last executing test programs: 6.556826193s ago: executing program 2 (id=3): mq_getsetattr(0xffffffffffffffff, &(0x7f0000000300)={0xb0000000, 0x6, 0x6, 0x8}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000040)={0x4, 0x3, 0x0, 0x1000, &(0x7f0000ff2000/0x1000)=nil}) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mkdir(&(0x7f00000000c0)='./bus\x00', 0x0) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@nfs_export_on}]}) chdir(&(0x7f00000001c0)='./bus\x00') rmdir(&(0x7f0000000380)='./file0/../file0\x00') 5.099155303s ago: executing program 2 (id=6): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0xffffffffffffff2b, 0x0) ioctl$RTC_AIE_ON(0xffffffffffffffff, 0x7001) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) mkdir(0x0, 0x0) munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500) 3.79794095s ago: executing program 2 (id=9): r0 = syz_create_resource$binfmt(&(0x7f0000001400)='./file0\x00') r1 = openat$binfmt(0xffffffffffffff9c, r0, 0x42, 0x1ff) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000240)='oom_adj\x00') fchdir(r2) r3 = inotify_init() inotify_add_watch(r3, &(0x7f0000000000)='./file0\x00', 0x14000034) close(r1) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x60002, 0x0) 3.505895233s ago: executing program 2 (id=12): syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3e8, &(0x7f00000004c0)="$eJzs3M9rHFUcAPDvTH71p0k0/qj1EPFgQEyaNNYKIuYiInqyRw/G/Kilm0aSFWwIqCjeevPqQfHg3+BJwf9AEE+epRAkLehxZXZn4prspt1u1sHs5wNT3ps3y3sz333zmjfzNoC+NRkRn0TEcESsRsRovj/Jt3i1sWXH3d3dXsq2JGq1t/9I6uV3dreXoukzmdPZP2nEVBqRfh5xvkW9mze3ri9WKisbeX6muvbBzObNreevrS1eXbm6cmPu4ouz85fmLs2+cGTneuv85Zeenn/j11uvfbP0y5Xv3svaeyYvaz6PozKZXbW0ddmFo66sZGfKbgAPJPt6DkTEYL3/j8ZAPdUwGh+/U2rjAICeqNVqA/vyAMCxlxjzAaDPFH/339ndXiq2UiYiKMXOQkScaMS/eL7bKBncexI01MPne5MR8X76/US2RY+ewwIAAAD0sx8WIuJyq/m/NJ5qOu5sRDyUrw8Yi4jxiHg4Ih7psv7JffmD8z/p7S6r4BA7CxEvN63tuNsU/9zYQJ47W4/9ULJ6rbJyIf8+TMXQSJafPaSOP7euf9GurHn+L9uy+ou5wLwdtwdH/v2Z5cXqYjfnzD92Po14crBV/JO9+d8kIia6qOPH8bWv2pXdO/70Uu3riGdb9v9k75jk8PVZM/X7wUxxVzjorZ8+e7dd/eJfrqz/nzo8/mNJ83q9zc7rePzcbxvtyh70/j+cXKk3cDjf99FitboxGzGcvHlw/1znbT6uiutRXK8s/lPPtB7/iyBkF/TRiHgsi2VEPBER5zqo89vxv062K9P/y5XFf7mj/t954pWJ139uV//99f/5emOm8j3+/3dv9xugstsJAAAAAAAAwNFI62u7k3R6L52m09ON3/CeiFNpZX2z+tzq+oc3lhtrwMdiKC3e9Bpteh90Nn8vuMjP7ctfzN8Z/nLkZD0/vbReWS775AGgT51uM/5nfh8pu3UAQM+cKLsBAMB/zvgPAP3H+A8A/cf4DwD9x/gPAP3H+A8AfaWb3/WXkJA4romy70wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/b38HAAD//78JzGY=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x1ff) syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000780)='./file0\x00', 0x0, &(0x7f00000007c0), 0x1, 0x73a, &(0x7f0000000800)="$eJzs3E9rXOUaAPDnnCZtb5t7Jxfu4uJKqFih9iRN1a6EiOtCoR+ghslJCDnJhMykNjFg68KFIKgI/ulGv4EbRXBT+h0UwZ2CC0FrGheCi8iZzEx1OpOObdKR+vvBmfO875kzz/vMHF7mwLwTwD/W4+VDEjEWERciotLqTyPicDM6GnF193m3tzar21ub1SR2di7eSsrTmn3t10pa++PRPCX+HxE3RyNOvXZ33vr6xuJMUeSrrfZEY2llor6+cXphaWY+n8+XpyYnz559burZZyb3rdY3X/nkpzc+f/HLD88t/fb8radnk5hu1h1ddeyn3fdkNKa7+pcPItkQJcMeAAAAAym/5x+KiJHmt9RKHGpGAAAAwKNk58gOAAAA8MhLYtgjAAAAAA5W+3cAt7c2q+3tYf7+4McXImL8ztri7U7+keYa4oijMRoRx7aTP61MSHZPgwdy9VpE3Jjucf0nrevv/nWvXLdG+u/nRjn/TPea/9LO/BM95p+R9n8nPKD2/Ld91/x3J/+hPvPfhQFzHFk9+VXf/NciHhvplT/p5E/65H9pwPyfjn3zbb9jOx9HnIze+f+Ya4//h5iYWyjy1mPPHCc+e/XUXvUf65c/2bv+lQHr/+761Hy/uaTM/9SJvT//XvnLa+Kt1jjSiHi7tS/b73TlePLm5Ad71T/bp/57ff4fDVj/F69vfD/gUwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKApjYixSNKsE6dplkUcj4j/xbG0qNUbp+Zqa8uz5bGI8RhN5xaKfDIiKrvtpGyfacZ32lNd7bMR8d+IeLfyr2Y7q9aK2WEXDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQMfxiBiLJM0iIo2IXyppmmXDHhUAAACw78aHPQAAAADgwLn/BwAAgEef+38AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgIbhw/ny57WxvbVbL9uzl9bXF2uXTs3l9MVtaq2bV2upKNl+rzRd5Vq0t3ev1ilpt5Vwsr12ZaOT1xkR9fePSUm1tuXFpYWlmPr+Ujz6UqgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPirxppbkmYRkTbjNM2yiH9HxHiMJnMLRT4ZEf+JiK8ro0fK9plhDxoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB9V1/fWJwpinxVIBAIOsGwZyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIahvr6xOFMU+Wp92CMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABguNIfkogot5OVJ8a6jx5Ofq009xHx8vWL712ZaTRWz5T9P3f6G++3+qeGMX4AAACgW/s+vX0fDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMKj6+sbiTFHkqwcYDLtGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg/vweAAD//4rSy1s=") ioctl$BTRFS_IOC_FS_INFO(r0, 0x8400941f, &(0x7f00000014c0)) ioctl$BTRFS_IOC_GET_DEV_STATS(0xffffffffffffffff, 0xc4089434, &(0x7f0000000c40)={0x0, 0x2b, 0x1, [0x5, 0x40, 0x4, 0x1d, 0x5], [0x1, 0x0, 0x8, 0x2, 0x4, 0xfffffffffffffffb, 0x5, 0xa8, 0x1, 0x1, 0x7, 0xf, 0x8000000000000001, 0xa, 0xe, 0x80, 0xfffffffffffffff8, 0x7faf, 0x938, 0x8, 0x5, 0xfffffffffffff664, 0x1, 0x80000000, 0x3, 0x3, 0x7, 0x3, 0x1, 0x400000000000008, 0x9, 0x9, 0x9, 0x6, 0xffff, 0x4, 0xf4, 0x80, 0x3, 0x800000000000000, 0x3, 0xa, 0x2, 0x5, 0x3, 0x3, 0x4000000000006, 0x1000, 0x3, 0xfc4, 0x1, 0xcb14, 0x4005, 0x80000001, 0x8000000000000001, 0x40000000000756, 0x7, 0x1, 0x4, 0x3ff, 0x20000008, 0x642, 0x66, 0x9, 0xf, 0x3, 0x8, 0x7fffffffffffffff, 0x75, 0x5, 0x9, 0x1000002a, 0xfff, 0xfffffffffffffffe, 0x0, 0x400000000000001, 0x100, 0x8, 0x635, 0x7, 0x0, 0x8000000000000000, 0xfffffffffffffff9, 0x8, 0x1000, 0x3, 0x7, 0x7, 0xd5, 0x8, 0xffffffffffffffff, 0x9, 0x9, 0x8, 0x145, 0x7, 0xe518, 0x8, 0x5, 0x80, 0x0, 0x3, 0x402, 0x2, 0x5, 0x100000008000, 0x3, 0x0, 0xffff, 0x1, 0x19, 0x8, 0x200000000c, 0x4b2, 0x0, 0x6f, 0xffef, 0xfb, 0xbfa, 0x100000000000b1, 0x7fff]}) ftruncate(0xffffffffffffffff, 0x2007ffc) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000800000009) ioctl$EXT4_IOC_MOVE_EXT(r0, 0x4030582b, &(0x7f00000000c0)={0x0, r0, 0x0, 0x2000008, 0x8506, 0x40000f}) 2.957798988s ago: executing program 2 (id=15): gettid() timer_create(0x0, 