last executing test programs: 29.612550123s ago: executing program 3 (id=2325): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000001afc180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000090000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) ioprio_set$pid(0x1, 0x0, 0x0) r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001480), 0x42002, 0x0) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0) sendfile(r4, r5, 0x0, 0x20000023896) r6 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$inet_buf(r6, 0x0, 0x0, 0x0, 0x0) getsockopt$inet_opts(r6, 0x0, 0x4, 0x0, 0x0) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0x2, 0x4e21, @dev}, 0x10) r7 = socket$nl_route(0x10, 0x3, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000640)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, 0x0, 0x0}) syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a4243c, &(0x7f00000001c0)=ANY=[@ANYRES16=r9, @ANYRES8, @ANYRES32=r11, @ANYRES32=r12, @ANYRESDEC=r10, @ANYRESOCT, @ANYRES64=r11, @ANYRES64, @ANYRES8=r8, @ANYRES8=0x0], 0x3, 0x0, &(0x7f0000000000)) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r7, 0x81f8943c, &(0x7f00000cbc80)) r13 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r13, 0x80044940, &(0x7f0000001b00)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, 0x0, 0x0, 0x0}) syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a4243c, &(0x7f000000b6c0)=ANY=[@ANYRES16=r17, @ANYRES64=r16, @ANYBLOB="12a4095a2aac12f0bfcb206d982e44066381388d27f14002d8d7431d3947f6399c7ff9f5193fc0398653e5a67bbb319f02bf4ac6f6ccd5acbfe1350cc3a6d2d48cf6c089ddf67171ffb3b15988e7b394c5daf3e12ca05e4dbdad7edd45f10cbc296a53a530d4c2d203ee650d5fff3a9b5aae78794fe84327e508172cdd72eeff5af4d6db9379bef20dde8e64b91d31a84ce8a7598bb78cc85108874811fc650f0520a5", @ANYRESOCT=r16, @ANYRESDEC=r14, @ANYRES16=r15, @ANYRESDEC=0x0, @ANYBLOB="9a7f40ad4c7145903a868b9020e1e8899ed5747db23004fc9d248900abcaa6b065cf0800930a71dcd8b8955d93c78b9d4e5e06d8d5c9ac9b75d177754d6eba23e6d2be546c0dfecdf61baf732950a5729c01fbdc11e36cb411be200a9135657acd97d21ee46aac313ebdddd9265af16558dd3e5ba4836659a6abfe08aad84276acf949bdaa34bdf7f7b2dfb2fe8b9d6d225dcecebeb6e15f649994728842bd99fc94897d24315ac2d17bf6c2acfbfa8464d80f36304f88b906b78ab359be3479db5b0e7555f04416807c2202d6551f2425440be741dbe053e0bfeb845623e722a9293843f1cf0a71119dcadf7e353af4da52aed3086d6e5a095774248be9a1b1418dec1c03a2cb0ece0840ebeaaf7b67867da45943b700e2d6dad775ae6f33e55aa86ca84c336c91e3b7d7224f7a9a10d5b45a6ce0769d875415bea136b5508e5e0a88290792da3b11b2284a3d757c301cec78b55d3fcfa073615ccb089f66c5b9a5c84f6c1bb78c3370c4687eab260711fa05525687c7709e15cddea061f70798cbf940ad929eb80f33ad8bb4fcd322dd0558f111d7d01351147976b425a27e573402490055054cf3d80bebde6a89f3086170633740f08780aac3a73f17eaeda8deb642c2887962596b4d78c0ffffb28d0e64073b0641f89cf83a69afaaea03ba6070838fdbdaccb81630a6fdaa77fc10146013b9fd79e965a320daf81c1a51f032a3f462f2740e579eb116cad80b4e233326bf94fea52184517accf608b1fbfb395942869841b9ca0f314beff6b2dc0a74d7599012274b24775f0382e72907c1f0c571b994f048c0266feb775d893fec84e5733cd66a96cd45b60f63743b17b05d99c427a2d00a27fef17cadf128059a2e227b80701755b0bc706f32255c8cd619fa995cc7649f28337361a62cff46669fa4cf095a2d148987a9fafa6e1fb9f59b5ac5ff10a4c62e0187a3c75a983f7f5211142c6c09170a13e29c2044e5568bda8055cee4722e445e83ea01307c42cbe63a5bc529e1200e5874f7500275abacd6cc0e3bf8fd38ab7bab39f54d180d60892e2e3a713a3e654c89b8e9ba4474909991844514c04b655c66ccd6f2a17e29ff69d343ebac7ac5e1510ad4ff52e6a932a97bb0d814259da6545022152dd63f06219a1d66ec2278b694876ed6195b0543b8c9289b8438e8ee57dd38bcdb045a6fc4cede28effaa0354afbd4190fcbccd9a0e91508e4399e0e30a0bfdedcc19454b6dd7c2785a6e4fe74a0ece1d683ad07d76eafec02fb0d88debfeacd3531413185da0ffa4fb9b5e6d5a916f7bb5d51efc8ab61e4953fc6b2d1e670769f3ca56d51b804ceb118278acc90422e1f51e448a27d2fe4f93c88cf7c6148474bf650902dd6dd96541044113d244cf938150ec426e7ed63e1f153bbe328f4232552b104c8dee60b0c4e4c25f2605e97cc6f4263d32e8340be2d167137682373ae4cd501fdc9c5359b40f52803a5e4c0e04a5de0412c5cbd4d05e6135a1209d4b2dff50d39e481f1d1b01ed71004fb0c18e736af8ab176f833a439a85c9132e6d2296f665771c6a284eadc08c94ffa520dcc37fd6426c152364699514b15d4df6732fff39834e8ba29688b19db27a970d9d7fbee973c76bee04fb6164963969ebde0f785606781d63726736d8b60a713d5f72207a23f6f00420fdf24d14c069f36a7e236620481cc7a63857cc1355bac8d4f9a3f32785ad4d9d81719077a816b33b98006c322ee473aa9f8f83fae86a4d421104b298a9e42357c44b773e3504b3f9eb5b29330411b776b78fdb6dd9713dd1aee0cc9c7ee8bd23a50d4c8babaf6d74bc25377009a8c57c941f80e58ac08c93a275656cbad3864df9e791305d66103ab30983b07553ede5b5d5b0aab157f805eb6c11c75dd7f297c2cc9110551131a797164dec422b13799f1c261464c765a62c201eb9c8686eee94642d59f429cd137cba0d1a8126dcdfc28ea5c201526c61164a86f480dfde0c60fdf6afd3cd64719de1d89b5a362e058054a9db73aaffac324b04e8903060e1f14ca4ac31c82183066e6d581685efbe3452a20a665166b03808220770d66051971b61d8114376e22a4511cae9fdf7bbed68bb9f45b57eee1c15775730ef1434731d7b82a7cbcd6155396263984edfcea62196189da0ba9908d7d5ef514d75a3e1d4ae42654365083873fc4ce969fa4fac51d640be8d948bb9464d1a7e494c8df98bd5a569ff7fe1aca542c34610148a8f1dc9d60ff0f761270577f286a362f32164184ffce3ad132637e9f0381e9ce76a11f296f9d1e835cdc44926104e1df4d0a282a84b9fbc23064bfcab0d221c6e3124ae8ba6022e62f170dcc2d655f73b40f83fd65f5c705bc1f9e8df13adeadff9e1fe4660a55be7dc969cfffaed607190162dcd09d0cd86a297b22142b88f0eb28dd1a45152a4f4f2dca0d96d39fa594349040f486cd486af619b7083236cf90324cddc6f1ed0f6a103c8d936d7f2f31d420ef50931838e66721bff7494617b6b4bc385f3e51b3f81cf5d6953ac7fddc0f3466682911b38bc7f082e0c18e3ae0badf7f3fd3e186ebc2bab71fa26f77bb14cd97e6761c93c8c25887c0ef1f3dc1d8d86ce0fb73190f66f4deca77977e8d6064bfeeac3fad2bc50488c144e2a1a82fcc1e1c12ac54bf3e2d468e8f53241e4a6ad9e466746a45b053452ded5caa20461881d78d8235e986ba8b77e83601655d2650bf1b64ce17c75314216b43bbd1101a2e12e57525bb7d3b136a70635bdac8af24367a24ce2fe2a72ef2b0e56ff8dc62a82946f86f9b6b1418a89b1971372dfe7d5ce2e6611befff721f04a19bce7f90b1551a4cdead136662c50513fdde6f9d4a199c3907ed8799f231f54dd8347c71d829ff8ddc5d96b5aac2fe58652c81ff7f54e2568119dff2763ef435aa420630dacc7e9414340ee8688f46c7a8ab96d860937641042b3cdf6857ff1d2d4e47cec1f23e65fe541f38cb96b132666f999002e89cd1896ca58c2e63b87382e1a6c1ee9afa56cf3ba923fa9c989e20bff313f37252632fdcff03fbdd2d334ee93baf75c1bdae30feaa81fb2ac1b63c42dda06f20ce8c9d003eb3efed7931def342fb874fce92763f6f477c7f589b75d2129419fc4cb7a8893a1d3f94533ed9fdf9f21fc254fd80aa74750833d390327a2107e761240928d35a36c5eaca61fd848116b8dd7ec8157928bc2dd87f7756aa517cf6a61d2009fd4ba0579ca3b3129cfd5403546f5ab6d0575799a008fc67da9658427636d8f806d9b8cad64aee438d0a9b45957f31a5afe3ed894add9acadfd347246099c6ff0b4ec6f19ac61557daf8739e528185ab1468ca72d6d72e4f026e371e540b774b6576df3014dcc9e91b2cd1f0403a4fcaa6627b22682bb54f92150c2917acaee1972b2b03bc2bd37fdb9e7352c654d94ef196b7229e4da5ee62b7d395ecdd5177f2563242ea49ff78151a4a816a94e89b03f41c7e6684f8be3e5802e9338e7cbd3b43f708c062f944a59f31b02ca9a177e6b681accee8785d2467d2d78636be4330febaa3f6907db07992a2de74e459f3ae8ee6adae20cbc75aabd2d5d3424de0ddcc3ddd981c3a4966c57f8fdb1c42db87395f0bc800ff8ddb4c228a7d793d8a997885494a8578f5433d3f82886ea573641bf16065efbc25718c88f7277ce04c94af560d8deb7968496f849d3fad78741272b08bf7aec3f3c777428d3b8b897333ae5afb6823af63cb7347601ee2e8d4e21b21a12e6d42f66a1aac26d296bc68a998d8ba179ed5f756c2efd8a7acc0e3f08093bb4a83d37f15b4fe07c90858058ad1ff0e21bb7bf4363079c5d452dba5972b21c8f41daf6f11a51d321d3c1d544190238036d907d965ff469ce4895eb7675f3e94a15f83b837b892a40390d87d76e9b15eda02366299d3dd93943466bceeb2f9e465adccc08e1a02c3ac01815931627ed327e0ffbe09563221a365b88c4f2449bd3634920d5bfbde7cdc92c4cb16a579f35f07dafc87ce6ce4de7bf9e8ff0e80b81cdab8f2164a25a0a6929679ce9ae0dc2ac7ed41a787446676f091597551dc2e8c054224bac6652bba5fb675c0b2c94d2faac160f11b7b96fc96415aca8a47fa03658b8afa24b6bd97f7dbeead9ae5f7ec1cb0d000055f41a5043c6c4c97212398b168b5cb9ee650726eabcc31b6712e815fdaae77885350884fb36d6d5444d5e5500a7d636d4eced14b9d411c765b36a4be06ca9be2965d6d6c06c3b6bcb38babeb2999ee71295d48926bf6e39363fabf74de5e57aa0b59f9dddeca142d0c50ab7ff198196c69c971e6ab591220f4e42d6525e2dbd99b6c57949c854e4ee0e4581f9e3e160b3f66b01f23f4d0472c0a1f307837ac8dac0a257d09ab82975148dcd764fe6359a5f21b9cbe2ae7b9b277489a8b3285b8289a84ff854508b4488ffcf68f47ec7a5c18a8c3d06e26b32f754ac74ea8e93a554147fd3b3daf1fbe924e2e389cac13a5f80f3a21dbd250d3917f7b5acfc739a63f2b3d6b3f099efb4be7a842215c89fc87bd8550d11ba2a4af0f111ab124503b26feeae3be3ee24168dd4553a226b9168edb11c3e61bc850adf995b4d6f1aace6db0b91f805c3d1789a3e6b470e5470968f429d5b05c8f76ca2981e37f5bde4ad00a09755c76774ead7d93f3f41255b1d56152e3699b133b2e0b277427c992323d1b4d8c438434e9e901ddd43788f80cb9a975e9dd1671ce16be5ff8033d5da824f00fd78b540edbcd69a2e9aff03e31af9afefb809434f52b4a1239fdd241ed3a268258addde19d1724155a1a4c877bd59b0659b7a786886f6ffcb5999d1f9c007d615020926f7165a9ddd4aaa3c7b631d30cc951e328131d99282ac06a18f88373092320ea5308f06c376e711aecda4cd1c2b639d9ea7a2613d4e9eaa9a0ef72774fdec622f7d131b45135d577897bf686b460a371083070139ea544bda15012251d6c8e7163c25412841faefba76765648ca7cd1b423403a654b6b5754588ae6c309621477db20f7c9236af1e422ebd3fb6d6a712e7a6d00d58416b7d65a53a2514bf51bedfe9207f16a4d79418600389b98ea8b9e06b8da708a86f191e567925af39a09ac9fd7902e8f8e77567baf1b75c05ba1eb7089b424801405afc982a8d79c80fada184a1ab3bab526a3b0a5e20d2dc6bcdd2c5cb7c49f735f3e8f4d36a388ca805876ae08f0e3acca5dd864c1fa1552068bf799095221480374fd2dcaeddb74be93470eff4fe278e190f0a131f32340ada9cca518af769f42943875f4c5707beee2179771da21cd66405b9973648bd047a516d1cf902fa1f0fcdcbc3f4c1f20fc22f9a7e9f4c3a52576399604c46f83ede44f542d06d54e6e8a1e693a2cfcbb16c178d1bace976133e72cc4533bd02b1c4ec2cc22097435aff5a682ca7227414895450831560fa682493f4814ce8fbdb190f8ce2b533ed9582638511bda93aeae5d0690f745b788db622864ba3fb60952f119427fbe66754c5c038c5fb2cb87c326d65862e353c14950bd1fa7c70e36323e9cf90c81f6275e59c7926acac1560a0b6bbc7a850817f2effa19d485315a219d49e293f871278294d02765cf72caa2f438de3337ed205bf68ff6ddaaa5e4b80de5fba022dfcf9cf074a319678df11eb77b3ef66e512b67ba5182265a60eaf457691e973d23cbaf6000537f886695074ebb616f9cdad9de7c6fe9ecfbd13d537d64c34a7c90ca56b50e60d6a7067e391e63561793edf6ed3c2eeb8555909a59ce73da1f096d41fb42de44494128324a9", @ANYRES8, @ANYRESOCT], 0x0, 0x0, &(0x7f0000000000)) ioctl$TIOCVHANGUP(r4, 0x5437, 0x0) 29.395329384s ago: executing program 3 (id=2332): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x2, 0x1, 0x1b}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4a}, 0x90) 29.191048254s ago: executing program 3 (id=2333): r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000007c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x2c0, 0x0, 0xffffff80, 0x178, 0xc8, 0x178, 0x1f0, 0x230, 0x258, 0x1f0, 0x258, 0x2034, 0x0, {[{{@uncond, 0x1d, 0xa8, 0xc8, 0x340, {0x1e0002a8, 0x7203000000000000}}, @unspec=@TRACE={0x20}}, {{@ipv6={@loopback, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [], [], 'pimreg0\x00', 'veth0_vlan\x00'}, 0x0, 0x100, 0x128, 0x0, {}, [@common=@ah={{0x30}}, @common=@inet=@dscp={{0x28}, {0x52}}]}, @common=@unspec=@CLASSIFY={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x320) 29.047524152s ago: executing program 3 (id=2337): r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x6, &(0x7f0000000080)) getpid() recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ioctl$CEC_DQEVENT(0xffffffffffffffff, 0xc0506107, &(0x7f0000000000)={0x0, 0x0, 0x0, @raw}) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0) sendmmsg$inet_sctp(0xffffffffffffffff, &(0x7f0000001680)=[{0x0, 0x0, 0x0}], 0x1, 0x0) socket$inet6_sctp(0xa, 0x5, 0x84) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000200)={[{@nouid32}, {@resuid={'resuid', 0x3d, 0xee01}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@debug}, {@nombcache}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV") r1 = open(&(0x7f0000000340)='./bus\x00', 0x143142, 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0) r2 = open(&(0x7f0000000500)='./bus\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r2, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5c9d000ff8ee09e737ff0edf110ff4117639c2eb4b78c66ee677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef9cc093fce47d85272036dc78388e3dc177e9b496", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001"}) write$RDMA_USER_CM_CMD_SET_OPTION(r1, &(0x7f0000000440)={0xe, 0x18, 0xfa00, @id_afonly={&(0x7f0000000300)=0x1, 0xffffffffffffffff, 0x0, 0x2, 0x4}}, 0x20) 28.464732206s ago: executing program 3 (id=2341): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10) futimesat(0xffffffffffffffff, 0x0, 0x0) r1 = userfaultfd(0x801) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000a50000002a00000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) r3 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=@ipv6_getaddrlabel={0x1c, 0x4a, 0x492dfc465ae32a8d}, 0x1c}}, 0x0) recvmmsg$unix(r3, &(0x7f0000002640)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000000000/0x4000)=nil, 0x4000}, 0x2}) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000200)={&(0x7f0000001000/0x2000)=nil, &(0x7f0000003000/0x4000)=nil, 0x2000, 0x1}) r4 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000580)=ANY=[@ANYBLOB="12010000459bb2405804035000000000000109021b000111000000090400000195699b0009058b", @ANYRES32=r1], 0x0) syz_usb_control_io(r4, 0x0, 0x0) syz_usb_control_io$hid(r4, 0x0, 0x0) syz_usb_control_io(r4, 0x0, &(0x7f00000016c0)={0x84, &(0x7f0000000040)=ANY=[@ANYBLOB="005e86"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io(r4, 0x0, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='kmem_cache_free\x00', r5}, 0x10) fcntl$lock(r6, 0x5, &(0x7f0000000240)={0x0, 0x0, 0xfffffffffffffffc}) syz_usb_control_io(r4, 0x0, &(0x7f0000000100)={0x84, &(0x7f0000000380)=ANY=[@ANYBLOB="003bf4"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io(r4, 0x0, 0x0) syz_usb_control_io(r4, 0x0, 0x0) syz_usb_control_io(r4, 0x0, 0x0) syz_usb_connect$printer(0x1, 0x2d, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0xff, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x1, 0x7, 0x30, 0xff, [{{0x9, 0x4, 0x0, 0x4, 0x1, 0x7, 0x1, 0x3, 0x5, "", {{{0x9, 0x5, 0x1, 0x2, 0x10, 0x3f, 0x8, 0x5f}}}}}]}}]}}, &(0x7f0000000500)={0xa, &(0x7f00000000c0)={0xa, 0x6, 0x250, 0x7, 0x6, 0x0, 0x40, 0x1}, 0x47, &(0x7f00000001c0)={0x5, 0xf, 0x47, 0x6, [@ext_cap={0x7, 0x10, 0x2, 0x8, 0x9, 0x8, 0x8}, @ssp_cap={0xc, 0x10, 0xa, 0x6, 0x0, 0x20, 0x7800, 0x7}, @ss_cap={0xa, 0x10, 0x3, 0x2, 0x5, 0x8, 0x4, 0x7}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0x8, 0xcb, 0x40, 0x7ff}, @ss_container_id={0x14, 0x10, 0x4, 0x1f, "a87f6ffbd66b0fec3782096a91bca84f"}, @ext_cap={0x7, 0x10, 0x2, 0xc, 0x8, 0xe}]}, 0x4, [{0x2c, &(0x7f0000000240)=@string={0x2c, 0x3, "7c916b8366ccd747e1009c0103c5a16ab4f5c248813b3f9f7d43f06263d37c8da3f1e46ff136ce1689a6"}}, {0x4, &(0x7f0000000280)=@lang_id={0x4, 0x3, 0x2400}}, {0x64, &(0x7f0000000300)=@string={0x64, 0x3, "d3ac78ff97c1becde897a65fc353a2b0e8628b65e536d47589d7fbbb3c5eb9b2c412ed8f5cf3a3680e6a3a6a296c466ba362fc21c2c2bf0dc0e8bcfb65f2093996bac804162169d1a229cc9230b4d2500172d295c6cf324e38da15b74582a0022dcd"}}, {0xcf, &(0x7f00000003c0)=@string={0xcf, 0x3, "2e6c3c05a4297f5441d352d5b2325c6bfe96660cbbaf6bc6528354524e725c56099dc13159766e2c78027ff99666c5f25f99ff946367491fb4400b1bc225952d2c98da69f35f436edb70f877c6ab90dfb90185fa0ddc013b1e68df6c25c9754afcbc1392eaec56b9bcec2824a6e5bd1607babe7c788ad33c541096c49de4d9065cbe318b7d595b16803e200e503df813207a97b4980ea18bf2a696cddaad2bedb8c36f95090efcee6c89c76e200e7a5eb8ad43cc97ba572e7f079daa60cf5237e0da4fbb82f00ebfb399989738"}}]}) syz_usb_control_io(r4, 0x0, &(0x7f0000000a00)={0x84, &(0x7f00000004c0)={0x0, 0x0, 0x3, "f5d35e"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 27.540030027s ago: executing program 3 (id=2350): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000001c0), r0) sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r0, &(0x7f0000000080)={0x0, 0x5, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01400000000000000000037400062c00070073797352656d5f753a6f626a6563745f723a756465765f68656c7065725f657865635f743a733000080002000000e6ff08000400260a3a0914000600626f6e64300000000000000000000000080003"], 0x78}, 0x1, 0xffffffff00000003}, 0x0) 23.899028295s ago: executing program 2 (id=2369): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) getsockopt$inet6_udp_int(r3, 0x11, 0x1, 0x0, &(0x7f0000000f40)) bind$bt_sco(r2, &(0x7f0000000100), 0x12) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r4 = getpid() sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0) r6 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) write$uinput_user_dev(r6, &(0x7f0000000100)={'syz0\x00', {}, 0x7}, 0x45c) ioctl$UI_DEV_SETUP(r6, 0x5501, 0x0) readv(r6, &(0x7f0000000080)=[{&(0x7f0000000580)=""/104, 0x68}], 0x1) write$input_event(r6, &(0x7f0000000000)={{0x77359400}, 0x15}, 0xfe4f) ioctl$sock_TIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0) getpeername$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000580)=0x14) r7 = syz_open_dev$usbfs(&(0x7f0000000040), 0x12, 0x80801) ioctl$USBDEVFS_CONNECTINFO(r7, 0x8004550f, &(0x7f0000001980)) r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000940)=@framed={{0x18, 0x7}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x100000}}]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xa0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000080)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00'}, 0x10) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000004c0)={0xffffffffffffffff, 0xe0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, &(0x7f0000000300), &(0x7f0000000340), 0x8, 0x0, 0x8, 0x0, 0x0}}, 0x10) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000000)={r8, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe7b, 0x0, 0x0, 0x0, 0x10, 0x8, 0x0, 0x0}}, 0x10) r9 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r9, &(0x7f0000000200)=[{&(0x7f0000000080)="580000001400192340834b00000d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100050408000004000000000000", 0x58}], 0x1) syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x2, &(0x7f0000000300)={[{@noload}]}, 0x9, 0x639, &(0x7f0000000580)="$eJzs3c9vG1kdAPDv2PkdIGmEgHKASAhaCZo0aYsqhEQrJE5VVX4ckLhgmrQqdX+oCYKUoqZSuSAhLhxAnDhQDvwPbKWV9rT/wB72sqdVV9Fq1cuuql2vxhl7ncTj2NnY08afj+R63ryJ33eafP2en9/YAQyt+fSfUsTxiLibRMy11I1EVjm/fdzzDx5cTW9J1Go/fz+JBw+TzdbHSrL76YhIKz6eieSNiJgr7213beP+zUq1unovKy+u37q7uLZx/9SNW5Xrq9dXby9/f/n8ubPnzi+dbvmpaz/p9fyOtWxfevzb38/85fKv/vOvF8nSf9++nMSFZszpefX62PuZj/moZVr3p/+v5w+7sYKUm38nn0l279jtx30MiJ40fn+jEfHVmIlyy29zJv7800KDA/qqlkSzjwKGTSL/YUg1xgGN1/bdvQ4e6/OoBBiErYsR32nm/2hENPJ/ZHtuMCbqcwNTz5Md8zxJRJw+hPbTNt58/fLj9BZ9mocD2tt8NJ7Nge/u/5N6bs7GRL009by0I/9L2TTubDZ/+LPOzczkVczvKmftjx/0fIDubT6KiK+1G//vn/+/zu7T/b/J9vf6yiAn/wEAAAAAAIADeHoxIr7X7v2/UnP9z1ib9T/TEXHhENrf//2/0rNDaAZoY+tixA/brv8tNQ6ZLWelL9bXA4wm125UV09HxJci4mSMjqflpdYH/V/LT0fEqb/O/SOv/db1f+ktbb+xFjCL49nIrtVAK5X1yiGcOgy9rUcRXx/JX/+T9v9Jm/4/ze+7XbYx9+0nV/Lq9s9/oF9q/4440bb/T5rHJJ0/n2OxPh5YbIwK9vrGH//2/7z25T8UJ+3/pzrn/3jS+nk9a709/lhEnNkYqeXVH3T8P5b8ohwt643/UFlfv7cUMZZc2rt/ubeY4VUy0bF2tLXwp4io50MjX9L8P/mtzvN/zfF/Sx5OZp/x1Y2vfDL9Tl6d/h+Ks1WOWOnc/8/u7P9731h+MvtaXvtXIv6ZPX916P/P1vv0k9ke83/QWbcJWnScAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAqKkXEFyIpLTS3S6WFhYjpiPhyTJWqd9bWv3vtzu9ur6R19e//LzW+6Xdmu5w0vv9/tqW8vKt8JiKORcTfy5P18sLVO9WVok8eAAAAAAAAAAAAAAAAAAAAXhLT23d7rv9PvVsuNDRgEEaye/kOw2ek6ACAwsh/GF7yH4ZXfv5/+KJWN9BwgAHqtv+vPexzIMDAHXD87+0COAK8/odhNdrdYRP9jgMowo7+f6m4OAAAAAAAgENx7JtP30oiYvMHk/Vbaiyra74xOFlUdEA/lfIqxmNzsJEAg2YNLwwvS39heLVf/Ds78DiA4iTNrY/aXuyfv/o/6U9AAAAAAAAAAAAAAMAeJ453cf0/cCTlXv8PHHkdrv9vd2GPjwuAI8T1/zC8xosOAChcY7Cf903/rv8HAAAAAAAAAAAAgJfAxP2blWp19d7aRtcbD3s5+PNvvBd5VT8aZBiHtbFZeSnCeBU2RiNiV1VtZvvP9mal+ssYbDyNjBlEW2MDbCtno6DnIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYI9PAwAA//+pCyTe") bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x17, 0x10, &(0x7f0000000580)=@framed={{}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {0x7, 0x0, 0x0, 0x8}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x6a}}]}, &(0x7f0000000000)='syzkaller\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 23.250716875s ago: executing program 0 (id=2373): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) r1 = fcntl$dupfd(r0, 0x406, r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NFC_CMD_GET_TARGET(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x0, 0x4}, 0x14}}, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-generic\x00'}, 0x58) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r5 = getpid() sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r8 = openat$nullb(0xffffffffffffff9c, &(0x7f00000016c0), 0x0, 0x0) sync_file_range(r8, 0x0, 0x0, 0x0) accept4(r3, 0x0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, 0x0, 0x0) syz_genetlink_get_family_id$nfc(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL802154_CMD_NEW_INTERFACE(r2, 0x0, 0x0) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), 0xffffffffffffffff) ioctl$TCFLSH(r1, 0x400455c8, 0x1) ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000140)) 22.538791898s ago: executing program 2 (id=2374): ftruncate(0xffffffffffffffff, 0x0) r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@func={0x0, 0x0, 0x0, 0x2}]}}, 0x0, 0x26}, 0x20) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000600)={r0, 0x2, 0x0}, 0x10) sync_file_range(r0, 0x1000, 0x9d30, 0xd) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x8002, &(0x7f00000000c0), 0x1, 0x49b, &(0x7f0000000100)="$eJzs3E9sFFUYAPBvdltaQKQioiBqEY2NxhYKCgcvGE08aGLEgx6bthCkUENrIoRoSQweDYl349GrB6/qzXgy8YpHE0NCDBfA05jZndlu909Ly7Zb2N8vWfrezJt979uZN/Nm3i4B9Kzh7J8k4pGIuB4RO6vZpQWGq3/u3Lo8effW5clYSNOT/yaVcrezfK7YbnueGSlFlL5KIvqa6527eOnsxMzM9IU8PzZ/7tOxuYuXXj1zbuL09Onp8+PHjx89cvjY6+OvrT6opHlRFtftfV/M7t/7zsfX3pustWgw/1sfR6cMx3CrplS82OnKumxHXTppsb/ZnMpR7Z79lf6/M8qtOivwUErTNB1ov3ohbXSlaQnwwEqi2y0AuqO40Gf3v8Vrg4Yem8LNE9UboCzuO/mruqYvSnmZ/ob7204ajoiPFv77LnvFOj2HAACo98uJYiTYOP4rxZ66co/mcyhDEfFYROyKiMcjYndEPBFRKftkRDzV8P7Z+CZdpv7hhnzz+Kd0474CXEE2/nsjn9taOv4rRn8xVM5zOyKKAfP0ofwzGYn+gVNnZqYPL1PHr2/9+U27dfXjv+yV1V+MBfN23OhreEA3NTE/seaAG9y8ErGvrzH+pC8iqc0EJBGxNyL2reJ9h+rSZ17+YX8t07+03MrxV6Qt59E6MFWRfh/xUnX/L8SS/b9YY7L8/OTYYMxMHxrLjoJDLev4/Y+r77erf8X4f/q7cZO3j/188n7Drsn2/7a64z+K+dvF+IeSiKQ2Xzu3+jqu/vV123uatR7/W5IPK+kt+bLPJ+bnLxyO2JK827x8fHHbIl+Uz+IfOdi6/+/Kt8k+iacjIjuIn4mIZyPiubztByLi+Yg4uEz8v735widrj399ZfFPtTz/Ldn/i/P1a0iUzx64frfNyePe9v/RSmokX9L6/JcsOUXcawM78BECAADApleKynf/S6O1dKk0Olp9BrQ7tpVmZufmXzk1+9n5qepvBIaiv1Q86ao+D+5PiuefQ3X58Yb8kfy58bflrZX86OTszFS3g4cet73S55Om/p/5p9zt1gHrzk9+oHet1P/3XNughgAbzvUfeldd/19oU2TBN2Xg4eT6D72rVf//cg3bAA+WVF+Gnqb/Q+/qiw9q6VJXWwJsNNd/6En387v+lRPpQOtVg9FcOAbXpxlbW9TVlUQ2supK7VvXslXxvym0LROl1b3hQDSvKkdX9sXpPR0/+NP8u/KdbuqPG9JPWyW6cjoCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADouP8DAAD//zy63n8=") socket$unix(0x1, 0x5, 0x0) mknodat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x1000, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000000000000b7040000000000008500000033000000850000000500000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r2}, 0xc) r3 = creat(&(0x7f0000003d80)='./file0\x00', 0x0) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r3, 0x0, 0x25, 0xa, @void}, 0x10) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x2c41, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) sendmsg$unix(0xffffffffffffffff, 0x0, 0x0) socketpair$unix(0x1, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r5 = socket$inet_udp(0x2, 0x2, 0x0) r6 = dup(r5) r7 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r7, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4) openat$ptp0(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) dup3(r6, r7, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) sendmsg$inet(r4, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=ANY=[], 0x88}, 0x0) syz_mount_image$udf(&(0x7f0000000f00), &(0x7f0000000100)='./file1\x00', 0x1008008, &(0x7f0000000240)={[{@longad}, {@uid}, {@uid_forget}, {@volume={'volume', 0x3d, 0x3}}, {@lastblock={'lastblock', 0x3d, 0x6}}, {@gid}, {@session={'session', 0x3d, 0xffffffffffffff81}}, {@gid_ignore}, {@iocharset={'iocharset', 0x3d, 'iso8859-1'}}, {@partition={'partition', 0x3d, 0xfffffffffffffffc}}, {@longad}]}, 0x2, 