capacity change from 0 to 256 [ 409.360623][ T8030] loop7: detected capacity change from 0 to 512 [ 409.622162][ T8030] EXT4-fs (loop7): orphan cleanup on readonly fs [ 409.640534][ T8030] EXT4-fs error (device loop7): ext4_validate_block_bitmap:438: comm syz.7.725: bg 0: block 248: padding at end of block bitmap is not set [ 409.667229][ T8030] Quota error (device loop7): write_blk: dquota write failed [ 409.675064][ T8030] Quota error (device loop7): qtree_write_dquot: Error -117 occurred while creating quota [ 409.685450][ T8030] EXT4-fs error (device loop7): ext4_acquire_dquot:6207: comm syz.7.725: Failed to acquire dquot type 1 [ 409.706306][ T8030] EXT4-fs (loop7): 1 truncate cleaned up [ 409.718876][ T8030] EXT4-fs (loop7): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,auto_da_alloc,noload,nodiscard,,errors=continue. Quota mode: writeback. [ 410.458412][ T8026] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 410.937246][ T26] audit: type=1800 audit(1753811794.871:28): pid=8026 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.723" name="file1" dev="loop2" ino=1048654 res=0 errno=0 [ 412.465547][ T1111] Bluetooth: hci2: command 0x0406 tx timeout [ 412.629258][ T8053] loop6: detected capacity change from 0 to 256 [ 412.778544][ T8053] exFAT-fs (loop6): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 412.916777][ T26] audit: type=1800 audit(1753811796.861:29): pid=8053 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.729" name="file1" dev="loop6" ino=1048655 res=0 errno=0 [ 413.997745][ T8075] bond1: option mode: unable to set because the bond device has slaves [ 414.684744][ T8082] bond1: (slave macvlan3): Error -98 calling set_mac_address [ 421.003182][ T8153] tipc: Enabled bearer , priority 0 [ 421.045613][ T8153] tipc: Resetting bearer [ 421.104092][ T8152] tipc: Disabling bearer [ 422.406931][ T8161] loop2: detected capacity change from 0 to 512 [ 422.486835][ T8161] EXT4-fs (loop2): Test dummy encryption mode enabled [ 422.494029][ T8161] EXT4-fs (loop2): Can't change test_dummy_encryption on remount [ 422.630953][ T8135] loop7: detected capacity change from 0 to 40427 [ 423.562595][ T8172] loop7: detected capacity change from 0 to 256 [ 425.419108][ T8172] exFAT-fs (loop7): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 425.453658][ T8186] loop2: detected capacity change from 0 to 128 [ 425.521288][ T26] audit: type=1800 audit(1753811809.461:30): pid=8172 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.756" name="file1" dev="loop7" ino=1048656 res=0 errno=0 [ 425.930513][ T8186] EXT4-fs (loop2): mounted filesystem without journal. Opts: sysvgroups,inode_readahead_blks=0x0000000000004000,usrjquota=,acl,grpjquota=,,errors=continue. Quota mode: none. [ 426.424708][ T8186] ext4 filesystem being mounted at /193/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 427.080123][ T8211] loop9: detected capacity change from 0 to 256 [ 427.818671][ T8211] exFAT-fs (loop9): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 427.885013][ T26] audit: type=1800 audit(1753811811.821:31): pid=8211 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.765" name="file1" dev="loop9" ino=1048657 res=0 errno=0 [ 433.228009][ T8249] loop9: detected capacity change from 0 to 256 [ 433.607230][ T8254] loop2: detected capacity change from 0 to 128 [ 433.854492][ T8249] exFAT-fs (loop9): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 433.958286][ T26] audit: type=1800 audit(1753811817.901:32): pid=8249 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.770" name="file1" dev="loop9" ino=1048658 res=0 errno=0 [ 434.155346][ T8254] EXT4-fs (loop2): mounted filesystem without journal. Opts: sysvgroups,inode_readahead_blks=0x0000000000004000,usrjquota=,acl,grpjquota=,,errors=continue. Quota mode: none. [ 434.185951][ T8254] ext4 filesystem being mounted at /195/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 439.371342][ T8310] loop2: detected capacity change from 0 to 512 [ 439.517079][ T8310] EXT4-fs (loop2): orphan cleanup on readonly fs [ 439.526012][ T8310] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.782: bg 0: block 248: padding at end of block bitmap is not set [ 439.542295][ T8310] Quota error (device loop2): write_blk: dquota write failed [ 439.550416][ T8310] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 439.561253][ T8310] EXT4-fs error (device loop2): ext4_acquire_dquot:6207: comm syz.2.782: Failed to acquire dquot type 1 [ 439.576438][ T8310] EXT4-fs (loop2): 1 truncate cleaned up [ 439.587371][ T8310] EXT4-fs (loop2): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,auto_da_alloc,noload,nodiscard,,errors=continue. Quota mode: writeback. [ 439.926780][ T8316] netlink: 'syz.3.785': attribute type 12 has an invalid length. [ 440.472460][ T1428] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.479183][ T1428] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.533985][ T8322] loop9: detected capacity change from 0 to 256 [ 440.659893][ T8325] loop2: detected capacity change from 0 to 512 [ 440.671046][ T8325] EXT4-fs (loop2): Ignoring removed bh option [ 440.749719][ T8322] exFAT-fs (loop9): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 440.767745][ T8325] EXT4-fs (loop2): orphan cleanup on readonly fs [ 440.818965][ T8325] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.786: bg 0: block 248: padding at end of block bitmap is not set [ 440.927553][ T8325] Quota error (device loop2): write_blk: dquota write failed [ 440.935811][ T8325] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 440.946280][ T8325] EXT4-fs error (device loop2): ext4_acquire_dquot:6207: comm syz.2.786: Failed to acquire dquot type 1 [ 441.010351][ T8325] EXT4-fs (loop2): 1 truncate cleaned up [ 441.028538][ T8325] EXT4-fs (loop2): mounted filesystem without journal. Opts: bh,nolazytime,noblock_validity,barrier,grpjquota=,noquota,auto_da_alloc,noload,nodiscard,,errors=continue. Quota mode: writeback. [ 441.317207][ T26] audit: type=1800 audit(1753811825.261:33): pid=8322 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.787" name="file1" dev="loop9" ino=1048659 res=0 errno=0 [ 442.772057][ T8334] device syzkaller0 entered promiscuous mode [ 445.899357][ T8373] tipc: Enabling of bearer rejected, failed to enable media [ 447.349847][ T8401] loop9: detected capacity change from 0 to 40427 [ 447.578343][ T8401] F2FS-fs (loop9): Found nat_bits in checkpoint [ 447.618633][ T8401] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5 [ 447.651983][ T8401] attempt to access beyond end of device [ 447.651983][ T8401] loop9: rw=2049, want=45104, limit=40427 [ 448.037271][ T6514] attempt to access beyond end of device [ 448.037271][ T6514] loop9: rw=2049, want=45112, limit=40427 [ 449.224280][ T8424] netlink: 4 bytes leftover after parsing attributes in process `syz.6.808'. [ 449.970712][ T8433] device syzkaller0 entered promiscuous mode [ 452.783761][ T8471] netlink: 'syz.6.816': attribute type 12 has an invalid length. [ 454.140050][ T8492] loop7: detected capacity change from 0 to 256 [ 454.280893][ T8492] exFAT-fs (loop7): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 454.352300][ T26] audit: type=1800 audit(1753811838.291:34): pid=8492 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.818" name="file1" dev="loop7" ino=1048660 res=0 errno=0 [ 455.777219][ T8507] loop3: detected capacity change from 0 to 256 [ 455.912159][ T8507] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 455.996905][ T26] audit: type=1800 audit(1753811839.941:35): pid=8507 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.821" name="file1" dev="loop3" ino=1048661 res=0 errno=0 [ 458.488643][ T8536] tipc: Enabling of bearer rejected, failed to enable media [ 460.750718][ T8581] netlink: 4 bytes leftover after parsing attributes in process `syz.3.832'. [ 464.148826][ T8620] device syzkaller0 entered promiscuous mode [ 465.309077][ T8635] loop9: detected capacity change from 0 to 4096 [ 465.390927][ T8646] loop6: detected capacity change from 0 to 256 [ 465.471065][ T8649] NILFS (loop9): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 465.572695][ T8646] exFAT-fs (loop6): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 465.647604][ T26] audit: type=1800 audit(1753811849.591:36): pid=8646 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.845" name="file1" dev="loop6" ino=1048662 res=0 errno=0 [ 467.653321][ T8687] loop6: detected capacity change from 0 to 512 [ 467.814244][ T8687] EXT4-fs (loop6): orphan cleanup on readonly fs [ 467.857435][ T8687] EXT4-fs error (device loop6): ext4_validate_block_bitmap:438: comm syz.6.858: bg 0: block 248: padding at end of block bitmap is not set [ 468.679960][ T8687] Quota error (device loop6): write_blk: dquota write failed [ 468.680027][ T8687] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota [ 468.680059][ T8687] EXT4-fs error (device loop6): ext4_acquire_dquot:6207: comm syz.6.858: Failed to acquire dquot type 1 [ 468.681432][ T8687] EXT4-fs (loop6): 1 truncate cleaned up [ 468.681896][ T8687] EXT4-fs (loop6): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,auto_da_alloc,noload,nodiscard,,errors=continue. Quota mode: writeback. [ 470.204655][ T8724] loop2: detected capacity change from 0 to 512 [ 470.255562][ T8724] EXT4-fs (loop2): Ignoring removed bh option [ 470.371879][ T8724] EXT4-fs (loop2): orphan cleanup on readonly fs [ 470.411427][ T8724] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.856: bg 0: block 248: padding at end of block bitmap is not set [ 470.412269][ T8724] Quota error (device loop2): write_blk: dquota write failed [ 470.412327][ T8724] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 470.412356][ T8724] EXT4-fs error (device loop2): ext4_acquire_dquot:6207: comm syz.2.856: Failed to acquire dquot type 1 [ 470.425434][ T8724] EXT4-fs (loop2): 1 truncate cleaned up [ 470.456326][ T8724] EXT4-fs (loop2): mounted filesystem without journal. Opts: bh,nolazytime,noblock_validity,barrier,grpjquota=,noquota,auto_da_alloc,noload,nodiscard,,errors=continue. Quota mode: writeback. [ 472.337323][ T8747] loop2: detected capacity change from 0 to 512 [ 472.440081][ T8747] EXT4-fs (loop2): orphan cleanup on readonly fs [ 472.448279][ T8747] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.862: bg 0: block 248: padding at end of block bitmap is not set [ 472.476340][ T8747] Quota error (device loop2): write_blk: dquota write failed [ 472.483902][ T8747] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 472.494789][ T8747] EXT4-fs error (device loop2): ext4_acquire_dquot:6207: comm syz.2.862: Failed to acquire dquot type 1 [ 472.507926][ T8747] EXT4-fs (loop2): 1 truncate cleaned up [ 472.547987][ T8747] EXT4-fs (loop2): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,auto_da_alloc,noload,nodiscard,,errors=continue. Quota mode: writeback. [ 472.571417][ C0] vkms_vblank_simulate: vblank timer overrun [ 481.127905][ T8833] netlink: 4 bytes leftover after parsing attributes in process `syz.2.883'. [ 488.920288][ T8911] bridge0: port 3(syz_tun) entered blocking state [ 488.927053][ T8911] bridge0: port 3(syz_tun) entered disabled state [ 488.934982][ T8911] device syz_tun entered promiscuous mode [ 488.941331][ T8911] bridge0: port 3(syz_tun) entered blocking state [ 488.948060][ T8911] bridge0: port 3(syz_tun) entered forwarding state [ 489.843481][ T8926] loop7: detected capacity change from 0 to 512 [ 489.920677][ T8926] EXT4-fs (loop7): Ignoring removed bh option [ 490.120811][ T8926] EXT4-fs (loop7): orphan cleanup on readonly fs [ 490.169398][ T8926] EXT4-fs error (device loop7): ext4_validate_block_bitmap:438: comm syz.7.905: bg 0: block 248: padding at end of block bitmap is not set [ 490.294996][ T8926] Quota error (device loop7): write_blk: dquota write failed [ 490.330334][ T8926] Quota error (device loop7): qtree_write_dquot: Error -117 occurred while creating quota [ 490.416352][ T8926] EXT4-fs error (device loop7): ext4_acquire_dquot:6207: comm syz.7.905: Failed to acquire dquot type 1 [ 490.450539][ T8926] EXT4-fs (loop7): 1 truncate cleaned up [ 490.481887][ T8926] EXT4-fs (loop7): mounted filesystem without journal. Opts: bh,nolazytime,noblock_validity,barrier,grpjquota=,noquota,auto_da_alloc,noload,nodiscard,,errors=continue. Quota mode: writeback. [ 492.634378][ T8980] loop6: detected capacity change from 0 to 256 [ 492.774327][ T8980] exFAT-fs (loop6): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 493.073886][ T26] audit: type=1800 audit(1753811876.861:37): pid=8980 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.918" name="file1" dev="loop6" ino=1048663 res=0 errno=0 [ 493.095425][ C1] vkms_vblank_simulate: vblank timer overrun [ 494.552732][ T8996] netlink: 4 bytes leftover after parsing attributes in process `syz.7.920'. [ 495.915452][ T9025] netlink: 56 bytes leftover after parsing attributes in process `syz.9.928'. [ 496.078937][ T9030] bridge0: port 3(syz_tun) entered blocking state [ 496.087286][ T9030] bridge0: port 3(syz_tun) entered disabled state [ 496.103764][ T9030] device syz_tun entered promiscuous mode [ 496.112309][ T9030] bridge0: port 3(syz_tun) entered blocking state [ 496.119830][ T9030] bridge0: port 3(syz_tun) entered forwarding state [ 496.273552][ T9029] loop9: detected capacity change from 0 to 512 [ 496.702203][ T9029] EXT4-fs (loop9): orphan cleanup on readonly fs [ 496.710701][ T9029] EXT4-fs error (device loop9): ext4_validate_block_bitmap:438: comm syz.9.929: bg 0: block 248: padding at end of block bitmap is not set [ 496.752096][ T9029] Quota error (device loop9): write_blk: dquota write failed [ 496.761377][ T9029] Quota error (device loop9): qtree_write_dquot: Error -117 occurred while creating quota [ 496.773322][ T9029] EXT4-fs error (device loop9): ext4_acquire_dquot:6207: comm syz.9.929: Failed to acquire dquot type 1 [ 496.893674][ T9029] EXT4-fs (loop9): 1 truncate cleaned up [ 496.900450][ T9029] EXT4-fs (loop9): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,auto_da_alloc,noload,nodiscard,,errors=continue. Quota mode: writeback. [ 501.398216][ T9074] netlink: 56 bytes leftover after parsing attributes in process `syz.3.941'. [ 501.917233][ T1428] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.927045][ T1428] ieee802154 phy1 wpan1: encryption failed: -22 [ 503.005501][ T9102] loop6: detected capacity change from 0 to 256 [ 503.350965][ T9102] exFAT-fs (loop6): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 503.406630][ T26] audit: type=1800 audit(1753811887.341:38): pid=9102 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.947" name="file1" dev="loop6" ino=1048664 res=0 errno=0 [ 504.609029][ T9119] loop2: detected capacity change from 0 to 512 [ 504.696968][ T9119] EXT4-fs (loop2): Ignoring removed bh option [ 504.737967][ T9119] EXT4-fs (loop2): orphan cleanup on readonly fs [ 504.837246][ T9119] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.950: bg 0: block 248: padding at end of block bitmap is not set [ 504.917712][ T9119] Quota error (device loop2): write_blk: dquota write failed [ 504.925388][ T9119] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 504.980331][ T9098] loop3: detected capacity change from 0 to 40427 [ 505.022024][ T9119] EXT4-fs error (device loop2): ext4_acquire_dquot:6207: comm syz.2.950: Failed to acquire dquot type 1 [ 505.087368][ T9119] EXT4-fs (loop2): 1 truncate cleaned up [ 505.106741][ T9119] EXT4-fs (loop2): mounted filesystem without journal. Opts: bh,nolazytime,noblock_validity,barrier,grpjquota=,noquota,auto_da_alloc,noload,nodiscard,,errors=continue. Quota mode: writeback. [ 505.194350][ T9098] F2FS-fs (loop3): Found nat_bits in checkpoint [ 505.455168][ T9098] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 506.970982][ T6618] attempt to access beyond end of device [ 506.970982][ T6618] loop3: rw=2049, want=45104, limit=40427 [ 507.492711][ T9167] netlink: 'syz.6.959': attribute type 12 has an invalid length. [ 509.293073][ T9182] loop7: detected capacity change from 0 to 512 [ 509.413448][ T9182] EXT4-fs (loop7): Ignoring removed bh option [ 509.504443][ T9182] EXT4-fs (loop7): orphan cleanup on readonly fs [ 509.585300][ T9182] EXT4-fs error (device loop7): ext4_validate_block_bitmap:438: comm syz.7.964: bg 0: block 248: padding at end of block bitmap is not set [ 509.663135][ T9189] netlink: 'syz.9.965': attribute type 12 has an invalid length. [ 509.921384][ T9182] Quota error (device loop7): write_blk: dquota write failed [ 510.085202][ T9182] Quota error (device loop7): qtree_write_dquot: Error -117 occurred while creating quota [ 510.359086][ T9182] EXT4-fs error (device loop7): ext4_acquire_dquot:6207: comm syz.7.964: Failed to acquire dquot type 1 [ 510.407055][ T9182] EXT4-fs (loop7): 1 truncate cleaned up [ 510.418176][ T9182] EXT4-fs (loop7): mounted filesystem without journal. Opts: bh,nolazytime,noblock_validity,barrier,grpjquota=,noquota,auto_da_alloc,noload,nodiscard,,errors=continue. Quota mode: writeback. [ 512.836065][ T9221] loop2: detected capacity change from 0 to 40427 [ 512.857756][ T9224] tipc: Enabled bearer , priority 0 [ 512.867746][ T9224] tipc: Resetting bearer [ 512.917500][ T9223] tipc: Disabling bearer [ 513.284646][ T9221] F2FS-fs (loop2): Found nat_bits in checkpoint [ 513.361131][ T9221] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 513.393317][ T9221] attempt to access beyond end of device [ 513.393317][ T9221] loop2: rw=2049, want=45104, limit=40427 [ 513.537327][ T4186] attempt to access beyond end of device [ 513.537327][ T4186] loop2: rw=2049, want=45112, limit=40427 [ 516.578240][ T9279] device syzkaller0 entered promiscuous mode [ 517.746931][ T9292] device syzkaller0 entered promiscuous mode [ 519.125102][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #100!!! [ 519.134187][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #100!!! [ 519.143209][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #182!!! [ 519.192809][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #182!!! [ 519.202095][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #182!!! [ 519.211421][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #182!!! [ 519.220792][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #182!!! [ 519.229945][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #182!!! [ 519.239047][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #182!!! [ 519.248226][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #182!!! [ 522.912302][ T9342] device syzkaller0 entered promiscuous mode [ 523.560283][ T9353] netlink: 8 bytes leftover after parsing attributes in process `syz.2.999'. [ 526.225957][ T9383] loop2: detected capacity change from 0 to 512 [ 526.335033][ T9383] EXT4-fs (loop2): Ignoring removed bh option [ 526.500422][ T9383] EXT4-fs (loop2): orphan cleanup on readonly fs [ 526.544624][ T9383] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.1005: bg 0: block 248: padding at end of block bitmap is not set [ 526.864626][ T9400] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1009'. [ 527.095878][ T9383] Quota error (device loop2): write_blk: dquota write failed [ 527.167975][ T9383] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 527.225162][ T9383] EXT4-fs error (device loop2): ext4_acquire_dquot:6207: comm syz.2.1005: Failed to acquire dquot type 1 [ 527.365960][ T9383] EXT4-fs (loop2): 1 truncate cleaned up [ 527.377287][ T9383] EXT4-fs (loop2): mounted filesystem without journal. Opts: bh,nolazytime,noblock_validity,barrier,grpjquota=,noquota,auto_da_alloc,noload,nodiscard,,errors=continue. Quota mode: writeback. [ 528.738345][ T9417] device syzkaller0 entered promiscuous mode [ 528.801369][ T9419] device syzkaller0 entered promiscuous mode [ 529.126700][ T9387] loop3: detected capacity change from 0 to 40427 [ 535.515828][ T9486] device syzkaller0 entered promiscuous mode [ 535.755062][ T9483] device syzkaller0 entered promiscuous mode [ 535.765036][ T9483] IPv6: ADDRCONF(NETDEV_CHANGE): syzkaller0: link becomes ready [ 540.774116][ T9532] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1037'. [ 542.473569][ T9547] device syzkaller0 entered promiscuous mode [ 543.286103][ T9562] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1044'. [ 544.608611][ T9566] loop2: detected capacity change from 0 to 512 [ 544.721868][ T9566] EXT4-fs (loop2): Test dummy encryption mode enabled [ 544.777409][ T9566] EXT4-fs (loop2): Can't change test_dummy_encryption on remount [ 545.849205][ T9584] loop9: detected capacity change from 0 to 256 [ 546.986871][ T9584] exFAT-fs (loop9): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 547.466642][ T26] audit: type=1800 audit(1753811931.381:39): pid=9584 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.1051" name="file1" dev="loop9" ino=1048665 res=0 errno=0 [ 548.865420][ T9609] device syzkaller0 entered promiscuous mode [ 549.825893][ T9624] device syzkaller0 entered promiscuous mode [ 552.593279][ T9660] loop3: detected capacity change from 0 to 256 [ 552.605300][ T9657] loop7: detected capacity change from 0 to 512 [ 552.943979][ T9669] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1070'. [ 554.731275][ T9660] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 554.814139][ T9657] EXT4-fs (loop7): orphan cleanup on readonly fs [ 554.827074][ T26] audit: type=1800 audit(1753811938.771:40): pid=9660 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1067" name="file1" dev="loop3" ino=1048666 res=0 errno=0 [ 554.844046][ T9657] EXT4-fs error (device loop7): ext4_validate_block_bitmap:438: comm syz.7.1065: bg 0: block 248: padding at end of block bitmap is not set [ 554.867431][ T9657] Quota error (device loop7): write_blk: dquota write failed [ 554.875188][ T9657] Quota error (device loop7): qtree_write_dquot: Error -117 occurred while creating quota [ 554.885696][ T9657] EXT4-fs error (device loop7): ext4_acquire_dquot:6207: comm syz.7.1065: Failed to acquire dquot type 1 [ 554.900048][ T9657] EXT4-fs (loop7): 1 truncate cleaned up [ 554.908301][ T9657] EXT4-fs (loop7): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,auto_da_alloc,noload,nodiscard,,errors=continue. Quota mode: writeback. [ 558.249200][ T9707] device syzkaller0 entered promiscuous mode [ 558.276387][ T9711] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1081'. [ 558.434204][ T9710] device syzkaller0 entered promiscuous mode [ 561.646630][ T9747] device syzkaller0 entered promiscuous mode [ 563.685097][ T1428] ieee802154 phy0 wpan0: encryption failed: -22 [ 563.694478][ T1428] ieee802154 phy1 wpan1: encryption failed: -22 [ 564.501040][ T9796] device syzkaller0 entered promiscuous mode [ 566.088485][ T9819] loop2: detected capacity change from 0 to 512 [ 566.158795][ T9819] EXT4-fs (loop2): Test dummy encryption mode enabled [ 566.206765][ T9819] EXT4-fs (loop2): Can't change test_dummy_encryption on remount [ 568.215874][ T9847] device syzkaller0 entered promiscuous mode [ 568.233364][ T9846] device syzkaller0 entered promiscuous mode [ 568.318265][ T9862] loop2: detected capacity change from 0 to 512 [ 568.381724][ T9862] EXT4-fs (loop2): orphan cleanup on readonly fs [ 568.389917][ T9862] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.1112: bg 0: block 248: padding at end of block bitmap is not set [ 568.407485][ T9862] Quota error (device loop2): write_blk: dquota write failed [ 568.414938][ T9862] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 568.425389][ T9862] EXT4-fs error (device loop2): ext4_acquire_dquot:6207: comm syz.2.1112: Failed to acquire dquot type 1 [ 568.449184][ T9862] EXT4-fs (loop2): 1 truncate cleaned up [ 568.497752][ T9862] EXT4-fs (loop2): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,auto_da_alloc,noload,nodiscard,,errors=continue. Quota mode: writeback. [ 569.492211][ T9873] device syzkaller0 entered promiscuous mode [ 571.114385][ T9881] loop2: detected capacity change from 0 to 40427 [ 571.288747][ T9888] loop7: detected capacity change from 0 to 40427 [ 571.446063][ T9881] F2FS-fs (loop2): Found nat_bits in checkpoint [ 571.783610][ T9888] F2FS-fs (loop7): Found nat_bits in checkpoint [ 572.140045][ T9881] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 572.176497][ T9888] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5 [ 572.507644][ T4186] attempt to access beyond end of device [ 572.507644][ T4186] loop2: rw=2049, want=45104, limit=40427 [ 573.252613][ T5429] attempt to access beyond end of device [ 573.252613][ T5429] loop7: rw=2049, want=45104, limit=40427 [ 573.280261][ T9941] loop3: detected capacity change from 0 to 1024 [ 573.340940][ T9941] EXT4-fs (loop3): inline encryption not supported [ 573.413402][ T9941] EXT4-fs (loop3): Ignoring removed bh option [ 573.515182][ T9941] EXT4-fs (loop3): mounted filesystem without journal. Opts: dioread_nolock,data_err=abort,inlinecrypt,dioread_lock,data_err=ignore,discard,data_err=ignore,grpquota,noblock_validity,user_xattr,bh,errors=remount-ro,. Quota mode: writeback. [ 574.981790][ T9966] loop9: detected capacity change from 0 to 512 [ 575.152174][ T9966] EXT4-fs (loop9): Ignoring removed bh option [ 575.322667][ T9966] EXT4-fs (loop9): orphan cleanup on readonly fs [ 575.608843][ T9966] EXT4-fs error (device loop9): ext4_validate_block_bitmap:438: comm syz.9.1132: bg 0: block 248: padding at end of block bitmap is not set [ 575.743580][ T9966] Quota error (device loop9): write_blk: dquota write failed [ 576.042812][ T9966] Quota error (device loop9): qtree_write_dquot: Error -117 occurred while creating quota [ 576.325246][ T9966] EXT4-fs error (device loop9): ext4_acquire_dquot:6207: comm syz.9.1132: Failed to acquire dquot type 1 [ 576.361751][ T9977] loop6: detected capacity change from 0 to 512 [ 576.418177][ T9966] EXT4-fs (loop9): 1 truncate cleaned up [ 576.427193][ T9966] EXT4-fs (loop9): mounted filesystem without journal. Opts: bh,nolazytime,noblock_validity,barrier,grpjquota=,noquota,auto_da_alloc,noload,nodiscard,,errors=continue. Quota mode: writeback. [ 576.621435][ T9977] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem [ 577.790090][ T9977] EXT4-fs (loop6): invalid journal inode [ 577.796110][ T9977] EXT4-fs (loop6): can't get journal size [ 577.856295][ T9977] EXT4-fs (loop6): 1 truncate cleaned up [ 577.911487][ T9977] EXT4-fs (loop6): mounted filesystem without journal. Opts: norecovery,,errors=continue. Quota mode: none. [ 579.181658][T10013] loop3: detected capacity change from 0 to 512 [ 579.513025][T10013] EXT4-fs (loop3): orphan cleanup on readonly fs [ 579.529492][T10013] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.1141: bg 0: block 248: padding at end of block bitmap is not set [ 579.535691][T10013] Quota error (device loop3): write_blk: dquota write failed [ 579.536220][T10013] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 579.536340][T10013] EXT4-fs error (device loop3): ext4_acquire_dquot:6207: comm syz.3.1141: Failed to acquire dquot type 1 [ 579.555880][T10013] EXT4-fs (loop3): 1 truncate cleaned up [ 579.569600][T10013] EXT4-fs (loop3): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,auto_da_alloc,noload,nodiscard,,errors=continue. Quota mode: writeback. [ 579.923790][ T9993] loop7: detected capacity change from 0 to 40427 [ 580.019569][ T9993] F2FS-fs (loop7): Found nat_bits in checkpoint [ 580.024866][T10023] loop9: detected capacity change from 0 to 512 [ 580.079917][T10025] loop6: detected capacity change from 0 to 512 [ 580.080754][T10023] EXT4-fs (loop9): Ignoring removed bh option [ 580.117729][T10023] EXT4-fs (loop9): orphan cleanup on readonly fs [ 580.218012][T10025] EXT4-fs (loop6): orphan cleanup on readonly fs [ 580.231808][T10025] EXT4-fs error (device loop6): ext4_validate_block_bitmap:438: comm syz.6.1140: bg 0: block 248: padding at end of block bitmap is not set [ 580.238413][ T9993] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5 [ 580.247943][T10025] Quota error (device loop6): write_blk: dquota write failed [ 580.261757][T10025] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota [ 580.271982][T10025] EXT4-fs error (device loop6): ext4_acquire_dquot:6207: comm syz.6.1140: Failed to acquire dquot type 1 [ 580.298729][T10025] EXT4-fs (loop6): 1 truncate cleaned up [ 580.420413][T10023] EXT4-fs error (device loop9): ext4_validate_block_bitmap:438: comm syz.9.1142: bg 0: block 248: padding at end of block bitmap is not set [ 580.504533][T10023] Quota error (device loop9): write_blk: dquota write failed [ 580.592391][T10023] Quota error (device loop9): qtree_write_dquot: Error -117 occurred while creating quota [ 580.606305][T10025] EXT4-fs (loop6): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,auto_da_alloc,noload,nodiscard,,errors=continue. Quota mode: writeback. [ 580.686200][ T5429] attempt to access beyond end of device [ 580.686200][ T5429] loop7: rw=2049, want=45104, limit=40427 [ 580.713230][T10023] EXT4-fs error (device loop9): ext4_acquire_dquot:6207: comm syz.9.1142: Failed to acquire dquot type 1 [ 580.761899][T10023] EXT4-fs (loop9): 1 truncate cleaned up [ 580.782734][T10023] EXT4-fs (loop9): mounted filesystem without journal. Opts: bh,nolazytime,noblock_validity,barrier,grpjquota=,noquota,auto_da_alloc,noload,nodiscard,,errors=continue. Quota mode: writeback. [ 582.474911][T10052] device syzkaller0 entered promiscuous mode [ 582.875633][T10070] device syzkaller0 entered promiscuous mode [ 583.024909][T10074] device syzkaller0 entered promiscuous mode [ 