0x0, &(0x7f0000bbdffc)=0x0) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000940)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_script(r2, 0x0, 0xb) splice(r3, 0x0, r5, 0x0, 0xf3a, 0x0) write$binfmt_misc(r5, &(0x7f0000000980), 0xfdef) splice(r1, 0x0, r5, 0x0, 0x80, 0x4) timer_settime(r0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) read$FUSE(r4, &(0x7f0000000980)={0x2020}, 0x2020) 2.5715753s ago: executing program 1 (id=17): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000f40)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="01000000010000000800000001"], 0x48) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000000c0)={{r0, 0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000080)='%-010d \x00'}, 0x20) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x6, 0xc, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000004000000000000000300000018110000", @ANYRES32=r1], &(0x7f0000000480)='GPL\x00', 0x5, 0x0, 0x0, 0x41000, 0x22}, 0x94) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x3, 0x3, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000bc0)=ANY=[@ANYRES32=r2, @ANYRES32=r2, @ANYRES64=r2], 0x20) 2.407446283s ago: executing program 0 (id=19): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000a40)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r1 = accept4$alg(r0, 0x0, 0x0, 0x80800) io_setup(0xff, &(0x7f0000000380)=0x0) sendmsg$alg(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000000c0)="61875d877554e6405a547410a3693bfb", 0x10}], 0x1, 0x0, 0x0, 0x20040001}, 0x4000000) io_submit(r2, 0x1, &(0x7f0000001440)=[0x0]) 2.362523357s ago: executing program 1 (id=20): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000)=[@mss, @sack_perm, @window={0x3, 0x7}, @mss={0x2, 0xfff}, @window={0x3, 0x0, 0x401}, @window], 0x20000000000000e4) ioctl$sock_inet_tcp_SIOCINQ(r0, 0x541b, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4) sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0) recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25) 2.223672138s ago: executing program 1 (id=22): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x3, 0xc, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000610000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000110b0008850000007000000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, @sched_cls=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r0, 0x0, 0xe, 0x0, &(0x7f00000007c0)="c1188e99b95d02ff4284860186dd", 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50) 2.039509963s ago: executing program 1 (id=24): r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x890b, &(0x7f0000000080)={@private1={0xfc, 0x1, '\x00', 0x1}, @private1, @mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x280}) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r2, 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0) r3 = socket(0x10, 0x2, 0x0) r4 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r4, 0x84, 0x81, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r4, 0x84, 0x17, &(0x7f0000000080)=ANY=[@ANYBLOB="04000100"], 0x9) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r4, 0x84, 0x6e, &(0x7f0000000c40)=[@in={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, @in={0x2, 0x4e22, @local}], 0x20) write(r3, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/28, 0x1c) socket(0x2, 0x80805, 0x0) add_key(0x0, &(0x7f0000000100)={'syz', 0x3}, &(0x7f0000000080)="f8", 0x1, 0xfffffffffffffffe) preadv2(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000001200)=""/4096, 0x1000}], 0x100000000000000d, 0x0, 0x0, 0x0) sync_file_range(r4, 0x2, 0xda38, 0x1) r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x52b281, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) ioctl$SG_IO(r6, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffc, 0x6, 0x0, @buffer={0x2, 0x41001, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x0, 0x0, 0x0, 0x0}) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYBLOB="000000000000d4a1ce4e", @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x48) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r7, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000440)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="01002abd7000fccbdf25090000000500070002000000080001"], 0x2c}, 0x1, 0x0, 0x0, 0x24084001}, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(0xffffffffffffffff, 0xc4c85513, &(0x7f0000000540)={{0x1, 0x3, 0x1003, 0x448, '\x00', 0x9}, 0x1, [0x7, 0xd5, 0x2, 0xfff, 0x6, 0x4, 0x2, 0x5, 0xffffffffffffffff, 0xbc, 0x80000000, 0x102f, 0x5, 0x1, 0x83, 0x1, 0x1, 0x7, 0xda, 0x200, 0x84, 0x7, 0x7, 0x7, 0xc, 0x42, 0xff, 0x7, 0xffffffffffffffff, 0x980, 0x900000001, 0x403, 0x0, 0x800000004, 0x101, 0x3, 0xd, 0x1, 0x2000000, 0x6, 0x9, 0x1, 0x8a, 0x50f, 0x9ac2, 0x6fe5, 0xffffffffba36ba5a, 0x4, 0xa, 0x88b, 0x6, 0x4000006, 0x7, 0x7fffffffffffffff, 0x2, 0xfffffffffffff8f6, 0x4, 0xfffffffffffffff9, 0x0, 0xf9800000, 0x8, 0x9, 0x1800000, 0x6, 0x82b, 0x8, 0x5, 0xfffffffffffffffe, 0x9, 0xfffffffffffffffa, 0x1, 0x100000000000004, 0x2, 0x2b, 0x1, 0x7, 0x300, 0x80, 0x42843379, 0x1, 0x100000007, 0x200, 0x77d, 0xb3, 0x5, 0x539, 0x623b, 0x400006, 0x0, 0x7, 0x4, 0x200, 0x6, 0x8, 0x0, 0x5, 0x96, 0x8, 0x401, 0x2, 0x0, 0x680000000000, 0x2, 0x7, 0xe88, 0x80000007, 0x0, 0xfffffffffffffffb, 0xffff, 0x9, 0x8, 0x10000001000, 0x0, 0x5, 0x1, 0xfffffffffffff000, 0x10000, 0x7ffd, 0xffffffffffffff80, 0x6, 0x46b, 0x4, 0x6, 0x6, 0x4f65, 0x1, 0x7b, 0x3]}) 2.024381924s ago: executing program 3 (id=25): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x6, 0x8, &(0x7f0000000140)=ANY=[@ANYBLOB="180200000d0000000000000000000000850000000500000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x0, 0xe, 0x0, &(0x7f0000000040)="581f9239658ea95ed371ea3dd361", 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50) 1.96040837s ago: executing program 0 (id=26): ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000140)={0xffffffffffffffff, 0xc8}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x4, 0xffffffffffffffff, 0x1}) ioctl$KVM_CREATE_VM(r2, 0x400454d9, 0x110c23401e) 1.811922142s ago: executing program 3 (id=27): prctl$PR_SET_MM_MAP(0x23, 0xe, 0x0, 0x0) io_uring_setup(0x4, 0x0) openat$sysfs(0xffffffffffffff9c, 0x0, 0x153000, 0x80) syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000410, &(0x7f0000000100)={[{@grpid}, {@grpquota}]}, 0x4, 0x4eb, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=") quotactl$Q_SETQUOTA(0xffffffff80000800, &(0x7f0000000000)=@loop={'/dev/loop', 0x0}, 0x0, 0x0) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2241, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) write$tun(r0, &(0x7f0000000040)=ANY=[], 0x1043) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) 1.780929915s ago: executing program 0 (id=28): syz_pidfd_open(0x0, 0x0) wait4(0x0, 0x0, 0x40000000, 0x0) syz_read_part_table(0x4078, &(0x7f0000004080)="$eJzszzFKA1EQBuB/TYJRVLAWxEWwFO2scotcQDyCjY0JpvMYgk3wAN7AI5lGnoQsuhtbBZXva2bm393Z98KvcP/aNFfd/OWmO+829fnyaT/JUZ23UkqGSfprKxclOTvPYHu4kZ0k11//Op5/3w0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC/Zroe9LrjY1MPMrsd5aKsTO56qZon9Wmy9/nBoiRb7Q3L98bzHzg6AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDflVLKsladtJ/+KqySaSt/OM5sdFhlmNQn7S2Tj3YzGbyzP4c2AAAgEAMTdmT/PVAIJPrd3QJNX2Wu0hU4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAZQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cEACAAAAIOj/63YECgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKwUAAP//TWYnqQ==") r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo/3\x00') read$FUSE(r0, &(0x7f0000000040)={0x2020}, 0x2020) 1.488971359s ago: executing program 3 (id=29): r0 = openat$vnet(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0) ioctl$int_in(r0, 0x40000000af01, 0x0) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000300)) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f00000000c0)={0x0, 0x0, 0x0, &(0x7f0000000340)=""/75, 0x0}) r2 = dup(r1) ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f0000000000)={0x0, r2}) read$char_usb(r2, &(0x7f0000000240)=""/150, 0x96) syz_emit_ethernet(0x0, 0x0, 0x0) 1.024103386s ago: executing program 3 (id=30): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0x80111500, 0x20000000) write$eventfd(r3, &(0x7f0000000000), 0xfffffdef) close(0x4) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) 757.900088ms ago: executing program 3 (id=31): syz_mount_image$fuse(0x0, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYBLOB=',rootmode=00000000000000'], 0x0, 0x0, 0x0) keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='new default trusted:syz -922337'], 0x2d, 0xfffffffffffffff9) add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe) 622.175029ms ago: executing program 3 (id=32): r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, 0x0) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000940)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_script(r2, 0x0, 0xb) splice(r3, 0x0, r5, 0x0, 0xf3a, 0x0) write$binfmt_misc(r5, &(0x7f0000000980), 0xfdef) splice(r1, 0x0, r5, 0x0, 0x80, 0x4) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) read$FUSE(r4, &(0x7f0000000980)={0x2020}, 0x2020) 415.796396ms ago: executing program 0 (id=33): r0 = socket(0x1, 0x803, 0x0) getsockname$packet(r0, 0x0, &(0x7f0000000200)) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f00000002c0)='westwood\x00', 0x9) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x35, &(0x7f0000000100)={0x0, 0x0}, 0x10) 330.507543ms ago: executing program 1 (id=34): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0, 0xffffffffffffffff}, 0x4) bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000a40)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb702000008000000182300", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000b000000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 217.709602ms ago: executing program 1 (id=35): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x400e, &(0x7f0000000300)={[{@i_version}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@block_validity}, {@sysvgroups}]}, 0x1, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV") r0 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x2e) fsetxattr$trusted_overlay_redirect(r1, &(0x7f0000000000), &(0x7f0000000040)='./file1\x00', 0xffd7, 0x1) write$P9_RREADLINK(r0, 0x0, 0x0) 201.265644ms ago: executing program 0 (id=36): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000a40)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r1 = accept4$alg(r0, 0x0, 0x0, 0x80800) io_setup(0xff, &(0x7f0000000380)=0x0) sendmsg$alg(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000000c0)="61875d877554e6405a547410a3693bfb", 0x10}], 0x1, 0x0, 0x0, 0x20040001}, 0x4000000) io_submit(r2, 0x1, &(0x7f0000001440)=[0x0]) 0s ago: executing program 0 (id=37): r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000700)=ANY=[@ANYBLOB="9feb01001800000000000000180000001800000004000000020000000000000c02000000000000000000000d0000000000005f"], 0x0, 0x34}, 0x28) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000ed0759cb47cd90df41fa7a40c72a22dcc53a83731c39b01fceb7"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r0, 0x8, &(0x7f00000000c0)={0x0, 0x1}, 0x1}, 0x90) bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.147' (ED25519) to the list of known hosts. syzkaller login: [ 81.829240][ T5775] cgroup: Unknown subsys name 'net' [ 81.999468][ T5775] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 83.742552][ T5775] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 85.338099][ T50] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 85.361436][ T50] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 