0xc37, &(0x7f0000003380)="$eJzs3U9sHNd9B/DfG+6KK7utmNhRnNQuNi2Qyorl6l9MxSqcVU2zDSDLQijmFoArklIXpkiCpBrZSAumlx56CFAUPeREoDUKpGhgNEXQI9O6QHLxocipJ6KFjaDogS0C5BQwmNm34ooiLUYU9cf6fGzqOzvz3sx7M+sZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8du74ifSgWwEA3E8Xxr56/KTnPwA8Vi75/38AAAAAAAAAAAAAAHjYpSjiqUgxf2E9TVSfuxrnO/XrN8ZHRrevdjBVNQeq8uVP48TJU6e/+NLwmV6e78x+RP177bPxxtilc81X567NL0wvLk5PNcdnO5NzU9O73sNe6291tDoBzWtvXp+6cmWxefLFU7dsvjH04eCTh4fODj9/7Lle2fGR0dGxzSKN/vK1u25I104jPA5EEccixQvf+2lqR0QRez8Xjft77W9R7y0crToxPjJadWSm055dKldf7J2IIqLZV6/VO0fbX4uo1e9XD+6gFbFcNr9s8NGye2Pz7YX25Znp5sX2wlJnqTM3ezF1W1v2pxlFnEkRKxGxNnj77upRRC1SfOfQerocEQO98/CFamDwzu0o9rGPu1C2s1mPWCnueM226TU9g1HE65HiZ+8dicl8n6nuNZ+PeL3MH0S8U+YrEan8YpyO+MAZ/dioRRF/WV7/s+tpqnf/rO4r57/W/Mrslbm+sr37yq/4fLjtTvGAng8Ht+T98ZA/TxpRRLu646+nu//NDgAAAAAAAAAAAAAAAAD32sEo4jOR4rX/+JNqXHFU49IPnR3+w6Ff7x8z/swd9lOWfTEilotdjcmNA3lg4MV0MaUHPJb4cdaIIv40j//71oNuDAAAAAAAAAAAAAAAAAAAwGOtiJ9EipffP5JWon9O8c7s1eal9uWZ7qywvbl/e3Omb2xsbDRTN1s5J3Iu51zJuZpzLWcUuX7OVs6JnMs5V3Ku5lzLGQO5fs5WzomcyzlXcq7mXMsZtVw/ZyvnRM7lnCs5V3Ou5YyHZO5eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICPkyKK+EWk+PY31lOkiGhFTEQ3VwcfdOsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNJgKuL7kaL5R62b62oRkap/u46Uv5yO1oEyPxmt4TJfida5nO0qa61vPYD2szf1VMSPI8Vg492bFzxf/3r3082vQbzzzc1Pn611c6C3cejDwScPHzo7PPpbz+y0nLZrwNHzndnrN5rjI6Otsb7VtXz0T/atG8rHLe5N14mIxbfefrM9MzO9cPcL5VdgD9UfoYVUe1x6aqFaiNpD0YwH03ceA+Xz/4NI8Xvv/2fvgd99/jfi17qfbj7h4+d/tvn8f3nrjnb5/K9trZef/+Uzfbvn/1N9617Ovxup1yIaS9fm64cjGotvvX2sc619dfrq9Ozp48e/NDz8pVPH6wciGlc6M9N9S/fkdAEAAAAAAAAAAAAAAADcP6mIL0eK9o/XUzMiblTjtYbODj9/7LmBGKjGW90ybvuNsUvnmq/OXZtfmF5cnJ5qjs92Juempnd7uEY13Gt8ZHRfOnNHB/e5/Qcbr87Nv7XQufrHS9tuf6Jx7vLi0kJ7cvvNcTCKiFb/mqNVg8dHRqtGz3Tas1XVi9sOpv/V1VMR/xUpJk830+fyujz+f+sI/1vG/y9v3dHex/+Pbjf+7xN968pjplTEzyPF7/7VM/G5qp1PxG3nLJf7u0hx9MyzvcMeKMv1PnTfK9AdGViW/b9I8U+/eDbvs1u2Nx7yqc2yJ3Z1Uh8h5fU/FCm+/xffjd/O6259/8P21/+JrTvap+v/dN+6J255X8Geu06+/scixStPvRu/k9d91Ps/eu/eOJIL33w/xz5d/0/1rRvqHnfg3vQcAAAAAAAAAADg0VZPRfx9pPjhaC29lNft5u//TW3d0T79/a9P962bujfzFd1xYc8nFQAAAAAeEvVUxE8ixdWld2+Oob51/Hff+M/f3xz/OZK2bK3+nO83qvcG3Ms//+s3lI87sfduAwAAAAAAAAAAAAAAAAAAwEMlpSJeyvOpT1Tj+ad2nE99NVK89j8v5HLpcFmuNw/8UPVr48Lc7LFzMzNzk+2l9uWZ6ebYfHtyuqz7dKRY/9tnc92iml+9N998d473zbnYFyLF6D/0ynbnYu/NTf70ZtkTZdlPRIr//sdby/bmsf7UZtmTZdm/iRRf/5ftyx7eLHuqLPvdSPGjrzd7ZZ8oy/bej/rpzbIvTs4V+3BVAAAAAAAAAAAAAAAAAAAAeNzUUxF/Hin+99rKzbH8ef7/et/Hyjvf7Jvvf4sb1Tz/Q9X8/zst3838/9V7BZZ3OioAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHw8pSji7Ugxf2E9rQ6Wn7sa5zuz12+Mj4xuX+1gqmoOVOXLn8aJk6dOf/Gl4TO9/Oj699pn4o2xS+ear85dm1+YXlycnmqOz3Ym56amd72Hvdbf6mh1AprX3rw+deXKYvPki6eq1Qfy5htDHw4+eXjo7PDzx57rlR0fGR0d69tFrX7XR79N2mH9gSjiryPFC9/7afrhYEQRez8Xd/ju7LeDVSeOVp0YHxmtOjLTac8ulRsv9k5EEdHsq9TqnaP7cC32pBWxXDa/bPDRsntj8+2F9uWZ6ebF9sJSZ6kzN3sxdVtb9qcZRZxJESsRsTZ4++7qUcSbkeI7h9bTvw5GDPTOwxcujH31+Mmd21HsYx93oWxnsx6xUjwC1+whNhhF/HOk+Nl7R+LfBiNq0f2Jz0e8XuYPIt6J7vVO5RfjdMQH23yPeDTVooj/L6//2fX03mB5P+jdV85/rfmV2StzfWV795VH/vlwP+18b/ryfW3HDhpRxI+qO/56+nf/XQMAAAAAAAAAAAAAAAA8RIr4zUjx8vtHUjU+OI8pfjpvvTzTHdbXG/vXGzO9sbGx0UzdbOWcyLmccyXnas61nFHk+jlbZTY2Niby5+WcKzlXc67ljIFcP2cr50TO5ZwrOVdzruWMWq6fs5VzIudyzpWcqznXcoZxxQAAAAAAAAAAAAAAAAAAwD4oqn9SfPsb62ljsDu/9ER0c9V8oB97vwwAAP//7Df11w==") 22.07262871s ago: executing program 2 (id=2375): r0 = socket$inet_sctp(0x2, 0x1, 0x84) r1 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000080)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000100)=0x10) r2 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000100)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) r4 = dup2(r1, r0) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r4, 0x84, 0x25, &(0x7f00000003c0)={r3, @in={{0x2, 0x0, @empty}}}, &(0x7f0000000340)=0x90) 21.982008477s ago: executing program 2 (id=2376): r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x6, &(0x7f0000000080)) getpid() recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ioctl$CEC_DQEVENT(0xffffffffffffffff, 0xc0506107, &(0x7f0000000000)={0x0, 0x0, 0x0, @raw}) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0) sendmmsg$inet_sctp(0xffffffffffffffff, &(0x7f0000001680)=[{0x0, 0x0, 0x0}], 0x1, 0x0) socket$inet6_sctp(0xa, 0x5, 0x84) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000200)={[{@nouid32}, {@resuid={'resuid', 0x3d, 0xee01}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@debug}, {@nombcache}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV") r1 = open(&(0x7f0000000340)='./bus\x00', 0x143142, 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0) r2 = open(&(0x7f0000000500)='./bus\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r2, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5c9d000ff8ee09e737ff0edf110ff4117639c2eb4b78c66ee677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef9cc093fce47d85272036dc78388e3dc177e9b496", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001"}) write$RDMA_USER_CM_CMD_SET_OPTION(r1, &(0x7f0000000440)={0xe, 0x18, 0xfa00, @id_afonly={&(0x7f0000000300)=0x1, 0xffffffffffffffff, 0x0, 0x2, 0x4}}, 0x20) 21.500332887s ago: executing program 2 (id=2378): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x40, r0, 0x1, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r2}, @val={0xc}}}, [@chandef_params=[@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x7}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x1671}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x1}]]}, 0x40}}, 0x0) setrlimit(0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r3, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) lsetxattr(0x0, 0x0, 0x0, 0x0, 0x0) mremap(&(0x7f0000ffe000/0x1000)=nil, 0xffffdf004002, 0xffffdf004000, 0x0, &(0x7f0000ffc000/0x1000)=nil) r4 = socket(0x10, 0x3, 0x0) r5 = gettid() syz_open_procfs$userns(r5, &(0x7f0000000280)) sendmsg$nl_generic(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000001e00050300", @ANYBLOB], 0x24}}, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000040)=0x0) prlimit64(r6, 0xa, &(0x7f00000000c0)={0x758, 0xeb0c}, &(0x7f00000001c0)) write$binfmt_misc(0xffffffffffffffff, 0x0, 0xd) sched_setscheduler(0x0, 0x0, 0x0) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x4402, &(0x7f00000003c0)=ANY=[@ANYBLOB="706172743d3078300002a27f9edc6b44900000c63d5f852c6769643d", @ANYRESOCT, @ANYRESOCT, @ANYRES64=0x0, @ANYRESOCT=r7, @ANYRES8, @ANYBLOB="2c6e03d465636f6d706f73652c6769643d29ab72f4a2f73b811c7fd9bae7ecd520839bd791f81b6637f549a77ac6cb621635f9c08b2615964a3c43b727df50d049dc760465dea7349206240e6fb4756f276c72f20bab7d507fe4853b18ebe583cbf9009044b021249834326e80399ca072639251325e38177eef4f05093acfe76553919ecca99460ea4ebdbcef9c4e0ed3f10f86889116979b7aa52b38442546b806d6b8964f99a04195ad43adb611", @ANYRES16=r7, @ANYBLOB="4599"], 0x1, 0x701, &(0x7f00000009c0)="$eJzs3UtoHOcdAPD/rFaPVcGREz/SEsgSQ1oqaksWSqte6pZSdAglpIeeF1uOF6/lIClFNqVR+rj3kFNP6UG30ENJ74b23BAo6VHHQCGXnHRTmdmZ3Vlptbuy9Yrz+4mZ+Wa+x3zzn52ZfSC+AL6xlmej+iSSWJ59czNd39leaI1tL0zm2a2ImIiISkQ1Ikk3JauR5d7Kp/h25Dml5QEfNpfe/vyrnS/aa9V8yspXBtXrY+Lgpq18inpEjOXLg8YPafGT/bvvae/2oe2NKukcYRqwa0Xg4i/P1Co8s70Dtjp5H/8nm3fK9Kl+lOsWOKeS9nMz173UZyKmI2Iqov3Uz+8OldPv4fHaOusOAAAAwFHVjl7lhd3Yjc24cBLdAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgOdVPv5/kk+VIl2PpBj/fyLfFnn6HBo+EOJnk+3lk5PvDAAAAAAAAACcuFd3Yzc240Kxvpdkv/m/VvqN/1vxXqzHSqzF9diMRmzERqzFfETMlBqa2GxsbKzNZzUjLg2oeTM+7VPz5uF9vNW7mhzHcQMAAAAAAADAOTY1JP/++MFtv4/l7u//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwHiQRY+1FNl0q0jNRqUbEVFFuK+LTiJg4294eSdJv45PT7wcAAAA8k6ne1WRqhDovvB+7sRkXivW9JPvMfyX7vDwV78VqbEQzNqIVK3En/wydfuqv7GwvtHa2Fx6k08F2f/rlkbqetRjt7x767/nlrEQt7kYz23I9bkcSe5lK3srLO9sL6fJB/359kPYp+UluQG/GSuk76ezqJ1n6z73fIlSPdIgj2t9o5dCSM1nueCcic3nf0hoXiwj0j8TQs1MduKf5qHS++bk0eE/9Y/7B4L1P7yvV95ubM7E/Ejej0jlDVwZHIuK7//j41/daq/fv3V2fPT+H1Nf7Q0vsj8RCKRJXn6NIDDeXReJyZ305fhG/itn4cvKtWItm/CYasREr9SK/kb+e0/nM4Eh9Nl1ee2tYT9Jrst65f/XrUz16+hT1+HmWasRr2Tm9EM1I4mFErMQb2d/NmO/cDbpn+PIIV31lhDttybXvZYtOmKJ2eNm/jdbkcUnjerEU1/I9dybLK2/pRunFvlEqnnWjP49Kqt/JE2kLfxj4fDht+yMxX4rES4e9Xtoh/eteOl9vrd5fu9d4d8T9vZ4v0+voTwOeEifymB4oPcMvxlR+cBezeZJdU3NZ3kudXhXx+m8zYj7Lu9RppfeJm+Zd7tRrX6m/jIdxp+dK/WEsxmIsZaWvZKXHDzyx0ryrnZZ67+FpXvpOq9r5Yaf8futhtNrvhyK2vva3bYDn2fT3pydq/6v9u/ZR7Y+1e7U3p342+aPJVyZi/F/jP67Ojb1eeSX5e3wUv+t+/gcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ7e+qPH9xut1spa/0Slf1YyuFajtVcMJDagTE8iyYfKGaFwsv7o8d7QBgcnJvPuPWX140wUozUOL1w/wW4kW/vP19Twc1GM8jTCLpJ8mMrSSysinrrPxZ67W8bPwancn6gfuVb9wHHlieIFWyp89Fdvrd/5GouIfoWH3DjGjuHmA5ypGxsP3r2x/ujxD5oPGu+svLOyOr64uDS3tPjGwo27zdbKXHteqnD6o+oBJ6T8dqJjIiJeHV53wECtAAAAAAAAAAAAwAk6jf+FOOtjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL7elmej+iSSmJ+7Ppeu72wvtNKpSHdLViOiEhHJbyOSf0bcivYUM6XmksP282Fz6e3Pv9r5ottWtShfidg6tN6gNru28inqETGWL59BT3u3h7c30U1O9slOOkeRBuxaETg4a/8PAAD//9qm8z8=") ioctl$KVM_CREATE_IRQCHIP(r8, 0xae60) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x41, 0x0, 0x0) clock_adjtime(0x0, &(0x7f00000004c0)={0xc5}) syz_kvm_setup_cpu$x86(r8, r9, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r9, 0x4400ae8f, &(0x7f0000000140)) ioctl$KVM_RUN(r9, 0xae80, 0x0) 20.538909348s ago: executing program 0 (id=2382): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @fib={{0x8}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_FIB_RESULT={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_FIB_DREG={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x78}}, 0x0) 20.370205041s ago: executing program 0 (id=2384): open$dir(&(0x7f0000000000)='.\x00', 0x0, 0x0) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0x1, &(0x7f0000000040)=0x12, 0x4) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000001140)={0x0, 0x0, &(0x7f00000000c0), 0x33a, 0x0, &(0x7f0000000140)="2b7393b7c6347cd49978d5023a81022d1e7baeea09c5d463b04397f7a66a0f0b769bc097d48d09754d7e15e59224486b3df2c3fc8b3379a1a30fee142bb1a32d4c3b32006571f5de9d846e7e8b8e64c79a66e2ba19f7eca5d0e0517dcd4eba1ab882af481e477e362ceb1fd11c9d50b5e3afd7f60aa6881b2681c53ee87badeeba28eba948324721a382f000917a4a6f6f76d04e0b19396feccdbae7795aaa45818dce2d1f7b4642b09dd40bf4bef9854b631eb821b13a7e475d5c9a9d4bbb3fd9b07650683a35d9557d1e7e6496dd6f6f5ca57a5c43b9863819829430e1607ebf0dbb2308a8181ef5ccdcf1eb157470d54635a1a5b7075c77dfdb97155af8fa282fcc5ca5bad36839e0cad1304c542be170a44da4089a32bc3f35a85a6e30b8d233809335a4274938505517a26728b643c2f04917afe55c68759adea3bb70f5b5c3c59fc24d6e3835c110420cfd6de096f8dec90f5f577744d2d0f3ec21819253cdb102d50678293328726f1c4f7163e28e79ab4767e3054dfa9a11b1fdafb8757b2a91f8283ad01712062048b52b5cfcaf648fe760a98ee82fbb1836c88434e0b36f9b56c4d3cd8b42566cba88ddb7418762cd8495a4ec8de7952789c2a6d37cdbbecde53ffea86db893181d9b5c7d4663d1bd78c9cb87af7cbfa54a1b2c98432ef5ba6f43c358ae873495f46850d56d83f3d7d376b3b6120ffe93c8ab6b6f214316d8c3376a5a65d173b6e4243326c729163050547d49338a737bc894f487bc9b51e75ac2031ea714ed6c917f13e3cc0ee85a75e9a98a42f9aad6f1e244c1daa06ee55b205e11aa3a2982387210bccd26c5108f2a548b06dd0a0520ca8f99532ab0a4fd8c33f0f01ad40b74ef4e9f0d01b7bbc8aa69296cca1f19d92c5be8ffa3264e3951dd318363e02d36fa69ecaa3978b6c471c9dde0052632d1ebe277982fb0c900dd3f461257ad46a69b8f1e9bc36d8992426aa4adddc024bb74a39539f1cf801502cbd0d7acb8b2c5d9778a8253d2c8746d5b252a32f67c94cb8916a6310c1af0c0eb6f09a07d5020948a9c0f147c01d4a8b3af25686eadef9eaed2623cb012521ab86453e71bf351c130b6d33ffc388afdb5b2b7c16c1002a0640dd73e7a7e6a852dd2c75209d711a50363e46116ad2a14483c3729"}) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) syz_usb_control_io$cdc_ncm(0xffffffffffffffff, &(0x7f00000009c0)={0x14, &(0x7f0000000880)={0x0, 0xc, 0xf8, {0xf8, 0x23, "b718f59a3ac120a29be448eb20ffd4a1cbdbe751e8391e6c0aac82810bb4a414eef45bd1234ea4e31bfa60c7f49fd515440d887370b8a17623aa491b01173d6ba4deea3bb8a110c80f50bb2b3326188d515e3e0252286c7925fe187b81bcfd9213e9664003581865dda608032290b5a4782f737226d6a702d7a54dd73430b6abebbc544992090138430c7899f4b55ab523a1361d702de958d94f6b7c6c3ea9be39b012c06f9b9e8ed026d87147da89ba9024093579898f970e13543cc3fd1026e5dcf788175506c47ed627da6b9fcb741f78436abc46d90d9360314bc3837dc097dc07f0ee16e1f6787942291eb59d85f596de1c04f6"}}, &(0x7f0000000980)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f0000000c00)={0x44, &(0x7f0000000a00)={0x40, 0xe, 0x18, "39629046a25102e9b18ba51e183aa0291da28610314dd76c"}, &(0x7f0000000a40)={0x0, 0xa, 0xffffffffffffffa1, 0x1}, &(0x7f0000000a80)={0x0, 0x8, 0x1, 0x80}, &(0x7f0000000ac0)={0x20, 0x80, 0x1c, {0x9, 0x1, 0x1, 0x4, 0x0, 0x1000, 0x4, 0x0, 0x0, 0x3ff, 0x8, 0xffb}}, &(0x7f0000000b00)={0x20, 0x85, 0x4}, &(0x7f0000000b40)={0x20, 0x83, 0x2, 0x1}, &(0x7f0000000b80)={0x20, 0x87, 0x2, 0x2}, &(0x7f0000000bc0)={0x20, 0x89, 0xffffffffffffffb3, 0x1}}) ioctl$BTRFS_IOC_DEV_INFO(r0, 0xd000941e, &(0x7f0000003540)={0x0, "1a548af1ccb0c822844ac97828b8eba0"}) ioctl$BTRFS_IOC_SCRUB(r0, 0xc400941b, &(0x7f0000004540)={r2, 0xb6fd, 0x200, 0x1}) r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r3, 0xaf01, 0x0) r4 = eventfd(0x0) ioctl$VHOST_SET_VRING_BASE(r3, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f}) ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000540)={0x0, 0x0, 0x0, &(0x7f00000002c0)=""/138, 0x0}) ioctl$VHOST_SET_LOG_FD(r3, 0x4004af07, &(0x7f0000000240)=r4) ioctl$VHOST_SET_VRING_KICK(r3, 0x4008af20, &(0x7f0000000040)={0x0, r4}) ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000280)={0x0, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74}) ioctl$VHOST_SET_MEM_TABLE(r3, 0x4008af03, &(0x7f0000000940)) ioctl$VHOST_VSOCK_SET_RUNNING(r3, 0x4004af61, &(0x7f0000004a80)=0x20000) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) getdents64(r5, &(0x7f0000000380)=""/4109, 0x100d) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) getsockopt$bt_sco_SCO_OPTIONS(r5, 0x11, 0x1, &(0x7f00000049c0)=""/77, &(0x7f0000004a40)=0x4d) syz_genetlink_get_family_id$tipc2(&(0x7f0000000140), 0xffffffffffffffff) r7 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r7, 0x6, 0x1e, &(0x7f0000000180)=0x400000001, 0xc2) setsockopt$inet6_tcp_int(r7, 0x6, 0x2000000000000022, &(0x7f0000000040)=0x1, 0x4) sendto$inet6(r7, 0x0, 0x0, 0x0, 0x0, 0x0) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r1, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r6, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0) read$FUSE(0xffffffffffffffff, &(0x7f0000001400)={0x2020}, 0x2020) 18.278871766s ago: executing program 0 (id=2388): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000ac0)='./file0\x00', 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="6c617a7974696d652c6e6f696e6c696e655f78617474722c6c617a7974696d652c6e6f626172726965722c6163746976655f6c6f67733d342c757365725f78617474722c6d6f64653d6c66732c616c6c6f635f6d6f64653d64656661756c742c00be9ee044c45511e65887f6fac9eba6d787c3684a836f23dbf8ad3dd5931c08b4d8bde7e8acbbf3bf3326f2faa5952a332ad2ced40c98a2affa2dad4d623f9ff3ffa81e45095548ab6200f069d0f63d20fd71d3043b0dd5c4cf9785f3f531abc19bc1548f5e0b33006bd1049ca45bd8500d67a5aa6e1c23d900000000007867738729e703bb122283fb2fae9813a0cfefcdf3dc96eb384dbb4268c50943198a96d9b1af9c91506b30922be8537f54e65cf60c6b6a5798955796aea325770d6ccc93a95fad93b2c7bad114fcbc55036a301c23b07073c71555791db8919235022bb0ee4294211ab9b43f3fbedecd223722d937aa22b31e2e9c97e5ea94e4ab83d4e5811c7556813c334aec856af0a0c12b3c93ba5aa906bde2268a0c6cbbb13f496d87c608604eb02b2c031d5ae40c75"], 0x1, 0x5511, &(0x7f0000015b80)="$eJzs3E1rY9UfB/CTdjqdp//8i7hwNxcGoYVJmPRh0F3VGXzADsWHhStNkzRkJsktTZrWrly4FBe+Djei4Mql+BIEXbsTF4o7Qck9pzIdFdRmkqn9fOD2e+/JzS+/E0rLuQk3AGfWQvbzj6VwNVwMIcyGEK6EUOyX0lZYj/FUCOFaCGHmga2Uxn8fOB9CuBRCuDoqHmuW0kMf3RheX/vhlZ+++Hr+3OVPPv92erMGpu3pEEJ3J+7vd2PmrZj30nht2C6yuzpMGR/o3k/Hecz95lZRYb92dF6tyJVWPD/f2euPcrtTq4+y1d4uxnd68QX7w9ZRneIJ92q7xXGjuVVku58X2TqMfR0cxr9th/1BrNNI9d4tyofB4CjjePOgGeczf7/Iem+QxmPdvNE8GOUwZXq5UM87jaKPrZO804+3V9u9vYNs2Nztt/NetlapPlOp3ipXd/NGc9BcLde6jVur2WKrMzqtPGjWuuutPG91mpV63l3KFlv1erlazRZvN7fatV5WrVZWKjfLa0tp70b24t03s04jWxzl8+3e3qDd6Wfb+W4Wn7GULVdWnl3Krlez1zc2s83X7tzZ2Hzj7dtv3X1u4+UX0kl/aCtbXL65vFyu3iwvV5dO7/xH/+v/0fzfT02Pcf5wIqVpNwBw+lj/A5P28VcxT/P6P/yb9f+O9f/DrP/P9vzhRKz/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADOrO/mPn2p2FmIx5fT+P/S0BPpuBRCmAkh/PonZsP5YzVnU525vzh/7qEeviyFosLoNebTdimEsJ62X/7/qN8FAAAA+O/67L1rH8bVevyxMO2GmKR40WbmyjtjqlcKIcwtfD+GKiFdbApPnryraPT7fS4cjKlacQHrwpiKxUtu58ZV7W+ZPRYXHohSjJmJtgMAAEzE8ZXAZFchAAAATNIH026A6Sg+aU3fxU9f4J+PkT4QvHjsCAAAADiFStNuAAAAAHjkivX/43P/v2+Kfff/AwAAgPGK9/8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiNnfvJSR2K4gB8Wuh7vD9GYpy7FWewDFdgHDo0LMBNsATcghtgDThzCQYMbYnWYKLhto3k+5K23Bvy45QwOfeSAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANCmp2Ixfbi7uD80Z705TJq7AQAAAPZZFYtp+WJcjf/V8yf11Fk9ziIij4h9vfsgfjUyB3VO8cn7iw81PEaUCdvP+F0ffyPisj5eTtv+FgAAAOB4LWfzSdWtV6dx3wXRpWrRJv9/lSgvi4hi/JwoLd+ezhOFlb/vYdwmSisXsEaJwqolt2GqtC8ZNC6jd5esuuSdlgMAAHSi2Ql024UAAADQpZu+C6AfWey2Mnd7weU/7982BP80RgAAAMAPlPVdAAAAANC6sv/3/D8AAAA4btXz/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGjTqlhMl7P5pDF5/f2c9eYw6e4IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXtmfdxQIgTAIg73rO5O5/2GlQUNjkyoQPv7GYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4M3v/vJ/YmqcSeZeG0vPI8naqbF1auydG0d/GF+/BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgYn9eUiAEgiAK5oz/nfT9DysJegYRIqDhUUUtGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4ot/98n9iapxJ5k4bS8cjydpVY+uqsfegcfRgvP0bAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgYud+XuOo4gCAf3dnZ2urYoySQ0QUPOjFptva2qsHJXjwTxBCuq3RrT/aHGwpQi7eJOdeRI8ighJv/R96bqGXeuthDxU89VCZ2ZnkdS24WjqzST4fePO+Mwzzvm8SQr7zZhcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDa+L29OCs2C5O4Wx27df/aetHfnuoLN7bvLBetiDtNJr0PPHgYr6b7naX2cgEAAODwyOr6PiLu5jurRd9dKOv/vD6nqPl/eH4S1/X8dN1f93XtX7Tff7v38u5AC5Nxioue3xgNT/wzld7Tm+V8e+Ffz+iVd7589pKVP5Duh1svjfPyfna+u3nz/X4ZHmkiWwDg/zhe91VQ/z9U9IM2EwPg0OglhXdd/2cL7eYEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0IT+Vjxbx52IWO7txYXb96+tl/3U/o3tO8t1O3P9+nZ6zeISeUSc3xgNTzQ1kX3g8pWrn62NRsNLzQevRUR7o1fBxzOcE9FmhoInDbrV7/q85LM/gpb/MAEAcODkVSvq+rv5zmpxrLMY8fDHR+v/N5M40vp/qk/r/3ufnLmVjpXW/4PGZjj/VjYvfrly+crVtzcurl0YXhh+/s7JwbuDU2dPnz67Uj4rWfHEBAAAgCfTr1pa/3cXI8ZT6//HkjhmrP+/+n7wTTpWpv5/rL1Fv7YzAQAAONxefP2vPzuPOd7p9+Prtc3NS4PJdnf/5GTbQqr/2ZGqpfV/tth2VgAAAEATxludR9b/zyVxzLj+/9xPr/ySXjOLiKPV+v/x9S9G55qbTksezHRWEx8nfupTBQAAYK4drVq6/p+X7/93d1956EbEW29M4uprAGeq/7MPvv05HSt9//9Uc1OcS92lyf0o+6WI3lLbGQEAAHCQPVO1otj/I99Z/fTXYx/1vf8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0LS/AwAA//+xhkJ5") mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mkdir(&(0x7f0000000040)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=@newtaction={0x6c, 0x30, 0x1, 0x0, 0x0, {}, [{0x58, 0x1, [@m_vlan={0x54, 0x1, 0x0, 0x0, {{0x9}, {0x28, 0x2, 0x0, 0x1, [@TCA_VLAN_PUSH_VLAN_ID={0x6}, @TCA_VLAN_PARMS={0x1c, 0x2, {{0x0, 0x0, 0x3}, 0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x6c}}, 0x24000800) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) 17.718746746s ago: executing program 2 (id=2392): memfd_create(&(0x7f0000000140)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\xea7\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xcd\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00', 0x1) r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000200)=ANY=[@ANYBLOB="12010100000000105801000100000000000109022400010000002009040000010300000009210000000122dc01090589"], 0x0) mkdir(&(0x7f0000000240)='./bus\x00', 0x0) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r1, 0x800c6613, &(0x7f0000000100)=@v1={0x0, @adiantum, 0x0, @desc1}) add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f00000002c0)={'fscrypt:', @desc1}, &(0x7f00000001c0)={0x0, "28d7e4968ab9f26f2da4149683f065714f8a000000008000000127cf0999459cff33a3a9ae50f1af9d51ef5bef3d63520d260804d02200", 0x3c}, 0x65, 0xfffffffffffffffd) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000300)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) r2 = fsopen(&(0x7f00000003c0)='rootfs\x00', 0x1) lremovexattr(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)=@random={'system.', '.[%[.!:{!\x00'}) fsconfig$FSCONFIG_SET_PATH_EMPTY(r2, 0x4, &(0x7f0000000400)='\x00', &(0x7f0000000440)='./bus\x00', 0xffffffffffffffff) r3 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) setsockopt$llc_int(r3, 0x10c, 0x0, &(0x7f0000000180), 0x4) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'gre0\x00', &(0x7f0000000280)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote}}}}) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) epoll_create1(0x0) r5 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r5, 0x8924, &(0x7f0000000240)={'macsec0\x00', 0x1}) write$binfmt_script(r4, &(0x7f0000000240), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r4, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_connect$printer(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="12011003000012002505a8a4f0"], 0x0) syz_usb_control_io(r0, &(0x7f00000000c0)={0x2c, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0}, 0x0) 15.272635724s ago: executing program 0 (id=2395): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = landlock_create_ruleset(&(0x7f0000000000)={0x0, 0x3}, 0x10, 0x0) landlock_restrict_self(r1, 0x0) connect$inet6(r0, &(0x7f0000004040)={0x2, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @broadcast}}, 0x2) 14.058847957s ago: executing program 0 (id=2399): r0 = syz_io_uring_setup(0x55e6, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000140)=0x0) syz_io_uring_setup(0x23db, &(0x7f0000000180), &(0x7f0000000000)=0x0, &(0x7f0000000200)) syz_io_uring_submit(r2, r1, &(0x7f0000000240)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd, 0x0, 0x0, 0x0, 0x10}) io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0) 4.030968069s ago: executing program 1 (id=2427): syz_usb_connect$uac1(0x0, 0x71, &(0x7f0000000200)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5f, 0x3, 0x1, 0x0, 0x0, 0x0, {{}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}}}}]}}, 0x0) openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000001cc0)='/proc/asound/card3/oss_mixer\x00', 0x600800, 0x0) 3.900488393s ago: executing program 4 (id=2429): r0 = syz_io_uring_setup(0x39, &(0x7f0000001800)={0x0, 0x0, 0x10100}, &(0x7f0000000240)=0x0, &(0x7f0000001880)=0x0) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000780)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000740)={0x0, 0x0, 0x0}, 0x0, 0x10042}) io_uring_enter(r0, 0x92, 0x0, 0x0, 0x0, 0x0) 3.837365986s ago: executing program 4 (id=2430): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000029c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="340000001800010000000000000000001d01000015000100080000000000000030e8002e530d26dd0200000008000500000082"], 0x34}}, 0x0) 3.125922005s ago: executing program 4 (id=2431): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001380)=@bloom_filter, 0x48) socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB], 0xc0}}, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000006100)='stack\x00') bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000001200)={r0, 0x0, &(0x7f0000001400)=""/4096}, 0x20) socket(0x80000000000000a, 0x2, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, 0x0, 0x2c8) sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000500)={&(0x7f0000000440)={0x78, 0x0, 0x200, 0x70bd26, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x80}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x54, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @local}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e21}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e22}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_LOC_ID={0x5}]}, 0x78}, 0x1, 0x0, 0x0, 0x4}, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000680)=ANY=[@ANYBLOB="98030000", @ANYRES16, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff"], 0x398}}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) inotify_init1(0x0) socket(0x1, 0x803, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_SET_IRQCHIP(r3, 0x4048aec9, &(0x7f00000006c0)={0x1}) 2.966109315s ago: executing program 4 (id=2432): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000100)='./file1\x00', 0x4508, &(0x7f00000000c0), 0xe, 