586.896426][T10119] device syzkaller0 entered promiscuous mode [ 588.066200][T10131] device syzkaller0 entered promiscuous mode [ 588.284170][T10138] device syzkaller0 entered promiscuous mode [ 588.747391][T10150] loop7: detected capacity change from 0 to 16 [ 588.866235][T10150] erofs: (device loop7): mounted with root inode @ nid 36. [ 589.087148][ T26] audit: type=1800 audit(1753811972.901:41): pid=10150 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.7.1168" name="file2" dev="loop7" ino=89 res=0 errno=0 [ 590.535772][T10170] loop2: detected capacity change from 0 to 512 [ 590.698152][T10170] EXT4-fs (loop2): Ignoring removed bh option [ 591.100052][T10170] EXT4-fs (loop2): orphan cleanup on readonly fs [ 591.257895][T10170] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.1172: bg 0: block 248: padding at end of block bitmap is not set [ 591.447540][T10170] Quota error (device loop2): write_blk: dquota write failed [ 591.480933][T10170] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 591.509320][T10170] EXT4-fs error (device loop2): ext4_acquire_dquot:6207: comm syz.2.1172: Failed to acquire dquot type 1 [ 591.545857][T10170] EXT4-fs (loop2): 1 truncate cleaned up [ 591.546280][T10170] EXT4-fs (loop2): mounted filesystem without journal. Opts: bh,nolazytime,noblock_validity,barrier,grpjquota=,noquota,auto_da_alloc,noload,nodiscard,,errors=continue. Quota mode: writeback. [ 594.856125][T10221] loop3: detected capacity change from 0 to 262144 [ 595.185916][T10221] F2FS-fs (loop3): invalid crc value [ 595.249827][T10221] F2FS-fs (loop3): Found nat_bits in checkpoint [ 595.289676][T10221] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 595.625157][T10245] device syzkaller0 entered promiscuous mode [ 599.600969][T10264] loop9: detected capacity change from 0 to 40427 [ 599.771285][T10264] F2FS-fs (loop9): Found nat_bits in checkpoint [ 601.619784][T10299] device syzkaller0 entered promiscuous mode [ 602.064008][T10306] device syzkaller0 entered promiscuous mode [ 603.108048][T10323] loop6: detected capacity change from 0 to 16 [ 603.354958][T10323] erofs: (device loop6): mounted with root inode @ nid 36. [ 603.506625][ T26] audit: type=1800 audit(1753811987.351:42): pid=10323 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.1209" name="file2" dev="loop6" ino=89 res=0 errno=0 [ 604.220199][T10328] device syzkaller0 entered promiscuous mode [ 608.590405][T10379] device syzkaller0 entered promiscuous mode [ 610.460420][T10404] loop3: detected capacity change from 0 to 16 [ 611.367029][T10404] erofs: (device loop3): mounted with root inode @ nid 36. [ 611.456939][ T26] audit: type=1800 audit(1753811995.401:43): pid=10402 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1228" name="file2" dev="loop3" ino=89 res=0 errno=0 [ 615.274190][T10466] loop7: detected capacity change from 0 to 16 [ 616.895945][T10481] loop9: detected capacity change from 0 to 16 [ 617.078485][T10482] loop2: detected capacity change from 0 to 512 [ 617.189755][T10481] erofs: (device loop9): mounted with root inode @ nid 36. [ 617.324774][ T26] audit: type=1800 audit(1753812001.221:44): pid=10481 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.9.1245" name="file2" dev="loop9" ino=89 res=0 errno=0 [ 617.385538][T10475] loop3: detected capacity change from 0 to 512 [ 617.438290][T10482] EXT4-fs (loop2): orphan cleanup on readonly fs [ 617.447280][T10482] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.1246: bg 0: block 248: padding at end of block bitmap is not set [ 617.466207][T10482] Quota error (device loop2): write_blk: dquota write failed [ 617.474105][T10482] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 617.484545][T10482] EXT4-fs error (device loop2): ext4_acquire_dquot:6207: comm syz.2.1246: Failed to acquire dquot type 1 [ 617.498262][T10482] EXT4-fs (loop2): 1 truncate cleaned up [ 617.509839][T10482] EXT4-fs (loop2): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,auto_da_alloc,noload,nodiscard,,errors=continue. Quota mode: writeback. [ 617.600007][T10475] EXT4-fs (loop3): Ignoring removed bh option [ 617.682006][T10475] EXT4-fs (loop3): orphan cleanup on readonly fs [ 617.713534][T10475] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.1244: bg 0: block 248: padding at end of block bitmap is not set [ 617.889078][T10491] device syzkaller0 entered promiscuous mode [ 617.952783][T10475] Quota error (device loop3): write_blk: dquota write failed [ 617.989322][T10475] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 618.752482][T10475] EXT4-fs error (device loop3): ext4_acquire_dquot:6207: comm syz.3.1244: Failed to acquire dquot type 1 [ 618.834664][T10475] EXT4-fs (loop3): 1 truncate cleaned up [ 618.848844][T10475] EXT4-fs (loop3): mounted filesystem without journal. Opts: bh,nolazytime,noblock_validity,barrier,grpjquota=,noquota,auto_da_alloc,noload,nodiscard,,errors=continue. Quota mode: writeback. [ 622.659984][T10536] loop2: detected capacity change from 0 to 16 [ 623.230120][T10536] erofs: (device loop2): mounted with root inode @ nid 36. [ 623.332467][T10542] loop3: detected capacity change from 0 to 16 [ 623.362007][ T26] audit: type=1800 audit(1753812007.231:45): pid=10535 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1258" name="file2" dev="loop2" ino=89 res=0 errno=0 [ 623.846718][T10542] erofs: (device loop3): mounted with root inode @ nid 36. [ 624.033039][ T26] audit: type=1800 audit(1753812007.801:46): pid=10541 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1259" name="file2" dev="loop3" ino=89 res=0 errno=0 [ 624.807557][ T1428] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.815917][ T1428] ieee802154 phy1 wpan1: encryption failed: -22 [ 625.217164][T10561] device syzkaller0 entered promiscuous mode [ 629.959192][T10600] loop3: detected capacity change from 0 to 16 [ 631.192878][T10600] erofs: (device loop3): mounted with root inode @ nid 36. [ 631.209115][ T26] audit: type=1800 audit(1753812015.151:47): pid=10597 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1273" name="file2" dev="loop3" ino=89 res=0 errno=0 [ 631.720907][T10613] device syzkaller0 entered promiscuous mode [ 633.379003][T10634] loop3: detected capacity change from 0 to 512 [ 633.564502][T10634] EXT4-fs (loop3): Test dummy encryption mode enabled [ 633.594203][T10634] EXT4-fs (loop3): Can't change test_dummy_encryption on remount [ 633.677799][T10638] loop9: detected capacity change from 0 to 16 [ 634.293188][T10634] 9pnet: Insufficient options for proto=fd [ 634.342278][T10638] erofs: (device loop9): mounted with root inode @ nid 36. [ 634.436727][ T26] audit: type=1800 audit(1753812018.381:48): pid=10635 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.9.1280" name="file2" dev="loop9" ino=89 res=0 errno=0 [ 638.655490][T10671] loop9: detected capacity change from 0 to 512 [ 638.702165][T10676] device syzkaller0 entered promiscuous mode [ 638.782252][T10671] EXT4-fs (loop9): mounting ext3 file system using the ext4 subsystem [ 638.994883][T10671] EXT4-fs (loop9): invalid journal inode [ 639.112754][T10671] EXT4-fs (loop9): can't get journal size [ 639.352711][T10671] EXT4-fs (loop9): 1 truncate cleaned up [ 639.468526][T10671] EXT4-fs (loop9): mounted filesystem without journal. Opts: norecovery,,errors=continue. Quota mode: none. [ 642.553108][T10729] loop9: detected capacity change from 0 to 512 [ 644.726478][T10729] EXT4-fs (loop9): orphan cleanup on readonly fs [ 644.734606][T10729] EXT4-fs error (device loop9): ext4_validate_block_bitmap:438: comm syz.9.1298: bg 0: block 248: padding at end of block bitmap is not set [ 644.750489][T10729] Quota error (device loop9): write_blk: dquota write failed [ 644.758127][T10729] Quota error (device loop9): qtree_write_dquot: Error -117 occurred while creating quota [ 644.768206][T10729] EXT4-fs error (device loop9): ext4_acquire_dquot:6207: comm syz.9.1298: Failed to acquire dquot type 1 [ 644.782129][T10729] EXT4-fs (loop9): 1 truncate cleaned up [ 644.803493][T10729] EXT4-fs (loop9): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,auto_da_alloc,noload,nodiscard,,errors=continue. Quota mode: writeback. [ 647.557359][T10776] loop2: detected capacity change from 0 to 40427 [ 648.415565][T10776] F2FS-fs (loop2): Found nat_bits in checkpoint [ 648.456973][T10776] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 648.491251][T10772] attempt to access beyond end of device [ 648.491251][T10772] loop2: rw=2049, want=45104, limit=40427 [ 648.674058][ T4186] attempt to access beyond end of device [ 648.674058][ T4186] loop2: rw=2049, want=45112, limit=40427 [ 651.518011][T10828] device syzkaller0 entered promiscuous mode [ 652.499713][T10840] loop6: detected capacity change from 0 to 512 [ 652.601417][T10840] EXT4-fs (loop6): Ignoring removed bh option [ 653.494236][T10840] EXT4-fs (loop6): orphan cleanup on readonly fs [ 653.615494][T10840] EXT4-fs error (device loop6): ext4_validate_block_bitmap:438: comm syz.6.1327: bg 0: block 248: padding at end of block bitmap is not set [ 653.699905][T10841] netlink: 'syz.2.1328': attribute type 12 has an invalid length. [ 653.945732][T10840] Quota error (device loop6): write_blk: dquota write failed [ 653.966551][T10840] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota [ 653.981570][T10840] EXT4-fs error (device loop6): ext4_acquire_dquot:6207: comm syz.6.1327: Failed to acquire dquot type 1 [ 654.411218][T10840] EXT4-fs (loop6): 1 truncate cleaned up [ 654.477142][T10840] EXT4-fs (loop6): mounted filesystem without journal. Opts: bh,nolazytime,noblock_validity,barrier,grpjquota=,noquota,auto_da_alloc,noload,nodiscard,,errors=continue. Quota mode: writeback. [ 654.935424][T10873] loop3: detected capacity change from 0 to 256 [ 655.102652][T10873] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 655.427391][ T26] audit: type=1800 audit(1753812039.131:49): pid=10873 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1334" name="file1" dev="loop3" ino=1048667 res=0 errno=0 [ 673.347588][T11051] tipc: Enabling of bearer rejected, failed to enable media [ 673.422812][T11051] device syzkaller0 entered promiscuous mode [ 674.243704][T11058] device syzkaller0 entered promiscuous mode [ 674.295466][T11068] loop2: detected capacity change from 0 to 128 [ 674.346356][T11072] netlink: 'syz.3.1368': attribute type 12 has an invalid length. [ 674.432877][T11068] EXT4-fs (loop2): mounted filesystem without journal. Opts: journal_dev=0x0000000000000000,nouid32,,errors=continue. Quota mode: none. [ 674.509593][T11068] ext4 filesystem being mounted at /314/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 676.330742][T11097] loop7: detected capacity change from 0 to 256 [ 676.397551][T11099] loop9: detected capacity change from 0 to 512 [ 676.520249][T11097] exFAT-fs (loop7): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 677.174324][T11099] EXT4-fs (loop9): Ignoring removed bh option [ 677.331464][ T26] audit: type=1800 audit(1753812061.271:50): pid=11097 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.1376" name="file1" dev="loop7" ino=1048668 res=0 errno=0 [ 677.385406][T11099] EXT4-fs (loop9): orphan cleanup on readonly fs [ 678.033084][T11099] EXT4-fs error (device loop9): ext4_validate_block_bitmap:438: comm syz.9.1375: bg 0: block 248: padding at end of block bitmap is not set [ 678.063469][T11099] Quota error (device loop9): write_blk: dquota write failed [ 678.146774][T11099] Quota error (device loop9): qtree_write_dquot: Error -117 occurred while creating quota [ 678.300971][T11099] EXT4-fs error (device loop9): ext4_acquire_dquot:6207: comm syz.9.1375: Failed to acquire dquot type 1 [ 678.373390][T11099] EXT4-fs (loop9): 1 truncate cleaned up [ 678.412957][T11099] EXT4-fs (loop9): mounted filesystem without journal. Opts: bh,nolazytime,noblock_validity,barrier,grpjquota=,noquota,auto_da_alloc,noload,nodiscard,,errors=continue. Quota mode: writeback. [ 679.956240][T11136] tipc: Enabling of bearer rejected, failed to enable media [ 679.991023][T11136] device syzkaller0 entered promiscuous mode [ 681.491512][T11156] overlayfs: overlapping lowerdir path [ 683.768335][T11190] tipc: Enabling of bearer rejected, failed to enable media [ 683.798408][T11190] device syzkaller0 entered promiscuous mode [ 683.870957][T11195] loop6: detected capacity change from 0 to 128 [ 684.064390][T10332] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 684.103793][T11195] EXT4-fs (loop6): mounted filesystem without journal. Opts: journal_dev=0x0000000000000000,nouid32,,errors=continue. Quota mode: none. [ 684.237427][T11200] loop9: detected capacity change from 0 to 128 [ 684.282477][T11195] ext4 filesystem being mounted at /263/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 684.733657][T11200] EXT4-fs (loop9): mounted filesystem without journal. Opts: journal_dev=0x0000000000000000,nouid32,,errors=continue. Quota mode: none. [ 685.094867][T11200] ext4 filesystem being mounted at /190/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 686.247061][ T1428] ieee802154 phy0 wpan0: encryption failed: -22 [ 686.253574][ T1428] ieee802154 phy1 wpan1: encryption failed: -22 [ 686.683445][T11221] loop7: detected capacity change from 0 to 128 [ 686.897367][T11229] loop3: detected capacity change from 0 to 512 [ 689.052740][T11221] EXT4-fs (loop7): mounted filesystem without journal. Opts: journal_dev=0x0000000000000000,nouid32,,errors=continue. Quota mode: none. [ 689.078700][T11229] EXT4-fs (loop3): orphan cleanup on readonly fs [ 689.088131][T11229] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.1404: bg 0: block 248: padding at end of block bitmap is not set [ 689.105772][T11229] Quota error (device loop3): write_blk: dquota write failed [ 689.113819][T11229] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 689.124885][T11229] EXT4-fs error (device loop3): ext4_acquire_dquot:6207: comm syz.3.1404: Failed to acquire dquot type 1 [ 689.135455][T11221] ext4 filesystem being mounted at /218/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 689.251587][T11229] EXT4-fs (loop3): 1 truncate cleaned up [ 689.253741][T11229] EXT4-fs (loop3): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,auto_da_alloc,noload,nodiscard,,errors=continue. Quota mode: writeback. [ 692.201701][T11286] loop7: detected capacity change from 0 to 128 [ 692.322385][T11286] EXT4-fs (loop7): mounted filesystem without journal. Opts: journal_dev=0x0000000000000000,nouid32,,errors=continue. Quota mode: none. [ 692.393491][T11286] ext4 filesystem being mounted at /222/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 694.654954][T11308] loop7: detected capacity change from 0 to 128 [ 694.782753][T11308] EXT4-fs (loop7): mounted filesystem without journal. Opts: journal_dev=0x0000000000000000,nouid32,,errors=continue. Quota mode: none. [ 694.805213][T11312] loop6: detected capacity change from 0 to 128 [ 694.871673][T11318] loop9: detected capacity change from 0 to 512 [ 694.906326][T11308] ext4 filesystem being mounted at /223/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 695.002623][T11312] EXT4-fs (loop6): mounted filesystem without journal. Opts: journal_dev=0x0000000000000000,nouid32,,errors=continue. Quota mode: none. [ 695.204597][T11323] loop2: detected capacity change from 0 to 16 [ 695.853506][T11318] EXT4-fs (loop9): orphan cleanup on readonly fs [ 695.878936][T11318] EXT4-fs error (device loop9): ext4_validate_block_bitmap:438: comm syz.9.1422: bg 0: block 248: padding at end of block bitmap is not set [ 695.902552][T11318] Quota error (device loop9): write_blk: dquota write failed [ 695.910727][T11318] Quota error (device loop9): qtree_write_dquot: Error -117 occurred while creating quota [ 695.921243][T11318] EXT4-fs error (device loop9): ext4_acquire_dquot:6207: comm syz.9.1422: Failed to acquire dquot type 1 [ 695.945245][T11318] EXT4-fs (loop9): 1 truncate cleaned up [ 696.020294][T11318] EXT4-fs (loop9): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,auto_da_alloc,noload,nodiscard,,errors=continue. Quota mode: writeback. [ 696.145070][T11312] ext4 filesystem being mounted at /266/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 696.161431][T11323] erofs: (device loop2): mounted with root inode @ nid 36. [ 696.177810][ T26] audit: type=1800 audit(1753812080.121:51): pid=11321 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1423" name="file2" dev="loop2" ino=89 res=0 errno=0 [ 698.707246][T11356] overlayfs: overlapping lowerdir path [ 699.207198][T11352] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1427'. [ 702.879095][T11394] loop3: detected capacity change from 0 to 16 [ 704.169407][T11394] erofs: (device loop3): mounted with root inode @ nid 36. [ 704.690101][T11400] loop2: detected capacity change from 0 to 128 [ 705.153523][T11400] EXT4-fs (loop2): mounted filesystem without journal. Opts: journal_dev=0x0000000000000000,nouid32,,errors=continue. Quota mode: none. [ 705.153611][T11407] loop7: detected capacity change from 0 to 128 [ 706.196735][T11400] ext4 filesystem being mounted at /329/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 706.212707][T11407] EXT4-fs (loop7): mounted filesystem without journal. Opts: journal_dev=0x0000000000000000,nouid32,,errors=continue. Quota mode: none. [ 706.356985][T11407] ext4 filesystem being mounted at /228/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 707.225950][T11429] loop2: detected capacity change from 0 to 512 [ 707.518221][T11429] EXT4-fs (loop2): orphan cleanup on readonly fs [ 707.526293][T11429] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.1443: bg 0: block 248: padding at end of block bitmap is not set [ 707.546794][T11429] Quota error (device loop2): write_blk: dquota write failed [ 707.554636][T11429] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 707.564998][T11429] EXT4-fs error (device loop2): ext4_acquire_dquot:6207: comm syz.2.1443: Failed to acquire dquot type 1 [ 707.578591][T11429] EXT4-fs (loop2): 1 truncate cleaned up [ 707.584963][T11429] EXT4-fs (loop2): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,auto_da_alloc,noload,nodiscard,,errors=continue. Quota mode: writeback. [ 708.890567][T11452] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 711.558691][T11476] loop7: detected capacity change from 0 to 128 [ 711.697353][T11476] EXT4-fs (loop7): mounted filesystem without journal. Opts: journal_dev=0x0000000000000000,nouid32,,errors=continue. Quota mode: none. [ 711.757638][T11476] ext4 filesystem being mounted at /232/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 712.348615][T11482] loop2: detected capacity change from 0 to 128 [ 712.607368][T11482] EXT4-fs (loop2): mounted filesystem without journal. Opts: journal_dev=0x0000000000000000,nouid32,,errors=continue. Quota mode: none. [ 712.705361][T11482] ext4 filesystem being mounted at /334/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 712.885284][T11493] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1456'. [ 712.949198][T11490] loop3: detected capacity change from 0 to 128 [ 713.301284][T11490] EXT4-fs (loop3): mounted filesystem without journal. Opts: journal_dev=0x0000000000000000,nouid32,,errors=continue. Quota mode: none. [ 713.414790][T11490] ext4 filesystem being mounted at /189/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 719.467712][T11545] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 720.024275][T11551] loop7: detected capacity change from 0 to 128 [ 720.878641][T11551] EXT4-fs (loop7): mounted filesystem without journal. Opts: journal_dev=0x0000000000000000,nouid32,,errors=continue. Quota mode: none. [ 721.350104][T11551] ext4 filesystem being mounted at /236/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 723.173750][T11586] loop7: detected capacity change from 0 to 16 [ 723.219988][T11586] erofs: (device loop7): mounted with root inode @ nid 36. [ 723.244375][ T26] audit: type=1800 audit(1753812107.181:52): pid=11586 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.7.1475" name="file2" dev="loop7" ino=89 res=0 errno=0 [ 723.854264][T11590] tipc: Enabling of bearer rejected, failed to enable media [ 723.897170][T11590] device syzkaller0 entered promiscuous mode [ 723.928119][T11596] device syzkaller0 entered promiscuous mode [ 728.631692][T11649] loop2: detected capacity change from 0 to 128 [ 728.795172][T11649] EXT4-fs (loop2): mounted filesystem without journal. Opts: journal_dev=0x0000000000000000,nouid32,,errors=continue. Quota mode: none. [ 728.856557][T11649] ext4 filesystem being mounted at /345/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 730.159656][T11674] device syzkaller0 entered promiscuous mode [ 730.318060][T11677] loop2: detected capacity change from 0 to 16 [ 730.378686][T11677] erofs: (device loop2): mounted with root inode @ nid 36. [ 730.410176][ T26] audit: type=1800 audit(1753812114.351:53): pid=11677 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1493" name="file2" dev="loop2" ino=89 res=0 errno=0 [ 731.309828][T11690] loop7: detected capacity change from 0 to 256 [ 731.347813][T11689] loop6: detected capacity change from 0 to 512 [ 731.364843][T11690] exFAT-fs (loop7): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 731.476559][ T26] audit: type=1800 audit(1753812115.391:54): pid=11690 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.1499" name="file1" dev="loop7" ino=1048669 res=0 errno=0 [ 731.871485][T11689] EXT4-fs (loop6): Test dummy encryption mode enabled [ 731.925355][T11701] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 732.080948][T11689] EXT4-fs (loop6): Can't change test_dummy_encryption on remount [ 733.233416][T11689] 9pnet: Could not find request transport: fd0x0000000000000003 [ 736.146291][T11735] loop9: detected capacity change from 0 to 512 [ 736.228422][T11735] EXT4-fs (loop9): orphan cleanup on readonly fs [ 736.236752][T11735] EXT4-fs error (device loop9): ext4_validate_block_bitmap:438: comm syz.9.1510: bg 0: block 248: padding at end of block bitmap is not set [ 736.256005][T11735] Quota error (device loop9): write_blk: dquota write failed [ 736.264403][T11735] Quota error (device loop9): qtree_write_dquot: Error -117 occurred while creating quota [ 736.274785][T11735] EXT4-fs error (device loop9): ext4_acquire_dquot:6207: comm syz.9.1510: Failed to acquire dquot type 1 [ 736.289832][T11735] EXT4-fs (loop9): 1 truncate cleaned up [ 736.298856][T11735] EXT4-fs (loop9): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,auto_da_alloc,noload,nodiscard,,errors=continue. Quota mode: writeback. [ 737.442001][T11753] loop6: detected capacity change from 0 to 16 [ 737.501023][T11753] erofs: (device loop6): mounted with root inode @ nid 36. [ 737.516690][ T26] audit: type=1800 audit(1753812121.461:55): pid=11753 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.1511" name="file2" dev="loop6" ino=89 res=0 errno=0 [ 739.248390][T11761] loop6: detected capacity change from 0 to 128 [ 739.434908][T11766] netlink: 76 bytes leftover after parsing attributes in process `syz.9.1514'. [ 741.464006][T11761] EXT4-fs (loop6): mounted filesystem without journal. Opts: journal_dev=0x0000000000000000,nouid32,,errors=continue. Quota mode: none. [ 741.541061][T11761] ext4 filesystem being mounted at /281/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 746.353304][T11857] netlink: 76 bytes leftover after parsing attributes in process `syz.7.1532'. [ 746.540505][T11842] netlink: 16 bytes leftover after parsing attributes in process `syz.9.1529'. [ 746.857983][T11865] loop3: detected capacity change from 0 to 16 [ 746.922220][T11865] erofs: (device loop3): mounted with root inode @ nid 36. [ 746.969443][ T26] audit: type=1800 audit(1753812130.911:56): pid=11865 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1535" name="file2" dev="loop3" ino=89 res=0 errno=0 [ 747.118746][T11873] loop2: detected capacity change from 0 to 128 [ 747.860183][ T1428] ieee802154 phy0 wpan0: encryption failed: -22 [ 747.875808][ T1428] ieee802154 phy1 wpan1: encryption failed: -22 [ 747.987095][T11873] EXT4-fs (loop2): mounted filesystem without journal. Opts: journal_dev=0x0000000000000000,nouid32,,errors=continue. Quota mode: none. [ 748.012321][T11873] ext4 filesystem being mounted at /353/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 749.966065][T11898] loop7: detected capacity change from 0 to 128 [ 750.067384][T11898] EXT4-fs (loop7): mounted filesystem without journal. Opts: journal_dev=0x0000000000000000,nouid32,,errors=continue. Quota mode: none. [ 750.184168][T11898] ext4 filesystem being mounted at /253/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 750.252590][T11910] loop3: detected capacity change from 0 to 512 [ 750.334095][T11915] loop6: detected capacity change from 0 to 512 [ 750.427710][T11910] EXT4-fs (loop3): orphan cleanup on readonly fs [ 750.435936][T11910] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.1545: bg 0: block 248: padding at end of block bitmap is not set [ 750.466905][T11910] Quota error (device loop3): write_blk: dquota write failed [ 750.474382][T11910] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 750.484563][T11910] EXT4-fs error (device loop3): ext4_acquire_dquot:6207: comm syz.3.1545: Failed to acquire dquot type 1 [ 750.517787][T11910] EXT4-fs (loop3): 1 truncate cleaned up [ 750.523976][T11910] EXT4-fs (loop3): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,auto_da_alloc,noload,nodiscard,,errors=continue. Quota mode: writeback. [ 750.870424][T11915] EXT4-fs (loop6): orphan cleanup on readonly fs [ 750.878877][T11915] EXT4-fs error (device loop6): ext4_validate_block_bitmap:438: comm syz.6.1546: bg 0: block 248: padding at end of block bitmap is not set [ 750.895228][T11915] Quota error (device loop6): write_blk: dquota write failed [ 750.902791][T11915] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota [ 750.913094][T11915] EXT4-fs error (device loop6): ext4_acquire_dquot:6207: comm syz.6.1546: Failed to acquire dquot type 1 [ 750.926928][T11915] EXT4-fs (loop6): 1 truncate cleaned up [ 750.933302][T11915] EXT4-fs (loop6): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,auto_da_alloc,noload,nodiscard,,errors=continue. Quota mode: writeback. [ 752.521176][T11939] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1549'. [ 755.239850][T11967] loop6: detected capacity change from 0 to 512 [ 756.028319][T11967] EXT4-fs (loop6): orphan cleanup on readonly fs [ 756.037248][T11967] EXT4-fs error (device loop6): ext4_validate_block_bitmap:438: comm syz.6.1558: bg 0: block 248: padding at end of block bitmap is not set [ 756.053411][T11967] Quota error (device loop6): write_blk: dquota write failed [ 756.061705][T11967] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota [ 756.072574][T11967] EXT4-fs error (device loop6): ext4_acquire_dquot:6207: comm syz.6.1558: Failed to acquire dquot type 1 [ 756.088911][T11967] EXT4-fs (loop6): 1 truncate cleaned up [ 756.095953][T11967] EXT4-fs (loop6): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,auto_da_alloc,noload,nodiscard,,errors=continue. Quota mode: writeback. [ 757.126194][T11991] loop6: detected capacity change from 0 to 128 [ 758.267185][T11991] EXT4-fs (loop6): mounted filesystem without journal. Opts: journal_dev=0x0000000000000000,nouid32,,errors=continue. Quota mode: none. [ 758.639781][T11991] ext4 filesystem being mounted at /294/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 762.670118][T12050] loop6: detected capacity change from 0 to 256 [ 762.800514][T12052] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1573'. [ 763.729056][T12050] exFAT-fs (loop6): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 763.791116][ T26] audit: type=1800 audit(1753812147.731:57): pid=12050 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1574" name="file1" dev="loop6" ino=1048670 res=0 errno=0 [ 764.864235][T12073] loop7: detected capacity change from 0 to 16 [ 765.056222][T12073] erofs: (device loop7): mounted with root inode @ nid 36. [ 765.266415][T12078] loop3: detected capacity change from 0 to 512 [ 765.287499][ T26] audit: type=1800 audit(1753812149.231:58): pid=12073 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.7.1577" name="file2" dev="loop7" ino=89 res=0 errno=0 [ 765.569625][T12078] EXT4-fs (loop3): Ignoring removed bh option [ 765.774374][T12078] EXT4-fs (loop3): orphan cleanup on readonly fs [ 765.891255][T12089] loop6: detected capacity change from 0 to 512 [ 765.928311][T12078] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.1578: bg 0: block 248: padding at end of block bitmap is not set [ 765.944313][T12078] Quota error (device loop3): write_blk: dquota write failed [ 765.959560][T12078] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 765.987592][T12089] EXT4-fs (loop6): Test dummy encryption mode enabled [ 766.015656][T12089] EXT4-fs (loop6): Can't change test_dummy_encryption on remount [ 766.036215][T12078] EXT4-fs error (device loop3): ext4_acquire_dquot:6207: comm syz.3.1578: Failed to acquire dquot type 1 [ 766.101808][T12078] EXT4-fs (loop3): 1 truncate cleaned up [ 766.196965][T12078] EXT4-fs (loop3): mounted filesystem without journal. Opts: bh,nolazytime,noblock_validity,barrier,grpjquota=,noquota,auto_da_alloc,noload,nodiscard,,errors=continue. Quota mode: writeback. [ 768.416849][T12126] loop2: detected capacity change from 0 to 256 [ 768.423825][T12093] netlink: 16 bytes leftover after parsing attributes in process `syz.9.1581'. [ 768.466639][T12129] device