85.382291][ T50] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 85.390743][ T50] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 85.401382][ T50] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 85.408836][ T50] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 85.458382][ T5788] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 85.467362][ T5793] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 85.475494][ T5793] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 85.495201][ T5796] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 85.521358][ T5796] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 85.528889][ T5798] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 85.572162][ T5798] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 85.584016][ T5798] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 85.618076][ T5788] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 85.642724][ T5788] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 85.650604][ T5788] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 85.658531][ T5799] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 85.666948][ T5788] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 85.675699][ T5799] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 85.683191][ T5788] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 85.690971][ T5788] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 85.698843][ T5788] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 85.711157][ T5788] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 85.840289][ T5785] chnl_net:caif_netlink_parms(): no params data found [ 86.044023][ T5785] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.052433][ T5785] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.059786][ T5785] bridge_slave_0: entered allmulticast mode [ 86.067854][ T5785] bridge_slave_0: entered promiscuous mode [ 86.078392][ T5785] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.085839][ T5785] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.093589][ T5785] bridge_slave_1: entered allmulticast mode [ 86.100617][ T5785] bridge_slave_1: entered promiscuous mode [ 86.219176][ T5785] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 86.254412][ T5785] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 86.355855][ T5789] chnl_net:caif_netlink_parms(): no params data found [ 86.379581][ T5791] chnl_net:caif_netlink_parms(): no params data found [ 86.393374][ T5785] team0: Port device team_slave_0 added [ 86.407930][ T5785] team0: Port device team_slave_1 added [ 86.414134][ T5790] chnl_net:caif_netlink_parms(): no params data found [ 86.509907][ T5785] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 86.517235][ T5785] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.543667][ T5785] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 86.578050][ T5785] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 86.586005][ T5785] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.612427][ T5785] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 86.707477][ T5789] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.714850][ T5789] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.723095][ T5789] bridge_slave_0: entered allmulticast mode [ 86.730328][ T5789] bridge_slave_0: entered promiscuous mode [ 86.783268][ T5789] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.790465][ T5789] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.798934][ T5789] bridge_slave_1: entered allmulticast mode [ 86.807637][ T5789] bridge_slave_1: entered promiscuous mode [ 86.840139][ T5791] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.847565][ T5791] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.854968][ T5791] bridge_slave_0: entered allmulticast mode [ 86.862736][ T5791] bridge_slave_0: entered promiscuous mode [ 86.870920][ T5791] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.878094][ T5791] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.887222][ T5791] bridge_slave_1: entered allmulticast mode [ 86.894782][ T5791] bridge_slave_1: entered promiscuous mode [ 86.926091][ T5790] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.933535][ T5790] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.940876][ T5790] bridge_slave_0: entered allmulticast mode [ 86.947881][ T5790] bridge_slave_0: entered promiscuous mode [ 86.977499][ T5785] hsr_slave_0: entered promiscuous mode [ 86.984281][ T5785] hsr_slave_1: entered promiscuous mode [ 87.007900][ T5789] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 87.021515][ T5789] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 87.030903][ T5790] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.038104][ T5790] bridge0: port 2(bridge_slave_1) entered disabled state [ 87.046142][ T5790] bridge_slave_1: entered allmulticast mode [ 87.054008][ T5790] bridge_slave_1: entered promiscuous mode [ 87.077515][ T5791] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 87.095298][ T5791] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 87.224394][ T5791] team0: Port device team_slave_0 added [ 87.238810][ T5789] team0: Port device team_slave_0 added [ 87.247943][ T5789] team0: Port device team_slave_1 added [ 87.264080][ T5790] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 87.282824][ T5790] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 87.305056][ T5791] team0: Port device team_slave_1 added [ 87.441893][ T5793] Bluetooth: hci0: command tx timeout [ 87.450019][ T5789] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 87.462123][ T5789] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.495209][ T5789] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 87.516616][ T5790] team0: Port device team_slave_0 added [ 87.530536][ T5791] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 87.543388][ T5791] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.574818][ T5791] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 87.588299][ T5791] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 87.600373][ T5791] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.631629][ T5791] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 87.645724][ T5789] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 87.654181][ T5789] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.685050][ T5789] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 87.696577][ T5793] Bluetooth: hci1: command tx timeout [ 87.706325][ T5790] team0: Port device team_slave_1 added [ 87.760843][ T5793] Bluetooth: hci2: command tx timeout [ 87.766617][ T5793] Bluetooth: hci3: command tx timeout [ 87.819014][ T5790] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 87.826578][ T5790] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.852916][ T5790] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 87.884014][ T5789] hsr_slave_0: entered promiscuous mode [ 87.890500][ T5789] hsr_slave_1: entered promiscuous mode [ 87.896993][ T5789] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 87.905107][ T5789] Cannot create hsr debugfs directory [ 87.933248][ T5790] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 87.940236][ T5790] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.966862][ T5790] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 88.008747][ T5791] hsr_slave_0: entered promiscuous mode [ 88.015969][ T5791] hsr_slave_1: entered promiscuous mode [ 88.022897][ T5791] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 88.030487][ T5791] Cannot create hsr debugfs directory [ 88.092377][ T5790] hsr_slave_0: entered promiscuous mode [ 88.098947][ T5790] hsr_slave_1: entered promiscuous mode [ 88.107422][ T5790] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 88.115296][ T5790] Cannot create hsr debugfs directory [ 88.223054][ T5785] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 88.272570][ T5785] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 88.303911][ T5785] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 88.315308][ T5785] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 88.567491][ T5789] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 88.586060][ T5789] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 88.598008][ T5789] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 88.609547][ T5789] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 88.702357][ T5790] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 88.713161][ T5790] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 88.727651][ T5790] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 88.763415][ T5790] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 88.812153][ T5791] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 88.834161][ T5785] 8021q: adding VLAN 0 to HW filter on device bond0 [ 88.851463][ T5791] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 88.862469][ T5791] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 88.875276][ T5791] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 88.938519][ T5785] 8021q: adding VLAN 0 to HW filter on device team0 [ 88.980539][ T1123] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.987944][ T1123] bridge0: port 1(bridge_slave_0) entered forwarding state [ 89.024882][ T1123] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.032087][ T1123] bridge0: port 2(bridge_slave_1) entered forwarding state [ 89.116979][ T5789] 8021q: adding VLAN 0 to HW filter on device bond0 [ 89.176043][ T5789] 8021q: adding VLAN 0 to HW filter on device team0 [ 89.216066][ T42] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.223273][ T42] bridge0: port 1(bridge_slave_0) entered forwarding state [ 89.236062][ T42] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.243303][ T42] bridge0: port 2(bridge_slave_1) entered forwarding state [ 89.269963][ T5790] 8021q: adding VLAN 0 to HW filter on device bond0 [ 89.367831][ T5790] 8021q: adding VLAN 0 to HW filter on device team0 [ 89.419539][ T55] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.426794][ T55] bridge0: port 1(bridge_slave_0) entered forwarding state [ 89.446521][ T55] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.453753][ T55] bridge0: port 2(bridge_slave_1) entered forwarding state [ 89.468717][ T5791] 8021q: adding VLAN 0 to HW filter on device bond0 [ 89.521229][ T5793] Bluetooth: hci0: command tx timeout [ 89.563739][ T5791] 8021q: adding VLAN 0 to HW filter on device team0 [ 89.618497][ T1123] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.625728][ T1123] bridge0: port 1(bridge_slave_0) entered forwarding state [ 89.670521][ T1123] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.677734][ T1123] bridge0: port 2(bridge_slave_1) entered forwarding state [ 89.768895][ T5793] Bluetooth: hci1: command tx timeout [ 89.775430][ T5785] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 89.842840][ T5793] Bluetooth: hci3: command tx timeout [ 89.848426][ T5793] Bluetooth: hci2: command tx timeout [ 90.000531][ T5789] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 90.032481][ T5785] veth0_vlan: entered promiscuous mode [ 90.083352][ T5790] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 90.094285][ T5785] veth1_vlan: entered promiscuous mode [ 90.209645][ T5785] veth0_macvtap: entered promiscuous mode [ 90.235352][ T5785] veth1_macvtap: entered promiscuous mode [ 90.279753][ T5790] veth0_vlan: entered promiscuous mode [ 90.309641][ T5785] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 90.327148][ T5789] veth0_vlan: entered promiscuous mode [ 90.348967][ T5790] veth1_vlan: entered