0x4da, &(0x7f0000000740)="$eJzs3d9vFFsdAPDvTLvYQrFFfUASgQimEGXbUoHGB8TEyBOJiu9Y223TdNttulugDdES/wATY9TEJ5588T8wMTz4BxgTE303/oxR0Acf7r17s7uzUMput7l32yHt55MMc87Z2X6/Z8jOzsw52Qng2LoYEXciYiAirkbEaNaeZsvdRmW7td3LF0/mGksS9fr9fyeRZG27/+ap1ltiKCK+fTfie8nbcaubW8uz5XJpPatP1FbWJqqbW9eWVmYXS4ul1enpqZszt2ZuzEz2pZ+Nft3++t9++qNffuP2b7706M8P/nnl+420RrLXO/WjH1pdLzT3RdtgRKwfRLAcDGTrQs8tf3vguQAA0FvjHP9TEfH55vn/aAw0z04BAACAo6T+1ZF4L4moAwAAAEdW2pwDm6TFbC7ASKRpsdiaw/uZOJmWK9XaFxcqG6vzrbmyY1FIF5bKpclsTu1YFJJGfapZfl2/vqs+HRFnIuIno8PNenGuUp7P++YHAAAAHBOndl3//2+0df0PAAAAHDFjeScAAAAAHLg3rv+f5ZcHAAAAcHCM/wMAAMCR9s179xpLvf386/mHmxvLlYfX5kvV5eLKxlxxrrK+VlysVBabv9m30uvvlSuVtS/H6sbjiVqpWpuobm49WKlsrNYeLL3xCGwAAADgEJ258PxPSURsf2W4uTScyDsp4FAkvTbYedfurwebC3C4BvJOAMjNYN4JALkp5J0AkLte9wG6Tt75Xf9zAQAADsb4Z1+N/w+329rj/73vDfQcPQTeYWneCQAAh874PxxfBTMA4dj75O6GJGJ7R/Xjj//X6x8lLwAAoH9GmkuSFrOxwJFI02Ix4nTzsQCFZGGpXJrMrg/+OFr4RKM+1XxnYvQfAAAAAAAAAAAAAAAAAAAAAAAAAPapXk+iDgAAABxpEek/kuxJ/uOjl0d23x84kfx/tLmOiEe/uP+zx7O12vpUo/0/r9prP8/ar3ueOAAAALwL2tfp7et4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOinly+ezLWXt148cXBx//W1iBjrFH8whprroShExMn/JjG4431JRAz0If7204g42yl+0kgrxrIsOsUfzjF+GhGn+hAfjrPnjePPnU6fvzQuNtedP3+N8t/7EL/78S99dfwb6HL8Ob3PGOe294j/NOLcYOfjTzt+0iX+pX3G/+53tra6vVZ/FjHe8fsneSPWRG1lbaK6uXVtaWV2sbRYWp2enro5c2vmxszkxMJSuZT92zHGjz/36w/26v/JLvHHWv2/0K3/l/fZ//f/8PjFp1vFQqf4Vy51/v4924r/1v5Ps+++L2Tll/X6D8azcrLd2p87nf/V78/v1f/5Lv3v9f9/ZZ/9v/qtH/5ln5sCAIegurm1PFsul9YVOhfqdTtK4UgWYmivbfI+MgEAAP32+qQ/70wAAAAAAAAAAAAAAAAAAADg+DqMXxrbHXOPn6MGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMjNhwEAAP//LNjXMw==") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000000240)=ANY=[@ANYBLOB="000000004c900200070000000300010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff"]) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)={0x30, 0x0, 0x8, 0x0, 0x0, 0x0, {}, [@CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x6}, @CTA_TIMEOUT_L3PROTO={0x6}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x30}}, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000240)='./file0\x00', 0x2000084c, &(0x7f0000000280)=ANY=[@ANYBLOB='iocharset=ascii,discard,dmask=00000000000000000000007,uid=', @ANYRESDEC=0x0, @ANYBLOB=',discard,\x00', @ANYRESHEX, @ANYRESOCT=0x0, @ANYRES8, @ANYBLOB="0002001100000000303030303030303030303030303030303030303135322c796f636884c178f94be4ee34617273657439697300926f38", @ANYBLOB="51060c4f1adb6e795b70e7edcdc5cd30e197ceacee351e08a6e2ee4650101fb28229b16aecf828a55c8aa0efd840e40fef6612e7b389eb304c41e39360e1f5cb6f78bd7100bd30bbd42aa24b2dc9171d068e92ac848e65c9", @ANYRES64, @ANYRESDEC], 0x81, 0x151a, &(0x7f0000002a80)="$eJzs3AuYjtX6MPB1r7UexjTpbZLDsO51P7xpsEyS5JCQQ5IkSZJTQtIkSUJiyClpSEKOk+QwhOQwjUnjfD7knDTZ0iRJSEiyvku7/2fvr713//3V9/m+Pffvuhbrnue97/d+3nuueZ/nva6Zb3qOqteifu1mRCT+EPjrfylCiBghxDAhxDVCiEAIUSm+Uvyl4wUUpPyxJ2F/rgfTr3QH7Eri+edtPP+8jeeft/H88zaef97G88/beP55G8+fsbxs+5xi1/LKu+sKf/7v4Y89K/tD+P3/P0hu+clfbCx/fa9/I4Xnn7fx/PM2nn/exvPP23j+eRvP/z9frX9xjOeft/H8GcvLrvTnz/8frZhfX7Ir3cefuq7wtx9jjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMsTzinL9MCyH+a3+l+2KMMcYYY4wxxtifx+e/0h0wxhhjjDHGGGPs/zwQUiihRSDyifwiRhQQseIqESeuFgXFNSIirhXx4jpRSFwvCosioqgoJhJEcVFCGIHCChKhKClKiai4QZQWN4pEUUaUFeWEE+VFkrhJVBA3i4riFlFJ3Coqi9tEFVFVVBPVxe2ihrhD1BS1RG1xp6gj6op6or64SzQQd4uG4h7RSNwrGov7RBNxv2gqHhDNxIOiuXhItBAPi5biEdFKtBZtRFvR7n8r/wXRV7wo+on+IkUMEAPFS2KQGCyGiKFimHhZDBeviBHiVZEqRopR4jUxWrwuxog3xFgxTowXb4oJYqKYJCaLKWKqSBNviWnibTFdvCNmiJlilpgt0sUcMVe8K+aJ+WKBeE8sFO+LRWKxWCKWigzxgcgUy0SW+FAsFx+JbLFCrBSrxGqxRqwV68R6sUFsFJvEZrFFbBXbxHbxsdghdopdYrfYI/aKfeITsV98Kg6Iz0SO+PzfzD/7v+T3AgECJEjQoCEf5IMYiIFYiIU4iIOCUBAiEIF4iIdCUAgKQ2EoCkUhARKgBJQABAQCgpJQEqIQhdJQGhIhEcpCWXDgIAmSoALcDBWhIlSCSlAZKkMVqApVoTpUhxpQA2pCTagNtaEO1IF6UA/ugrvgbmgIDaERNILG0BiaQBNoCk2hGTSD5tAcWkALaAktoRW0gjbQBtpBO2gP7aEDdIBO0Ak6Q2foAl0gGZKhK3SFbtANukN36AE9oCf0hF7QG3rDC/ACvAgvQn+oIwfAQBgIg2AQDIGhMBRehuHwCrwCr0IqjIRR8Bq8Bq/DGDgDY2EcjIfxUENOhEkwGUhOhTRIg2kwDabDdJgBM2EmzIZ0mANzYS7Mg/kwH96DhfD+ufdhMSyGpZABGZAJyyALsmA5nIVsWAErYRWshjWwGtbBelgHG2ETbIQtsAW2wTb4GD6GnbATdsNu2At74RP4BD6FTyEVciAHDsJBOASH4DAchlzIhSNwBI7CUTgGx+A4HIcTcBJOwUk4DafhDJyFc3AOzsN5uADPJXzVfG+ZDalCXqKllvlkPhkjY2SsjJVxMk4WlAVlREZkvIyXhWQhWVgWlkVlUZkgE2QJWUKiREkylCVlSRmVUVlalpaJMlGWlWWlk04mySRZQVaQFWVFWUneKivL22QVWVV2dNVldVlDdnI1ZS1ZW9aWdWRdWU/Wl/VlA9lANpQNZSPZSDaWjWUTeb9sKgfAEHhQXppMCzkSWspR0Eq2lm1kW/k6PCrbyzHQQXaUneTjchyMhS6yvUuWT8muchJ0k8/IyfCs7CGnQk/5vOwle8s+8gXZV3Zw/WR/OQMGyIFyNgySg+UQOVTOg7ry0sTqyVdlqhwpR8nX5FJ4XY6Rb8ixcpwcL9+UE+REOUlOllPkVJkm35LT5NtyunxHzpAz5Sw5W6bLOXKufFfOk/PlAvmeXCjfl4vkYrlELpUZ8gOZKZfJLPmhXC4/ktlyhVwpV8nVco1cK9fJ9XKD3Cg3yc1yi9wqt8nt8mO5Q+6Uu+RuuUfulfvkJ3K//FQekJ/JHPm5PCj/Ig/JL+Rh+aXMlV/JI/JreVR+I4/Jb+Vx+Z08IU/KU/J7eVr+IM/Is/Kc/FGelz/JC/JneVF6KRQoqZTSKlD5VH4VowqoWHWVilNXq4LqGhVR16p4dZ0qpK5XhVURVVQVUwmquCqhjEJlFalQlVSlVFTdoEqrG1WiKqPKqnLKqfIqSd2kKqibVUV1i6qkblWV1W2qiqqqqqnq6nZVQ92haqpaqra6U9VRdVU9VV/dpRqou1VDdY9qpO5VjdV9qom6XzVVD6hm6kHVXD2kWqiHVUv1iGqlWqs2qq1qpx5V7dVjqoPqqDqpx1Vn9YTqop5Uyeop1VU9rbqpZ1R39azqoZ5TPdXzqpfqrfqon9VF5VU/1V+lqAFqoHpJDVKD1RA1VA1TL6vh6hU1Qr2qUtVINUq9pkar19UY9YYaq8ap8epNNUFNVJPUZDVFTVVp6i01Tb2tpqt31Aw1U81Ss1W6mqOG/FppwX8j/+1/kD/il2ffprarj9UOtVPtUrvVHrVX7VP71H61Xx1QB1SOylEH1UF1SB1Sh9Vhlaty1RF1RB1VR9UxdUwdV8fVCXVS/ai+V6fVD+qMOqvOqh/VeXVeXfj1NRAatNRKax3ofDq/jtEFdKy+Ssfpq3VBfY2O6Gt1vL5OF9LX68K6iC6qi+kEXVyX0Eajtpp0qEvqUjqqb9Cl9Y06UZfRZXU57XR5naRv+sP5v9dfO91Ot9ftdQfdQXfSnXRn3Vl30V10sk7WXXVX3U130911d91D99A9dU/dS/fSfXQf3Vf31f10P52iU/RA/ZIepAfrIXqoHqZf1sP1cD1Cj9CpOlWP0qP0aD1aj9Fj9Fg9Vo/X4/UEPUFP0pP0FD1Fp+k0PU1P09P1dD1Dz9Cz9CydrtP1XD1Xz9Pz9AK9QC/UC/UivUgv0Ut0hs7QmTpTZ+ksvVwv19l6hV6hV+lVeo1eo9fpdXqD3qA36U16i96is/V2vV3v0Dv0Lr1L79F79D69T+/X+/UBfUDn6Bx9UB/Uh/QhfVgf1rk6Vx/RR/RRfVQf08f0cX1cn9An9Cl9Sp/Wp/UZfUaf0+f0eX1eX9AX9EV98dJlXyADGehAB/mCfEFMEBPEBrFBXBAXFAwKBpEgEsQH8UGh4PqgcFAkKBoUCxKC4kGJwAQY2ICCMCgZlAqiwQ1B6eDGIDEoE5QNygUuKB8kBTcFFYKbg4rBLUGl4NagcnBbUCWoGlQLqge3BzWCO4KaQa2gdnBnUCeoG9QL6gdVJ/71mvSeoFFwb9A4uC9oEtwfNA0eCJoFDwbNg4eCFsHDQcvgkaBV0DpoE7QN2v1b9e8KGgR3Bw2Df1bf+zNFHnP9TH+TYgaYgeYlM8gMNkPMUDPMvGyGm1fMCPOqSTUjzSjzmhltXjdjzBtmrBlnxps3zQQz0Uwyk80UM9WkmbfMNPO2mW7eMTPMTDPLzDbpZo6Za94188x8s8C8Zxaa980is9gsMUtNhvnAZJplJst8aJabj0y2WWFWmlVmtVlj1pp1Zr3ZYDaaTWaz2WK2mm1mu/nY7DA7zS6z2+wxe80+84nZbz41B8xnJsd8bg6av5hD5gtz2Hxpcs1X5oj52hw135hj5ltz3HxnTpiT5pT53pw2P5gz5qw5Z340581P5oL52Vw0/tLF/aW3d9SoMR/mwxiMwViMxTiMw4JYECMYwXiMx0JYCAtjYSyKRTEBE7AElsBLCAlLYkmMYhRLY2lMxEQsi2XRocMkTMIKWAErYkWshJWwMlbGKlgFq2E1vB1vxzvwDqyFtfBOvBPrYl2sj/WxATbAhtgQG2EjbIyNsQk2wabYFJthM2yOzbEFtsCW2BJbYStsg22wHbbD9tgeO2AH7ISdsDN2xi7YBZMxGbtiV+yG3bA7dsce2AN7Yk/shb2wD/bBvtgX+2E/TMEUHIgDcRAOwiE4BIfhMByOw3EEjsBUTMVROApH42gcg2NwLI7D8fgmTsCJOAkn4xScimmYhtNwGk7H6TgDZ+AsnIXpmI5zcS7Ow3m4ABfgQlyIi3ARLsElmIEZmImZmIVZuByXYzZm40pciatxNa7Ftbge1+NG3IibcTNuxa24HbfjDtyBu3AX7sE9uA/34X7cjwfwAOZgDh7Eg3gID+FhPIy5mItH8AgexaN4DI/hcTyOJ/AEnsJTeBpP4xk8g+fwHJ7Hn/AC/owX0WOMlSLWXmXj7NW2oL3GxtgC9m/joraYTbDFbQlrbGFb5O9itNYm2jK2rC1nnS1vk+xNv4mr2Kq2mq1ub7c17B225m/iBvZu29DeYxvZe219e9ffxY3tfbaJfdg2tY/YZra1bW7b2hb2YdvSPmJb2da2jW1rO9snbBf7pE22T9mu9unfxJl2mV1vN9iNdpPdbz+15+yP9qj9xp63P9l+tr8dZl+2w+0rdoR91abakb+Jx9s37QQ70U6yk+0UO/U38Sw726bbOXaufdfOs/N/E2fYD+xCm2UX2cV2iV36S3yppyz7oV1uP7LZdoVdaVfZ1XaNXWvX/c9eV9ktdqvdZvfZT+wOu9PusrvtHrv3l/jSeRywn9kc+7k9Yr+2h+wX9rA9ZnPtV7/El87vmP3WHrff2RP2pD1lv7en7Q/2jD37y/lfOvfv7c/2ovVWEJAkRZoCykf5KYYKUCxdRXF0NRWkayhC11I8XUeF6HoqTEWoKBWjBCpOJcgQkiWikEpSKYrSDVSabqREKkNlqRw5Kk9JdBNVoJupIt1ClehWqky3URWqStWoOt1ONegOqkm1qDbdSXWoLtWj+nQXNaC7qSHdQ43oXmpM91ETup+a0gPUjB6k5vQQtaCHqSU9Qq2oNbWhttSOHqX29Bh1oI7UiR6nzvQEdaEnKZmeoq70NHWjZ6g7PUs96DnqSc9TL+pNfegF6ksvUj/qTyk0gAbSSzSIBtMQGkrD6GUaTq/QCHqVUmkkjaLXaDS9TmPoDRpL42g8vUkTaCJNosk0haZSGr1F0+htmk7v0AyaSbNoNqXTHJpL79I8mk8L6D1aSO/TIlpMS2gpZdAHlEnLKIs+pOX0EWXTClpJq2g1raG1tI7W0wbaSJtoM22hrbSNttPHtIN20i7aTXtoL+2jT2g/fUoH6DPKoc/pIP2FDtEXdJi+pFz6io7Q13SUvqFj9C0dp+/oBJ2kU/Q9naYf6AydpXP0I52nn+gC/UwXyZMIIZShCnUYhPnC/GFMWCCMDa8K48Krw4LhNWEkvDaMD68LC4XXh4XDImHRsFiYEBYPS4QmxNCGFIZhybBUGA1vCEuHN4aJYZmwbFgudGH5MCm8KawQ3hxWDG8JK4W3hpXD28IqYdXw4Xurh7eHNcI7wpphrbB2eGdYJ6wb1gvrh3eFDcK7w4bhPWGj8N6wYnhf2CS8P2waPhA2Cx8Mm4cPhS3Ch8OW4SNhq7B12CZsG7YLHw3bh4+FHcKOYafw8bBz+ETYJXwyTA6fCruGT//u8ZRwQDgwfCl8KfT+HrUkujSaEf0gmhldFs2KfhhdHv0omh1dEV0ZXRVdHV0TXRtdF10f3RDdGN0U3RzdEt0a3Rb1vn5+4cBJp5x2gcvn8rsYV8DFuqtcnLvaFXTXuIi71sW761whd70r7Iq4oq6YS3DFXQlnHDrryIWupCvlou4GV9rd6BJdGVfWlXPOlXdJrq1r59q59u4x18F1dJ3c4+5x94R7wj3pnnRPua7uadfNPeO6u2ddD/ece84973q53q6Pe8H1dS+6fq6/S3EpbqAb6Aa5QW6IG+KGuWFuuBvuRrgRLtWlulFulBvtRrsxbowb68a68W68m+AmuElukpviprg0l+amuWluupvuZrgZbpab5dJdupvr5rp5bp5b4Ba4hYkL3SK3yC1xS1yGy3CZLtNluSy33C132S7brXQr3Wq32q11a916t95tdBvdZrfZbXVb3Xa33e1wO9wut8vtcXvcPrfP7Xf73QF3wOW4HHfQHXSH3CF32H3pct1X7oj72h1137hj7lt33H3nTriT7pT73p12P7gz7qw75350591P7oL72V103qVF3opMi7wdmR55JzIjMjMyKzI7kh6ZE5kbeTcyLzI/siDyXmRh5P3IosjiyJLI0khG5INIZmRZJCvyYWR55KNIdmRFZGVkVWR1ZE3E++I7Ql/Sl/JRf4Mv7W/0ib6ML+vLeefL+yR/k6/gb/YV/S2+kr/VV/a3+Sq+qq/mH/GtfGvfxrf17fyjvr1/zHfwHX0n/7jv7J/wXfyTPtk/5bv6p303/4zv7p/1Pfxzvqd/3vfyvX0f/4Lv61/0/Xx/n+IH+IH+JT/ID/ZD/FA/zL/sh/tX/Aj/qk/1I/0o/5of7V/3Y/wbfqwf58f7N/0EP9FP8pP9FD/Vp/m3/DT/tp/u3/Ez/Ew/y8/26X6On+vf9fP8fL/Av+cX+vf9Ir/YL/FLfYb/wGf6ZT7Lf+iX+498tl/hV/pVfrVf49f6dX693+A3+k1+s9/it/ptfrv/2O/wO/0uv9vv8Xv9Pv+J3+8/9Qf8Zz7Hf+4P+r/4Q/4Lf9h/6XP9V/6I/9of9d/4Y/5bf9x/50/4k/6U/96f9j/4M/6sP+d/9Of9T/6C/9lf5N9ZY4wxxhj7b9la+F8fH/APviZ/XZcMFEJcvbNY7t8eV0KIzb/WHSwTOkeEEE/17/ngf606dVJSUn59bLYSQanFQojI5fx84nK84pd/k0VHUeEf9jdY9j5Pv1M/eqsQsX+TEyMuxytEJ/HEL/Vv/if1H318fGbl8Fz8v6i/WIjEUpdzCojL8eX6Ff9J/SLtf6f/Al+kCdHhb3LixOX4cv0k8Zh4WiT/3SMZY4wxxhhjjLG/Giyrdf+9++dL9+cJ+nJOfnE5vnz/+Y/vzxljjDHGGGOMMXblPdu7z5OPJid37M6bP7wB+H+iDd7w5k/YXOmfTIwxxhhjjLE/2+WL/ivdCWOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxlnf93/hzYlf6HBljjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjLEr7X8EAAD//7MxObU=") r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[], 0x24}}, 0x0) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x6) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x4000}}) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000002c0)='contention_end\x00', r4}, 0x10) write$FUSE_NOTIFY_RETRIEVE(r3, &(0x7f0000000100)={0x30}, 0x30) umount2(&(0x7f00000001c0)='./file0\x00', 0x0) write$FUSE_NOTIFY_INVAL_ENTRY(r3, &(0x7f0000000400)=ANY=[@ANYBLOB="29000000030000000000000000000000002d37043033dcb400000000130000080000000000000067726f75705f696400"], 0x29) write$FUSE_INIT(r3, &(0x7f0000000040)={0x50}, 0x50) r5 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000140), 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r5, 0xc0145401, &(0x7f0000000180)={0x3, 0x0, 0x2}) syz_open_dev$tty1(0xc, 0x4, 0x1) 2.522963647s ago: executing program 1 (id=2433): socket(0x0, 0x803, 0x0) syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x2000480, &(0x7f0000000140), 0x1, 0x784, &(0x7f00000007c0)="$eJzs3c1rHOUfAPDvbJKmSfv7JYKg9RQQNFC6MTW2Ch4qHkSwUNCz7bLZhppNtmQ3pQkBW0TwIqh4EPTSsy/15tWXq/4XHqSlalqseJDI7Eu7bXbTTZvdDeTzgck+z8xsnue7z8wzz+wMOwHsWRPpn0zEoYj4KIkYq89PImKomhqMOFFb7/b6Wj6dktjYePOPpLrOrfW1fDS9J3WgnnkyIn58P+JwZnO55ZXV+VyxWFiq56cqC+enyiurR84t5OYKc4XFY9MzM0ePv3D82M7F+tcvqwevf/zas9+c+Oe9J65++FMSJ+JgfVlzHDtlIibqn8lQ+hHe49WdLqzPkn5XgIeS7poDtb08DsVYDFRTbYz0smYAQLe8GxEbAMAekzj+A8Ae0/ge4Nb6Wr4x9fcbid668UpE7K/F37i+WVsyWL9mt796HXT0VnLPlZEkIsZ3oPyJiPjiu7e/Sqfo0nVIgFYuXY6IM+MTm/v/ZNM9C9v13FYLN4arLxP3zdb/Qe98n45/Xmw1/svcGf9Ei/HPcIt992E8eP/PXNuBYtpKx38vN93bdrsp/rrxgXruf9Ux31By9lyxkPZt/4+IyRgaTvPT1VVb3wU1efPfm+3Kbx7//fnJO1+m5aevd9fIXBscvvc9s7lK7lHjbrhxOeKpwVbxJ3faP2kz/j3VYRmvv/TB5+2WpfGn8TamzfF318aViGdatv/dtky2vD9xqro5TDU2iha+/fWz0XblN7d/OqXlN84FeiFt/9Gt4x9Pmu/XLG+/jJ+vjP3QbtmD42+9/e9L3qqm99XnXcxVKkvTEfuSNzbPP3r3vY18Y/00/smnW+//W23/6TnhmQ7jH7z++9cPH393pfHPbqv9t5+4ent+oF35nbX/TDU1WZ/TSf/XaQUf5bMDAAAAAAAAAAAAAAAAAAAAAAAAgE5lIuJgJJnsnXQmk83WnuH9eIxmiqVy5fDZ0vLibFSflT0eQ5nGT12ONf0e6nT99/Ab+aP35Z+PiMci4tPhkWo+my8VZ/sdPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADUHWjz/P/Ub8P9rh0A0DX7+10BAKDnHP8BYO/Z3vF/pGv1AAB6x/k/AOw9HR//z3S3HgBA7zj/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoMtOnTyZTht/r6/l0/zshZXl+dKFI7OF8nx2YTmfzZeWzmfnSqW5YiGbLy20/UeXai/FUun8TCwuX5yqFMqVqfLK6umF0vJi5fS5hdxc4XRhqGeRAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDnyiur87lisbAksWViZHdUY9ckBmNXVEOia4nmXmKkfx0UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwC73XwAAAP//+Lkq2Q==") open(&(0x7f0000000100)='./bus\x00', 0x143142, 0x0) r0 = open(&(0x7f0000000040)='./bus\x00', 0x10103e, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x4002011, r0, 0x0) ftruncate(r0, 0x20cf01) symlinkat(0x0, 0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00') ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611) recvmsg(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000380)=""/156, 0x9c}], 0x1}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24}, 0x24}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xd, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="b4010000ecffffff6111a4000000000006000000000000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0xa, 0x3e0, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x76}, 0x48) sendmmsg(r1, &(0x7f00000002c0), 0x40000000000009f, 0x0) 1.938686824s ago: executing program 4 (id=2434): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000100)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000000)='./file1\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='.\x00', 0x0, 0x0) ioctl$AUTOFS_IOC_EXPIRE_MULTI(r0, 0x9361, 0x0) 1.869470888s ago: executing program 1 (id=2435): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r0) sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)={0x50, r1, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0xffffffffffffffff}, @NLBL_CIPSOV4_A_TAGLST={0x2c, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x1}, {0x5}, {0x5}, {0x5, 0x3, 0x1}, {0x5, 0x3, 0x3}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x2}]}, 0x50}}, 0x0) 1.845989717s ago: executing program 4 (id=2436): syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000100)='./bus\x00', 0x0, &(0x7f0000000180)={[{@utf8}, {@iocharset={'iocharset', 0x3d, 'koi8-r'}}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'iso8859-15'}}, {@utf8no}, {@utf8}, {@utf8no}, {}, {}, {@shortname_lower}, {@uni_xlate}, {@shortname_win95}, {@shortname_lower}, {@shortname_win95}, {@fat=@errors_continue}, {@fat=@check_strict}, {@fat=@allow_utime={'allow_utime', 0x3d, 0x3f}}]}, 0x1, 0x36b, &(0x7f0000000b80)="$eJzs3U9oI1UYAPAvnTTpLmh7EwUhehO07O5NL26RLiz2IhL8cxCD21VpqtBisXvYtB4Ej4JHPXlT0IMH8SiCIt48eHUFWRUPurcFF59MJpNMk7amYleKvx80+fLe++a9eZkm0yF5ff58rF2ajcs3blyPubla1M8/dj5u1mIhsijtxKTGPmUAwMlwM6X4PRWmTKkd85AAgGPWf/9/MSJasVCUvPHlYe2Td38AOPEGf/+fOqzN3EEVrx7LkACAYzZx/f/+PdWN/k+9fFivfCoAADipnnzm2ceXViJSr3i81d5qxyOj+qXL8XJ0YzXOxHzciihOFPKbWv/2wsWV5TOtVqsXPy1EOyJmBont4kxhKevnN+NszMfCIH9wtpFSyi58srJ8ttUXETu9fv+xXttqz8bpQf/fn47V0YlHuZH+XcTFleVzrcEG2utlfi9id3TdIh//YszHty8MN5NS+QnGleWrZ8tBj/K32s24NJyFA6+AAAAAAAAAAAAAAAAAAAAAAADAP7LYGloYrp+T8vtipZzFxX3q++vjFPmD9YF2i/WBUjNFSr+9/lD7rSz2rA80vj7PloUEAQAAAAAAAAAAAAAAAAAAYGhzuxGdbnd1Y3P7ylo16G1sbs9ERF7yytcffXEqJtv8TVAvumhGDLtoDbq9stZJWdk4ZRHDrLx1P8jKIK/64NPhiKtdNId7se8wmgdXdbt33Pfju6OSe7Nyy3+O2mQxCBp707PKMB4d2/L6ncWQjjJRw+BctaQZE22upZQqJW9W068+N7nBqEXUp3ri0t6SmTi4ccqDr66/dHc5+53PU+GBB+efuvbO+7+sdbp5z9F/Bhsbm7fSWqdWNj7atORTXZbUoghq1SOhPp5VnfndvVWd7Ltfn77n7W+m6z1VS17Lj+exNlmxOx+Ppw+OlnyYY1WnRumzg53ors7G0Q6SPJjyl3GuMuF3vffZhyn98PPUXYzMTLxs1P6dVx8AAAAAAAAAAAAAAAAAAKCq8l3xXCq/0x2zh2U9/MRtGBoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3Daj//9fCXZ3YqxkmuCP3j5ZzdWNzYjGf72bAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8z/0VAAD//7NMV70=") r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/ip6_flowlabel\x00') lseek(r0, 0x80, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000d40)=ANY=[@ANYBLOB]) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_TCP_MD5SIG(r2, 0x6, 0xe, &(0x7f00000004c0)={@in={{0x2, 0x0, @loopback}}, 0x0, 0x0, 0x7, 0x0, "98d3340600c7aa11897ecaab876eab79576839c5656be8410f2802e944af80373be2666b665770173fbd1883303b6ac4749393ad08f139a68f00"}, 0xd8) setsockopt$SO_TIMESTAMP(r2, 0x1, 0x3f, &(0x7f0000000080)=0x1, 0x4) bind$inet(r2, &(0x7f0000000480)={0x2, 0x4e23, @multicast1}, 0x10) r3 = syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff) sendto$inet(r2, 0x0, 0x0, 0x200007fd, &(0x7f0000000000)={0x2, 0x24e23, @loopback}, 0x10) recvmmsg(r2, &(0x7f0000001840)=[{{0x0, 0x2000, &(0x7f0000001500)=[{&(0x7f0000004ac0)=""/102389, 0x18ff5}], 0x1}}], 0xa, 0x0, 0x0) write$binfmt_elf64(r2, &(0x7f00000000c0)=ANY=[@ANYRESHEX=r3], 0xc63b9e35) sendmsg$TIPC_NL_BEARER_ADD(r1, &(0x7f00000006c0)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000680)={&(0x7f0000000600)={0x54, r3, 0x300, 0x70bd2b, 0x25dfdbfb, {}, [@TIPC_NLA_MON={0x24, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0xe867}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xea}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x8a}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x2}]}, @TIPC_NLA_MON={0xc, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x4}]}, @TIPC_NLA_NODE={0x10, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x8000}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x2000c004}, 0x4004880) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', 0x0}) sendmsg$nl_route(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@ipv4_newaddr={0x3c, 0x14, 0x509, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r6}, [@IFA_LOCAL={0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, @IFA_RT_PRIORITY={0x8}, @IFA_CACHEINFO={0x14}]}, 0x3c}}, 0x0) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) r9 = socket$nl_xfrm(0x10, 0x3, 0x6) bind$netlink(r9, &(0x7f0000000080)={0x10, 0x0, 0x0, 0xffffffffffffbf3d}, 0xc) sendmmsg(0xffffffffffffffff, &(0x7f0000000480), 0x2e9, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000640)={&(0x7f00000029c0)={0x8c, r8, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r10}, @void}}, [@NL80211_ATTR_DURATION={0x8, 0x57, 0xf59}, @NL80211_ATTR_FRAME={0x66, 0x33, @probe_response={{{}, {}, @device_a, @device_a, @from_mac=@broadcast}, 0x0, @default, 0x0, @void, @val, @val={0x3, 0x1}, @val={0x4, 0x6}, @val={0x6, 0x2}, @val={0x2d, 0x1a}, @val={0x72, 0x6}, @val={0x71, 0x7}}}]}, 0x8c}}, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x1, 0x158) sendmsg$TIPC_NL_PEER_REMOVE(r0, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000040)={&(0x7f0000000280)={0x1d8, r3, 0x400, 0x70bd2b, 0x25dfdbfd, {}, [@TIPC_NLA_NODE={0x28, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x1}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x6}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x80}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_NODE={0x4c, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_KEY={0x3d, 0x4, {'gcm(aes)\x00', 0x15, "6a0d292a448c0fb516d4e740006dba8797e6ac14a3"}}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_LINK={0x74, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1b}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}]}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xe}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x100}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}]}, @TIPC_NLA_BEARER={0xb0, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x8}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e22, 0x7, @empty, 0x7}}, {0x14, 0x2, @in={0x2, 0x4e20, @loopback}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x1000}, @TIPC_NLA_BEARER_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}, @TIPC_NLA_PROP_TOL={0x8}]}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x1}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e21, 0x4cb, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x1}}, {0x14, 0x2, @in={0x2, 0x4e21, @multicast1}}}}]}, @TIPC_NLA_MON={0x2c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x3}, @TIPC_NLA_MON_REF={0x8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x2}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x10000}]}]}, 0x1d8}, 0x1, 0x0, 0x0, 0x4080}, 0x20000000) mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x10, 0xffffffffffffffff, 0x0) syz_usb_connect(0x2, 0x2d, &(0x7f00000001c0)=ANY=[@ANYBLOB="12010000091c2f20c81403006c050102030109021b00010000000009040000018ea44300090585"], 0x0) 1.679117473s ago: executing program 1 (id=2437): r0 = syz_io_uring_setup(0x39, &(0x7f0000001800)={0x0, 0x0, 0x10100}, &(0x7f0000000240)=0x0, &(0x7f0000001880)=0x0) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000780)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f0000000740)={0x0, 0x0, 0x0}, 0x0, 0x10042}) io_uring_enter(r0, 0x92, 0x0, 0x0, 0x0, 0x0) 1.6060509s ago: executing program 1 (id=2438): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000029c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="340000001800010000000000000000001d01000015000100080000000000000030e8002e530d26dd0200000008000500000082"], 0x34}}, 0x0) 0s ago: executing program 1 (id=2439): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'macvlan0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000002380)=@newlink={0x34, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r1}, [@IFLA_LINKINFO={0x14, 0x37, 0x0, 0x1, @batadv={{0xb}, {0x4}}}]}, 0x34}}, 0x0) kernel console output (not intermixed with test programs): 108986237 extends beyond EOD, truncated [ 548.370324][T11761] loop2: p198 size 520093696 extends beyond EOD, truncated [ 548.375434][T11783] loop0: detected capacity change from 0 to 2048 [ 548.384769][T11761] loop2: p199 size 108986237 extends beyond EOD, truncated [ 548.401527][T11761] loop2: p200 size 520093696 extends beyond EOD, truncated [ 548.411067][T11761] loop2: p201 size 108986237 extends beyond EOD, truncated [ 548.421674][T11761] loop2: p202 size 520093696 extends beyond EOD, truncated [ 548.430543][T11761] loop2: p203 size 108986237 extends beyond EOD, truncated [ 548.439527][T11761] loop2: p204 size 520093696 extends beyond EOD, truncated [ 548.452262][T11761] loop2: p205 size 108986237 extends beyond EOD, truncated [ 548.461176][T11761] loop2: p206 size 520093696 extends beyond EOD, truncated [ 548.473099][T11761] loop2: p207 size 108986237 extends beyond EOD, truncated [ 548.482697][T11761] loop2: p208 size 520093696 extends beyond EOD, truncated [ 548.501106][T11761] loop2: p209 size 108986237 extends beyond EOD, truncated [ 548.509958][T11761] loop2: p210 size 520093696 extends beyond EOD, truncated [ 548.519775][T11761] loop2: p211 size 108986237 extends beyond EOD, truncated [ 548.528368][T11761] loop2: p212 size 520093696 extends beyond EOD, truncated [ 548.537064][T11761] loop2: p213 size 108986237 extends beyond EOD, truncated [ 548.546467][T11761] loop2: p214 size 520093696 extends beyond EOD, truncated [ 548.555279][T11761] loop2: p215 size 108986237 extends beyond EOD, truncated [ 548.571524][T11761] loop2: p216 size 520093696 extends beyond EOD, truncated [ 548.580235][T11761] loop2: p217 size 108986237 extends beyond EOD, truncated [ 548.589092][T11761] loop2: p218 size 520093696 extends beyond EOD, truncated [ 548.599079][T11761] loop2: p219 size 108986237 extends beyond EOD, truncated [ 548.611071][T11761] loop2: p220 size 520093696 extends beyond EOD, truncated [ 548.614764][T11791] loop3: detected capacity change from 0 to 64 [ 548.628786][T11761] loop2: p221 size 108986237 extends beyond EOD, truncated [ 548.637658][T11761] loop2: p222 size 520093696 extends beyond EOD, truncated [ 548.639300][T11783] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 548.657796][T11761] loop2: p223 size 108986237 extends beyond EOD, truncated [ 548.666699][T11761] loop2: p224 size 520093696 extends beyond EOD, truncated [ 548.676472][T11761] loop2: p225 size 108986237 extends beyond EOD, truncated [ 548.685327][T11761] loop2: p226 size 520093696 extends beyond EOD, truncated [ 548.694319][T11761] loop2: p227 size 108986237 extends beyond EOD, truncated [ 548.703157][T11761] loop2: p228 size 520093696 extends beyond EOD, truncated [ 548.712412][T11761] loop2: p229 size 108986237 extends beyond EOD, truncated [ 548.723041][T11761] loop2: p230 size 520093696 extends beyond EOD, truncated [ 548.733910][T11761] loop2: p231 size 108986237 extends beyond EOD, truncated [ 548.743056][T11761] loop2: p232 size 520093696 extends beyond EOD, truncated [ 548.752296][T11761] loop2: p233 size 108986237 extends beyond EOD, truncated [ 548.761597][T11761] loop2: p234 size 520093696 extends beyond EOD, truncated [ 548.777089][T11761] loop2: p235 size 108986237 extends beyond EOD, truncated [ 548.832170][T11761] loop2: p236 size 520093696 extends beyond EOD, truncated [ 548.843022][T11761] loop2: p237 size 108986237 extends beyond EOD, truncated [ 548.852331][T11761] loop2: p238 size 520093696 extends beyond EOD, truncated [ 548.861992][T11761] loop2: p239 size 108986237 extends beyond EOD, truncated [ 548.871556][T11761] loop2: p240 size 520093696 extends beyond EOD, truncated [ 548.891078][T11761] loop2: p241 size 108986237 extends beyond