syzkaller0 entered promiscuous mode [ 768.606030][T12126] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 768.665337][T12135] device syzkaller0 entered promiscuous mode [ 768.674620][ T26] audit: type=1800 audit(1753812152.621:59): pid=12126 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1588" name="file1" dev="loop2" ino=1048671 res=0 errno=0 [ 774.399591][T12199] device syzkaller0 entered promiscuous mode [ 776.441921][T12222] loop7: detected capacity change from 0 to 16 [ 776.518164][T12222] erofs: (device loop7): mounted with root inode @ nid 36. [ 776.573053][ T26] audit: type=1800 audit(1753812160.511:60): pid=12222 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.7.1609" name="file2" dev="loop7" ino=89 res=0 errno=0 [ 776.877208][T12241] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1610'. [ 778.351843][T12256] loop6: detected capacity change from 0 to 128 [ 778.567344][T12256] EXT4-fs (loop6): mounted filesystem without journal. Opts: journal_dev=0x0000000000000000,nouid32,,errors=continue. Quota mode: none. [ 778.800951][T12256] ext4 filesystem being mounted at /307/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 779.782278][T12279] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1617'. [ 784.205012][T12309] loop2: detected capacity change from 0 to 16 [ 784.409591][T12309] erofs: (device loop2): mounted with root inode @ nid 36. [ 784.425354][ T26] audit: type=1800 audit(1753812168.371:61): pid=12306 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1623" name="file2" dev="loop2" ino=89 res=0 errno=0 [ 784.445672][ C1] vkms_vblank_simulate: vblank timer overrun [ 784.719913][T12319] loop3: detected capacity change from 0 to 256 [ 784.888075][T12321] loop2: detected capacity change from 0 to 16 [ 785.174183][T12321] erofs: (device loop2): mounted with root inode @ nid 36. [ 785.278125][ T26] audit: type=1800 audit(1753812169.211:62): pid=12316 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1635" name="file2" dev="loop2" ino=89 res=0 errno=0 [ 785.506987][T12319] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 785.661644][ T26] audit: type=1800 audit(1753812169.601:63): pid=12319 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1625" name="file1" dev="loop3" ino=1048672 res=0 errno=0 [ 785.844966][T12328] loop6: detected capacity change from 0 to 256 [ 787.788824][T12328] exFAT-fs (loop6): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 787.989630][ T26] audit: type=1800 audit(1753812171.931:64): pid=12328 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1627" name="file1" dev="loop6" ino=1048673 res=0 errno=0 [ 789.921047][T12350] device syzkaller0 entered promiscuous mode [ 790.331345][T12355] loop7: detected capacity change from 0 to 256 [ 790.491888][T12355] exFAT-fs (loop7): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 790.574105][ T26] audit: type=1800 audit(1753812174.511:65): pid=12355 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.1633" name="file1" dev="loop7" ino=1048674 res=0 errno=0 [ 799.277793][T12418] device syzkaller0 entered promiscuous mode [ 802.458814][T12446] loop6: detected capacity change from 0 to 16 [ 802.957313][T12446] erofs: (device loop6): mounted with root inode @ nid 36. [ 803.491187][ T26] audit: type=1800 audit(1753812187.431:66): pid=12446 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.1653" name="file2" dev="loop6" ino=89 res=0 errno=0 [ 808.523146][T12510] netlink: set zone limit has 8 unknown bytes [ 808.786891][T12523] IPv6: ADDRCONF(NETDEV_CHANGE): bpq0: link becomes ready [ 808.842758][T12525] loop9: detected capacity change from 0 to 512 [ 808.883385][T12525] EXT4-fs (loop9): Ignoring removed bh option [ 808.984608][T12525] EXT4-fs (loop9): orphan cleanup on readonly fs [ 809.014342][T12525] EXT4-fs error (device loop9): ext4_validate_block_bitmap:438: comm syz.9.1668: bg 0: block 248: padding at end of block bitmap is not set [ 809.216556][T12539] loop3: detected capacity change from 0 to 16 [ 809.247347][ T1428] ieee802154 phy0 wpan0: encryption failed: -22 [ 809.253856][ T1428] ieee802154 phy1 wpan1: encryption failed: -22 [ 809.304059][T12525] Quota error (device loop9): write_blk: dquota write failed [ 809.319907][T12539] erofs: (device loop3): mounted with root inode @ nid 36. [ 809.333535][ T26] audit: type=1800 audit(1753812193.271:67): pid=12539 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1669" name="file2" dev="loop3" ino=89 res=0 errno=0 [ 810.284416][T12525] Quota error (device loop9): qtree_write_dquot: Error -117 occurred while creating quota [ 810.295006][T12525] EXT4-fs error (device loop9): ext4_acquire_dquot:6207: comm syz.9.1668: Failed to acquire dquot type 1 [ 810.512211][T12525] EXT4-fs (loop9): 1 truncate cleaned up [ 810.543376][T12525] EXT4-fs (loop9): mounted filesystem without journal. Opts: bh,nolazytime,noblock_validity,barrier,grpjquota=,noquota,auto_da_alloc,noload,nodiscard,,errors=continue. Quota mode: writeback. [ 813.046147][T12563] loop6: detected capacity change from 0 to 16 [ 813.330444][T12563] erofs: (device loop6): mounted with root inode @ nid 36. [ 817.668778][T12598] loop3: detected capacity change from 0 to 16 [ 817.771929][T12598] erofs: (device loop3): mounted with root inode @ nid 36. [ 818.786621][ T26] audit: type=1800 audit(1753812202.691:68): pid=12598 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1682" name="file2" dev="loop3" ino=89 res=0 errno=0 [ 819.544550][T12616] loop6: detected capacity change from 0 to 16 [ 820.674717][T12619] loop3: detected capacity change from 0 to 256 [ 820.710748][T12616] erofs: (device loop6): mounted with root inode @ nid 36. [ 820.752477][ T26] audit: type=1800 audit(1753812204.691:69): pid=12611 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.1683" name="file2" dev="loop6" ino=89 res=0 errno=0 [ 820.844095][T12619] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 821.826562][T12633] loop7: detected capacity change from 0 to 128 [ 821.862483][ T26] audit: type=1800 audit(1753812205.781:70): pid=12619 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1685" name="file1" dev="loop3" ino=1048675 res=0 errno=0 [ 822.148077][T12633] EXT4-fs (loop7): mounted filesystem without journal. Opts: journal_dev=0x0000000000000000,nouid32,,errors=continue. Quota mode: none. [ 822.186563][T12633] ext4 filesystem being mounted at /283/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 824.827978][T12656] xt_connbytes: Forcing CT accounting to be enabled [ 824.835055][T12656] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 824.847365][T12656] xt_bpf: check failed: parse error [ 826.481013][T12671] loop3: detected capacity change from 0 to 512 [ 826.549522][T12671] EXT4-fs (loop3): Ignoring removed bh option [ 826.583195][T12671] EXT4-fs (loop3): orphan cleanup on readonly fs [ 826.597233][T12674] netlink: set zone limit has 8 unknown bytes [ 826.737422][T12671] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.1701: bg 0: block 248: padding at end of block bitmap is not set [ 826.906231][T12671] Quota error (device loop3): write_blk: dquota write failed [ 826.975053][T12671] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 827.063703][T12648] loop6: detected capacity change from 0 to 40427 [ 827.079857][T12671] EXT4-fs error (device loop3): ext4_acquire_dquot:6207: comm syz.3.1701: Failed to acquire dquot type 1 [ 827.306818][T12671] EXT4-fs (loop3): 1 truncate cleaned up [ 827.425389][T12671] EXT4-fs (loop3): mounted filesystem without journal. Opts: bh,nolazytime,noblock_validity,barrier,grpjquota=,noquota,auto_da_alloc,noload,nodiscard,,errors=continue. Quota mode: writeback. [ 828.413708][T12692] loop7: detected capacity change from 0 to 256 [ 828.496134][T12692] exFAT-fs (loop7): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 828.730005][T12697] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1707'. [ 829.468107][ T26] audit: type=1800 audit(1753812213.411:71): pid=12692 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.1708" name="file1" dev="loop7" ino=1048676 res=0 errno=0 [ 833.768284][T12712] netlink: set zone limit has 8 unknown bytes [ 833.886716][T12714] loop3: detected capacity change from 0 to 16 [ 833.911481][T12714] erofs: (device loop3): mounted with root inode @ nid 36. [ 833.923915][ T26] audit: type=1800 audit(1753812217.871:72): pid=12714 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1712" name="file2" dev="loop3" ino=89 res=0 errno=0 [ 833.927976][T12719] tipc: Enabled bearer , priority 0 [ 834.229334][T12723] device syzkaller0 entered promiscuous mode [ 834.415641][T12728] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1716'. [ 834.768076][T12718] tipc: Resetting bearer [ 834.808182][T12718] tipc: Disabling bearer [ 834.933750][T12733] loop2: detected capacity change from 0 to 256 [ 835.068004][T12734] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1717'. [ 835.089610][T12733] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 835.516846][ T26] audit: type=1800 audit(1753812219.441:73): pid=12733 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1718" name="file1" dev="loop2" ino=1048677 res=0 errno=0 [ 837.934923][T12745] netlink: set zone limit has 8 unknown bytes [ 838.037454][T12757] xt_connbytes: Forcing CT accounting to be enabled [ 838.044376][T12757] xt_bpf: check failed: parse error [ 839.522638][T12766] loop6: detected capacity change from 0 to 256 [ 839.570923][T12768] loop3: detected capacity change from 0 to 16 [ 839.635222][T12770] xt_connbytes: Forcing CT accounting to be enabled [ 839.642937][T12770] xt_bpf: check failed: parse error [ 839.714162][T12768] erofs: (device loop3): mounted with root inode @ nid 36. [ 839.826661][ T26] audit: type=1800 audit(1753812223.741:74): pid=12768 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1727" name="file2" dev="loop3" ino=89 res=0 errno=0 [ 840.149026][T12766] exFAT-fs (loop6): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 840.184128][ T26] audit: type=1800 audit(1753812224.121:75): pid=12766 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1725" name="file1" dev="loop6" ino=1048678 res=0 errno=0 [ 841.736594][T12782] loop9: detected capacity change from 0 to 128 [ 841.984918][T12782] EXT4-fs (loop9): mounted filesystem without journal. Opts: journal_dev=0x0000000000000000,nouid32,,errors=continue. Quota mode: none. [ 842.006153][T12798] tipc: Enabled bearer , priority 0 [ 842.015003][T12798] device syzkaller0 entered promiscuous mode [ 842.027030][T12797] tipc: Resetting bearer [ 842.049196][T12797] tipc: Disabling bearer [ 842.061934][T12782] ext4 filesystem being mounted at /244/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 842.316076][T12801] loop7: detected capacity change from 0 to 256 [ 842.331476][T12803] xt_bpf: check failed: parse error [ 842.958053][T12801] exFAT-fs (loop7): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 845.977918][T12823] loop6: detected capacity change from 0 to 16 [ 846.801739][T12823] erofs: (device loop6): mounted with root inode @ nid 36. [ 846.812341][ T26] audit: type=1800 audit(1753812230.761:76): pid=12823 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.1739" name="file2" dev="loop6" ino=89 res=0 errno=0 [ 846.883986][T12831] netlink: set zone limit has 8 unknown bytes [ 848.093285][T12838] loop3: detected capacity change from 0 to 256 [ 848.681646][T12838] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 848.907659][ T26] audit: type=1800 audit(1753812232.821:77): pid=12838 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1744" name="file1" dev="loop3" ino=1048679 res=0 errno=0 [ 849.056895][T12834] netlink: 16 bytes leftover after parsing attributes in process `syz.7.1742'. [ 850.001072][T12849] tipc: Enabled bearer , priority 0 [ 850.002441][T12851] netlink: set zone limit has 8 unknown bytes [ 850.162901][T12844] xt_bpf: check failed: parse error [ 850.255606][T12854] device syzkaller0 entered promiscuous mode [ 851.151132][T12855] tipc: Resetting bearer [ 851.183652][T12855] tipc: Disabling bearer [ 853.946156][T12880] loop9: detected capacity change from 0 to 256 [ 854.033380][T12880] exFAT-fs (loop9): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 854.196246][ T26] audit: type=1800 audit(1753812238.131:78): pid=12880 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.1753" name="file1" dev="loop9" ino=1048680 res=0 errno=0 [ 857.826209][T12900] loop7: detected capacity change from 0 to 128 [ 857.875462][T12900] EXT4-fs (loop7): mounted filesystem without journal. Opts: journal_dev=0x0000000000000000,nouid32,,errors=continue. Quota mode: none. [ 857.915739][T12900] ext4 filesystem being mounted at /296/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 859.309960][T12912] tipc: Started in network mode [ 859.323388][T12912] tipc: Node identity 463c5c60b42f, cluster identity 4711 [ 859.342700][T12912] tipc: Enabled bearer , priority 0 [ 859.351739][T12912] device syzkaller0 entered promiscuous mode [ 859.370104][T12912] tipc: Resetting bearer [ 859.400714][T12911] tipc: Resetting bearer [ 859.423499][T12911] tipc: Disabling bearer [ 862.830844][T12941] debugfs: File 'dropped' in directory 'loop18' already present! [ 862.839278][T12941] debugfs: File 'msg' in directory 'loop18' already present! [ 862.847633][T12941] debugfs: File 'trace0' in directory 'loop18' already present! [ 865.184829][T12958] device syzkaller0 entered promiscuous mode [ 869.192786][T12985] loop6: detected capacity change from 0 to 16 [ 869.263727][T12985] erofs: (device loop6): mounted with root inode @ nid 36. [ 869.485679][ T26] audit: type=1800 audit(1753812253.421:79): pid=12985 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.1779" name="file2" dev="loop6" ino=89 res=0 errno=0 [ 870.075539][T12990] loop7: detected capacity change from 0 to 128 [ 871.616887][ T1428] ieee802154 phy0 wpan0: encryption failed: -22 [ 871.623542][ T1428] ieee802154 phy1 wpan1: encryption failed: -22 [ 871.656138][T12995] tipc: Enabled bearer , priority 0 [ 871.688965][T12990] EXT4-fs (loop7): mounted filesystem without journal. Opts: journal_dev=0x0000000000000000,nouid32,,errors=continue. Quota mode: none. [ 871.729760][T12995] tipc: Resetting bearer [ 871.749194][T13006] loop3: detected capacity change from 0 to 256 [ 871.760425][T12993] tipc: Disabling bearer [ 871.781789][T12990] ext4 filesystem being mounted at /297/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 871.909278][T13008] device syzkaller0 entered promiscuous mode [ 871.927648][T13006] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 872.002853][ T26] audit: type=1800 audit(1753812255.941:80): pid=13006 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1785" name="file1" dev="loop3" ino=1048681 