promiscuous mode [ 90.357885][ T5789] veth1_vlan: entered promiscuous mode [ 90.370162][ T5785] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 90.392478][ T5791] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 90.419210][ T5785] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.428543][ T5785] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.437746][ T5785] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.446928][ T5785] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.550714][ T5790] veth0_macvtap: entered promiscuous mode [ 90.569092][ T5789] veth0_macvtap: entered promiscuous mode [ 90.585134][ T5789] veth1_macvtap: entered promiscuous mode [ 90.598739][ T5790] veth1_macvtap: entered promiscuous mode [ 90.619850][ T5791] veth0_vlan: entered promiscuous mode [ 90.653782][ T5791] veth1_vlan: entered promiscuous mode [ 90.664251][ T5790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 90.675355][ T5790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.688504][ T5790] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 90.726492][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 90.737384][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.747535][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 90.758801][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.771809][ T5789] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 90.789445][ T1079] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.791318][ T5790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 90.813415][ T1079] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.823288][ T5790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.834737][ T5790] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 90.846915][ T5790] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.855714][ T5790] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.864696][ T5790] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.874120][ T5790] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.928314][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 90.942168][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.953699][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 90.964415][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.976664][ T5789] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 90.989403][ T5789] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.998735][ T5789] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.009438][ T5789] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.018279][ T5789] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.041370][ T55] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.049435][ T55] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.085324][ T5791] veth0_macvtap: entered promiscuous mode [ 91.124786][ T5791] veth1_macvtap: entered promiscuous mode [ 91.217181][ T5791] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 91.232919][ T5791] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.242858][ T5791] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 91.253415][ T5791] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.263646][ T5791] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 91.274293][ T5791] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.286688][ T5791] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 91.306628][ T42] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.324026][ T42] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.355575][ T5791] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 91.370383][ T5791] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.381144][ T5791] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 91.392368][ T5791] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.411285][ T5791] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 91.428495][ T5791] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.434353][ T5878] syz.0.1[5878]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 91.442568][ T5791] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 91.479907][ T5878] loop0: detected capacity change from 0 to 2048 [ 91.491523][ T5791] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.500279][ T5791] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.510401][ T5791] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.520007][ T5791] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.530558][ T5878] EXT4-fs: Ignoring removed mblk_io_submit option [ 91.544447][ T42] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.561663][ T5878] EXT4-fs: Ignoring removed bh option [ 91.565380][ T42] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.601116][ T5793] Bluetooth: hci0: command tx timeout [ 91.612872][ T1123] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.630915][ T1123] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.647463][ T55] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.658558][ T55] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.667733][ T5878] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 91.842060][ T5793] Bluetooth: hci1: command tx timeout [ 91.913403][ T5878] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 91.924706][ T5788] Bluetooth: hci3: command tx timeout [ 91.934146][ T5793] Bluetooth: hci2: command tx timeout [ 91.967838][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.007152][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.038988][ T5878] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 159 with max blocks 1 with error 28 [ 92.176006][ T5883] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 4 with max blocks 1 with error 28 [ 92.218314][ T5878] EXT4-fs (loop0): This should not happen!! Data will be lost [ 92.218314][ T5878] [ 92.228173][ T5878] EXT4-fs (loop0): Total free blocks count 0 [ 92.234515][ T5878] EXT4-fs (loop0): Free/Dirty block details [ 92.240524][ T5878] EXT4-fs (loop0): free_blocks=2415919104 [ 92.247821][ T5878] EXT4-fs (loop0): dirty_blocks=32 [ 92.255645][ T5878] EXT4-fs (loop0): Block reservation details [ 92.262307][ T5878] EXT4-fs (loop0): i_reserved_data_blocks=2 [ 92.279010][ T1079] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.298737][ T1079] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.308645][ T5887] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 92.349910][ T27] cfg80211: failed to load regulatory.db [ 93.681359][ T5793] Bluetooth: hci0: command tx timeout [ 93.922361][ T5793] Bluetooth: hci1: command tx timeout [ 94.000967][ T5788] Bluetooth: hci3: command tx timeout [ 94.007709][ T5793] Bluetooth: hci2: command tx timeout [ 95.039786][ T5922] loop2: detected capacity change from 0 to 512 [ 95.098042][ T5922] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 95.103136][ T5917] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 95.510821][ T5790] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 96.368331][ T5955] fuse: Bad value for 'fd' [ 96.722125][ T5966] loop3: detected capacity change from 0 to 512 [ 96.829022][ T5966] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 96.842396][ T5966] ext4 filesystem being mounted at /8/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 96.897816][ T5966] EXT4-fs error (device loop3): ext4_map_blocks:608: inode #2: block 3: comm syz.3.27: lblock 0 mapped to illegal pblock 3 (length 1) [ 96.949654][ T5972] netlink: 8 bytes leftover after parsing attributes in process `syz.1.24'. [ 96.994273][ T5789] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 97.013813][ T5789] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5902: Corrupt filesystem [ 97.030431][ T5789] EXT4-fs error (device loop3): ext4_quota_off:7222: inode #4: comm syz-executor: mark_inode_dirty error [ 98.284594][ T5996] loop1: detected capacity change from 0 to 512 [ 98.293490][ T5996] EXT4-fs: Ignoring removed i_version option [ 98.318980][ T5996] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 98.334218][ T5996] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 98.355597][ T5996] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2867: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 98.377913][ T5996] EXT4-fs (loop1): 1 truncate cleaned up [ 98.386655][ T5996] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 98.509533][ T5791] EXT4-fs warning (device loop1): ext4_xattr_inode_create:1486: refuse to create EA inode when umounting [ 98.524247][ T5791] ------------[ cut here ]------------ [ 98.529769][ T5791] WARNING: CPU: 0 PID: 5791 at fs/ext4/xattr.c:1487 ext4_xattr_inode_lookup_create+0x5be/0x1d80 [ 98.540961][ T5791] Modules linked in: [ 98.544947][ T5791] CPU: 0 PID: 5791 Comm: syz-executor Not tainted 6.6.100-syzkaller #0 [ 98.553310][ T5791] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 98.566012][ T5791] RIP: 0010:ext4_xattr_inode_lookup_create+0x5be/0x1d80 [ 98.573221][ T5791] Code: 4c 8b 7c 24 10 e9 12 0a 00 00 e8 2d ea 43 ff 48 89 df 48 c7 c6 bb df 5b 8c ba ce 05 00 00 48 c7 c1 60 d0 be 8a e8 52 56 fc ff <0f> 0b 49 c7 c6 ea ff ff ff 48 8b 5c 24 08 e9 fe 09 00 00 48 8d 78 [ 98.593025][ T5791] RSP: 0018:ffffc9000468f3e0 EFLAGS: 00010246 [ 98.600198][ T5791] RAX: c0434b189e643200 RBX: ffff8880606f0000 RCX: c0434b189e643200 [ 98.609061][ T5791] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000 [ 98.617157][ T5791] RBP: ffffc9000468f5b0 R08: ffffc9000468efa7 R09: 1ffff920008d1df4 [ 98.625248][ T5791] R10: dffffc0000000000 R11: fffff520008d1df5 R12: ffff88805db916e8 [ 98.633507][ T5791] R13: dffffc0000000000 R14: 0000000000000000 R15: ffff88805db916b0 [ 98.642444][ T5791] FS: 0000555568d29500(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 98.651845][ T5791] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 98.658485][ T5791] CR2: 00007ffc27b00fd8 CR3: 0000000060e67000 CR4: 00000000003506f0 [ 98.666558][ T5791] Call Trace: [ 98.669870][ T5791] [ 98.672959][ T5791] ? mark_lock+0x94/0x320 [ 98.677336][ T5791] ? ext4_xattr_ibody_set+0x6a0/0x6a0 [ 98.682818][ T5791] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 98.688860][ T5791] ? ext4_xattr_block_set+0xd6/0x32a0 [ 98.694369][ T5791] ext4_xattr_block_set+0x23e/0x32a0 [ 98.699719][ T5791] ? write_boundary_block+0xb0/0xb0 [ 98.706059][ T5791] ? __might_sleep+0xe0/0xe0 [ 98.710962][ T5791] ? __getblk_gfp+0x54/0x660 [ 98.716004][ T5791] ? ext4_xattr_block_find+0x350/0x350 [ 98.723141][ T5791] ? ext4_xattr_block_find+0x2d4/0x350 [ 98.728672][ T5791] ext4_expand_extra_isize_ea+0x10ea/0x19e0 [ 98.735441][ T5791] __ext4_expand_extra_isize+0x306/0x400 [ 98.741201][ T5791] __ext4_mark_inode_dirty+0x45d/0x6e0 [ 98.746734][ T5791] ext4_dirty_inode+0xcb/0x110 [ 98.751621][ T5791] ? __ext4_expand_extra_isize+0x400/0x400 [ 98.757484][ T5791] __mark_inode_dirty+0x2b4/0xc80 [ 98.762645][ T5791] iput+0x1cc/0x920 [ 98.766513][ T5791] __dentry_kill+0x431/0x650 [ 98.771221][ T5791] shrink_dentry_list+0x39f/0x6a0 [ 98.776310][ T5791] shrink_dcache_parent+0xac/0x3c0 [ 98.781550][ T5791] ? write_sequnlock+0x30/0x30 [ 98.786367][ T5791] ? down_read_trylock+0x1d6/0x370 [ 98.791582][ T5791] ? __init_rwsem+0x160/0x160 [ 98.796314][ T5791] do_one_tree+0x23/0xe0 [ 98.800607][ T5791] shrink_dcache_for_umount+0x69/0x110 [ 98.809323][ T5791] generic_shutdown_super+0x67/0x2b0 [ 98.815824][ T5791] kill_block_super+0x44/0x90 [ 98.820564][ T5791] ext4_kill_sb+0x68/0xa0 [ 98.825060][ T5791] deactivate_locked_super+0x97/0x100 [ 98.830498][ T5791] cleanup_mnt+0x429/0x4c0 [ 98.835073][ T5791] task_work_run+0x1ce/0x250 [ 98.839726][ T5791] ? task_work_cancel+0x240/0x240 [ 98.844871][ T5791] ? exit_to_user_mode_loop+0x3b/0x110 [ 98.850404][ T5791] exit_to_user_mode_loop+0xe6/0x110 [ 98.855825][ T5791] exit_to_user_mode_prepare+0xb1/0x140 [ 98.861523][ T5791] syscall_exit_to_user_mode+0x1a/0x50 [ 98.867034][ T5791] do_syscall_64+0x61/0xb0 [ 98.871669][ T5791] ? clear_bhb_loop+0x40/0x90 [ 98.876400][ T5791] ? clear_bhb_loop+0x40/0x90 [ 98.882966][ T5791] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 98.888932][ T5791] RIP: 0033:0x7fdf0838fe97 [ 98.894140][ T5791] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 98.914940][ T5791] RSP: 002b:00007ffc27b011a8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 98.923692][ T5791] RAX: 0000000000000000 RBX: 00007fdf08411bdd RCX: 00007fdf0838fe97 [ 98.931787][ T5791] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc27b01260 [ 98.939811][ T5791] RBP: 00007ffc27b01260 R08: 0000000000000000 R09: 0000000000000000 [ 98.947905][ T5791] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc27b022f0 [ 98.956080][ T5791] R13: 00007fdf08411bdd R14: 0000000000018085 R15: 00007ffc27b02330 [ 98.964951][ T5791] [ 98.968549][ T5791] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 98.975857][ T5791] CPU: 0 PID: 5791 Comm: syz-executor Not tainted 6.6.100-syzkaller #0 [ 98.984100][ T5791] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 98.994162][ T5791] Call Trace: [ 98.997450][ T5791] [ 99.000389][ T5791] dump_stack_lvl+0x16c/0x230 [ 99.005090][ T5791] ? show_regs_print_info+0x20/0x20 [ 99.010302][ T5791] ? load_image+0x3b0/0x3b0 [ 99.014857][ T5791] panic+0x2c0/0x710 [ 99.018773][ T5791] ? bpf_jit_dump+0xd0/0xd0 [ 99.023312][ T5791] __warn+0x2e0/0x470 [ 99.027326][ T5791] ? ext4_xattr_inode_lookup_create+0x5be/0x1d80 [ 99.033673][ T5791] ? ext4_xattr_inode_lookup_create+0x5be/0x1d80 [ 99.040018][ T5791] report_bug+0x2be/0x4f0 [ 99.044387][ T5791] ? ext4_xattr_inode_lookup_create+0x5be/0x1d80 [ 99.050753][ T5791] ? ext4_xattr_inode_lookup_create+0x5be/0x1d80 [ 99.057129][ T5791] ? ext4_xattr_inode_lookup_create+0x5c0/0x1d80 [ 99.063506][ T5791] handle_bug+0xcf/0x120 [ 99.067813][ T5791] exc_invalid_op+0x1a/0x50 [ 99.072364][ T5791] asm_exc_invalid_op+0x1a/0x20 [ 99.077346][ T5791] RIP: 0010:ext4_xattr_inode_lookup_create+0x5be/0x1d80 [ 99.084308][ T5791] Code: 4c 8b 7c 24 10 e9 12 0a 00 00 e8 2d ea 43 ff 48 89 df 48 c7 c6 bb df 5b 8c ba ce 05 00 00 48 c7 c1 60 d0 be 8a e8 52 56 fc ff <0f> 0b 49 c7 c6 ea ff ff ff 48 8b 5c 24 08 e9 fe 09 00 00 48 8d 78 [ 99.104025][ T5791] RSP: 0018:ffffc9000468f3e0 EFLAGS: 00010246 [ 99.110105][ T5791] RAX: c0434b189e643200 RBX: ffff8880606f0000 RCX: c0434b189e643200 [ 99.118090][ T5791] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000 [ 99.126072][ T5791] RBP: ffffc9000468f5b0 R08: ffffc9000468efa7 R09: 1ffff920008d1df4 [ 99.134073][ T5791] R10: dffffc0000000000 R11: fffff520008d1df5 R12: ffff88805db916e8 [ 99.142779][ T5791] R13: dffffc0000000000 R14: 0000000000000000 R15: ffff88805db916b0 [ 99.150785][ T5791] ? mark_lock+0x94/0x320 [ 99.155132][ T5791] ? ext4_xattr_ibody_set+0x6a0/0x6a0 [ 99.160522][ T5791] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 99.166530][ T5791] ? ext4_xattr_block_set+0xd6/0x32a0 [ 99.171919][ T5791] ext4_xattr_block_set+0x23e/0x32a0 [ 99.177218][ T5791] ? write_boundary_block+0xb0/0xb0 [ 99.182434][ T5791] ? __might_sleep+0xe0/0xe0 [ 99.187057][ T5791] ? __getblk_gfp+0x54/0x660 [ 99.191673][ T5791] ? ext4_xattr_block_find+0x350/0x350 [ 99.197150][ T5791] ? ext4_xattr_block_find+0x2d4/0x350 [ 99.202635][ T5791] ext4_expand_extra_isize_ea+0x10ea/0x19e0 [ 99.208570][ T5791] __ext4_expand_extra_isize+0x306/0x400 [ 99.214226][ T5791] __ext4_mark_inode_dirty+0x45d/0x6e0 [ 99.219706][ T5791] ext4_dirty_inode+0xcb/0x110 [ 99.224493][ T5791] ? __ext4_expand_extra_isize+0x400/0x400 [ 99.230317][ T5791] __mark_inode_dirty+0x2b4/0xc80 [ 99.235364][ T5791] iput+0x1cc/0x920 [ 99.239192][ T5791] __dentry_kill+0x431/0x650 [ 99.243810][ T5791] shrink_dentry_list+0x39f/0x6a0 [ 99.248860][ T5791] shrink_dcache_parent+0xac/0x3c0 [ 99.253998][ T5791] ? write_sequnlock+0x30/0x30 [ 99.258775][ T5791] ? down_read_trylock+0x1d6/0x370 [ 99.263902][ T5791] ? __init_rwsem+0x160/0x160 [ 99.268594][ T5791] do_one_tree+0x23/0xe0 [ 99.272871][ T5791] shrink_dcache_for_umount+0x69/0x110 [ 99.278372][ T5791] generic_shutdown_super+0x67/0x2b0 [ 99.283698][ T5791] kill_block_super+0x44/0x90 [ 99.288401][ T5791] ext4_kill_sb+0x68/0xa0 [ 99.292761][ T5791] deactivate_locked_super+0x97/0x100 [ 99.298170][ T5791] cleanup_mnt+0x429/0x4c0 [ 99.302616][ T5791] task_work_run+0x1ce/0x250 [ 99.307230][ T5791] ? task_work_cancel+0x240/0x240 [ 99.312277][ T5791] ? exit_to_user_mode_loop+0x3b/0x110 [ 99.317758][ T5791] exit_to_user_mode_loop+0xe6/0x110 [ 99.323071][ T5791] exit_to_user_mode_prepare+0xb1/0x140 [ 99.328641][ T5791] syscall_exit_to_user_mode+0x1a/0x50 [ 99.334122][ T5791] do_syscall_64+0x61/0xb0 [ 99.338564][ T5791] ? clear_bhb_loop+0x40/0x90 [ 99.343249][ T5791] ? clear_bhb_loop+0x40/0x90 [ 99.347935][ T5791] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 99.353846][ T5791] RIP: 0033:0x7fdf0838fe97 [ 99.358274][ T5791] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 99.377893][ T5791] RSP: 002b:00007ffc27b011a8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 99.386317][ T5791] RAX: 0000000000000000 RBX: 00007fdf08411bdd RCX: 00007fdf0838fe97 [ 99.394318][ T5791] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc27b01260 [ 99.402298][ T5791] RBP: 00007ffc27b01260 R08: 0000000000000000 R09: 0000000000000000 [ 99.410296][ T5791] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc27b022f0 [ 99.418295][ T5791] R13: 00007fdf08411bdd R14: 0000000000018085 R15: 00007ffc27b02330 [ 99.426312][ T5791] [ 99.429687][ T5791] Kernel Offset: disabled [ 99.434116][ T5791] Rebooting in 86400 seconds..