EOD, truncated [ 548.900254][T11761] loop2: p242 size 520093696 extends beyond EOD, truncated [ 548.909686][T11761] loop2: p243 size 108986237 extends beyond EOD, truncated [ 548.919252][T11761] loop2: p244 size 520093696 extends beyond EOD, truncated [ 548.930988][T11761] loop2: p245 size 108986237 extends beyond EOD, truncated [ 548.940495][T11761] loop2: p246 size 520093696 extends beyond EOD, truncated [ 549.039070][T11761] loop2: p247 size 108986237 extends beyond EOD, truncated [ 549.047534][T11761] loop2: p248 size 520093696 extends beyond EOD, truncated [ 549.056278][T11761] loop2: p249 size 108986237 extends beyond EOD, truncated [ 549.064788][T11761] loop2: p250 size 520093696 extends beyond EOD, truncated [ 549.073346][T11761] loop2: p251 size 108986237 extends beyond EOD, truncated [ 549.082329][T11761] loop2: p252 size 520093696 extends beyond EOD, truncated [ 549.091245][T11761] loop2: p253 size 108986237 extends beyond EOD, truncated [ 549.100152][T11761] loop2: p254 size 520093696 extends beyond EOD, truncated [ 549.109277][T11761] loop2: p255 size 108986237 extends beyond EOD, truncated [ 549.891880][ T9681] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 549.910429][ T5150] usb 5-1: USB disconnect, device number 9 [ 549.983861][ T29] audit: type=1326 audit(1720489904.965:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11799 comm="syz.1.2037" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f69c1b75bd9 code=0x0 [ 550.140251][T11804] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2037'. [ 550.221949][ T5225] bridge0: port 2(bridge_slave_1) entered disabled state [ 551.065830][T11824] loop4: detected capacity change from 0 to 512 [ 551.922177][T11824] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 219 vs 220 free clusters [ 551.937558][T11824] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.2045: invalid indirect mapped block 1 (level 1) [ 551.952657][T11824] EXT4-fs (loop4): 1 truncate cleaned up [ 551.959306][T11824] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 552.208024][ T9587] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 553.901250][T11846] loop0: detected capacity change from 0 to 8192 [ 553.943935][ T6761] kworker/u8:14: attempt to access beyond end of device [ 553.943935][ T6761] loop3: rw=1048577, sector=65, nr_sectors = 1 limit=64 [ 554.115867][ T6761] buffer_io_error: 6 callbacks suppressed [ 554.115925][ T6761] Buffer I/O error on dev loop3, logical block 65, lost async page write [ 554.214116][ T6761] kworker/u8:14: attempt to access beyond end of device [ 554.214116][ T6761] loop3: rw=1048577, sector=66, nr_sectors = 1 limit=64 [ 554.231482][T11850] XFS (nullb0): Invalid superblock magic number [ 554.291615][ T6761] Buffer I/O error on dev loop3, logical block 66, lost async page write [ 554.300161][ T6761] kworker/u8:14: attempt to access beyond end of device [ 554.300161][ T6761] loop3: rw=1048577, sector=67, nr_sectors = 1 limit=64 [ 554.391279][ T6761] Buffer I/O error on dev loop3, logical block 67, lost async page write [ 554.425500][ T6761] kworker/u8:14: attempt to access beyond end of device [ 554.425500][ T6761] loop3: rw=1048577, sector=68, nr_sectors = 1 limit=64 [ 554.496565][ T6761] Buffer I/O error on dev loop3, logical block 68, lost async page write [ 554.527635][ T6761] kworker/u8:14: attempt to access beyond end of device [ 554.527635][ T6761] loop3: rw=1048577, sector=72, nr_sectors = 1 limit=64 [ 554.573017][T11867] loop1: detected capacity change from 0 to 512 [ 554.580251][T11867] EXT4-fs: Ignoring removed orlov option [ 554.581536][ T6761] Buffer I/O error on dev loop3, logical block 72, lost async page write [ 554.629789][ T6761] kworker/u8:14: attempt to access beyond end of device [ 554.629789][ T6761] loop3: rw=1048577, sector=73, nr_sectors = 1 limit=64 [ 554.661636][T11867] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=6040e09c, mo2=0102] [ 554.681307][T11867] System zones: 1-12 [ 554.696584][T11867] EXT4-fs error (device loop1): ext4_orphan_get:1394: inode #15: comm syz.1.2056: casefold flag without casefold feature [ 554.700791][ T6761] Buffer I/O error on dev loop3, logical block 73, lost async page write [ 554.731251][T11867] EXT4-fs error (device loop1): ext4_orphan_get:1399: comm syz.1.2056: couldn't read orphan inode 15 (err -117) [ 554.789677][T11871] loop0: detected capacity change from 0 to 4096 [ 554.800770][ T6761] kworker/u8:14: attempt to access beyond end of device [ 554.800770][ T6761] loop3: rw=1048577, sector=76, nr_sectors = 1 limit=64 [ 554.834775][T11867] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 554.835219][ T6761] Buffer I/O error on dev loop3, logical block 76, lost async page write [ 554.860758][T11871] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [ 554.929736][ T6761] kworker/u8:14: attempt to access beyond end of device [ 554.929736][ T6761] loop3: rw=1048577, sector=77, nr_sectors = 1 limit=64 [ 554.960764][ T6761] Buffer I/O error on dev loop3, logical block 77, lost async page write [ 554.980657][ T6761] kworker/u8:14: attempt to access beyond end of device [ 554.980657][ T6761] loop3: rw=1048577, sector=78, nr_sectors = 89 limit=64 [ 555.025415][T11871] ntfs3: loop0: failed to replay log file. Can't mount rw! [ 555.150291][ T9573] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 555.323566][ T29] audit: type=1326 audit(1720489910.305:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11883 comm="syz.1.2064" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f69c1b75bd9 code=0x0 [ 555.438909][T11884] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2064'. [ 555.581366][T11894] loop3: detected capacity change from 0 to 16 [ 556.284259][T11896] loop2: detected capacity change from 0 to 8192 [ 556.421612][T11894] MTD: Attempt to mount non-MTD device "/dev/loop3" [ 556.505379][T11896] loop2: p1 p2 p4 < p5 p6 p7 p8 p9 p10 p11 p12 p13 p14 p15 p16 p17 p18 p19 p20 p21 p22 p23 p24 p25 p26 p27 p28 p29 p30 p31 p32 p33 p34 p35 p36 p37 p38 p39 p40 p41 p42 p43 p44 p45 p46 p47 p48 p49 p50 p51 p52 p53 p54 p55 p56 p57 p58 p59 p60 p61 p62 p63 p64 p65 p66 p67 p68 p69 p70 p71 p72 p73 p74 p75 p76 p77 p78 p79 p80 p81 p82 p83 p84 p85 p86 p87 p88 p89 p90 p91 p92 p93 p94 p95 p96 p97 p98 p99 p100 p101 p102 p103 p104 p105 p106 p107 p108 p109 p110 p111 p112 p113 p114 p115 p116 p117 p118 p119 p120 p121 p122 p123 p124 p125 p126 p127 p128 p129 p130 p131 p132 p133 p134 p135 p136 p137 p138 p139 p140 p141 p142 p143 p144 p145 p146 p147 p148 p149 p150 p151 p152 p153 p154 p155 p156 p157 p158 p159 p160 p161 p162 p163 p164 p165 p166 p167 p168 p169 p170 p171 p172 p173 p174 p175 p176 p177 p178 p179 p180 p181 p182 p183 p184 p185 p186 p187 p188 p189 p190 p191 p192 p193 p194 p195 p196 p197 p198 p199 p200 p201 p202 p203 p204 p205 p206 p207 p208 p209 p210 p211 p212 p213 p214 p215 p216 p217 p218 p219 p220 p221 p222 p223 p224 p2 [ 556.505566][T11896] loop2: p1 size 108986237 extends beyond EOD, [ 556.581786][ T29] audit: type=1326 audit(1720489911.555:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11893 comm="syz.3.2066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66b8f75bd9 code=0x7ffc0000 [ 556.597267][T11896] truncated [ 556.632758][T11896] loop2: p2 size 520093696 extends beyond EOD, truncated [ 556.642697][T11896] loop2: p5 size 108986237 extends beyond EOD, truncated [ 556.651219][T11896] loop2: p6 size 520093696 extends beyond EOD, truncated [ 556.659898][T11896] loop2: p7 size 108986237 extends beyond EOD, truncated [ 556.668485][T11896] loop2: p8 size 520093696 extends beyond EOD, truncated [ 556.678343][ T29] audit: type=1326 audit(1720489911.615:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11893 comm="syz.3.2066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66b8f75bd9 code=0x7ffc0000 [ 556.700940][ T29] audit: type=1326 audit(1720489911.625:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11893 comm="syz.3.2066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f66b8f75bd9 code=0x7ffc0000 [ 556.724637][T11896] loop2: p9 size 108986237 extends beyond EOD, truncated [ 556.735671][T11896] loop2: p10 size 520093696 extends beyond EOD, truncated [ 556.745188][ T29] audit: type=1326 audit(1720489911.625:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11893 comm="syz.3.2066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66b8f75bd9 code=0x7ffc0000 [ 556.767960][T11896] loop2: p11 size 108986237 extends beyond EOD, truncated [ 556.776615][T11896] loop2: p12 size 520093696 extends beyond EOD, truncated [ 556.785488][T11896] loop2: p13 size 108986237 extends beyond EOD, truncated [ 556.796016][T11896] loop2: p14 size 520093696 extends beyond EOD, truncated [ 556.803399][T11875] loop4: detected capacity change from 0 to 32768 [ 556.809742][ T29] audit: type=1326 audit(1720489911.625:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11893 comm="syz.3.2066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66b8f75bd9 code=0x7ffc0000 [ 556.839756][T11896] loop2: p15 size 108986237 extends beyond EOD, truncated [ 556.850510][T11896] loop2: p16 size 520093696 extends beyond EOD, truncated [ 556.859354][T11896] loop2: p17 size 108986237 extends beyond EOD, truncated [ 556.862349][ T29] audit: type=1326 audit(1720489911.625:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11893 comm="syz.3.2066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f66b8f75bd9 code=0x7ffc0000 [ 556.890820][T11896] loop2: p18 size 520093696 extends beyond EOD, truncated [ 556.899387][T11896] loop2: p19 size 108986237 extends beyond EOD, truncated [ 556.906885][ T29] audit: type=1326 audit(1720489911.625:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11893 comm="syz.3.2066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66b8f75bd9 code=0x7ffc0000 [ 556.936351][T11896] loop2: p20 size 520093696 extends beyond EOD, truncated [ 556.945455][T11896] loop2: p21 size 108986237 extends beyond EOD, truncated [ 556.954451][T11896] loop2: p22 size 520093696 extends beyond EOD, truncated [ 556.963130][T11896] loop2: p23 size 108986237 extends beyond EOD, truncated [ 556.974816][T11896] loop2: p24 size 520093696 extends beyond EOD, truncated [ 556.983538][T11896] loop2: p25 size 108986237 extends beyond EOD, truncated [ 556.990772][ T29] audit: type=1326 audit(1720489911.645:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11893 comm="syz.3.2066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f66b8f75bd9 code=0x7ffc0000 [ 556.990830][ T29] audit: type=1326 audit(1720489911.645:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11893 comm="syz.3.2066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66b8f75bd9 code=0x7ffc0000 [ 557.039638][T11896] loop2: p26 size 520093696 extends beyond EOD, truncated [ 557.048436][T11896] loop2: p27 size 108986237 extends beyond EOD, truncated [ 557.058212][T11896] loop2: p28 size 520093696 extends beyond EOD, truncated [ 557.071783][T11896] loop2: p29 size 108986237 extends beyond EOD, truncated [ 557.091848][T11896] loop2: p30 size 520093696 extends beyond EOD, truncated [ 557.100838][T11896] loop2: p31 size 108986237 extends beyond EOD, truncated [ 557.111382][T11896] loop2: p32 size 520093696 extends beyond EOD, truncated [ 557.123457][T11896] loop2: p33 size 108986237 extends beyond EOD, truncated [ 557.134929][T11896] loop2: p34 size 520093696 extends beyond EOD, truncated [ 557.148145][T11896] loop2: p35 size 108986237 extends beyond EOD, truncated [ 557.157005][T11896] loop2: p36 size 520093696 extends beyond EOD, truncated [ 557.166840][T11896] loop2: p37 size 108986237 extends beyond EOD, truncated [ 557.176504][T11896] loop2: p38 size 520093696 extends beyond EOD, truncated [ 557.185823][T11896] loop2: p39 size 108986237 extends beyond EOD, truncated [ 557.196048][T11896] loop2: p40 size 520093696 extends beyond EOD, truncated [ 557.211994][T11896] loop2: p41 size 108986237 extends beyond EOD, truncated [ 557.227857][T11896] loop2: p42 size 520093696 extends beyond EOD, truncated [ 557.238673][T11896] loop2: p43 size 108986237 extends beyond EOD, truncated [ 557.250151][T11896] loop2: p44 size 520093696 extends beyond EOD, truncated [ 557.259069][T11896] loop2: p45 size 108986237 extends beyond EOD, truncated [ 557.268089][T11896] loop2: p46 size 520093696 extends beyond EOD, truncated [ 557.284275][T11896] loop2: p47 size 108986237 extends beyond EOD, truncated [ 557.293191][T11914] loop0: detected capacity change from 0 to 512 [ 557.299738][T11896] loop2: p48 size 520093696 extends beyond EOD, truncated [ 557.308819][T11896] loop2: p49 size 108986237 extends beyond EOD, truncated [ 557.317528][T11896] loop2: p50 size 520093696 extends beyond EOD, truncated [ 557.328077][T11914] EXT4-fs: Ignoring removed orlov option [ 557.334079][T11896] loop2: p51 size 108986237 extends beyond EOD, truncated [ 557.343209][T11896] loop2: p52 size 520093696 extends beyond EOD, truncated [ 557.352022][T11896] loop2: p53 size 108986237 extends beyond EOD, truncated [ 557.360780][T11896] loop2: p54 size 520093696 extends beyond EOD, truncated [ 557.369421][T11896] loop2: p55 size 108986237 extends beyond EOD, truncated [ 557.378068][T11896] loop2: p56 size 520093696 extends beyond EOD, truncated [ 557.386808][T11896] loop2: p57 size 108986237 extends beyond EOD, truncated [ 557.395770][T11896] loop2: p58 size 520093696 extends beyond EOD, truncated [ 557.409516][T11896] loop2: p59 size 108986237 extends beyond EOD, truncated [ 557.418566][T11896] loop2: p60 size 520093696 extends beyond EOD, truncated [ 557.428045][T11896] loop2: p60 could not be added: -ENOMEM [ 557.433983][T11896] loop2: p61 size 108986237 extends beyond EOD, truncated [ 557.451437][T11896] loop2: p62 size 520093696 extends beyond EOD, truncated [ 557.460174][T11896] loop2: p63 size 108986237 extends beyond EOD, truncated [ 557.465748][T11914] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=6040e09c, mo2=0102] [ 557.469556][T11896] loop2: p64 size 520093696 extends beyond EOD, truncated [ 557.484193][T11896] loop2: p65 size 108986237 extends beyond EOD, truncated [ 557.491749][T11914] System zones: 1-12 [ 557.492880][T11896] loop2: p66 size 520093696 extends beyond EOD, truncated [ 557.496403][T11914] EXT4-fs error (device loop0): ext4_orphan_get:1394: inode #15: comm syz.0.2074: casefold flag without casefold feature [ 557.504469][T11896] loop2: p67 size 108986237 extends beyond EOD, truncated [ 557.525030][T11896] loop2: p68 size 520093696 extends beyond EOD, truncated [ 557.536313][T11896] loop2: p69 size 108986237 extends beyond EOD, truncated [ 557.543288][T11914] EXT4-fs error (device loop0): ext4_orphan_get:1399: comm syz.0.2074: couldn't read orphan inode 15 (err -117) [ 557.545109][T11896] loop2: p70 size 520093696 extends beyond EOD, truncated [ 557.564105][T11896] loop2: p71 size 108986237 extends beyond EOD, truncated [ 557.574799][T11896] loop2: p72 size 520093696 extends beyond EOD, truncated [ 557.583564][T11896] loop2: p73 size 108986237 extends beyond EOD, truncated [ 557.601412][T11896] loop2: p74 size 520093696 extends beyond EOD, truncated [ 557.612320][T11896] loop2: p75 size 108986237 extends beyond EOD, truncated [ 557.621885][T11914] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 557.636593][T11896] loop2: p76 size 520093696 extends beyond EOD, truncated [ 557.646518][T11896] loop2: p77 size 108986237 extends beyond EOD, truncated [ 557.655217][T11896] loop2: p78 size 520093696 extends beyond EOD, truncated [ 557.663985][T11896] loop2: p79 size 108986237 extends beyond EOD, truncated [ 557.673381][T11896] loop2: p80 size 520093696 extends beyond EOD, truncated [ 557.682313][T11896] loop2: p81 size 108986237 extends beyond EOD, truncated [ 557.691967][T11896] loop2: p82 size 520093696 extends beyond EOD, truncated [ 557.702404][T11896] loop2: p83 size 108986237 extends beyond EOD, truncated [ 557.711135][T11896] loop2: p84 size 520093696 extends beyond EOD, truncated [ 557.719719][T11896] loop2: p85 size 108986237 extends beyond EOD, truncated [ 557.731445][T11896] loop2: p86 size 520093696 extends beyond EOD, truncated [ 557.740624][T11896] loop2: p87 size 108986237 extends beyond EOD, truncated [ 557.749196][T11896] loop2: p88 size 520093696 extends beyond EOD, truncated [ 557.758323][T11896] loop2: p89 size 108986237 extends beyond EOD, truncated [ 557.768705][T11896] loop2: p90 size 520093696 extends beyond EOD, truncated [ 557.777564][T11896] loop2: p91 size 108986237 extends beyond EOD, truncated [ 557.786147][T11896] loop2: p92 size 520093696 extends beyond EOD, truncated [ 557.794433][T11896] loop2: p93 size 108986237 extends beyond EOD, truncated [ 557.802817][T11896] loop2: p94 size 520093696 extends beyond EOD, truncated [ 557.812243][T11896] loop2: p95 size 108986237 extends beyond EOD, truncated [ 557.820779][T11896] loop2: p96 size 520093696 extends beyond EOD, truncated [ 557.829079][T11896] loop2: p97 size 108986237 extends beyond EOD, truncated [ 557.839322][T11896] loop2: p98 size 520093696 extends beyond EOD, truncated [ 557.847710][T11896] loop2: p99 size 108986237 extends beyond EOD, truncated [ 557.869200][T11896] loop2: p100 size 520093696 extends beyond EOD, truncated [ 557.879301][T11896] loop2: p101 size 108986237 extends beyond EOD, truncated [ 557.891170][T11896] loop2: p102 size 520093696 extends beyond EOD, truncated [ 557.901108][T11896] loop2: p103 size 108986237 extends beyond EOD, truncated [ 557.911238][T11896] loop2: p104 size 520093696 extends beyond EOD, truncated [ 557.933432][T11896] loop2: p105 size 108986237 extends beyond EOD, truncated [ 557.944412][T11896] loop2: p106 size 520093696 extends beyond EOD, truncated [ 557.950479][ T9681] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 557.965906][T11896] loop2: p107 size 108986237 extends beyond EOD, truncated [ 557.974979][T11896] loop2: p108 size 520093696 extends beyond EOD, truncated [ 557.983798][T11896] loop2: p109 size 108986237 extends beyond EOD, truncated [ 557.992605][T11896] loop2: p110 size 520093696 extends beyond EOD, truncated [ 558.006394][T11896] loop2: p111 size 108986237 extends beyond EOD, truncated [ 558.015225][T11896] loop2: p112 size 520093696 extends beyond EOD, truncated [ 558.024161][T11896] loop2: p113 size 108986237 extends beyond EOD, truncated [ 558.032709][T11896] loop2: p114 size 520093696 extends beyond EOD, truncated [ 558.043341][T11896] loop2: p115 size 108986237 extends beyond EOD, truncated [ 558.052142][T11896] loop2: p116 size 520093696 extends beyond EOD, truncated [ 558.062160][T11896] loop2: p117 size 108986237 extends beyond EOD, truncated [ 558.078261][T11896] loop2: p118 size 520093696 extends beyond EOD, truncated [ 558.087194][T11896] loop2: p119 size 108986237 extends beyond EOD, truncated [ 558.095651][T11896] loop2: p120 size 520093696 extends beyond EOD, truncated [ 558.105269][T11896] loop2: p121 size 108986237 extends beyond EOD, truncated [ 558.114541][T11896] loop2: p122 size 520093696 extends beyond EOD, truncated [ 558.123286][T11896] loop2: p123 size 108986237 extends beyond EOD, truncated [ 558.135419][T11896] loop2: p124 size 520093696 extends beyond EOD, truncated [ 558.145132][T11896] loop2: p125 size 108986237 extends beyond EOD, truncated [ 558.153801][T11896] loop2: p126 size 520093696 extends beyond EOD, truncated [ 558.162464][T11896] loop2: p127 size 108986237 extends beyond EOD, truncated [ 558.171090][T11896] loop2: p128 size 520093696 extends beyond EOD, truncated [ 558.189951][T11896] loop2: p129 size 108986237 extends beyond EOD, truncated [ 558.198743][T11896] loop2: p130 size 520093696 extends beyond EOD, truncated [ 558.207482][T11896] loop2: p131 size 108986237 extends beyond EOD, truncated [ 558.215869][T11896] loop2: p132 size 520093696 extends beyond EOD, truncated [ 558.224615][T11896] loop2: p133 size 108986237 extends beyond EOD, truncated [ 558.233005][T11896] loop2: p134 size 520093696 extends beyond EOD, truncated [ 558.241539][T11896] loop2: p135 size 108986237 extends beyond EOD, truncated [ 558.258365][T11896] loop2: p136 size 520093696 extends beyond EOD, truncated [ 558.270894][T11896] loop2: p137 size 108986237 extends beyond EOD, truncated [ 558.294176][T11896] loop2: p138 size 520093696 extends beyond EOD, truncated [ 558.305004][T11896] loop2: p139 size 108986237 extends beyond EOD, truncated [ 558.316856][T11896] loop2: p140 size 520093696 extends beyond EOD, truncated [ 558.325885][T11896] loop2: p141 size 108986237 extends beyond EOD, truncated [ 558.334297][T11896] loop2: p142 size 520093696 extends beyond EOD, truncated [ 558.343447][T11896] loop2: p143 size 108986237 extends beyond EOD, truncated [ 558.362180][T11896] loop2: p144 size 520093696 extends beyond EOD, truncated [ 558.372214][T11896] loop2: p145 size 108986237 extends beyond EOD, truncated [ 558.380624][T11896] loop2: p146 size 520093696 extends beyond EOD, truncated [ 558.392762][T11896] loop2: p147 size 108986237 extends beyond EOD, truncated [ 558.419772][T11896] loop2: p148 size 520093696 extends beyond EOD, truncated [ 558.431925][T11896] loop2: p149 size 108986237 extends beyond EOD, truncated [ 558.440429][T11896] loop2: p150 size 520093696 extends beyond EOD, truncated [ 558.451040][T11896] loop2: p151 size 108986237 extends beyond EOD, truncated [ 558.480994][T11896] loop2: p152 size 520093696 extends beyond EOD, truncated [ 558.489383][T11896] loop2: p153 size 108986237 extends beyond EOD, truncated [ 558.497852][T11896] loop2: p154 size 520093696 extends beyond EOD, truncated [ 558.506211][T11896] loop2: p155 size 108986237 extends beyond EOD, truncated [ 558.514609][T11896] loop2: p156 size 520093696 extends beyond EOD, truncated [ 558.531383][T11896] loop2: p157 size 108986237 extends beyond EOD, truncated [ 558.540193][T11896] loop2: p158 size 520093696 extends beyond EOD, truncated [ 558.548696][T11896] loop2: p159 size 108986237 extends beyond EOD, truncated [ 558.558896][T11896] loop2: p160 size 520093696 extends beyond EOD, truncated [ 558.567258][T11896] loop2: p161 size 108986237 extends beyond EOD, truncated [ 558.575640][T11896] loop2: p162 size 520093696 extends beyond EOD, truncated [ 558.583978][T11896] loop2: p163 size 108986237 extends beyond EOD, truncated [ 558.595659][T11896] loop2: p164 size 520093696 extends beyond EOD, truncated [ 558.607802][T11896] loop2: p165 size 108986237 extends beyond EOD, truncated [ 558.619068][T11896] loop2: p166 size 520093696 extends beyond EOD, truncated [ 558.637352][T11896] loop2: p167 size 108986237 extends beyond EOD, truncated [ 558.649376][T11896] loop2: p168 size 520093696 extends beyond EOD, truncated [ 558.660403][T11896] loop2: p169 size 108986237 extends beyond EOD, truncated [ 558.668838][T11896] loop2: p170 size 520093696 extends beyond EOD, truncated [ 558.679925][T11932] loop3: detected capacity change from 0 to 256 [ 558.688515][T11896] loop2: p171 size 108986237 extends beyond EOD, truncated [ 558.697394][T11896] loop2: p172 size 520093696 extends beyond EOD, truncated [ 558.707689][T11896] loop2: p173 size 108986237 extends beyond EOD, truncated [ 558.717432][T11896] loop2: p174 size 520093696 extends beyond EOD, truncated [ 558.735932][T11896] loop2: p175 size 108986237 extends beyond EOD, truncated [ 558.744524][T11896] loop2: p176 size 520093696 extends beyond EOD, truncated [ 558.753213][T11896] loop2: p177 size 108986237 extends beyond EOD, truncated [ 558.771088][T11896] loop2: p178 size 520093696 extends beyond EOD, truncated [ 558.783995][T11896] loop2: p179 size 108986237 extends beyond EOD, truncated [ 558.788613][T11932] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d) [ 558.804171][T11896] loop2: p180 size 520093696 extends beyond EOD, truncated [ 558.813008][T11896] loop2: p181 size 108986237 extends beyond EOD, truncated [ 558.821757][T11896] loop2: p182 size 520093696 extends beyond EOD, truncated [ 558.830044][T11896] loop2: p183 size 108986237 extends beyond EOD, truncated [ 558.838394][T11896] loop2: p184 size 520093696 extends beyond EOD, truncated [ 558.851408][T11896] loop2: p185 size 108986237 extends beyond EOD, truncated [ 558.864159][T11896] loop2: p186 size 520093696 extends beyond EOD, truncated [ 558.872994][T11896] loop2: p187 size 108986237 extends beyond EOD, truncated [ 558.902248][T11896] loop2: p188 size 520093696 extends beyond EOD, truncated [ 558.906898][T11935] loop0: detected capacity change from 0 to 512 [ 558.917263][T11896] loop2: p189 size 108986237 extends beyond EOD, truncated [ 558.926291][T11896] loop2: p190 size 520093696 extends beyond EOD, truncated [ 558.934968][T11896] loop2: p191 size 108986237 extends beyond EOD, truncated [ 558.944454][T11896] loop2: p192 size 520093696 extends beyond EOD, truncated [ 558.949554][T11935] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2234: inode #15: comm syz.0.2082: corrupted in-inode xattr: invalid ea_ino [ 558.961842][T11896] loop2: p193 size 108986237 extends beyond EOD, truncated [ 558.974331][T11896] loop2: p194 size 520093696 extends beyond EOD, truncated [ 558.983645][T11896] loop2: p195 size 108986237 extends beyond EOD, truncated [ 558.992652][T11896] loop2: p196 size 520093696 extends beyond EOD, truncated [ 559.001645][T11896] loop2: p197 size 108986237 extends beyond EOD, truncated [ 559.010426][T11896] loop2: p198 size 520093696 extends beyond EOD, truncated [ 559.019265][T11896] loop2: p199 size 108986237 extends beyond EOD, truncated [ 559.020797][T11935] EXT4-fs error (device loop0): ext4_orphan_get:1399: comm syz.0.2082: couldn't read orphan inode 15 (err -117) [ 559.028164][T11896] loop2: p200 size 520093696 extends beyond EOD, truncated [ 559.047335][T11896] loop2: p201 size 108986237 extends beyond EOD, truncated [ 559.056257][T11896] loop2: p202 size 520093696 extends beyond EOD, truncated [ 559.067242][T11896] loop2: p203 size 108986237 extends beyond EOD, truncated [ 559.077360][T11896] loop2: p204 size 520093696 extends beyond EOD, truncated [ 559.086355][T11896] loop2: p205 size 108986237 extends beyond EOD, truncated [ 559.095935][T11935] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 559.105985][T11941] loop1: detected capacity change from 0 to 1024 [ 559.108304][T11896] loop2: p206 size 520093696 extends beyond EOD, truncated [ 559.124046][T11896] loop2: p207 size 108986237 extends beyond EOD, truncated [ 559.132895][T11896] loop2: p208 size 520093696 extends beyond EOD, truncated [ 559.141984][T11896] loop2: p209 size 108986237 extends beyond EOD, truncated [ 559.151393][T11896] loop2: p210 size 520093696 extends beyond EOD, truncated [ 559.160090][T11896] loop2: p211 size 108986237 extends beyond EOD, truncated [ 559.171320][T11896] loop2: p212 size 520093696 extends beyond EOD, truncated [ 559.179973][T11896] loop2: p213 size 108986237 extends beyond EOD, truncated [ 559.188749][T11896] loop2: p214 size 520093696 extends beyond EOD, truncated [ 559.197693][T11896] loop2: p215 size 108986237 extends beyond EOD, truncated [ 559.206533][T11896] loop2: p216 size 520093696 extends beyond EOD, truncated [ 559.217472][T11896] loop2: p217 size 108986237 extends beyond EOD, truncated [ 559.226479][T11896] loop2: p218 size 520093696 extends beyond EOD, truncated [ 559.237658][T11896] loop2: p219 size 108986237 extends beyond EOD, truncated [ 559.238448][T11935] fscrypt (loop0, inode 18): Unsupported encryption flags (0xbe) [ 559.253659][T11896] loop2: p220 size 520093696 extends beyond EOD, truncated [ 559.262897][T11896] loop2: p221 size 108986237 extends beyond EOD, truncated [ 559.278129][T11896] loop2: p222 size 520093696 extends beyond EOD, truncated [ 559.287084][T11896] loop2: p223 size 108986237 extends beyond EOD, truncated [ 559.301234][T11896] loop2: p224 size 520093696 extends beyond EOD, truncated [ 559.310216][T11896] loop2: p225 size 108986237 extends beyond EOD, truncated [ 559.318933][T11896] loop2: p226 size 520093696 extends beyond EOD, truncated [ 559.328130][T11896] loop2: p227 size 108986237 extends beyond EOD, truncated [ 559.337029][T11896] loop2: p228 size 520093696 extends beyond EOD, truncated [ 559.346198][T11896] loop2: p229 size 108986237 extends beyond EOD, truncated [ 559.355012][T11896] loop2: p230 size 520093696 extends beyond EOD, truncated [ 559.367214][T11896] loop2: p231 size 108986237 extends beyond EOD, truncated [ 559.378230][T11896] loop2: p232 size 520093696 extends beyond EOD, truncated [ 559.387236][T11896] loop2: p233 size 108986237 extends beyond EOD, truncated [ 559.396544][T11896] loop2: p234 size 520093696 extends beyond EOD, truncated [ 559.404731][ T9681] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 559.414778][T11896] loop2: p235 size 108986237 extends beyond EOD, truncated [ 559.423614][T11896] loop2: p236 size 520093696 extends beyond EOD, truncated [ 559.437559][T11896] loop2: p237 size 108986237 extends beyond EOD, truncated [ 559.446306][T11896] loop2: p238 size 520093696 extends beyond EOD, truncated [ 559.462040][T11896] loop2: p239 size 108986237 extends beyond EOD, truncated [ 559.472795][T11896] loop2: p240 size 520093696 extends beyond EOD, truncated [ 559.481532][T11896] loop2: p241 size 108986237 extends beyond EOD, truncated [ 559.492514][T11896] loop2: p242 size 520093696 extends beyond EOD, truncated [ 559.501640][T11896] loop2: p243 size 108986237 extends beyond EOD, truncated [ 559.510462][T11896] loop2: p244 size 520093696 extends beyond EOD, truncated [ 559.519649][T11896] loop2: p245 size 108986237 extends beyond EOD, truncated [ 559.528583][T11896] loop2: p246 size 520093696 extends beyond EOD, truncated [ 559.537436][T11896] loop2: p247 size 108986237 extends beyond EOD, truncated [ 559.546453][T11896] loop2: p248 size 520093696 extends beyond EOD, truncated [ 559.561282][T11896] loop2: p249 size 108986237 extends beyond EOD, truncated [ 559.570046][T11896] loop2: p250 size 520093696 extends beyond EOD, truncated [ 559.581447][T11896] loop2: p251 size 108986237 extends beyond EOD, truncated [ 559.591019][T11896] loop2: p252 size 520093696 extends beyond EOD, truncated [ 559.599789][T11896] loop2: p253 size 108986237 extends beyond EOD, truncated [ 559.608580][T11896] loop2: p254 size 520093696 extends beyond EOD, truncated [ 559.617486][T11896] loop2: p255 size 108986237 extends beyond EOD, truncated [ 559.646922][T11949] loop4: detected capacity change from 0 to 512 [ 559.706307][T11949] EXT4-fs: Ignoring removed orlov option [ 559.811115][T11949] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=6040e09c, mo2=0102] [ 559.844854][T11949] System zones: 1-12 [ 559.895608][T11949] EXT4-fs error (device loop4): ext4_orphan_get:1394: inode #15: comm syz.4.2089: casefold flag without casefold feature [ 559.973190][T11949] EXT4-fs error (device loop4): ext4_orphan_get:1399: comm syz.4.2089: couldn't read orphan inode 15 (err -117) [ 560.002324][T11949] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 560.042397][T11941] syz.1.2084: attempt to access beyond end of device [ 560.042397][T11941] nbd1: rw=0, sector=0, nr_sectors = 8 limit=0 [ 560.194354][ T9587] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 560.304130][ T6771] hfsplus: b-tree write err: -5, ino 4 [ 560.521369][ T29] kauditd_printk_skb: 48 callbacks suppressed [ 560.521397][ T29] audit: type=1326 audit(1720489915.515:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11967 comm="syz.1.2096" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f69c1b75bd9 code=0x0 [ 560.628483][T11969] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2096'. [ 560.780830][ T5147] usb 4-1: new high-speed USB device number 18 using dummy_hcd [ 560.973310][T11983] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6 [ 560.990704][ T5147] usb 4-1: Using ep0 maxpacket: 8 [ 561.003945][ T5147] usb 4-1: config index 0 descriptor too short (expected 301, got 45) [ 561.030838][ T5147] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 561.053019][ T5147] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 561.079938][ T5147] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 561.108196][ T5147] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 561.134017][ T5147] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 561.147903][ T5147] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 561.393516][ T5147] usb 4-1: usb_control_msg returned -32 [ 561.399208][ T5147] usbtmc 4-1:16.0: can't read capabilities [ 561.414147][T11998] loop4: detected capacity change from 0 to 1024 [ 561.524470][T12005] loop0: detected capacity change from 0 to 16 [ 561.546735][T12005] MTD: Attempt to mount non-MTD device "/dev/loop0" [ 561.577529][ T29] audit: type=1326 audit(1720489916.565:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12004 comm="syz.0.2110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65ef175bd9 code=0x7ffc0000 [ 561.630816][ T29] audit: type=1326 audit(1720489916.565:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12004 comm="syz.0.2110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65ef175bd9 code=0x7ffc0000 [ 561.677550][ T29] audit: type=1326 audit(1720489916.565:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12004 comm="syz.0.2110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f65ef175bd9 code=0x7ffc0000 [ 561.743446][ T29] audit: type=1326 audit(1720489916.565:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12004 comm="syz.0.2110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65ef175bd9 code=0x7ffc0000 [ 561.807958][ T29] audit: type=1326 audit(1720489916.565:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12004 comm="syz.0.2110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f65ef175bd9 code=0x7ffc0000 [ 561.814870][T12014] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6 [ 561.876724][ T29] audit: type=1326 audit(1720489916.565:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12004 comm="syz.0.2110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65ef175bd9 code=0x7ffc0000 [ 561.927728][ T29] audit: type=1326 audit(1720489916.565:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12004 comm="syz.0.2110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65ef175bd9 code=0x7ffc0000 [ 561.984026][ T29] audit: type=1326 audit(1720489916.565:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12004 comm="syz.0.2110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f65ef175bd9 code=0x7ffc0000 [ 562.067871][ T29] audit: type=1326 audit(1720489916.565:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12004 comm="syz.0.2110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65ef175bd9 code=0x7ffc0000 [ 562.224228][T12023] loop1: detected capacity change from 0 to 256 [ 562.247799][T11998] syz.4.2107: attempt to access beyond end of device [ 562.247799][T11998] nbd4: rw=0, sector=0, nr_sectors = 1 limit=0 [ 562.383920][T12025] loop2: detected capacity change from 0 to 512 [ 562.574724][T12025] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 219 vs 220 free clusters [ 562.590116][T12025] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz.2.2115: invalid indirect mapped block 1 (level 1) [ 562.612652][T12025] EXT4-fs (loop2): 1 truncate cleaned up [ 562.624865][T12025] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 562.983156][T12023] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d) [ 563.327712][ T9360] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 563.396762][T12030] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2117'. [ 563.435955][ T1249] ieee802154 phy0 wpan0: encryption failed: -22 [ 563.442535][ T1249] ieee802154 phy1 wpan1: encryption failed: -22 [ 563.488004][ T2454] hfsplus: b-tree write err: -5, ino 4 [ 563.992100][ T5147] usb 4-1: USB disconnect, device number 18 [ 564.122265][T12039] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 564.188973][T12031] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2117'. [ 564.340413][T12050] loop3: detected capacity change from 0 to 16 [ 564.349222][T12050] MTD: Attempt to mount non-MTD device "/dev/loop3" [ 564.379832][T12049] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2123'. [ 564.519499][T12047] loop2: detected capacity change from 0 to 4096 [ 564.537379][T12047] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [ 564.576472][T12047] ntfs3: loop2: failed to replay log file. Can't mount rw! [ 564.651007][T12053] loop0: detected capacity change from 0 to 1024 [ 564.669166][T12058] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6 [ 564.684049][T12053] hfsplus: extend alloc file! (8192,65536,366) [ 565.373207][T12073] loop2: detected capacity change from 0 to 512 [ 566.951299][T12073] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 219 vs 220 free clusters [ 566.965987][T12073] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz.2.2130: invalid indirect mapped block 1 (level 1) [ 566.982364][T12073] EXT4-fs (loop2): 1 truncate cleaned up [ 566.989165][T12073] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 567.247693][T12053] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4294967295 (8589934590 ns) > initial count (394 ns). Using initial count to start timer. [ 567.277653][ T9360] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 567.587412][T12092] loop1: detected capacity change from 0 to 512 [ 567.611468][T12092] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 567.681758][T12092] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2234: inode #15: comm syz.1.2140: corrupted in-inode xattr: e_value out of bounds [ 567.749000][T12092] EXT4-fs (loop1): Remounting filesystem read-only [ 567.756878][T12092] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 567.836765][T12092] EXT4-fs warning (device loop1): __ext4fs_dirhash:283: invalid/unsupported hash tree version 62 [ 567.861540][T11149] Bluetooth: hci6: unexpected event 0x30 length: 56 > 3 [ 568.016518][ T9573] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 568.478896][T12121] loop3: detected capacity change from 0 to 64 [ 568.610512][T12129] netlink: 'syz.4.2157': attribute type 12 has an invalid length. [ 568.619475][T12129] netlink: 132 bytes leftover after parsing attributes in process `syz.4.2157'. [ 568.762225][T12123] xt_hashlimit: size too large, truncated to 1048576 [ 568.788336][T12123] xt_hashlimit: overflow, rate too high: 0 [ 568.926559][T12123] loop1: detected capacity change from 0 to 1024 [ 569.886196][ T5147] kernel read not supported for file /eth0 (pid: 5147 comm: kworker/0:3) [ 569.910690][T11149] Bluetooth: hci6: command 0x0406 tx timeout [ 569.962211][T12166] netlink: 'syz.4.2169': attribute type 12 has an invalid length. [ 569.977673][T12143] loop0: detected capacity change from 0 to 32768 [ 570.008758][T12143] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.2160 (12143) [ 570.014901][T12166] netlink: 132 bytes leftover after parsing attributes in process `syz.4.2169'. [ 570.064752][T12143] BTRFS info (device loop0): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 570.078886][T12143] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm [ 570.126133][T12143] BTRFS info (device loop0): disk space caching is enabled [ 570.324490][T12168] loop1: detected capacity change from 0 to 2048 [ 570.346817][T12181] loop4: detected capacity change from 0 to 512 [ 570.409201][T12143] BTRFS info (device loop0): rebuilding free space tree [ 570.425075][T12168] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 570.438071][T12181] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 570.509645][T12143] BTRFS info (device loop0): disabling free space tree [ 570.520847][T12143] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 570.534216][T12181] ext4 filesystem being mounted at /175/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 570.545006][T12143] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 570.701137][ T9681] BTRFS info (device loop0): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 571.031935][ T9587] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 572.064570][ T66] kworker/u8:5: attempt to access beyond end of device [ 572.064570][ T66] loop3: rw=1, sector=65, nr_sectors = 1 limit=64 [ 572.412868][ T66] Buffer I/O error on dev loop3, logical block 65, lost async page write [ 572.830856][ T66] kworker/u8:5: attempt to access beyond end of device [ 572.830856][ T66] loop3: rw=1, sector=66, nr_sectors = 1 limit=64 [ 572.930335][ T66] Buffer I/O error on dev loop3, logical block 66, lost async page write [ 572.960380][ T66] kworker/u8:5: attempt to access beyond end of device [ 572.960380][ T66] loop3: rw=1, sector=67, nr_sectors = 1 limit=64 [ 573.047598][ T66] Buffer I/O error on dev loop3, logical block 67, lost async page write [ 573.098047][ T66] kworker/u8:5: attempt to access beyond end of device [ 573.098047][ T66] loop3: rw=1, sector=68, nr_sectors = 1 limit=64 [ 573.149599][ T66] Buffer I/O error on dev loop3, logical block 68, lost async page write [ 573.220788][ T66] kworker/u8:5: attempt to access beyond end of device [ 573.220788][ T66] loop3: rw=1, sector=72, nr_sectors = 1 limit=64 [ 573.285994][T12215] xt_hashlimit: size too large, truncated to 1048576 [ 573.305873][ T66] Buffer I/O error on dev loop3, logical block 72, lost async page write [ 573.314522][ T66] kworker/u8:5: attempt to access beyond end of device [ 573.314522][ T66] loop3: rw=1, sector=73, nr_sectors = 1 limit=64 [ 573.327942][ T66] Buffer I/O error on dev loop3, logical block 73, lost async page write [ 573.337271][ T66] kworker/u8:5: attempt to access beyond end of device [ 573.337271][ T66] loop3: rw=1, sector=76, nr_sectors = 1 limit=64 [ 573.350508][ T66] Buffer I/O error on dev loop3, logical block 76, lost async page write [ 573.359285][ T66] kworker/u8:5: attempt to access beyond end of device [ 573.359285][ T66] loop3: rw=1, sector=77, nr_sectors = 1 limit=64 [ 573.392290][T12215] xt_hashlimit: overflow, rate too high: 0 [ 573.404983][ T66] Buffer I/O error on dev loop3, logical block 77, lost async page write [ 573.420694][ T66] kworker/u8:5: attempt to access beyond end of device [ 573.420694][ T66] loop3: rw=1, sector=78, nr_sectors = 89 limit=64 [ 574.140134][T12220] loop0: detected capacity change from 0 to 1024 [ 575.349900][T12237] loop2: detected capacity change from 0 to 32768 [ 575.358293][T12237] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.2186 (12237) [ 575.396134][T12237] BTRFS info (device loop2): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 575.423114][T12277] xt_hashlimit: size too large, truncated to 1048576 [ 575.430029][T12277] xt_hashlimit: overflow, rate too high: 0 [ 575.432848][T12237] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm [ 575.448362][T12237] BTRFS info (device loop2): disk space caching is enabled [ 575.558340][T12277] loop3: detected capacity change from 0 to 1024 [ 575.631211][ T5147] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 575.699623][T12237] BTRFS info (device loop2): rebuilding free space tree [ 575.740624][T12237] BTRFS info (device loop2): disabling free space tree [ 575.754687][T12237] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 575.773610][T12237] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 575.835655][ T5147] usb 5-1: config 17 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 575.887180][ T5147] usb 5-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00 [ 575.920923][ T9360] BTRFS info (device loop2): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 575.942278][ T5147] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 575.969153][ T5147] aiptek 5-1:17.0: interface has no int in endpoints, but must have minimum 1 [ 577.009185][T12343] loop2: detected capacity change from 0 to 64 [ 577.210255][T11149] Bluetooth: hci5: ACL packet for unknown connection handle 200 [ 577.227119][T12350] loop2: detected capacity change from 0 to 512 [ 577.312075][T12350] EXT4-fs error (device loop2): ext4_orphan_get:1394: inode #15: comm syz.2.2224: casefold flag without casefold feature [ 577.340922][T12350] EXT4-fs error (device loop2): ext4_orphan_get:1399: comm syz.2.2224: couldn't read orphan inode 15 (err -117) [ 577.412240][T12350] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 577.672904][ T9360] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 578.876132][ T5150] usb 5-1: USB disconnect, device number 10 [ 579.088977][T12411] loop0: detected capacity change from 0 to 512 [ 579.263373][T12411] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 579.284619][T12408] loop4: detected capacity change from 0 to 4096 [ 579.315605][T12408] ntfs3: Unknown parameter '18446744073709551615ÿ0x0000000000000003' [ 579.367435][T12411] ext4 filesystem being mounted at /201/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 579.657464][ T9681] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 580.131578][T12429] bridge0: port 1(bridge_slave_0) entered disabled state [ 580.160242][T12421] IPVS: set_ctl: invalid protocol: 47 255.255.255.255:20004 [ 580.587846][T12441] loop1: detected capacity change from 0 to 256 [ 580.671545][T12443] loop0: detected capacity change from 0 to 256 [ 580.779833][T12443] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x1aabf3fb, utbl_chksum : 0xe619d30d) [ 581.751390][T12466] loop3: detected capacity change from 0 to 1024 [ 581.765339][ T29] kauditd_printk_skb: 99 callbacks suppressed [ 581.765360][ T29] audit: type=1326 audit(1720489936.755:372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12463 comm="syz.1.2263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69c1b75bd9 code=0x7ffc0000 [ 581.803077][T12465] bridge0: port 1(bridge_slave_0) entered disabled state [ 581.815556][ T29] audit: type=1326 audit(1720489936.755:373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12463 comm="syz.1.2263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69c1b75bd9 code=0x7ffc0000 [ 581.840802][ T29] audit: type=1326 audit(1720489936.795:374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12463 comm="syz.1.2263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f69c1b75bd9 code=0x7ffc0000 [ 581.863188][ C0] vkms_vblank_simulate: vblank timer overrun [ 581.869468][T12466] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 581.882612][T12466] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 581.900920][ T29] audit: type=1326 audit(1720489936.795:375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12463 comm="syz.1.2263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69c1b75bd9 code=0x7ffc0000 [ 582.045831][ T29] audit: type=1326 audit(1720489936.795:376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12463 comm="syz.1.2263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f69c1b75bd9 code=0x7ffc0000 [ 582.151980][T12466] EXT4-fs error (device loop3): ext4_ext_check_inode:520: inode #2: comm syz.3.2261: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 582.355653][T12476] loop1: detected capacity change from 0 to 128 [ 582.363334][ T29] audit: type=1326 audit(1720489936.795:377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12463 comm="syz.1.2263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69c1b75bd9 code=0x7ffc0000 [ 582.510750][T12466] EXT4-fs (loop3): get root inode failed [ 582.517930][T12466] EXT4-fs (loop3): mount failed [ 582.590789][ T29] audit: type=1326 audit(1720489936.805:378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12463 comm="syz.1.2263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f69c1b75bd9 code=0x7ffc0000 [ 582.730674][ T29] audit: type=1326 audit(1720489936.805:379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12463 comm="syz.1.2263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69c1b75bd9 code=0x7ffc0000 [ 582.788897][T12483] loop2: detected capacity change from 0 to 16 [ 582.810961][ T29] audit: type=1326 audit(1720489936.805:380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12463 comm="syz.1.2263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f69c1b75bd9 code=0x7ffc0000 [ 582.852431][T12483] erofs: (device loop2): z_erofs_parse_cfgs: algorithm 2 isn't enabled on this kernel [ 582.893069][ T29] audit: type=1326 audit(1720489936.805:381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12463 comm="syz.1.2263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69c1b75bd9 code=0x7ffc0000 [ 583.042188][T12495] loop0: detected capacity change from 0 to 256 [ 583.061745][T12499] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem [ 583.175632][T12495] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x1aabf3fb, utbl_chksum : 0xe619d30d) [ 583.482136][T11149] Bluetooth: hci2: unexpected event 0x30 length: 56 > 3 [ 584.113447][T11149] Bluetooth: hci5: ACL packet for unknown connection