res=0 errno=0 [ 873.075801][T13026] loop2: detected capacity change from 0 to 256 [ 873.161213][T13026] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 873.255000][ T26] audit: type=1800 audit(1753812257.191:81): pid=13026 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1787" name="file1" dev="loop2" ino=1048682 res=0 errno=0 [ 874.531597][T13041] loop3: detected capacity change from 0 to 256 [ 874.678111][T13041] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 874.721093][T13045] loop6: detected capacity change from 0 to 256 [ 874.757872][ T26] audit: type=1800 audit(1753812258.701:82): pid=13041 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1790" name="file1" dev="loop3" ino=1048683 res=0 errno=0 [ 874.909984][T13045] exFAT-fs (loop6): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 875.022137][T13047] netlink: 76 bytes leftover after parsing attributes in process `syz.2.1791'. [ 875.891408][ T26] audit: type=1800 audit(1753812259.831:83): pid=13045 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1792" name="file1" dev="loop6" ino=1048684 res=0 errno=0 [ 876.839942][T13054] loop3: detected capacity change from 0 to 256 [ 877.197068][T13054] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 878.745920][ T26] audit: type=1800 audit(1753812262.681:84): pid=13054 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1793" name="file1" dev="loop3" ino=1048685 res=0 errno=0 [ 881.404435][T13077] netlink: 76 bytes leftover after parsing attributes in process `syz.9.1798'. [ 881.990603][T13081] device syzkaller0 entered promiscuous mode [ 883.219910][T13092] netlink: set zone limit has 8 unknown bytes [ 884.221204][T13101] loop9: detected capacity change from 0 to 128 [ 884.646908][T13101] EXT4-fs (loop9): mounted filesystem without journal. Opts: journal_dev=0x0000000000000000,nouid32,,errors=continue. Quota mode: none. [ 884.733541][T13101] ext4 filesystem being mounted at /260/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 885.632634][T13115] loop3: detected capacity change from 0 to 512 [ 885.805627][T13115] EXT4-fs (loop3): Ignoring removed bh option [ 885.858166][T13115] EXT4-fs (loop3): orphan cleanup on readonly fs [ 885.955892][T13115] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.1807: bg 0: block 248: padding at end of block bitmap is not set [ 886.389382][T13115] Quota error (device loop3): write_blk: dquota write failed [ 886.481368][T13121] loop7: detected capacity change from 0 to 512 [ 886.531661][T13115] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 886.632543][T13121] EXT4-fs (loop7): orphan cleanup on readonly fs [ 886.662160][T13121] EXT4-fs error (device loop7): ext4_validate_block_bitmap:438: comm syz.7.1810: bg 0: block 248: padding at end of block bitmap is not set [ 886.686419][T13115] EXT4-fs error (device loop3): ext4_acquire_dquot:6207: comm syz.3.1807: Failed to acquire dquot type 1 [ 886.778134][T13115] EXT4-fs (loop3): 1 truncate cleaned up [ 886.796756][T13121] Quota error (device loop7): write_blk: dquota write failed [ 886.807071][T13115] EXT4-fs (loop3): mounted filesystem without journal. Opts: bh,nolazytime,noblock_validity,barrier,grpjquota=,noquota,auto_da_alloc,noload,nodiscard,,errors=continue. Quota mode: writeback. [ 886.890666][T13121] Quota error (device loop7): qtree_write_dquot: Error -117 occurred while creating quota [ 887.001004][T13121] EXT4-fs error (device loop7): ext4_acquire_dquot:6207: comm syz.7.1810: Failed to acquire dquot type 1 [ 887.257629][T13121] EXT4-fs (loop7): 1 truncate cleaned up [ 887.329779][T13121] EXT4-fs (loop7): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,auto_da_alloc,noload,nodiscard,,errors=continue. Quota mode: writeback. [ 888.023200][T13135] device syzkaller0 entered promiscuous mode [ 889.619909][T13150] overlayfs: overlapping lowerdir path [ 891.146806][T13155] loop6: detected capacity change from 0 to 128 [ 891.303930][T13155] EXT4-fs (loop6): mounted filesystem without journal. Opts: journal_dev=0x0000000000000000,nouid32,,errors=continue. Quota mode: none. [ 891.351356][T13155] ext4 filesystem being mounted at /352/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 891.670776][T13163] xt_bpf: check failed: parse error [ 893.076104][T13149] loop7: detected capacity change from 0 to 40427 [ 893.083931][T13172] loop3: detected capacity change from 0 to 256 [ 893.278636][T13172] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 893.314296][ T26] audit: type=1800 audit(1753812277.251:85): pid=13172 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1823" name="file1" dev="loop3" ino=1048686 res=0 errno=0 [ 893.335878][ C1] vkms_vblank_simulate: vblank timer overrun [ 896.993426][T13206] overlayfs: overlapping lowerdir path [ 901.493400][T13226] loop2: detected capacity change from 0 to 16 [ 903.152785][T13226] erofs: (device loop2): mounted with root inode @ nid 36. [ 903.195022][ T26] audit: type=1800 audit(1753812287.131:86): pid=13225 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1836" name="file2" dev="loop2" ino=89 res=0 errno=0 [ 904.744598][T13237] loop7: detected capacity change from 0 to 128 [ 904.816595][T13241] loop9: detected capacity change from 0 to 512 [ 904.835909][T13237] EXT4-fs (loop7): mounted filesystem without journal. Opts: journal_dev=0x0000000000000000,nouid32,,errors=continue. Quota mode: none. [ 905.826664][T13237] ext4 filesystem being mounted at /305/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 905.885539][T13241] EXT4-fs (loop9): orphan cleanup on readonly fs [ 905.895798][T13241] EXT4-fs error (device loop9): ext4_validate_block_bitmap:438: comm syz.9.1841: bg 0: block 248: padding at end of block bitmap is not set [ 905.911519][T13241] Quota error (device loop9): write_blk: dquota write failed [ 905.919046][T13241] Quota error (device loop9): qtree_write_dquot: Error -117 occurred while creating quota [ 905.929305][T13241] EXT4-fs error (device loop9): ext4_acquire_dquot:6207: comm syz.9.1841: Failed to acquire dquot type 1 [ 905.943379][T13241] EXT4-fs (loop9): 1 truncate cleaned up [ 906.339293][T13241] EXT4-fs (loop9): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,auto_da_alloc,noload,nodiscard,,errors=continue. Quota mode: writeback. [ 908.159736][T13263] Can't find ip_set type hash:ip,mar [ 909.075486][T13295] loop7: detected capacity change from 0 to 512 [ 909.167485][T13295] EXT4-fs (loop7): orphan cleanup on readonly fs [ 909.184602][T13295] EXT4-fs error (device loop7): ext4_validate_block_bitmap:438: comm syz.7.1850: bg 0: block 248: padding at end of block bitmap is not set [ 909.207611][T13295] Quota error (device loop7): write_blk: dquota write failed [ 909.215679][T13295] Quota error (device loop7): qtree_write_dquot: Error -117 occurred while creating quota [ 909.225908][T13295] EXT4-fs error (device loop7): ext4_acquire_dquot:6207: comm syz.7.1850: Failed to acquire dquot type 1 [ 909.248694][T13295] EXT4-fs (loop7): 1 truncate cleaned up [ 909.320427][T13295] EXT4-fs (loop7): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,auto_da_alloc,noload,nodiscard,,errors=continue. Quota mode: writeback. [ 911.644495][T13308] loop7: detected capacity change from 0 to 40427 [ 911.682228][T13314] loop9: detected capacity change from 0 to 16 [ 911.783399][T13308] F2FS-fs (loop7): invalid crc value [ 911.792122][T13314] erofs: (device loop9): mounted with root inode @ nid 36. [ 911.996551][ T26] audit: type=1800 audit(1753812295.921:87): pid=13314 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.9.1858" name="file2" dev="loop9" ino=89 res=0 errno=0 [ 912.301710][T13319] loop6: detected capacity change from 0 to 40427 [ 912.377017][T13308] F2FS-fs (loop7): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109) [ 912.425557][T13308] F2FS-fs (loop7): Cannot turn on quotas: -2 on 0 [ 912.435269][T13308] F2FS-fs (loop7): Start checkpoint disabled! [ 912.530050][T13319] F2FS-fs (loop6): invalid crc value [ 912.616822][T13308] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e6 [ 912.756528][T13319] F2FS-fs (loop6): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109) [ 912.905796][T13319] F2FS-fs (loop6): Cannot turn on quotas: -2 on 0 [ 912.913015][T13319] F2FS-fs (loop6): Start checkpoint disabled! [ 912.964695][T13319] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6 [ 913.019243][T13324] tipc: Enabled bearer , priority 0 [ 913.048323][T13324] device syzkaller0 entered promiscuous mode [ 913.084340][T13324] tipc: Resetting bearer [ 913.323759][T13327] attempt to access beyond end of device [ 913.323759][T13327] loop7: rw=2049, want=45224, limit=40427 [ 913.344235][T13322] tipc: Resetting bearer [ 913.552229][ T4628] attempt to access beyond end of device [ 913.552229][ T4628] loop7: rw=2049, want=45232, limit=40427 [ 913.602835][T13322] tipc: Disabling bearer [ 913.818696][T13325] attempt to access beyond end of device [ 913.818696][T13325] loop6: rw=2049, want=45224, limit=40427 [ 916.158737][ T4513] attempt to access beyond end of device [ 916.158737][ T4513] loop6: rw=2049, want=45232, limit=40427 [ 917.465137][T13356] loop7: detected capacity change from 0 to 128 [ 917.530300][T13356] EXT4-fs (loop7): mounted filesystem without journal. Opts: journal_dev=0x0000000000000000,nouid32,,errors=continue. Quota mode: none. [ 918.280879][T13356] ext4 filesystem being mounted at /311/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 926.049901][T13405] loop9: detected capacity change from 0 to 16 [ 926.274800][T13405] erofs: (device loop9): mounted with root inode @ nid 36. [ 926.348848][T13410] loop3: detected capacity change from 0 to 16 [ 926.355832][ T26] audit: type=1800 audit(1753812310.281:88): pid=13405 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.9.1876" name="file2" dev="loop9" ino=89 res=0 errno=0 [ 928.077980][T13410] erofs: (device loop3): mounted with root inode @ nid 36. [ 928.118502][ T26] audit: type=1800 audit(1753812312.061:89): pid=13408 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1881" name="file2" dev="loop3" ino=89 res=0 errno=0 [ 930.122287][T13414] loop7: detected capacity change from 0 to 40427 [ 930.399341][T13414] F2FS-fs (loop7): Found nat_bits in checkpoint [ 930.988006][T13414] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5 [ 931.793776][ T5429] attempt to access beyond end of device [ 931.793776][ T5429] loop7: rw=2049, want=45104, limit=40427 [ 931.979874][ T1428] ieee802154 phy0 wpan0: encryption failed: -22 [ 932.000932][ T1428] ieee802154 phy1 wpan1: encryption failed: -22 [ 932.001899][T13448] usb usb8: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 932.024536][T13447] loop3: detected capacity change from 0 to 128 [ 932.435774][T13447] EXT4-fs (loop3): mounted filesystem without journal. Opts: journal_dev=0x0000000000000000,nouid32,,errors=continue. Quota mode: none. [ 933.070852][T13447] ext4 filesystem being mounted at /284/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 936.156548][T13476] loop6: detected capacity change from 0 to 1024 [ 936.298663][ T9] hfsplus: b-tree write err: -5, ino 4 [ 937.614143][T13497] loop9: detected capacity change from 0 to 16 [ 938.263779][T13497] erofs: (device loop9): mounted with root inode @ nid 36. [ 938.308193][ T26] audit: type=1800 audit(1753812322.251:90): pid=13496 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.9.1900" name="file2" dev="loop9" ino=89 res=0 errno=0 [ 939.222823][T13523] loop7: detected capacity change from 0 to 16 [ 940.022492][T13523] erofs: (device loop7): mounted with root inode @ nid 36. [ 940.246398][ T26] audit: type=1800 audit(1753812324.181:91): pid=13523 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.7.1906" name="file2" dev="loop7" ino=89 res=0 errno=0 [ 941.496032][T13532] loop7: detected capacity change from 0 to 512 [ 941.655936][T13532] EXT4-fs (loop7): Ignoring removed nobh option [ 941.809819][T13532] EXT4-fs error (device loop7): ext4_orphan_get:1401: inode #15: comm syz.7.1907: iget: bad i_size value: 38620345925642 [ 942.051908][T13532] EXT4-fs error (device loop7): ext4_orphan_get:1406: comm syz.7.1907: couldn't read orphan inode 15 (err -117) [ 942.363127][T13532] EXT4-fs (loop7): mounted filesystem without journal. Opts: nobh,auto_da_alloc,data_err=ignore,,errors=continue. Quota mode: writeback. [ 943.948722][T13548] loop9: detected capacity change from 0 to 40427 [ 943.978395][ T4271] EXT4-fs error (device loop7): ext4_validate_block_bitmap:429: comm kworker/u4:6: bg 0: block 5: invalid block bitmap [ 944.004102][T13548] F2FS-fs (loop9): invalid crc value [ 944.018258][T13548] F2FS-fs (loop9): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109) [ 944.067438][T13548] F2FS-fs (loop9): Cannot turn on quotas: -2 on 0 [ 944.074435][T13548] F2FS-fs (loop9): Start checkpoint disabled! [ 944.089849][T13552] netlink: set zone limit has 8 unknown bytes [ 944.096684][ T4271] EXT4-fs (loop7): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 976 with error 28 [ 944.127998][T13548] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e6 [ 944.214397][T13552] device bpq0 entered promiscuous mode [ 944.267614][ T4271] EXT4-fs (loop7): This should not happen!! Data will be lost [ 944.267614][ T4271] [ 944.386540][ T4271] EXT4-fs (loop7): Total free blocks count 0 [ 944.478247][ T4271] EXT4-fs (loop7): Free/Dirty block details [ 944.570800][ T4271] EXT4-fs (loop7): free_blocks=0 [ 944.647863][ T4271] EXT4-fs (loop7): dirty_blocks=976 [ 944.867231][ T4271] EXT4-fs (loop7): Block reservation details [ 944.924493][ T4271] EXT4-fs (loop7): i_reserved_data_blocks=976 [ 945.062328][T13557] attempt to access beyond end of device [ 945.062328][T13557] loop9: rw=2049, want=45224, limit=40427 [ 945.833316][ T4511] attempt to access beyond end of device [ 945.833316][ T4511] loop9: rw=2049, want=45232, limit=40427 [ 946.343050][T13564] blktrace: Concurrent blktraces are not allowed on loop14 [ 947.099774][T13569] loop7: detected capacity change from 0 to 512 [ 948.072969][T13569] EXT4-fs (loop7): Ignoring removed nobh option [ 948.272059][T13569] EXT4-fs error (device loop7): ext4_orphan_get:1401: inode #15: comm syz.7.1917: iget: bad i_size value: 38620345925642 [ 948.434265][T13569] EXT4-fs error (device loop7): ext4_orphan_get:1406: comm syz.7.1917: couldn't read orphan inode 15 (err -117) [ 948.455773][T13569] EXT4-fs (loop7): mounted filesystem without journal. Opts: nobh,auto_da_alloc,data_err=ignore,,errors=continue. Quota mode: writeback. [ 950.196934][ T9] EXT4-fs error (device loop7): ext4_validate_block_bitmap:429: comm kworker/u4:0: bg 0: block 5: invalid block bitmap [ 950.239612][ T9] EXT4-fs (loop7): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28 [ 950.302617][ T9] EXT4-fs (loop7): This should not happen!! Data will be lost [ 950.302617][ T9] [ 950.313106][ T9] EXT4-fs (loop7): Total free blocks count 0 [ 950.342525][ T9] EXT4-fs (loop7): Free/Dirty block details [ 950.482898][ T9] EXT4-fs (loop7): free_blocks=0 [ 950.488858][ T9] EXT4-fs (loop7): dirty_blocks=7296 [ 950.494229][ T9] EXT4-fs (loop7): Block reservation details [ 950.500601][ T9] EXT4-fs (loop7): i_reserved_data_blocks=7296 [ 950.540156][ T9] EXT4-fs (loop7): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28 [ 951.071562][T13595] usb usb8: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 951.594306][ T9] EXT4-fs (loop7): This should not happen!! Data will be lost [ 951.594306][ T9] [ 951.666700][T13597] loop6: detected capacity change from 0 to 16 [ 952.313037][T13597] erofs: (device loop6): mounted with root inode @ nid 36. [ 952.352545][ T26] audit: type=1800 audit(1753812336.291:92): pid=13596 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.1922" name="file2" dev="loop6" ino=89 res=0 errno=0 [ 954.064698][T13610] loop3: detected capacity change from 0 to 2048 [ 954.861703][T13610] NILFS (loop3): invalid segment: Inconsistency found [ 954.926253][T13624] loop2: detected capacity change from 0 to 16 [ 955.006779][T13610] NILFS (loop3): trying rollback from an earlier position [ 955.484250][T13610] NILFS (loop3): recovery complete [ 955.506437][T13628] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 955.884666][T13624] erofs: (device loop2): mounted with root inode @ nid 36. [ 955.925163][ T26] audit: type=1800 audit(1753812339.861:93): pid=13622 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1929" name="file2" dev="loop2" ino=89 res=0 errno=0 [ 956.036126][T13635] netlink: set zone limit has 8 unknown bytes [ 958.786839][T13649] usb usb8: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 960.306996][T13661] loop2: detected capacity change from 0 to 128 [ 960.369306][T13661] EXT4-fs (loop2): mounted filesystem without journal. Opts: journal_dev=0x0000000000000000,nouid32,,errors=continue. Quota mode: none. [ 960.375188][T13665] loop7: detected capacity change from 0 to 128 [ 960.400203][T13661] ext4 filesystem being mounted at /430/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 960.670973][T13670] tipc: Enabled bearer , priority 0 [ 960.672031][T13669] loop6: detected capacity change from 0 to 128 [ 960.679411][T13670] device syzkaller0 entered promiscuous mode [ 961.341815][T13670] tipc: Resetting bearer [ 961.369740][T13665] EXT4-fs (loop7): mounted filesystem without journal. Opts: journal_dev=0x0000000000000000,nouid32,,errors=continue. Quota mode: none. [ 961.407302][T13669] EXT4-fs (loop6): mounted filesystem without journal. Opts: journal_dev=0x0000000000000000,nouid32,,errors=continue. Quota mode: none. [ 961.442751][T13669] ext4 filesystem being mounted at /374/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 961.453863][T13668] tipc: Resetting bearer [ 961.482068][T13665] ext4 filesystem being mounted at /326/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 962.688827][T10332] tipc: Node number set to 4061355104 [ 962.722848][T13668] tipc: Disabling bearer [ 963.788140][T13699] loop6: detected capacity change from 0 to 512 [ 963.832317][T13699] EXT4-fs (loop6): Ignoring removed nobh option [ 963.872177][T13703] loop2: detected capacity change from 0 to 128 [ 964.031523][T13709] loop3: detected capacity change from 0 to 128 [ 964.040473][T13699] EXT4-fs error (device loop6): ext4_orphan_get:1401: inode #15: comm syz.6.1949: iget: bad i_size value: 38620345925642 [ 964.065266][T13699] EXT4-fs error (device loop6): ext4_orphan_get:1406: comm syz.6.1949: couldn't read orphan inode 15 (err -117) [ 964.074301][T13703] VFS: Found a Xenix FS (block size = 1024) on device loop2 [ 964.090979][T13699] EXT4-fs (loop6): mounted filesystem without journal. Opts: nobh,auto_da_alloc,data_err=ignore,,errors=continue. Quota mode: writeback. [ 964.145430][T13709] EXT4-fs (loop3): mounted filesystem without journal. Opts: journal_dev=0x0000000000000000,nouid32,,errors=continue. Quota mode: none. [ 964.314391][T13709] ext4 filesystem being mounted at /297/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 967.267052][ T4186] sysv_free_block: flc_count > flc_size [ 967.273413][ T4186] sysv_free_block: flc_count > flc_size [ 967.338169][ T4299] EXT4-fs error (device loop6): ext4_validate_block_bitmap:429: comm kworker/u4:7: bg 0: block 5: invalid block bitmap [ 967.376419][ T4186] sysv_free_block: flc_count > flc_size [ 967.386714][ T4186] sysv_free_block: flc_count > flc_size [ 967.392292][ T4186] sysv_free_block: flc_count > flc_size [ 967.491198][T13729] loop9: detected capacity change from 0 to 128 [ 967.551818][ T4186] sysv_free_block: flc_count > flc_size [ 967.558123][ T4186] sysv_free_block: flc_count > flc_size [ 967.563780][ T4186] sysv_free_block: flc_count > flc_size [ 967.569918][ T4186] sysv_free_block: flc_count > flc_size [ 967.575489][ T4186] sysv_free_block: flc_count > flc_size [ 967.585879][ T4186] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 967.597124][ T4299] EXT4-fs (loop6): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28 [ 967.624104][ T4299] EXT4-fs (loop6): This should not happen!! Data will be lost [ 967.624104][ T4299] [ 968.264116][ T4299] EXT4-fs (loop6): Total free blocks count 0 [ 968.288706][T13729] EXT4-fs (loop9): mounted filesystem without journal. Opts: journal_dev=0x0000000000000000,nouid32,,errors=continue. Quota mode: none. [ 968.354252][ T4299] EXT4-fs (loop6): Free/Dirty block details [ 968.384660][ T4299] EXT4-fs (loop6): free_blocks=0 [ 968.422671][T13729] ext4 filesystem being mounted at /288/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 968.452314][ T4299] EXT4-fs (loop6): dirty_blocks=2772 [ 968.493470][T13739] loop2: detected capacity change from 0 to 512 [ 968.510010][ T4299] EXT4-fs (loop6): Block reservation details [ 968.510075][ T4299] EXT4-fs (loop6): i_reserved_data_blocks=2772 [ 968.606043][T13739] EXT4-fs (loop2): Ignoring removed nobh option [ 968.740524][ T4299] EXT4-fs (loop6): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 720 with error 28 [ 968.740565][ T4299] EXT4-fs (loop6): This should not happen!! Data will be lost [ 968.740565][ T4299] [ 968.805927][T13739] EXT4-fs error (device loop2): ext4_orphan_get:1401: inode #15: comm syz.2.1955: iget: bad i_size value: 38620345925642 [ 968.806807][T13739] EXT4-fs error (device loop2): ext4_orphan_get:1406: comm syz.2.1955: couldn't read orphan inode 15 (err -117) [ 968.807186][T13739] EXT4-fs (loop2): mounted filesystem without journal. Opts: nobh,auto_da_alloc,data_err=ignore,,errors=continue. Quota mode: writeback. [ 969.567293][ T145] EXT4-fs error (device loop2): ext4_validate_block_bitmap:429: comm kworker/u4:2: bg 0: block 5: invalid block bitmap [ 969.568258][ T145] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28 [ 969.568288][ T145] EXT4-fs (loop2): This should not happen!! Data will be lost [ 969.568288][ T145] [ 969.568304][ T145] EXT4-fs (loop2): Total free blocks count 0 [ 969.568317][ T145] EXT4-fs (loop2): Free/Dirty block details [ 969.568331][ T145] EXT4-fs (loop2): free_blocks=0 [ 969.568345][ T145] EXT4-fs (loop2): dirty_blocks=3844 [ 969.568358][ T145] EXT4-fs (loop2): Block reservation details [ 969.568369][ T145] EXT4-fs (loop2): i_reserved_data_blocks=3844 [ 969.658423][ T145] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 1792 with error 28 [ 969.658455][ T145] EXT4-fs (loop2): This should not happen!! Data will be lost [ 969.658455][ T145] [ 969.910837][T13765] loop6: detected capacity change from 0 to 512 [ 970.009706][T13768] tipc: Enabled bearer , priority 0 [ 970.043500][T13768] device syzkaller0 entered promiscuous mode [ 970.129847][T13768] tipc: Resetting bearer [ 970.231247][T13767] tipc: Resetting bearer [ 970.277927][T13765] EXT4-fs (loop6): orphan cleanup on readonly fs [ 970.315430][T13765] EXT4-fs error (device loop6): ext4_validate_block_bitmap:438: comm syz.6.1958: bg 0: block 248: padding at end of block bitmap is not set [ 970.460566][T13765] Quota error (device loop6): write_blk: dquota write failed [ 970.468742][T13765] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota [ 970.479766][T13765] EXT4-fs error (device loop6): ext4_acquire_dquot:6207: comm syz.6.1958: Failed to acquire dquot type 1 [ 970.511864][T13765] EXT4-fs (loop6): 1 truncate cleaned up [ 970.521201][T13765] EXT4-fs (loop6): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,auto_da_alloc,noload,nodiscard,,errors=continue. Quota mode: writeback. [ 970.853343][T13767] tipc: Disabling bearer [ 972.150835][T13788] loop3: detected capacity change from 0 to 512 [ 972.358576][T13788] EXT4-fs (loop3): Ignoring removed nobh option [ 972.639621][T13788] EXT4-fs error (device loop3): ext4_orphan_get:1401: inode #15: comm syz.3.1970: iget: bad i_size value: 38620345925642 [ 972.830005][T13788] EXT4-fs error (device loop3): ext4_orphan_get:1406: comm syz.3.1970: couldn't read orphan inode 15 (err -117) [ 973.025589][T13788] EXT4-fs (loop3): mounted filesystem without journal. Opts: nobh,auto_da_alloc,data_err=ignore,,errors=continue. Quota mode: writeback. [ 973.057789][T13796] loop2: detected capacity change from 0 to 512 [ 973.934418][T13791] EXT4-fs error (device loop3): ext4_validate_block_bitmap:429: comm ext4lazyinit: bg 0: block 5: invalid block bitmap [ 974.237072][ T4513] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28 [ 974.303069][T13796] EXT4-fs (loop2): orphan cleanup on readonly fs [ 974.314137][T13796] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.1971: bg 0: block 248: padding at end of block bitmap is not set [ 974.325122][ T4513] EXT4-fs (loop3): This should not happen!! Data will be lost [ 974.325122][ T4513] [ 974.346735][T13796] Quota error (device loop2): write_blk: dquota write failed [ 974.354339][T13796] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 974.365055][T13796] EXT4-fs error (device loop2): ext4_acquire_dquot:6207: comm syz.2.1971: Failed to acquire dquot type 1 [ 974.377795][ T4513] EXT4-fs (loop3): Total free blocks count 0 [ 974.384952][ T4513] EXT4-fs (loop3): Free/Dirty block details [ 974.392327][ T4513] EXT4-fs (loop3): free_blocks=0 [ 974.398460][T13796] EXT4-fs (loop2): 1 truncate cleaned up [ 974.405302][ T4513] EXT4-fs (loop3): dirty_blocks=6424 [ 974.410917][ T4513] EXT4-fs (loop3): Block reservation details [ 974.420609][ T4513] EXT4-fs (loop3): i_reserved_data_blocks=6424 [ 975.387975][T13796] EXT4-fs (loop2): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,auto_da_alloc,noload,nodiscard,,errors=continue. Quota mode: writeback. [ 975.420556][ T145] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28 [ 975.464806][ T145] EXT4-fs (loop3): This should not happen!! Data will be lost [ 975.464806][ T145] [ 975.563792][T13807] loop7: detected capacity change from 0 to 128 [ 975.667338][T13807] EXT4-fs (loop7): mounted filesystem without journal. Opts: journal_dev=0x0000000000000000,nouid32,,errors=continue. Quota mode: none. [ 975.709533][T13807] ext4 filesystem being mounted at /332/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 977.952654][T13828] netlink: set zone limit has 8 unknown bytes [ 978.863963][T13836] device bpq0 left promiscuous mode [ 978.872218][T13836] IPv6: ADDRCONF(NETDEV_CHANGE): bpq0: link becomes ready [ 982.025626][T13865] loop6: detected capacity change from 0 to 128 [ 982.958481][T13862] loop9: detected capacity change from 0 to 2048 [ 983.105395][T13862] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 983.454730][T13865] EXT4-fs (loop6): mounted filesystem without journal. Opts: journal_dev=0x0000000000000000,nouid32,,errors=continue. Quota mode: none. [ 983.519335][T13865] ext4 filesystem being mounted at /382/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 985.237171][T13885] netlink: 116 bytes leftover after parsing attributes in process `syz.9.1992'. [ 986.816334][T13903] netlink: 76 bytes leftover after parsing attributes in process `syz.2.1999'. [ 987.938720][T13913] netlink: 76 bytes leftover after parsing attributes in process `syz.7.2002'. [ 992.554603][T13939] loop3: detected capacity change from 0 to 128 [ 992.564291][T13942] loop2: detected capacity change from 0 to 128 [ 992.917989][T13942] EXT4-fs (loop2): mounted filesystem without journal. Opts: journal_dev=0x0000000000000000,nouid32,,errors=continue. Quota mode: none. [ 992.945119][T13939] EXT4-fs (loop3): mounted filesystem without journal. Opts: journal_dev=0x0000000000000000,nouid32,,errors=continue. Quota mode: none. [ 993.025733][T13942] ext4 filesystem being mounted at /446/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 993.043352][T13939] ext4 filesystem being mounted at /310/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 993.417118][ C0] ================================================================== [ 993.426277][ C0] BUG: KASAN: use-after-free in rose_timer_expiry+0x470/0x490 [ 993.433790][ C0] Read of size 2 at addr ffff888020e52c2a by task syz.2.2010/13942 [ 993.441697][ C0] [ 993.444031][ C0] CPU: 0 PID: 13942 Comm: syz.2.2010 Not tainted 5.15.189-syzkaller #0 [ 993.452368][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 993.462649][ C0] Call Trace: [ 993.465939][ C0] [ 993.468788][ C0] dump_stack_lvl+0x168/0x230 [ 993.473660][ C0] ? show_regs_print_info+0x20/0x20 [ 993.478981][ C0] ? _printk+0xcc/0x110 [ 993.483179][ C0] ? rose_timer_expiry+0x470/0x490 [ 993.488329][ C0] ? load_image+0x3b0/0x3b0 [ 993.492870][ C0] print_address_description+0x60/0x2d0 [ 993.498461][ C0] ? rose_timer_expiry+0x470/0x490 [ 993.503948][ C0] kasan_report+0xdf/0x130 [ 993.508476][ C0] ? rose_timer_expiry+0x470/0x490 [ 993.513608][ C0] rose_timer_expiry+0x470/0x490 [ 993.518566][ C0] ? rose_start_t1timer+0xd0/0xd0 [ 993.523995][ C0] call_timer_fn+0x16c/0x530 [ 993.528748][ C0] ? rose_start_t1timer+0xd0/0xd0 [ 993.533839][ C0] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 993.540143][ C0] ? __run_timers+0x7c0/0x7c0 [ 993.545057][ C0] ? rcu_is_watching+0x11/0xa0 [ 993.549952][ C0] ? _raw_spin_unlock_irq+0x1f/0x40 [ 993.555529][ C0] ? lockdep_hardirqs_on+0x94/0x140 [ 993.560921][ C0] ? rose_start_t1timer+0xd0/0xd0 [ 993.565976][ C0] __run_timers+0x525/0x7c0 [ 993.570512][ C0] ? detach_timer+0x2b0/0x2b0 [ 993.575212][ C0] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 993.581368][ C0] ? sched_clock_cpu+0x15/0x3c0 [ 993.586258][ C0] ? ktime_get_real_ts64+0x420/0x420 [ 993.591741][ C0] run_timer_softirq+0x63/0xf0 [ 993.596528][ C0] handle_softirqs+0x328/0x820 [ 993.601467][ C0] ? __irq_exit_rcu+0x12f/0x220 [ 993.604885][T13960] loop6: detected capacity change from 0 to 40427 [ 993.606544][ C0] ? do_softirq+0x200/0x200 [ 