handle 200 [ 584.847685][T12521] loop1: detected capacity change from 0 to 128 [ 584.937839][T12502] loop3: detected capacity change from 0 to 32768 [ 584.961019][T12502] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.2273 (12502) [ 585.017411][T12502] BTRFS info (device loop3): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 585.045787][T12502] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm [ 585.060356][T12502] BTRFS info (device loop3): disk space caching is enabled [ 585.219691][T12540] loop4: detected capacity change from 0 to 16 [ 585.246733][T12502] BTRFS info (device loop3): rebuilding free space tree [ 585.265938][T12540] erofs: (device loop4): z_erofs_parse_cfgs: algorithm 2 isn't enabled on this kernel [ 585.331888][T12502] BTRFS info (device loop3): disabling free space tree [ 585.349376][T12502] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 585.370392][T12502] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 585.472257][ T5225] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 585.528350][ T5225] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 585.536395][T11149] Bluetooth: hci2: command 0x0406 tx timeout [ 585.634882][ T5225] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 585.824354][ T5150] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 585.852098][ T5225] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 586.021297][ T5225] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 586.030071][T10110] BTRFS info (device loop3): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 586.273949][T12558] loop0: detected capacity change from 0 to 512 [ 586.281020][ T5225] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 586.289027][ T5225] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 586.298316][ T5225] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 586.307871][ T5225] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 586.318420][ T5225] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 586.325995][ T5225] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 586.333568][ T5225] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 586.341458][ T5225] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 586.348890][ T5225] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 586.357333][ T5225] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 586.365814][ T5225] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 586.379028][ T5225] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 586.387223][ T5225] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 586.396360][ T5150] usb 2-1: config index 0 descriptor too short (expected 25970, got 36) [ 586.433296][T12558] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 586.449707][ T5150] usb 2-1: config 116 has too many interfaces: 99, using maximum allowed: 32 [ 586.459079][ T5225] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 586.473035][ T5225] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 586.473907][T12558] EXT4-fs (loop0): blocks per group (71) and clusters per group (32768) inconsistent [ 586.491749][ T5150] usb 2-1: config 116 has an invalid descriptor of length 0, skipping remainder of the config [ 586.506315][T12561] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2289'. [ 586.524337][ T5225] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 586.531948][ T5150] usb 2-1: config 116 has 0 interfaces, different from the descriptor's value: 99 [ 586.546002][ T5225] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 586.571445][ T5150] usb 2-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 586.591833][ T5225] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 586.634516][ T5225] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 586.642728][ T5150] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 586.677185][ T5225] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 586.722210][ T5225] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 586.778262][ T5225] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 586.805114][T12558] loop0: detected capacity change from 0 to 256 [ 586.835395][ T5225] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 586.867015][ T5225] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 586.884208][ T5225] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 586.918538][ T5225] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 586.939683][T12558] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d) [ 586.953106][ T5225] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 587.002795][ T5225] hid-generic 0000:0000:0000.000B: hidraw0: HID v0.00 Device [syz1] on syz0 [ 587.065006][T12569] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2291'. [ 587.083687][T12571] loop3: detected capacity change from 0 to 512 [ 587.129262][ T9] usb 2-1: USB disconnect, device number 10 [ 587.188633][T12571] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 587.257905][T12571] ext4 filesystem being mounted at /162/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 587.562289][T12571] ext4: Unknown parameter '9p' [ 588.215101][T12582] loop4: detected capacity change from 0 to 8192 [ 588.487862][T12582] loop4: p1 p2 p4 < p5 p6 p7 p8 p9 p10 p11 p12 p13 p14 p15 p16 p17 p18 p19 p20 p21 p22 p23 p24 p25 p26 p27 p28 p29 p30 p31 p32 p33 p34 p35 p36 p37 p38 p39 p40 p41 p42 p43 p44 p45 p46 p47 p48 p49 p50 p51 p52 p53 p54 p55 p56 p57 p58 p59 p60 p61 p62 p63 p64 p65 p66 p67 p68 p69 p70 p71 p72 p73 p74 p75 p76 p77 p78 p79 p80 p81 p82 p83 p84 p85 p86 p87 p88 p89 p90 p91 p92 p93 p94 p95 p96 p97 p98 p99 p100 p101 p102 p103 p104 p105 p106 p107 p108 p109 p110 p111 p112 p113 p114 p115 p116 p117 p118 p119 p120 p121 p122 p123 p124 p125 p126 p127 p128 p129 p130 p131 p132 p133 p134 p135 p136 p137 p138 p139 p140 p141 p142 p143 p144 p145 p146 p147 p148 p149 p150 p151 p152 p153 p154 p155 p156 p157 p158 p159 p160 p161 p162 p163 p164 p165 p166 p167 p168 p169 p170 p171 p172 p173 p174 p175 p176 p177 p178 p179 p180 p181 p182 p183 p184 p185 p186 p187 p188 p189 p190 p191 p192 p193 p194 p195 p196 p197 p198 p199 p200 p201 p202 p203 p204 p205 p206 p207 p208 p209 p210 p211 p212 p213 p214 p215 p216 p217 p218 p219 p220 p221 p222 p223 p224 p2 [ 588.488022][T12582] loop4: p1 size 108986237 extends beyond EOD, truncated [ 588.588732][T12582] loop4: p2 size 520093696 extends beyond EOD, truncated [ 588.597926][T12582] loop4: p5 size 108986237 extends beyond EOD, truncated [ 588.606270][T12582] loop4: p6 size 520093696 extends beyond EOD, truncated [ 588.626949][T12582] loop4: p7 size 108986237 extends beyond EOD, truncated [ 588.639158][T12582] loop4: p8 size 520093696 extends beyond EOD, truncated [ 588.647517][T12582] loop4: p9 size 108986237 extends beyond EOD, truncated [ 588.657075][T12582] loop4: p10 size 520093696 extends beyond EOD, truncated [ 588.665389][T12582] loop4: p11 size 108986237 extends beyond EOD, truncated [ 588.673851][T12582] loop4: p12 size 520093696 extends beyond EOD, truncated [ 588.681223][T12582] loop4: p12 could not be added: -ENOMEM [ 588.686956][T12582] loop4: p13 size 108986237 extends beyond EOD, truncated [ 588.694340][T12582] loop4: p13 could not be added: -ENOMEM [ 588.700079][T12582] loop4: p14 size 520093696 extends beyond EOD, truncated [ 588.707353][T12582] loop4: p14 could not be added: -ENOMEM [ 588.713323][T12582] loop4: p15 size 108986237 extends beyond EOD, truncated [ 588.720576][T12582] loop4: p15 could not be added: -ENOMEM [ 588.726332][T12582] loop4: p16 size 520093696 extends beyond EOD, truncated [ 588.733840][T12582] loop4: p16 could not be added: -ENOMEM [ 588.739565][T12582] loop4: p17 size 108986237 extends beyond EOD, truncated [ 588.746798][T12582] loop4: p17 could not be added: -ENOMEM [ 588.752589][T12582] loop4: p18 size 520093696 extends beyond EOD, truncated [ 588.760443][T12582] loop4: p18 could not be added: -ENOMEM [ 588.766222][T12582] loop4: p19 size 108986237 extends beyond EOD, truncated [ 588.773821][T12582] loop4: p19 could not be added: -ENOMEM [ 588.779550][T12582] loop4: p20 size 520093696 extends beyond EOD, truncated [ 588.786845][T12582] loop4: p20 could not be added: -ENOMEM [ 588.792709][T12582] loop4: p21 size 108986237 extends beyond EOD, truncated [ 588.799913][T12582] loop4: p21 could not be added: -ENOMEM [ 588.805659][T12582] loop4: p22 size 520093696 extends beyond EOD, truncated [ 588.812915][T12582] loop4: p22 could not be added: -ENOMEM [ 588.818638][T12582] loop4: p23 size 108986237 extends beyond EOD, truncated [ 588.825866][T12582] loop4: p23 could not be added: -ENOMEM [ 588.831626][T12582] loop4: p24 size 520093696 extends beyond EOD, truncated [ 588.838825][T12582] loop4: p24 could not be added: -ENOMEM [ 588.844593][T12582] loop4: p25 size 108986237 extends beyond EOD, truncated [ 588.851855][T12582] loop4: p25 could not be added: -ENOMEM [ 588.857576][T12582] loop4: p26 size 520093696 extends beyond EOD, truncated [ 588.865505][T12582] loop4: p26 could not be added: -ENOMEM [ 588.871341][T12582] loop4: p27 size 108986237 extends beyond EOD, truncated [ 588.878588][T12582] loop4: p27 could not be added: -ENOMEM [ 588.884360][T12582] loop4: p28 size 520093696 extends beyond EOD, truncated [ 588.891630][T12582] loop4: p28 could not be added: -ENOMEM [ 588.897359][T12582] loop4: p29 size 108986237 extends beyond EOD, truncated [ 588.904634][T12582] loop4: p29 could not be added: -ENOMEM [ 588.910356][T12582] loop4: p30 size 520093696 extends beyond EOD, truncated [ 588.917637][T12582] loop4: p30 could not be added: -ENOMEM [ 588.923386][T12582] loop4: p31 size 108986237 extends beyond EOD, truncated [ 588.930685][T12582] loop4: p31 could not be added: -ENOMEM [ 588.936429][T12582] loop4: p32 size 520093696 extends beyond EOD, truncated [ 588.943813][T12582] loop4: p32 could not be added: -ENOMEM [ 588.949531][T12582] loop4: p33 size 108986237 extends beyond EOD, truncated [ 588.956855][T12582] loop4: p33 could not be added: -ENOMEM [ 588.963614][T12582] loop4: p34 size 520093696 extends beyond EOD, truncated [ 588.970913][T12582] loop4: p34 could not be added: -ENOMEM [ 588.976637][T12582] loop4: p35 size 108986237 extends beyond EOD, truncated [ 588.983896][T12582] loop4: p35 could not be added: -ENOMEM [ 588.989615][T12582] loop4: p36 size 520093696 extends beyond EOD, truncated [ 588.996895][T12582] loop4: p36 could not be added: -ENOMEM [ 589.002658][T12582] loop4: p37 size 108986237 extends beyond EOD, truncated [ 589.009879][T12582] loop4: p37 could not be added: -ENOMEM [ 589.015657][T12582] loop4: p38 size 520093696 extends beyond EOD, truncated [ 589.023000][T12582] loop4: p38 could not be added: -ENOMEM [ 589.028718][T12582] loop4: p39 size 108986237 extends beyond EOD, truncated [ 589.036975][T12582] loop4: p39 could not be added: -ENOMEM [ 589.042766][T12582] loop4: p40 size 520093696 extends beyond EOD, truncated [ 589.049982][T12582] loop4: p40 could not be added: -ENOMEM [ 589.055743][T12582] loop4: p41 size 108986237 extends beyond EOD, truncated [ 589.062995][T12582] loop4: p41 could not be added: -ENOMEM [ 589.069361][T12582] loop4: p42 size 520093696 extends beyond EOD, truncated [ 589.076628][T12582] loop4: p42 could not be added: -ENOMEM [ 589.082391][T12582] loop4: p43 size 108986237 extends beyond EOD, truncated [ 589.089589][T12582] loop4: p43 could not be added: -ENOMEM [ 589.095358][T12582] loop4: p44 size 520093696 extends beyond EOD, truncated [ 589.102615][T12582] loop4: p44 could not be added: -ENOMEM [ 589.108342][T12582] loop4: p45 size 108986237 extends beyond EOD, truncated [ 589.115587][T12582] loop4: p45 could not be added: -ENOMEM [ 589.121380][T12582] loop4: p46 size 520093696 extends beyond EOD, truncated [ 589.128583][T12582] loop4: p46 could not be added: -ENOMEM [ 589.134329][T12582] loop4: p47 size 108986237 extends beyond EOD, truncated [ 589.141617][T12582] loop4: p47 could not be added: -ENOMEM [ 589.147336][T12582] loop4: p48 size 520093696 extends beyond EOD, truncated [ 589.154584][T12582] loop4: p48 could not be added: -ENOMEM [ 589.160302][T12582] loop4: p49 size 108986237 extends beyond EOD, truncated [ 589.168533][T12582] loop4: p49 could not be added: -ENOMEM [ 589.174323][T12582] loop4: p50 size 520093696 extends beyond EOD, truncated [ 589.181579][T12582] loop4: p50 could not be added: -ENOMEM [ 589.187299][T12582] loop4: p51 size 108986237 extends beyond EOD, truncated [ 589.194527][T12582] loop4: p51 could not be added: -ENOMEM [ 589.200246][T12582] loop4: p52 size 520093696 extends beyond EOD, truncated [ 589.207482][T12582] loop4: p52 could not be added: -ENOMEM [ 589.213254][T12582] loop4: p53 size 108986237 extends beyond EOD, truncated [ 589.220449][T12582] loop4: p53 could not be added: -ENOMEM [ 589.226205][T12582] loop4: p54 size 520093696 extends beyond EOD, truncated [ 589.233461][T12582] loop4: p54 could not be added: -ENOMEM [ 589.239177][T12582] loop4: p55 size 108986237 extends beyond EOD, truncated [ 589.246426][T12582] loop4: p55 could not be added: -ENOMEM [ 589.252208][T12582] loop4: p56 size 520093696 extends beyond EOD, truncated [ 589.259409][T12582] loop4: p56 could not be added: -ENOMEM [ 589.265188][T12582] loop4: p57 size 108986237 extends beyond EOD, truncated [ 589.273440][T12582] loop4: p57 could not be added: -ENOMEM [ 589.279172][T12582] loop4: p58 size 520093696 extends beyond EOD, truncated [ 589.286450][T12582] loop4: p58 could not be added: -ENOMEM [ 589.292200][T12582] loop4: p59 size 108986237 extends beyond EOD, truncated [ 589.299415][T12582] loop4: p59 could not be added: -ENOMEM [ 589.305195][T12582] loop4: p60 size 520093696 extends beyond EOD, truncated [ 589.312412][T12582] loop4: p60 could not be added: -ENOMEM [ 589.318127][T12582] loop4: p61 size 108986237 extends beyond EOD, truncated [ 589.325364][T12582] loop4: p61 could not be added: -ENOMEM [ 589.331150][T12582] loop4: p62 size 520093696 extends beyond EOD, truncated [ 589.338383][T12582] loop4: p62 could not be added: -ENOMEM [ 589.344168][T12582] loop4: p63 size 108986237 extends beyond EOD, truncated [ 589.351503][T12582] loop4: p63 could not be added: -ENOMEM [ 589.357223][T12582] loop4: p64 size 520093696 extends beyond EOD, truncated [ 589.364463][T12582] loop4: p64 could not be added: -ENOMEM [ 589.370180][T12582] loop4: p65 size 108986237 extends beyond EOD, truncated [ 589.378137][T12582] loop4: p65 could not be added: -ENOMEM [ 589.383916][T12582] loop4: p66 size 520093696 extends beyond EOD, truncated [ 589.391151][T12582] loop4: p66 could not be added: -ENOMEM [ 589.396872][T12582] loop4: p67 size 108986237 extends beyond EOD, truncated [ 589.404119][T12582] loop4: p67 could not be added: -ENOMEM [ 589.409837][T12582] loop4: p68 size 520093696 extends beyond EOD, truncated [ 589.417078][T12582] loop4: p68 could not be added: -ENOMEM [ 589.422850][T12582] loop4: p69 size 108986237 extends beyond EOD, truncated [ 589.430052][T12582] loop4: p69 could not be added: -ENOMEM [ 589.435820][T12582] loop4: p70 size 520093696 extends beyond EOD, truncated [ 589.443107][T12582] loop4: p70 could not be added: -ENOMEM [ 589.448826][T12582] loop4: p71 size 108986237 extends beyond EOD, truncated [ 589.456096][T12582] loop4: p71 could not be added: -ENOMEM [ 589.461889][T12582] loop4: p72 size 520093696 extends beyond EOD, truncated [ 589.469188][T12582] loop4: p72 could not be added: -ENOMEM [ 589.475785][T12582] loop4: p73 size 108986237 extends beyond EOD, truncated [ 589.483090][T12582] loop4: p73 could not be added: -ENOMEM [ 589.488820][T12582] loop4: p74 size 520093696 extends beyond EOD, truncated [ 589.496085][T12582] loop4: p74 could not be added: -ENOMEM [ 589.501849][T12582] loop4: p75 size 108986237 extends beyond EOD, truncated [ 589.509056][T12582] loop4: p75 could not be added: -ENOMEM [ 589.515012][T12582] loop4: p76 size 520093696 extends beyond EOD, truncated [ 589.522274][T12582] loop4: p76 could not be added: -ENOMEM [ 589.527994][T12582] loop4: p77 size 108986237 extends beyond EOD, truncated [ 589.535217][T12582] loop4: p77 could not be added: -ENOMEM [ 589.541008][T12582] loop4: p78 size 520093696 extends beyond EOD, truncated [ 589.548204][T12582] loop4: p78 could not be added: -ENOMEM [ 589.553963][T12582] loop4: p79 size 108986237 extends beyond EOD, truncated [ 589.584982][T12582] loop4: p80 size 520093696 extends beyond EOD, truncated [ 589.593734][T12582] loop4: p81 size 108986237 extends beyond EOD, truncated [ 589.603752][T12582] loop4: p82 size 520093696 extends beyond EOD, truncated [ 589.612033][T12582] loop4: p83 size 108986237 extends beyond EOD, truncated [ 589.623363][T12582] loop4: p84 size 520093696 extends beyond EOD, truncated [ 589.663798][T12582] loop4: p85 size 108986237 extends beyond EOD, truncated [ 589.673001][T12582] loop4: p86 size 520093696 extends beyond EOD, truncated [ 589.682009][T12582] loop4: p87 size 108986237 extends beyond EOD, truncated [ 589.690414][T12582] loop4: p88 size 520093696 extends beyond EOD, truncated [ 589.701441][T12582] loop4: p89 size 108986237 extends beyond EOD, truncated [ 589.713855][T12582] loop4: p90 size 520093696 extends beyond EOD, truncated [ 589.726505][T12582] loop4: p91 size 108986237 extends beyond EOD, truncated [ 589.735450][T12582] loop4: p92 size 520093696 extends beyond EOD, truncated [ 589.746996][T12582] loop4: p93 size 108986237 extends beyond EOD, truncated [ 589.759614][T12582] loop4: p94 size 520093696 extends beyond EOD, truncated [ 589.767966][T12582] loop4: p95 size 108986237 extends beyond EOD, truncated [ 589.776930][T12582] loop4: p96 size 520093696 extends beyond EOD, truncated [ 589.786340][T12582] loop4: p97 size 108986237 extends beyond EOD, truncated [ 589.794867][T12582] loop4: p98 size 520093696 extends beyond EOD, truncated [ 589.803180][T12582] loop4: p99 size 108986237 extends beyond EOD, truncated [ 589.812088][T12582] loop4: p100 size 520093696 extends beyond EOD, truncated [ 589.820416][T12582] loop4: p101 size 108986237 extends beyond EOD, truncated [ 589.828982][T12582] loop4: p102 size 520093696 extends beyond EOD, truncated [ 589.849598][T10110] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 589.862317][T12582] loop4: p103 size 108986237 extends beyond EOD, truncated [ 589.891508][T12582] loop4: p104 size 520093696 extends beyond EOD, truncated [ 589.900444][T12582] loop4: p105 size 108986237 extends beyond EOD, truncated [ 589.909367][T12582] loop4: p106 size 520093696 extends beyond EOD, truncated [ 589.918190][T12582] loop4: p107 size 108986237 extends beyond EOD, truncated [ 589.927046][T12582] loop4: p108 size 520093696 extends beyond EOD, truncated [ 589.935904][T12582] loop4: p109 size 108986237 extends beyond EOD, truncated [ 589.960339][T12582] loop4: p110 size 520093696 extends beyond EOD, truncated [ 589.969718][T12582] loop4: p111 size 108986237 extends beyond EOD, truncated [ 589.979505][T12582] loop4: p112 size 520093696 extends beyond EOD, truncated [ 589.989562][T12582] loop4: p113 size 108986237 extends beyond EOD, truncated [ 589.998350][T12582] loop4: p114 size 520093696 extends beyond EOD, truncated [ 590.007262][T12582] loop4: p115 size 108986237 extends beyond EOD, truncated [ 590.017927][T12582] loop4: p116 size 520093696 extends beyond EOD, truncated [ 590.035106][T12582] loop4: p117 size 108986237 extends beyond EOD, truncated [ 590.044097][T12582] loop4: p118 size 520093696 extends beyond EOD, truncated [ 590.071770][T12582] loop4: p119 size 108986237 extends beyond EOD, truncated [ 590.080457][T12582] loop4: p120 size 520093696 extends beyond EOD, truncated [ 590.100221][T12582] loop4: p121 size 108986237 extends beyond EOD, truncated [ 590.110989][T12582] loop4: p122 size 520093696 extends beyond EOD, truncated [ 590.130943][T12582] loop4: p123 size 108986237 extends beyond EOD, truncated [ 590.167945][T12582] loop4: p124 size 520093696 extends beyond EOD, truncated [ 590.177632][T12582] loop4: p125 size 108986237 extends beyond EOD, truncated [ 590.188014][T12582] loop4: p126 size 520093696 extends beyond EOD, truncated [ 590.197451][T12582] loop4: p127 size 108986237 extends beyond EOD, truncated [ 590.206540][T12582] loop4: p128 size 520093696 extends beyond EOD, truncated [ 590.214997][T12582] loop4: p129 size 108986237 extends beyond EOD, truncated [ 590.223367][T12582] loop4: p130 size 520093696 extends beyond EOD, truncated [ 590.232195][T12582] loop4: p131 size 108986237 extends beyond EOD, truncated [ 590.240647][T12582] loop4: p132 size 520093696 extends beyond EOD, truncated [ 590.248977][T12582] loop4: p133 size 108986237 extends beyond EOD, truncated [ 590.257972][T12582] loop4: p134 size 520093696 extends beyond EOD, truncated [ 590.266448][T12582] loop4: p135 size 108986237 extends beyond EOD, truncated [ 590.275269][T12582] loop4: p136 size 520093696 extends beyond EOD, truncated [ 590.283832][T12582] loop4: p137 size 108986237 extends beyond EOD, truncated [ 590.296813][T12582] loop4: p138 size 520093696 extends beyond EOD, truncated [ 590.307438][T12582] loop4: p139 size 108986237 extends beyond EOD, truncated [ 590.321200][T12582] loop4: p140 size 520093696 extends beyond EOD, truncated [ 590.330009][T12589] loop3: detected capacity change from 0 to 16 [ 590.330146][T12582] loop4: p141 size 108986237 extends beyond EOD, truncated [ 590.346848][T12582] loop4: p142 size 520093696 extends beyond EOD, truncated [ 590.357501][T12582] loop4: p143 size 108986237 extends beyond EOD, truncated [ 590.367711][T12582] loop4: p144 size 520093696 extends beyond EOD, truncated [ 590.376466][T12582] loop4: p145 size 108986237 extends beyond EOD, truncated [ 590.384949][T12582] loop4: p146 size 520093696 extends beyond EOD, truncated [ 590.393441][T12582] loop4: p147 size 108986237 extends beyond EOD, truncated [ 590.402807][T12582] loop4: p148 size 520093696 extends beyond EOD, truncated [ 590.414553][T12582] loop4: p149 size 108986237 extends beyond EOD, truncated [ 590.421965][T12589] erofs: (device loop3): z_erofs_parse_cfgs: algorithm 2 isn't enabled on this kernel [ 590.433596][T12582] loop4: p150 size 520093696 extends beyond EOD, truncated [ 590.444190][T12582] loop4: p151 size 108986237 extends beyond EOD, truncated [ 590.455919][T12582] loop4: p152 size 520093696 extends beyond EOD, truncated [ 590.464308][T12582] loop4: p153 size 108986237 extends beyond EOD, truncated [ 590.474444][T12582] loop4: p154 size 520093696 extends beyond EOD, truncated [ 590.483283][T12582] loop4: p155 size 108986237 extends beyond EOD, truncated [ 590.504029][T12582] loop4: p156 size 520093696 extends beyond EOD, truncated [ 590.515047][T12582] loop4: p157 size 108986237 extends beyond EOD, truncated [ 590.524449][T12582] loop4: p158 size 520093696 extends beyond EOD, truncated [ 590.533507][T12582] loop4: p159 size 108986237 extends beyond EOD, truncated [ 590.543791][T12582] loop4: p160 size 520093696 extends beyond EOD, truncated [ 590.554292][T12582] loop4: p161 size 108986237 extends beyond EOD, truncated [ 590.566891][T12582] loop4: p162 size 520093696 extends beyond EOD, truncated [ 590.577649][T12582] loop4: p163 size 108986237 extends beyond EOD, truncated [ 590.586644][T12582] loop4: p164 size 520093696 extends beyond EOD, truncated [ 590.595490][T12582] loop4: p165 size 108986237 extends beyond EOD, truncated [ 590.605325][T12582] loop4: p166 size 520093696 extends beyond EOD, truncated [ 590.617267][T12582] loop4: p167 size 108986237 extends beyond EOD, truncated [ 590.626258][T12582] loop4: p168 size 520093696 extends beyond EOD, truncated [ 590.635537][T12582] loop4: p169 size 108986237 extends beyond EOD, truncated [ 590.649017][T12582] loop4: p170 size 520093696 extends beyond EOD, truncated [ 590.658241][T12582] loop4: p171 size 108986237 extends beyond EOD, truncated [ 590.667284][T12582] loop4: p172 size 520093696 extends beyond EOD, truncated [ 590.682269][T12582] loop4: p173 size 108986237 extends beyond EOD, truncated [ 590.691182][T12582] loop4: p174 size 520093696 extends beyond EOD, truncated [ 590.700107][T12582] loop4: p175 size 108986237 extends beyond EOD, truncated [ 590.710259][T12582] loop4: p176 size 520093696 extends beyond EOD, truncated [ 590.718850][T12582] loop4: p177 size 108986237 extends beyond EOD, truncated [ 590.737641][T12582] loop4: p178 size 520093696 extends beyond EOD, truncated [ 