993.617537][ C0] __irq_exit_rcu+0x12f/0x220 [ 993.622340][ C0] ? irq_exit_rcu+0x20/0x20 [ 993.626885][ C0] irq_exit_rcu+0x5/0x20 [ 993.629343][ T1428] ieee802154 phy0 wpan0: encryption failed: -22 [ 993.631154][ C0] sysvec_apic_timer_interrupt+0xa0/0xc0 [ 993.631190][ C0] [ 993.639900][ T1428] ieee802154 phy1 wpan1: encryption failed: -22 [ 993.643129][ C0] [ 993.643143][ C0] asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 993.643182][ C0] RIP: 0010:lock_acquire+0x14a/0x3f0 [ 993.666620][ C0] Code: 0f b6 04 38 84 c0 0f 85 f2 01 00 00 41 83 3e 00 0f 85 00 01 00 00 48 c7 84 24 a0 00 00 00 00 00 00 00 9c 8f 84 24 a0 00 00 00 <4c> 8b b4 24 a0 00 00 00 fa 48 c7 c7 c0 23 0b 8a e8 c1 47 4c 08 65 [ 993.686445][ C0] RSP: 0018:ffffc900040af3a0 EFLAGS: 00000246 [ 993.692528][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: eb3758d4ad8fc400 [ 993.700498][ C0] RDX: 0000000000000000 RSI: ffffffff8a599320 RDI: ffffffff8a5992e0 [ 993.708543][ C0] RBP: ffffc900040af4c0 R08: dffffc0000000000 R09: fffffbfff1ad2dd6 [ 993.716680][ C0] R10: fffffbfff1ad2dd6 R11: 1ffffffff1ad2dd5 R12: ffffffff8c11c360 [ 993.724832][ C0] R13: 1ffff92000815e80 R14: ffff88802a1ca8ac R15: dffffc0000000000 [ 993.732838][ C0] ? __lock_acquire+0x12d9/0x7c60 [ 993.738299][ C0] ? read_lock_is_recursive+0x10/0x10 [ 993.743704][ C0] ? __lock_acquire+0x12d9/0x7c60 [ 993.748850][ C0] rcu_lock_acquire+0x2a/0x30 [ 993.753533][ C0] ? rcu_lock_acquire+0x5/0x30 [ 993.758308][ C0] pagecache_get_page+0x107/0xef0 [ 993.763692][ C0] ? page_cache_prev_miss+0x360/0x360 [ 993.769276][ C0] ? mark_lock+0x94/0x320 [ 993.773721][ C0] ? verify_lock_unused+0x140/0x140 [ 993.779307][ C0] ? __lock_acquire+0x13ad/0x7c60 [ 993.784637][ C0] shmem_getpage_gfp+0x305/0x2d40 [ 993.790309][ C0] shmem_fault+0x1a9/0x520 [ 993.794732][ C0] ? shmem_fallocate+0xe20/0xe20 [ 993.799747][ C0] ? filemap_read_page+0x4c0/0x4c0 [ 993.804874][ C0] ? count_memcg_event_mm+0x311/0x360 [ 993.810239][ C0] __do_fault+0x141/0x330 [ 993.814649][ C0] handle_mm_fault+0x2949/0x43c0 [ 993.819691][ C0] ? get_page+0xe0/0xe0 [ 993.823987][ C0] ? follow_page_mask+0xa6e/0x12d0 [ 993.829210][ C0] __get_user_pages+0x93e/0x11c0 [ 993.834259][ C0] ? populate_vma_page_range+0x290/0x290 [ 993.840146][ C0] ? read_lock_is_recursive+0x10/0x10 [ 993.845566][ C0] populate_vma_page_range+0x213/0x290 [ 993.851476][ C0] __mm_populate+0x26f/0x3a0 [ 993.856137][ C0] ? check_vma_flags+0x480/0x480 [ 993.861153][ C0] ? preempt_count_add+0x8d/0x190 [ 993.866614][ C0] ? up_write+0x1bb/0x420 [ 993.870933][ C0] vm_mmap_pgoff+0x203/0x2b0 [ 993.875807][ C0] ? account_locked_vm+0xe0/0xe0 [ 993.880855][ C0] ? __lock_acquire+0x7c60/0x7c60 [ 993.885914][ C0] ksys_mmap_pgoff+0x140/0x780 [ 993.890726][ C0] ? mmap_region+0x15e0/0x15e0 [ 993.895516][ C0] ? lockdep_hardirqs_on+0x94/0x140 [ 993.900727][ C0] do_syscall_64+0x4c/0xa0 [ 993.905163][ C0] ? clear_bhb_loop+0x30/0x80 [ 993.909856][ C0] ? clear_bhb_loop+0x30/0x80 [ 993.914552][ C0] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 993.920446][ C0] RIP: 0033:0x7f1ce0f8d9a9 [ 993.925223][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 993.945079][ C0] RSP: 002b:00007f1cdedf5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 993.953596][ C0] RAX: ffffffffffffffda RBX: 00007f1ce11b4fa0 RCX: 00007f1ce0f8d9a9 [ 993.961553][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000200000000000 [ 993.969914][ C0] RBP: 00007f1ce100fd69 R08: ffffffffffffffff R09: 0000000000000000 [ 993.978076][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 0000000000000000 [ 993.986232][ C0] R13: 0000000000000000 R14: 00007f1ce11b4fa0 R15: 00007ffcc6394748 [ 993.994224][ C0] [ 993.997347][ C0] [ 993.999750][ C0] Allocated by task 13715: [ 994.004148][ C0] __kasan_kmalloc+0xb5/0xf0 [ 994.008767][ C0] __alloc_skb+0x22c/0x750 [ 994.013227][ C0] __netdev_alloc_skb+0x103/0x4a0 [ 994.018270][ C0] __ieee80211_beacon_get+0xa73/0x1f80 [ 994.023728][ C0] ieee80211_beacon_get_tim+0x48/0x840 [ 994.029175][ C0] mac80211_hwsim_beacon_tx+0xf4/0x920 [ 994.034626][ C0] __iterate_interfaces+0x243/0x500 [ 994.039815][ C0] ieee80211_iterate_active_interfaces_atomic+0xb3/0x140 [ 994.046825][ C0] mac80211_hwsim_beacon+0x9b/0x180 [ 994.052097][ C0] __hrtimer_run_queues+0x53d/0xc40 [ 994.057463][ C0] hrtimer_run_softirq+0x176/0x240 [ 994.062615][ C0] handle_softirqs+0x328/0x820 [ 994.067360][ C0] __irq_exit_rcu+0x12f/0x220 [ 994.072122][ C0] irq_exit_rcu+0x5/0x20 [ 994.076433][ C0] sysvec_apic_timer_interrupt+0xa0/0xc0 [ 994.082362][ C0] asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 994.088368][ C0] [ 994.090689][ C0] Last potentially related work creation: [ 994.096407][ C0] kasan_save_stack+0x35/0x60 [ 994.101274][ C0] kasan_record_aux_stack+0xb8/0x100 [ 994.106798][ C0] insert_work+0x54/0x3d0 [ 994.111141][ C0] __queue_work+0x9c5/0xd50 [ 994.115652][ C0] call_timer_fn+0x16c/0x530 [ 994.120530][ C0] __run_timers+0x550/0x7c0 [ 994.125131][ C0] run_timer_softirq+0x63/0xf0 [ 994.129887][ C0] handle_softirqs+0x328/0x820 [ 994.134942][ C0] run_ksoftirqd+0x98/0xf0 [ 994.139354][ C0] smpboot_thread_fn+0x4f6/0x970 [ 994.144287][ C0] kthread+0x436/0x520 [ 994.148336][ C0] ret_from_fork+0x1f/0x30 [ 994.152821][ C0] [ 994.155122][ C0] Second to last potentially related work creation: [ 994.161776][ C0] kasan_save_stack+0x35/0x60 [ 994.166616][ C0] kasan_record_aux_stack+0xb8/0x100 [ 994.171983][ C0] kvfree_call_rcu+0x10a/0x7c0 [ 994.176922][ C0] __ipv6_dev_mc_dec+0x2bf/0x320 [ 994.182530][ C0] ipv6_mc_destroy_dev+0x32e/0x590 [ 994.187750][ C0] addrconf_ifdown+0x1480/0x1970 [ 994.192878][ C0] addrconf_notify+0x445/0xf00 [ 994.197719][ C0] raw_notifier_call_chain+0xcb/0x160 [ 994.203228][ C0] unregister_netdevice_many+0xf57/0x18f0 [ 994.209378][ C0] default_device_exit_batch+0x336/0x390 [ 994.215027][ C0] cleanup_net+0x77b/0xb80 [ 994.219516][ C0] process_one_work+0x863/0x1000 [ 994.224448][ C0] worker_thread+0xaa8/0x12a0 [ 994.229232][ C0] kthread+0x436/0x520 [ 994.233386][ C0] ret_from_fork+0x1f/0x30 [ 994.237873][ C0] [ 994.240201][ C0] The buggy address belongs to the object at ffff888020e52c00 [ 994.240201][ C0] which belongs to the cache kmalloc-512 of size 512 [ 994.254323][ C0] The buggy address is located 42 bytes inside of [ 994.254323][ C0] 512-byte region [ffff888020e52c00, ffff888020e52e00) [ 994.267798][ C0] The buggy address belongs to the page: [ 994.273438][ C0] page:ffffea0000839400 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888020e52c00 pfn:0x20e50 [ 994.285224][ C0] head:ffffea0000839400 order:2 compound_mapcount:0 compound_pincount:0 [ 994.293658][ C0] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff) [ 994.301650][ C0] raw: 00fff00000010200 ffffea0001805a08 ffffea0001810008 ffff888016841c80 [ 994.310365][ C0] raw: ffff888020e52c00 000000000010000e 00000001ffffffff 0000000000000000 [ 994.319057][ C0] page dumped because: kasan: bad access detected [ 994.325474][ C0] page_owner tracks the page as allocated [ 994.331169][ C0] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 3562, ts 19214799844, free_ts 19124782378 [ 994.350551][ C0] get_page_from_freelist+0x1b77/0x1c60 [ 994.356291][ C0] __alloc_pages+0x1e1/0x470 [ 994.361070][ C0] new_slab+0xc0/0x4b0 [ 994.365156][ C0] ___slab_alloc+0x81e/0xdf0 [ 994.369769][ C0] kmem_cache_alloc_trace+0x1a5/0x2a0 [ 994.375236][ C0] kernfs_fop_open+0x3da/0xbf0 [ 994.379990][ C0] do_dentry_open+0x7ff/0xf80 [ 994.384737][ C0] path_openat+0x2682/0x2f30 [ 994.389310][ C0] do_filp_open+0x1b3/0x3e0 [ 994.393886][ C0] do_sys_openat2+0x142/0x4a0 [ 994.398549][ C0] __x64_sys_openat+0x135/0x160 [ 994.403406][ C0] do_syscall_64+0x4c/0xa0 [ 994.407899][ C0] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 994.413779][ C0] page last free stack trace: [ 994.418698][ C0] free_unref_page_prepare+0x637/0x6c0 [ 994.424712][ C0] free_unref_page+0x94/0x280 [ 994.429403][ C0] __unfreeze_partials+0x1a5/0x200 [ 994.434592][ C0] put_cpu_partial+0x12d/0x190 [ 994.439462][ C0] qlist_free_all+0x35/0x90 [ 994.443993][ C0] kasan_quarantine_reduce+0x150/0x160 [ 994.449457][ C0] __kasan_slab_alloc+0x2f/0xd0 [ 994.454848][ C0] slab_post_alloc_hook+0x4c/0x380 [ 994.459973][ C0] kmem_cache_alloc+0x100/0x290 [ 994.464815][ C0] getname_flags+0xb5/0x500 [ 994.469301][ C0] do_sys_openat2+0xcf/0x4a0 [ 994.473873][ C0] __x64_sys_openat+0x135/0x160 [ 994.478704][ C0] do_syscall_64+0x4c/0xa0 [ 994.483229][ C0] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 994.489163][ C0] [ 994.491561][ C0] Memory state around the buggy address: [ 994.497348][ C0] ffff888020e52b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 994.505412][ C0] ffff888020e52b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 994.513463][ C0] >ffff888020e52c00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 994.521988][ C0] ^ [ 994.527454][ C0] ffff888020e52c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 994.535791][ C0] ffff888020e52d00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 994.543852][ C0] ================================================================== [ 994.551960][ C0] Disabling lock debugging due to kernel taint [ 994.558335][ C0] vkms_vblank_simulate: vblank timer overrun [ 994.564670][ C0] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 994.571977][ C0] CPU: 0 PID: 13942 Comm: syz.2.2010 Tainted: G B 5.15.189-syzkaller #0 [ 994.581807][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 994.592393][ C0] Call Trace: [ 994.595953][ C0] [ 994.598813][ C0] dump_stack_lvl+0x168/0x230 [ 994.603691][ C0] ? show_regs_print_info+0x20/0x20 [ 994.608921][ C0] ? load_image+0x3b0/0x3b0 [ 994.613521][ C0] panic+0x2c9/0x7f0 [ 994.617543][ C0] ? bpf_jit_dump+0xd0/0xd0 [ 994.622345][ C0] ? _raw_spin_unlock_irqrestore+0xa5/0x100 [ 994.628470][ C0] ? _raw_spin_unlock_irqrestore+0xaa/0x100 [ 994.634483][ C0] ? _raw_spin_unlock+0x40/0x40 [ 994.639465][ C0] ? print_memory_metadata+0x314/0x400 [ 994.645124][ C0] ? rose_timer_expiry+0x470/0x490 [ 994.650251][ C0] check_panic_on_warn+0x80/0xa0 [ 994.655326][ C0] ? rose_timer_expiry+0x470/0x490 [ 994.660562][ C0] end_report+0x6d/0xf0 [ 994.664858][ C0] kasan_report+0x102/0x130 [ 994.669473][ C0] ? rose_timer_expiry+0x470/0x490 [ 994.674705][ C0] rose_timer_expiry+0x470/0x490 [ 994.680119][ C0] ? rose_start_t1timer+0xd0/0xd0 [ 994.685362][ C0] call_timer_fn+0x16c/0x530 [ 994.689979][ C0] ? rose_start_t1timer+0xd0/0xd0 [ 994.695002][ C0] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 994.700980][ C0] ? __run_timers+0x7c0/0x7c0 [ 994.705645][ C0] ? rcu_is_watching+0x11/0xa0 [ 994.710390][ C0] ? _raw_spin_unlock_irq+0x1f/0x40 [ 994.715673][ C0] ? lockdep_hardirqs_on+0x94/0x140 [ 994.720977][ C0] ? rose_start_t1timer+0xd0/0xd0 [ 994.726012][ C0] __run_timers+0x525/0x7c0 [ 994.730612][ C0] ? detach_timer+0x2b0/0x2b0 [ 994.735500][ C0] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 994.741736][ C0] ? sched_clock_cpu+0x15/0x3c0 [ 994.746579][ C0] ? ktime_get_real_ts64+0x420/0x420 [ 994.752011][ C0] run_timer_softirq+0x63/0xf0 [ 994.756792][ C0] handle_softirqs+0x328/0x820 [ 994.761597][ C0] ? __irq_exit_rcu+0x12f/0x220 [ 994.766963][ C0] ? do_softirq+0x200/0x200 [ 994.771619][ C0] __irq_exit_rcu+0x12f/0x220 [ 994.776305][ C0] ? irq_exit_rcu+0x20/0x20 [ 994.780930][ C0] irq_exit_rcu+0x5/0x20 [ 994.785442][ C0] sysvec_apic_timer_interrupt+0xa0/0xc0 [ 994.791193][ C0] [ 994.794114][ C0] [ 994.797030][ C0] asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 994.803096][ C0] RIP: 0010:lock_acquire+0x14a/0x3f0 [ 994.808372][ C0] Code: 0f b6 04 38 84 c0 0f 85 f2 01 00 00 41 83 3e 00 0f 85 00 01 00 00 48 c7 84 24 a0 00 00 00 00 00 00 00 9c 8f 84 24 a0 00 00 00 <4c> 8b b4 24 a0 00 00 00 fa 48 c7 c7 c0 23 0b 8a e8 c1 47 4c 08 65 [ 994.828365][ C0] RSP: 0018:ffffc900040af3a0 EFLAGS: 00000246 [ 994.834438][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: eb3758d4ad8fc400 [ 994.842496][ C0] RDX: 0000000000000000 RSI: ffffffff8a599320 RDI: ffffffff8a5992e0 [ 994.850448][ C0] RBP: ffffc900040af4c0 R08: dffffc0000000000 R09: fffffbfff1ad2dd6 [ 994.858510][ C0] R10: fffffbfff1ad2dd6 R11: 1ffffffff1ad2dd5 R12: ffffffff8c11c360 [ 994.866678][ C0] R13: 1ffff92000815e80 R14: ffff88802a1ca8ac R15: dffffc0000000000 [ 994.874837][ C0] ? __lock_acquire+0x12d9/0x7c60 [ 994.879942][ C0] ? read_lock_is_recursive+0x10/0x10 [ 994.885406][ C0] ? __lock_acquire+0x12d9/0x7c60 [ 994.890423][ C0] rcu_lock_acquire+0x2a/0x30 [ 994.895087][ C0] ? rcu_lock_acquire+0x5/0x30 [ 994.899865][ C0] pagecache_get_page+0x107/0xef0 [ 994.904876][ C0] ? page_cache_prev_miss+0x360/0x360 [ 994.910240][ C0] ? mark_lock+0x94/0x320 [ 994.914550][ C0] ? verify_lock_unused+0x140/0x140 [ 994.919953][ C0] ? __lock_acquire+0x13ad/0x7c60 [ 994.925174][ C0] shmem_getpage_gfp+0x305/0x2d40 [ 994.930193][ C0] shmem_fault+0x1a9/0x520 [ 994.934594][ C0] ? shmem_fallocate+0xe20/0xe20 [ 994.939514][ C0] ? filemap_read_page+0x4c0/0x4c0 [ 994.944605][ C0] ? count_memcg_event_mm+0x311/0x360 [ 994.949958][ C0] __do_fault+0x141/0x330 [ 994.954272][ C0] handle_mm_fault+0x2949/0x43c0 [ 994.959200][ C0] ? get_page+0xe0/0xe0 [ 994.963522][ C0] ? follow_page_mask+0xa6e/0x12d0 [ 994.968642][ C0] __get_user_pages+0x93e/0x11c0 [ 994.973578][ C0] ? populate_vma_page_range+0x290/0x290 [ 994.979220][ C0] ? read_lock_is_recursive+0x10/0x10 [ 994.984578][ C0] populate_vma_page_range+0x213/0x290 [ 994.990196][ C0] __mm_populate+0x26f/0x3a0 [ 994.994767][ C0] ? check_vma_flags+0x480/0x480 [ 994.999691][ C0] ? preempt_count_add+0x8d/0x190 [ 995.004783][ C0] ? up_write+0x1bb/0x420 [ 995.009182][ C0] vm_mmap_pgoff+0x203/0x2b0 [ 995.013932][ C0] ? account_locked_vm+0xe0/0xe0 [ 995.018954][ C0] ? __lock_acquire+0x7c60/0x7c60 [ 995.024015][ C0] ksys_mmap_pgoff+0x140/0x780 [ 995.028907][ C0] ? mmap_region+0x15e0/0x15e0 [ 995.033688][ C0] ? lockdep_hardirqs_on+0x94/0x140 [ 995.039367][ C0] do_syscall_64+0x4c/0xa0 [ 995.043783][ C0] ? clear_bhb_loop+0x30/0x80 [ 995.048446][ C0] ? clear_bhb_loop+0x30/0x80 [ 995.053170][ C0] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 995.059416][ C0] RIP: 0033:0x7f1ce0f8d9a9 [ 995.063836][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 995.084075][ C0] RSP: 002b:00007f1cdedf5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 995.092507][ C0] RAX: ffffffffffffffda RBX: 00007f1ce11b4fa0 RCX: 00007f1ce0f8d9a9 [ 995.100575][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000200000000000 [ 995.108639][ C0] RBP: 00007f1ce100fd69 R08: ffffffffffffffff R09: 0000000000000000 [ 995.116722][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 0000000000000000 [ 995.124693][ C0] R13: 0000000000000000 R14: 00007f1ce11b4fa0 R15: 00007ffcc6394748 [ 995.132893][ C0] [ 995.136747][ C0] Kernel Offset: disabled [ 995.141188][ C0] Rebooting in 86400 seconds..