590.746902][T12582] loop4: p179 size 108986237 extends beyond EOD, truncated [ 590.755357][T12582] loop4: p180 size 520093696 extends beyond EOD, truncated [ 590.764148][T12582] loop4: p181 size 108986237 extends beyond EOD, truncated [ 590.773207][T12582] loop4: p182 size 520093696 extends beyond EOD, truncated [ 590.781712][T12582] loop4: p183 size 108986237 extends beyond EOD, truncated [ 590.790144][T12582] loop4: p184 size 520093696 extends beyond EOD, truncated [ 590.799301][T12582] loop4: p185 size 108986237 extends beyond EOD, truncated [ 590.818867][T12582] loop4: p186 size 520093696 extends beyond EOD, truncated [ 590.828878][T12582] loop4: p187 size 108986237 extends beyond EOD, truncated [ 590.837825][T12582] loop4: p188 size 520093696 extends beyond EOD, truncated [ 590.847805][T12582] loop4: p189 size 108986237 extends beyond EOD, truncated [ 590.861296][T12582] loop4: p190 size 520093696 extends beyond EOD, truncated [ 590.906691][T12582] loop4: p191 size 108986237 extends beyond EOD, truncated [ 590.917080][T12582] loop4: p192 size 520093696 extends beyond EOD, truncated [ 590.926044][T12582] loop4: p193 size 108986237 extends beyond EOD, truncated [ 590.942650][T12582] loop4: p194 size 520093696 extends beyond EOD, truncated [ 590.953348][T12582] loop4: p195 size 108986237 extends beyond EOD, truncated [ 590.962482][T12582] loop4: p196 size 520093696 extends beyond EOD, truncated [ 590.973887][T12582] loop4: p197 size 108986237 extends beyond EOD, truncated [ 590.987716][T12582] loop4: p198 size 520093696 extends beyond EOD, truncated [ 590.996635][T12582] loop4: p199 size 108986237 extends beyond EOD, truncated [ 591.006571][T12582] loop4: p200 size 520093696 extends beyond EOD, truncated [ 591.017273][T12582] loop4: p201 size 108986237 extends beyond EOD, truncated [ 591.026975][T12582] loop4: p202 size 520093696 extends beyond EOD, truncated [ 591.038933][T12582] loop4: p203 size 108986237 extends beyond EOD, truncated [ 591.050126][T12582] loop4: p204 size 520093696 extends beyond EOD, truncated [ 591.058666][T12582] loop4: p205 size 108986237 extends beyond EOD, truncated [ 591.067327][T12582] loop4: p206 size 520093696 extends beyond EOD, truncated [ 591.076066][T12582] loop4: p207 size 108986237 extends beyond EOD, truncated [ 591.084529][T12582] loop4: p208 size 520093696 extends beyond EOD, truncated [ 591.103022][T12582] loop4: p209 size 108986237 extends beyond EOD, truncated [ 591.120184][T12582] loop4: p210 size 520093696 extends beyond EOD, truncated [ 591.134376][T12604] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2299'. [ 591.144053][T12582] loop4: p211 size 108986237 extends beyond EOD, truncated [ 591.161131][T12582] loop4: p212 size 520093696 extends beyond EOD, truncated [ 591.169876][T12582] loop4: p213 size 108986237 extends beyond EOD, truncated [ 591.178784][T12582] loop4: p214 size 520093696 extends beyond EOD, truncated [ 591.187649][T12582] loop4: p215 size 108986237 extends beyond EOD, truncated [ 591.196273][T12582] loop4: p216 size 520093696 extends beyond EOD, truncated [ 591.206946][T12582] loop4: p217 size 108986237 extends beyond EOD, truncated [ 591.218783][T12582] loop4: p218 size 520093696 extends beyond EOD, truncated [ 591.237293][T12582] loop4: p219 size 108986237 extends beyond EOD, truncated [ 591.248205][T12582] loop4: p220 size 520093696 extends beyond EOD, truncated [ 591.265867][T12582] loop4: p221 size 108986237 extends beyond EOD, truncated [ 591.275137][T12582] loop4: p222 size 520093696 extends beyond EOD, truncated [ 591.283537][T12582] loop4: p223 size 108986237 extends beyond EOD, truncated [ 591.292242][T12582] loop4: p224 size 520093696 extends beyond EOD, truncated [ 591.301545][T12582] loop4: p225 size 108986237 extends beyond EOD, truncated [ 591.309890][T12582] loop4: p226 size 520093696 extends beyond EOD, truncated [ 591.321875][T12582] loop4: p227 size 108986237 extends beyond EOD, truncated [ 591.340716][T12582] loop4: p228 size 520093696 extends beyond EOD, truncated [ 591.402792][T12582] loop4: p229 size 108986237 extends beyond EOD, truncated [ 591.424723][T12582] loop4: p230 size 520093696 extends beyond EOD, truncated [ 591.436650][T12582] loop4: p231 size 108986237 extends beyond EOD, truncated [ 591.456017][T12582] loop4: p232 size 520093696 extends beyond EOD, truncated [ 591.465292][T12582] loop4: p233 size 108986237 extends beyond EOD, truncated [ 591.481993][T12582] loop4: p234 size 520093696 extends beyond EOD, truncated [ 591.491880][T12582] loop4: p235 size 108986237 extends beyond EOD, truncated [ 591.500885][T12582] loop4: p236 size 520093696 extends beyond EOD, truncated [ 591.509422][T12582] loop4: p237 size 108986237 extends beyond EOD, truncated [ 591.553634][T12582] loop4: p238 size 520093696 extends beyond EOD, truncated [ 591.562899][T12582] loop4: p239 size 108986237 extends beyond EOD, truncated [ 591.571389][T12582] loop4: p240 size 520093696 extends beyond EOD, truncated [ 591.579738][T12582] loop4: p241 size 108986237 extends beyond EOD, truncated [ 591.588296][T12582] loop4: p242 size 520093696 extends beyond EOD, truncated [ 591.598547][T12582] loop4: p243 size 108986237 extends beyond EOD, truncated [ 591.607047][T12582] loop4: p244 size 520093696 extends beyond EOD, truncated [ 591.615394][T12582] loop4: p245 size 108986237 extends beyond EOD, truncated [ 591.638607][T12582] loop4: p246 size 520093696 extends beyond EOD, truncated [ 591.647844][T12582] loop4: p247 size 108986237 extends beyond EOD, truncated [ 591.657171][T12582] loop4: p248 size 520093696 extends beyond EOD, truncated [ 591.671161][T12582] loop4: p249 size 108986237 extends beyond EOD, truncated [ 591.689663][T12582] loop4: p250 size 520093696 extends beyond EOD, truncated [ 591.699053][T12582] loop4: p251 size 108986237 extends beyond EOD, truncated [ 591.707575][T12582] loop4: p252 size 520093696 extends beyond EOD, truncated [ 591.715998][T12582] loop4: p253 size 108986237 extends beyond EOD, truncated [ 591.724561][T12582] loop4: p254 size 520093696 extends beyond EOD, truncated [ 591.741573][T12582] loop4: p255 size 108986237 extends beyond EOD, truncated [ 591.940722][ T29] kauditd_printk_skb: 51 callbacks suppressed [ 591.940744][ T29] audit: type=1326 audit(1720489946.905:433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12608 comm="syz.0.2302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65ef175bd9 code=0x7ffc0000 [ 592.000662][ T29] audit: type=1326 audit(1720489946.915:434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12608 comm="syz.0.2302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65ef175bd9 code=0x7ffc0000 [ 592.083242][ T29] audit: type=1326 audit(1720489946.915:435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12608 comm="syz.0.2302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f65ef175bd9 code=0x7ffc0000 [ 592.153218][ T29] audit: type=1326 audit(1720489946.915:436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12608 comm="syz.0.2302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65ef175bd9 code=0x7ffc0000 [ 592.229820][ T29] audit: type=1326 audit(1720489946.915:437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12608 comm="syz.0.2302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65ef175bd9 code=0x7ffc0000 [ 592.287529][T12615] loop0: detected capacity change from 0 to 128 [ 592.306645][ T29] audit: type=1326 audit(1720489946.925:438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12608 comm="syz.0.2302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f65ef175bd9 code=0x7ffc0000 [ 592.378152][ T29] audit: type=1326 audit(1720489946.925:439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12608 comm="syz.0.2302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65ef175bd9 code=0x7ffc0000 [ 592.453708][ T29] audit: type=1326 audit(1720489946.925:440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12608 comm="syz.0.2302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65ef175bd9 code=0x7ffc0000 [ 592.527292][ T29] audit: type=1326 audit(1720489946.975:441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12608 comm="syz.0.2302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f65ef175bd9 code=0x7ffc0000 [ 592.545638][T12592] loop1: detected capacity change from 0 to 32768 [ 592.581648][T12592] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.2297 (12592) [ 592.596484][ T29] audit: type=1326 audit(1720489946.975:442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12608 comm="syz.0.2302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65ef175bd9 code=0x7ffc0000 [ 592.651082][T12592] BTRFS info (device loop1): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 592.689938][T12592] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm [ 592.705412][T12592] BTRFS info (device loop1): disk space caching is enabled [ 592.879713][T12592] BTRFS info (device loop1): rebuilding free space tree [ 592.931016][T12592] BTRFS info (device loop1): disabling free space tree [ 592.938148][T12592] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 593.022623][T12592] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 593.096764][T11149] Bluetooth: hci5: unexpected event 0x30 length: 56 > 3 [ 593.239880][ T9573] BTRFS info (device loop1): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 593.300891][ T5150] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 593.480741][T12649] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2310'. [ 593.561037][ T5150] usb 5-1: Using ep0 maxpacket: 8 [ 593.584646][ T5150] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 593.625110][ T5150] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 593.654121][ T5150] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 593.689700][ T5150] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 593.719811][ T5150] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 593.751198][ T5150] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 593.987309][T12670] syz_tun: tun_net_xmit 54 [ 594.027768][T12667] loop3: detected capacity change from 0 to 64 [ 594.034307][ T5150] usb 5-1: usb_control_msg returned -32 [ 594.059771][ T5150] usbtmc 5-1:16.0: can't read capabilities [ 594.392649][T11149] Bluetooth: hci6: unexpected event 0x30 length: 56 > 3 [ 594.510802][T12684] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2324'. [ 595.016769][T12674] loop1: detected capacity change from 0 to 32768 [ 595.037644][T12674] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.2320 (12674) [ 595.046255][T12672] loop0: detected capacity change from 0 to 32768 [ 595.067117][T12672] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.2318 (12672) [ 595.081691][T12674] BTRFS info (device loop1): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 595.092262][T12674] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm [ 595.101802][T12674] BTRFS info (device loop1): disk space caching is enabled [ 595.110852][T11149] Bluetooth: hci5: command 0x0406 tx timeout [ 595.118261][T12672] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 595.131583][T12672] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 595.140710][T12672] BTRFS info (device loop0): using free-space-tree [ 595.226608][T12674] BTRFS info (device loop1): rebuilding free space tree [ 595.250455][T12674] BTRFS info (device loop1): disabling free space tree [ 595.280962][T12674] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 595.319165][T12674] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 595.518177][ T9573] BTRFS info (device loop1): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 595.542964][ T9681] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 596.062424][ T5147] usb 5-1: USB disconnect, device number 11 [ 596.322562][T12726] loop0: detected capacity change from 0 to 512 [ 596.330780][T12726] EXT4-fs (loop0): VFS: Found ext4 filesystem with unknown checksum algorithm. [ 596.388333][T12723] loop2: detected capacity change from 0 to 2048 [ 596.395409][T11149] Bluetooth: hci6: command 0x0406 tx timeout [ 596.429278][T12723] UDF-fs: error (device loop2): udf_process_sequence: Primary Volume Descriptor not found! [ 596.441763][T12726] loop0: detected capacity change from 0 to 2048 [ 596.449160][T12726] udf: Bad value for 'session' [ 596.494110][T12723] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 596.698626][T12740] loop0: detected capacity change from 0 to 64 [ 596.722223][T12738] loop1: detected capacity change from 0 to 2048 [ 596.781702][T12738] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 596.808944][T12738] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 596.813717][T12742] loop2: detected capacity change from 0 to 2048 [ 596.839394][T12742] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 596.870234][T12744] loop3: detected capacity change from 0 to 512 [ 596.894411][T12744] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 596.914034][T12744] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ee019, mo2=0002] [ 596.940296][T12744] System zones: 1-12 [ 596.974170][T12744] EXT4-fs (loop3): 1 truncate cleaned up [ 596.985886][T12744] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 597.182599][T12744] loop3: detected capacity change from 512 to 64 [ 597.244115][T12755] syz.3.2337: attempt to access beyond end of device [ 597.244115][T12755] loop3: rw=2049, sector=72, nr_sectors = 2 limit=64 [ 597.264839][T12755] EXT4-fs warning (device loop3): ext4_end_bio:346: I/O error 10 writing to inode 18 starting block 36) [ 597.303718][T12755] Buffer I/O error on device loop3, logical block 36 [ 597.368830][T10110] EXT4-fs warning (device loop3): ext4_empty_dir:3071: inode #11: lblock 5: comm syz-executor: error -12 reading directory block [ 597.388557][T10110] EXT4-fs warning (device loop3): ext4_empty_dir:3071: inode #11: lblock 5: comm syz-executor: error -12 reading directory block [ 597.406892][T10110] EXT4-fs warning (device loop3): ext4_empty_dir:3071: inode #11: lblock 5: comm syz-executor: error -12 reading directory block [ 597.428278][T10110] EXT4-fs warning (device loop3): ext4_empty_dir:3071: inode #11: lblock 5: comm syz-executor: error -12 reading directory block [ 597.455724][T10110] EXT4-fs warning (device loop3): ext4_empty_dir:3071: inode #11: lblock 5: comm syz-executor: error -12 reading directory block [ 597.482158][T11149] Bluetooth: hci5: unexpected event 0x30 length: 56 > 3 [ 597.511754][T10110] EXT4-fs warning (device loop3): ext4_empty_dir:3071: inode #11: lblock 5: comm syz-executor: error -12 reading directory block [ 597.584138][T10110] EXT4-fs warning (device loop3): ext4_empty_dir:3071: inode #11: lblock 5: comm syz-executor: error -12 reading directory block [ 597.606506][T10110] EXT4-fs warning (device loop3): ext4_empty_dir:3071: inode #11: lblock 5: comm syz-executor: error -12 reading directory block [ 597.623154][T10110] EXT4-fs warning (device loop3): ext4_empty_dir:3071: inode #11: lblock 5: comm syz-executor: error -12 reading directory block [ 597.923108][T12043] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 598.181695][T12773] syz_tun: tun_net_xmit 54 [ 598.350684][ T47] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 599.033102][ T47] usb 3-1: Using ep0 maxpacket: 8 [ 599.047687][ T47] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 599.087255][ T47] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 599.163294][ T47] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 599.180742][ T47] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 599.223841][ T47] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 599.250327][T12779] loop4: detected capacity change from 0 to 4096 [ 599.267966][ T47] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 599.278896][T12779] ntfs3: Unknown parameter '18446744073709551615ÿ0x0000000000000003' [ 599.295525][ T6761] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 599.418889][T12786] loop1: detected capacity change from 0 to 512 [ 599.511165][T11149] Bluetooth: hci5: command 0x0406 tx timeout [ 599.521271][T12788] IPVS: set_ctl: invalid protocol: 47 255.255.255.255:20004 [ 599.530339][ T6761] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 599.565062][T12786] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 599.579619][ T47] usb 3-1: usb_control_msg returned -32 [ 599.586952][ T47] usbtmc 3-1:16.0: can't read capabilities [ 599.662928][T12786] ext4 filesystem being mounted at /206/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 599.847059][ T6761] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 600.056508][ T9573] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 600.178903][ T6761] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 600.287399][ T9590] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 600.299277][ T9590] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 600.318199][ T9590] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 600.340197][ T9590] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 600.349991][ T9590] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 600.360082][ T9590] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 600.558925][ T6761] bridge_slave_1: left allmulticast mode [ 600.571656][ T6761] bridge_slave_1: left promiscuous mode [ 600.599026][ T6761] bridge0: port 2(bridge_slave_1) entered disabled state [ 600.639320][ T6761] bridge_slave_0: left allmulticast mode [ 600.656396][T12802] loop0: detected capacity change from 0 to 4096 [ 600.657739][ T6761] bridge_slave_0: left promiscuous mode [ 600.678470][ T6761] bridge0: port 1(bridge_slave_0) entered disabled state [ 600.721221][T12802] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512). [ 601.004202][T12809] loop1: detected capacity change from 0 to 512 [ 601.069567][T12809] EXT4-fs (loop1): VFS: Found ext4 filesystem with unknown checksum algorithm. [ 601.084336][ T9611] usb 3-1: USB disconnect, device number 18 [ 601.242998][T12811] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2361'. [ 601.384508][T12809] loop1: detected capacity change from 0 to 2048 [ 601.408048][T12809] udf: Bad value for 'session' [ 601.729496][ T5147] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 601.741786][ T5147] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 601.777142][ T5147] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 601.793067][ T5147] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 601.816017][ T5147] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 601.839536][ T5147] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 601.849921][ T5147] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 601.876056][ T5147] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 601.883713][ T5147] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 601.900765][ T5147] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 601.908397][ T5147] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 601.925431][ T5147] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 601.937464][ T5147] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 601.945163][ T5147] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 601.977539][ T5147] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 601.991780][ T5147] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 602.010723][ T5147] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 602.024433][ T5147] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 602.037295][ T5147] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 602.045509][ T5147] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 602.056694][ T5147] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 602.065188][ T5449] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 602.078328][ T5147] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 602.087160][ T5147] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 602.103524][ T5147] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 602.130403][ T5147] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 602.146260][ T5147] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 602.153965][ T5147] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 602.174553][ T5147] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 602.184277][T12833] input: syz0 as /devices/virtual/input/input21 [ 602.211061][ T5147] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 602.223005][ T5147] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 602.240139][ T5147] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 602.251100][ T5147] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 602.268409][ T5449] usb 5-1: config index 0 descriptor too short (expected 25970, got 36) [ 602.281007][ T5449] usb 5-1: config 116 has too many interfaces: 99, using maximum allowed: 32 [ 602.290022][ T5449] usb 5-1: config 116 has an invalid descriptor of length 0, skipping remainder of the config [ 602.292915][T12833] loop2: detected capacity change from 0 to 1024 [ 602.307231][ T5147] hid-generic 0000:0000:0000.000C: hidraw0: HID v0.00 Device [syz1] on syz0 [ 602.312246][T12833] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 602.327076][T12833] EXT4-fs (loop2): required journal recovery suppressed and not mounted read-only [ 602.327168][ T5449] usb 5-1: config 116 has 0 interfaces, different from the descriptor's value: 99 [ 602.346514][ T5449] usb 5-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 602.358717][ T6761] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 602.367785][ T5449] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 602.386262][ T6761] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 602.398632][ T6761] bond0 (unregistering): Released all slaves [ 602.461177][ T5183] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 602.482579][T11149] Bluetooth: hci0: command tx timeout [ 602.817041][ T5150] usb 5-1: USB disconnect, device number 12 [ 602.890787][ T5183] usb 2-1: Using ep0 maxpacket: 8 [ 602.909388][ T5183] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 602.919410][ T5183] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 602.929826][ T5183] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 602.940147][ T5183] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 602.953645][ T5183] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 602.962838][ T5183] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 603.339101][ T6763] Bluetooth: Error in BCSP hdr checksum [ 603.565593][ T5183] usb 2-1: usb_control_msg returned -32 [ 603.578966][ T5183] usbtmc 2-1:16.0: can't read capabilities [ 603.628776][T12845] loop2: detected capacity change from 0 to 512 [ 603.637505][T12845] EXT4-fs (loop2): VFS: Found ext4 filesystem with unknown checksum algorithm. [ 603.694135][T12845] loop2: detected capacity change from 0 to 2048 [ 603.701640][T12845] udf: Bad value for 'session' [ 603.808762][ T6761] hsr_slave_0: left promiscuous mode [ 603.827269][ T6761] hsr_slave_1: left promiscuous mode [ 603.843236][ T6761] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 603.850817][ T6761] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 603.859105][ T6761] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 603.867117][ T6761] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 603.908392][ T6761] veth1_macvtap: left promiscuous mode [ 603.916131][ T6761] veth0_macvtap: left promiscuous mode [ 603.924673][ T6761] veth1_vlan: left promiscuous mode [ 603.925513][T12850] loop2: detected capacity change from 0 to 512 [ 603.930230][ T6761] veth0_vlan: left promiscuous mode [ 603.959474][T12850] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 603.992771][T12850] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ee019, mo2=0002] [ 604.006812][T12850] System zones: 1-12 [ 604.019588][T12850] EXT4-fs (loop2): 1 truncate cleaned up [ 604.040292][T12850] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 604.201038][T12850] loop2: detected capacity change from 512 to 64 [ 604.215225][T12856] syz.2.2376: attempt to access beyond end of device [ 604.215225][T12856] loop2: rw=2049, sector=72, nr_sectors = 2 limit=64 [ 604.236697][T12856] EXT4-fs warning (device loop2): ext4_end_bio:346: I/O error 10 writing to inode 18 starting block 36) [ 604.248849][T12855] loop4: detected capacity change from 0 to 4096 [ 604.257681][T12856] Buffer I/O error on device loop2, logical block 36 [ 604.262496][T12855] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512). [ 604.338130][ T9360] EXT4-fs warning (device loop2): ext4_empty_dir:3071: inode #11: lblock 5: comm syz-executor: error -12 reading directory block [ 604.355707][ T9360] EXT4-fs warning (device loop2): ext4_empty_dir:3071: inode #11: lblock 5: comm syz-executor: error -12 reading directory block [ 604.381971][ T9360] EXT4-fs warning (device loop2): ext4_empty_dir:3071: inode #11: lblock 5: comm syz-executor: error -12 reading directory block [ 604.398925][ T9360] EXT4-fs warning (device loop2): ext4_empty_dir:3071: inode #11: lblock 5: comm syz-executor: error -12 reading directory block [ 604.423883][ T9360] EXT4-fs warning (device loop2): ext4_empty_dir:3071: inode #11: lblock 5: comm syz-executor: error -12 reading directory block [ 604.463947][ T9360] EXT4-fs warning (device loop2): ext4_empty_dir:3071: inode #11: lblock 5: comm syz-executor: error -12 reading directory block [ 604.497575][ T9360] EXT4-fs warning (device loop2): ext4_empty_dir:3071: inode #11: lblock 5: comm syz-executor: error -12 reading directory block [ 604.534584][ T9360] EXT4-fs warning (device loop2): ext4_empty_dir:3071: inode #11: lblock 5: comm syz-executor: error -12 reading directory block [ 604.551790][ T9590] Bluetooth: hci0: command tx timeout [ 604.591269][ T9360] EXT4-fs warning (device loop2): ext4_empty_dir:3071: inode #11: lblock 5: comm syz-executor: error -12 reading directory block [ 605.114386][T11149] Bluetooth: hci3: Opcode 0x1003 failed: -110 [ 605.121372][ T9590] Bluetooth: hci3: command 0x1003 tx timeout [ 605.281085][ T5151] usb 2-1: USB disconnect, device number 11 [ 605.407481][ T6761] team0 (unregistering): Port device team_slave_1 removed [ 606.328160][ T6761] team0 (unregistering): Port device team_slave_0 removed [ 606.631173][T11149] Bluetooth: hci0: command tx timeout [ 607.448339][T12799] chnl_net:caif_netlink_parms(): no params data found [ 607.775173][ T9360] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 608.038217][T12886] loop0: detected capacity change from 0 to 40427 [ 608.053667][T12886] F2FS-fs (loop0): invalid crc value [ 608.077644][T12886] F2FS-fs (loop0): Found nat_bits in checkpoint [ 608.129877][T12799] bridge0: port 1(bridge_slave_0) entered blocking state [ 608.160705][T12886] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4 [ 608.164168][T12799] bridge0: port 1(bridge_slave_0) entered disabled state [ 608.211884][T12799] bridge_slave_0: entered allmulticast mode [ 608.238373][T12799] bridge_slave_0: entered promiscuous mode [ 609.545904][T12799] bridge0: port 2(bridge_slave_1) entered blocking state [ 609.572795][T11149] Bluetooth: hci0: command tx timeout [ 610.308788][ T9681] syz-executor: attempt to access beyond end of device [ 610.308788][ T9681] loop0: rw=524288, sector=45064, nr_sectors = 8 limit=40427 [ 610.320875][T12799] bridge0: port 2(bridge_slave_1) entered disabled state [ 610.330349][T12799] bridge_slave_1: entered allmulticast mode [ 610.338355][T12799] bridge_slave_1: entered promiscuous mode [ 610.371168][ T9681] syz-executor: attempt to access beyond end of device [ 610.371168][ T9681] loop0: rw=0, sector=45064, nr_sectors = 8 limit=40427 [ 610.521472][T12799] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 610.565287][T12799] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 610.586153][ T6761] IPVS: stop unused estimator thread 0... [ 610.740185][T12799] team0: Port device team_slave_0 added [ 610.757171][ T6771] kworker/u8:17: attempt to access beyond end of device [ 610.757171][ T6771] loop0: rw=2049, sector=40960, nr_sectors = 128 limit=40427 [ 610.779620][T12799] team0: Port device team_slave_1 added [ 610.837153][ T6771] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 610.850113][ T6771] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 610.867755][ T6771] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 610.878214][ T6771] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 610.889525][ T6771] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 610.923735][ T6771] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 610.931562][ T6771] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 610.938805][ T6771] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 610.946379][ T6771] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 610.953785][ T6771] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 610.960862][ T6771] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 610.970117][ T6771] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 610.980755][ T6771] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 610.988861][ T6771] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 610.999865][ T6771] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 611.006976][ T6771] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 611.026542][ T5099] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 611.032892][ T2884] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 611.039493][ T5099] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 611.056326][ T5099] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 611.078373][ T5099] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 611.088448][T12799] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 611.096198][T12799] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 611.123629][T12799] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 611.134855][ T5099] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 611.147579][ T5099] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 611.380309][T12799] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 611.402434][T12799] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 611.456554][T12799] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 611.604331][ T2884] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 611.823574][ T2884] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 611.874374][T12799] hsr_slave_0: entered promiscuous mode [ 611.897085][T12799] hsr_slave_1: entered promiscuous mode [ 611.921134][T12799] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 611.928784][T12799] Cannot create hsr debugfs directory [ 612.023796][ T2884] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 612.310767][T11149] Bluetooth: hci3: Opcode 0x1003 failed: -110 [ 612.311829][ T5099] Bluetooth: hci3: command 0x1003 tx timeout [ 612.575379][ T5099] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 612.587386][ T5099] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 612.631432][ T2884] bridge_slave_1: left allmulticast mode [ 612.637149][ T2884] bridge_slave_1: left promiscuous mode [ 612.651371][ T5099] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 612.671004][ T2884] bridge0: port 2(bridge_slave_1) entered disabled state [ 612.707846][ T2884] bridge_slave_0: left allmulticast mode [ 612.725326][ T2884] bridge_slave_0: left promiscuous mode [ 612.746286][ T5099] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 612.754668][ T5099] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 612.763324][ T5099] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 612.787861][ T2884] bridge0: port 1(bridge_slave_0) entered disabled state [ 613.273196][ T5099] Bluetooth: hci6: command tx timeout [ 613.928204][ T2884] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 613.939648][ T2884] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 613.952928][ T2884] bond0 (unregistering): Released all slaves [ 614.322410][T12914] chnl_net:caif_netlink_parms(): no params data found [ 614.631789][ T6778] kworker/u8:20 (6778) used greatest stack depth: 18144 bytes left [ 614.756686][T12950] loop1: detected capacity change from 0 to 1764 [ 615.086373][ T5099] Bluetooth: hci3: command tx timeout [ 615.361126][ T5099] Bluetooth: hci6: command tx timeout [ 615.421594][T12914] bridge0: port 1(bridge_slave_0) entered blocking state [ 615.439150][T12914] bridge0: port 1(bridge_slave_0) entered disabled state [ 615.467734][T12914] bridge_slave_0: entered allmulticast mode [ 615.486733][T12914] bridge_slave_0: entered promiscuous mode [ 615.509704][T12914] bridge0: port 2(bridge_slave_1) entered blocking state [ 615.528094][T12914] bridge0: port 2(bridge_slave_1) entered disabled state [ 615.545830][T12914] bridge_slave_1: entered allmulticast mode [ 615.554345][T12914] bridge_slave_1: entered promiscuous mode [ 615.626374][ T2884] hsr_slave_0: left promiscuous mode [ 615.635721][ T2884] hsr_slave_1: left promiscuous mode [ 615.652746][ T2884] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 615.660229][ T2884] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 615.675543][ T2884] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 615.690767][ T2884] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 615.745662][ T2884] veth1_macvtap: left promiscuous mode [ 615.760893][ T2884] veth0_macvtap: left promiscuous mode [ 615.766737][ T2884] veth1_vlan: left promiscuous mode [ 615.780055][ T2884] veth0_vlan: left promiscuous mode [ 616.768691][ T2884] team0 (unregistering): Port device team_slave_1 removed [ 616.849163][ T2884] team0 (unregistering): Port device team_slave_0 removed [ 617.120710][ T5099] Bluetooth: hci3: command tx timeout [ 617.446549][ T5099] Bluetooth: hci6: command tx timeout [ 617.637479][T12954] netlink: 'syz.1.2409': attribute type 1 has an invalid length. [ 617.813969][T12914] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 617.860317][T12914] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 618.215126][T12914] team0: Port device team_slave_0 added [ 618.427884][T12914] team0: Port device team_slave_1 added [ 619.680813][T11149] Bluetooth: hci6: command tx timeout [ 619.688426][ T5099] Bluetooth: hci3: command tx timeout [ 619.816077][T12929] chnl_net:caif_netlink_parms(): no params data found [ 619.879130][T12914] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 619.886642][T12914] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 619.914793][T12914] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 619.966627][T12914] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 619.974340][T12914] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 620.010036][T12914] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 620.028347][T12799] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 620.073955][ T2884] IPVS: stop unused estimator thread 0... [ 620.084010][T12799] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 620.100464][T12799] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 620.212813][T12914] hsr_slave_0: entered promiscuous mode [ 620.219647][T12914] hsr_slave_1: entered promiscuous mode [ 620.226359][T12914] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 620.235198][T12914] Cannot create hsr debugfs directory [ 620.259133][T12799] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 620.398745][T12929] bridge0: port 1(bridge_slave_0) entered blocking state [ 620.419518][T12929] bridge0: port 1(bridge_slave_0) entered disabled state [ 620.428683][T12929] bridge_slave_0: entered allmulticast mode [ 620.439003][T12929] bridge_slave_0: entered promiscuous mode [ 620.449271][T12929] bridge0: port 2(bridge_slave_1) entered blocking state [ 620.463992][T12929] bridge0: port 2(bridge_slave_1) entered disabled state [ 620.489481][T12929] bridge_slave_1: entered allmulticast mode [ 620.505864][T12929] bridge_slave_1: entered promiscuous mode [ 620.584973][ T2884] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 620.756307][ T2884] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 620.785387][T12929] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 620.813594][T12929] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 620.879398][ T2884] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 620.984560][ T6761] nci: nci_add_new_protocol: the target found does not have the desired protocol [ 621.044954][ T2884] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 621.088315][T12929] team0: Port device team_slave_0 added [ 621.127501][T12929] team0: Port device team_slave_1 added [ 621.309362][T12929] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 621.317973][T12929] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 621.347033][T12929] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 621.425296][T12929] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 621.433536][T12929] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 621.472527][T12929] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 621.595308][ T2884] bridge_slave_1: left allmulticast mode [ 621.612083][ T2884] bridge_slave_1: left promiscuous mode [ 621.617999][ T2884] bridge0: port 2(bridge_slave_1) entered disabled state [ 621.645361][ T2884] bridge_slave_0: left allmulticast mode [ 621.651382][ T2884] bridge_slave_0: left promiscuous mode [ 621.657127][ T2884] bridge0: port 1(bridge_slave_0) entered disabled state [ 621.759425][ T5099] Bluetooth: hci3: command tx timeout [ 622.120205][ T9611] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 622.314255][ T9611] usb 2-1: Using ep0 maxpacket: 8 [ 622.328016][ T9611] usb 2-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 622.337264][ T9611] usb 2-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 622.348565][ T9611] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 622.361397][ T9611] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 622.370498][ T9611] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 622.379938][ T9611] usb 2-1: Product: syz [ 622.384303][ T9611] usb 2-1: Manufacturer: syz [ 622.389065][ T9611] usb 2-1: SerialNumber: syz [ 622.456992][ T2884] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 622.469242][ T2884] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 622.480379][ T2884] bond0 (unregistering): Released all slaves [ 622.634968][ T9611] usb 2-1: 0:2 : does not exist [ 622.662050][ T9611] usb 2-1: USB disconnect, device number 12 [ 622.676154][T12929] hsr_slave_0: entered promiscuous mode [ 622.689694][T12929] hsr_slave_1: entered promiscuous mode [ 622.700060][T12929] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 622.723873][T12929] Cannot create hsr debugfs directory [ 622.970029][T13019] loop4: detected capacity change from 0 to 512 [ 623.005695][T13019] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 623.015271][T13019] EXT4-fs (loop4): blocks per group (71) and clusters per group (32768) inconsistent [ 623.058452][T12799] 8021q: adding VLAN 0 to HW filter on device bond0 [ 623.162852][T13020] loop4: detected capacity change from 0 to 256 [ 623.205186][T13020] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d) [ 623.247066][ T2884] hsr_slave_0: left promiscuous mode [ 623.279381][ T2884] hsr_slave_1: left promiscuous mode [ 623.288235][ T2884] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 623.305383][ T2884] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 623.320285][ T2884] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 623.339016][ T2884] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 623.389472][ T2884] veth1_macvtap: left promiscuous mode [ 623.430978][ T2884] veth0_macvtap: left promiscuous mode [ 623.437186][ T2884] veth1_vlan: left promiscuous mode [ 623.444769][ T2884] veth0_vlan: left promiscuous mode [ 623.460487][T13025] loop1: detected capacity change from 0 to 2048 [ 623.512251][T13025] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 623.691333][T13022] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 623.738282][T13022] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28 [ 623.794641][T13022] EXT4-fs (loop1): This should not happen!! Data will be lost [ 623.794641][T13022] [ 623.821628][T13022] EXT4-fs (loop1): Total free blocks count 0 [ 623.834898][T13022] EXT4-fs (loop1): Free/Dirty block details [ 623.850769][T13022] EXT4-fs (loop1): free_blocks=2415919104 [ 623.856862][T13022] EXT4-fs (loop1): dirty_blocks=16 [ 623.869710][T13022] EXT4-fs (loop1): Block reservation details [ 623.875981][T13022] EXT4-fs (loop1): i_reserved_data_blocks=1 [ 623.972680][ T2454] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28 [ 624.032147][T13033] loop4: detected capacity change from 0 to 256 [ 624.105713][T13033] FAT-fs (loop4): Directory bread(block 64) failed [ 624.119100][T13033] FAT-fs (loop4): Directory bread(block 65) failed [ 624.129009][T13033] FAT-fs (loop4): Directory bread(block 66) failed [ 624.147606][T13033] FAT-fs (loop4): Directory bread(block 67) failed [ 624.173378][T13033] FAT-fs (loop4): Directory bread(block 68) failed [ 624.180188][T13033] FAT-fs (loop4): Directory bread(block 69) failed [ 624.199874][T13033] FAT-fs (loop4): Directory bread(block 70) failed [ 624.207983][T13033] FAT-fs (loop4): Directory bread(block 71) failed [ 624.240867][T13033] FAT-fs (loop4): Directory bread(block 72) failed [ 624.247998][T13033] FAT-fs (loop4): Directory bread(block 73) failed [ 624.752005][ T2884] team0 (unregistering): Port device team_slave_1 removed [ 624.828608][ T2884] team0 (unregistering): Port device team_slave_0 removed [ 624.831048][ T5183] usb 5-1: new full-speed USB device number 13 using dummy_hcd [ 624.899542][ T1249] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.906560][ T1249] ieee802154 phy1 wpan1: encryption failed: -22 [ 625.033363][ T5183] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid maxpacket 29810, setting to 64 [ 625.056268][ T5183] usb 5-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 625.070185][ T5183] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 625.082679][ T5183] usb 5-1: Product: syz [ 625.086931][ T5183] usb 5-1: Manufacturer: syz [ 625.092051][ T5183] usb 5-1: SerialNumber: syz [ 625.101921][ T5183] usb 5-1: config 0 descriptor?? [ 625.108320][T13041] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 625.118407][ T5183] hub 5-1:0.0: bad descriptor, ignoring hub [ 625.136117][ T5183] hub 5-1:0.0: probe with driver hub failed with error -5 [ 625.146563][ T5183] input: syz syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input22 [ 625.832080][ C0] ------------[ cut here ]------------ [ 625.838752][ C0] WARNING: CPU: 0 PID: 13040 at kernel/kcov.c:871 kcov_remote_start+0x5a2/0x7e0 [ 625.838810][ C0] Modules linked in: [ 625.838836][ C0] CPU: 0 UID: 0 PID: 13040 Comm: syz.4.2436 Not tainted 6.10.0-rc6-next-20240703-syzkaller #0 [ 625.838865][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 625.838882][ C0] RIP: 0010:kcov_remote_start+0x5a2/0x7e0 SYZFAIL: failed to recv rpc fd=3 want=4 sent=0 n=0 (errno 9: Bad file descriptor) [ 625.838919][ C0] Code: 24 00 00 00 00 9c 8f 04 24 f7 04 24 00 02 00 00 0f 85 a6 01 00 00 41 f7 c6 00 02 00 00 0f 84 93 fa ff ff fb e9 8d fa ff ff 90 <0f> 0b 90 e8 c6 a8 fd 09 89 c0 48 c7 c7 c8 d4 02 00 48 03 3c c5 40 [ 625.838942][ C0] RSP: 0018:ffffc90000006d70 EFLAGS: 00010002 [ 625.838975][ C0] RAX: 0000000080010101 RBX: ffff88801bf8da00 RCX: 0000000000000002 [ 625.838994][ C0] RDX: dffffc0000000000 RSI: ffffffff8bcada80 RDI: ffffffff8c207f20 [ 625.839011][ C0] RBP: 0100000000000005 R08: ffffffff930107f7 R09: 1ffffffff26020fe [ 625.839030][ C0] R10: dffffc0000000000 R11: fffffbfff26020ff R12: ffffffff81938d8e [ 625.839048][ C0] R13: ffff88801e5f7000 R14: 0000000000000006 R15: ffff8880b942d4c8 [ 625.839065][ C0] FS: 00007f148b9fc6c0(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000 [ 625.839086][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 625.839103][ C0] CR2: 00007f69c1cce2d8 CR3: 000000007c14a000 CR4: 00000000003506f0 [ 625.839124][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 625.839139][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 625.839154][ C0] Call Trace: [ 625.839164][ C0] [ 625.839175][ C0] ? __warn+0x168/0x4e0 [ 625.839198][ C0] ? kcov_remote_start+0x5a2/0x7e0 [ 625.839234][ C0] ? report_bug+0x2b3/0x500 [ 625.839266][ C0] ? kcov_remote_start+0x5a2/0x7e0 [ 625.839304][ C0] ? handle_bug+0x3e/0x70 [ 625.839327][ C0] ? exc_invalid_op+0x1a/0x50 [ 625.839350][ C0] ? asm_exc_invalid_op+0x1a/0x20 [ 625.839376][ C0] ? kcov_remote_start+0x9e/0x7e0 [ 625.839417][ C0] ? kcov_remote_start+0x5a2/0x7e0 [ 625.839452][ C0] ? usb_unanchor_urb+0xa3/0xc0 [ 625.839478][ C0] ? usb_anchor_suspend_wakeups+0x3a/0x40 [ 625.839513][ C0] __usb_hcd_giveback_urb+0x405/0x6e0 [ 625.839543][ C0] ? __pfx___usb_hcd_giveback_urb+0x10/0x10 [ 625.839571][ C0] ? do_raw_spin_unlock+0x13c/0x8b0 [ 625.839608][ C0] dummy_timer+0x830/0x45d0 [ 625.839661][ C0] ? __pfx_lock_release+0x10/0x10 [ 625.839716][ C0] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 625.839747][ C0] ? __hrtimer_run_queues+0x477/0xd50 [ 625.839787][ C0] ? do_raw_spin_unlock+0x13c/0x8b0 [ 625.839823][ C0] ? __pfx_dummy_timer+0x10/0x10 [ 625.839866][ C0] ? __pfx_dummy_timer+0x10/0x10 [ 625.839900][ C0] __hrtimer_run_queues+0x59b/0xd50 [ 625.839926][ C0] ? ktime_get_update_offsets_now+0x3c/0x250 [ 625.839975][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 625.840013][ C0] hrtimer_interrupt+0x396/0x990 [ 625.840066][ C0] __sysvec_apic_timer_interrupt+0x110/0x3f0 [ 625.840106][ C0] sysvec_apic_timer_interrupt+0x52/0xc0 [ 625.840140][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 625.840169][ C0] RIP: 0010:stack_trace_consume_entry+0x9/0x280 [ 625.840202][ C0] Code: 3d f1 11 0a 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 55 41 57 41 56 <41> 55 41 54 53 48 83 ec 18 48 89 fb 48 ba 00 00 00 00 00 fc ff df [ 625.840223][ C0] RSP: 0018:ffffc90000007500 EFLAGS: 00000282 [ 625.840246][ C0] RAX: 0000000000000002 RBX: ffffffff8b07728a RCX: ffff88801bf8da00 [ 625.840264][ C0] RDX: ffffc90002141000 RSI: ffffffff8b07728a RDI: ffffc90000007600 [ 625.840282][ C0] RBP: ffffc900000075b0 R08: ffffffff813756e2 R09: ffffffff814110bf [ 625.840300][ C0] R10: 0000000000000003 R11: ffffffff817f2bd0 R12: ffff88801bf8da00 [ 625.840317][ C0] R13: ffffffff817f2bd0 R14: ffffc90000007600 R15: ffffc90000007520 [ 625.840337][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 625.840369][ C0] ? ieee80211_rx_list+0x2d1a/0x3780 [ 625.840401][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 625.840431][ C0] ? unwind_next_frame+0x196f/0x2a00 [ 625.840476][ C0] ? arch_stack_walk+0x132/0x1b0 [ 625.840500][ C0] ? ieee80211_rx_list+0x2d1a/0x3780 [ 625.840537][ C0] arch_stack_walk+0x143/0x1b0 [ 625.840562][ C0] ? ieee80211_rx_list+0x2d1a/0x3780 [ 625.840600][ C0] stack_trace_save+0x118/0x1d0 [ 625.840638][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 625.840676][ C0] ? mark_lock+0x9a/0x360 [ 625.840721][ C0] kasan_save_track+0x3f/0x80 [ 625.840746][ C0] ? kasan_save_track+0x3f/0x80 [ 625.840767][ C0] ? kasan_save_free_info+0x40/0x50 [ 625.840798][ C0] ? poison_slab_object+0xe0/0x150 [ 625.840821][ C0] ? __kasan_slab_free+0x37/0x60 [ 625.840845][ C0] ? kmem_cache_free+0x145/0x350 [ 625.840877][ C0] ? skb_release_data+0x64d/0x880 [ 625.840906][ C0] ? consume_skb+0xb1/0x160 [ 625.840986][ C0] ? skb_release_data+0x64d/0x880 [ 625.841014][ C0] kasan_save_free_info+0x40/0x50 [ 625.841049][ C0] poison_slab_object+0xe0/0x150 [ 625.841078][ C0] ? skb_release_data+0x64d/0x880 [ 625.841105][ C0] __kasan_slab_free+0x37/0x60 [ 625.841132][ C0] kmem_cache_free+0x145/0x350 [ 625.841172][ C0] skb_release_data+0x64d/0x880 [ 625.841214][ C0] consume_skb+0xb1/0x160 [ 625.841242][ C0] ieee80211_rx_list+0x2d1a/0x3780 [ 625.841274][ C0] ? __lock_acquire+0x1359/0x2000 [ 625.841320][ C0] ? __pfx_ieee80211_rx_list+0x10/0x10 [ 625.841368][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 625.841402][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 625.841437][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 625.841479][ C0] ? ieee80211_rx_napi+0xd6/0x3c0 [ 625.841510][ C0] ieee80211_rx_napi+0x18a/0x3c0 [ 625.841543][ C0] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 625.841577][ C0] ? __pfx_ieee80211_rx_napi+0x10/0x10 [ 625.841614][ C0] ? skb_dequeue+0x113/0x150 [ 625.841661][ C0] ieee80211_handle_queued_frames+0xe7/0x1e0 [ 625.841702][ C0] tasklet_action_common+0x321/0x4d0 [ 625.841742][ C0] ? __pfx_tasklet_action_common+0x10/0x10 [ 625.841775][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 625.841830][ C0] ? workqueue_softirq_action+0xce/0x140 [ 625.841868][ C0] handle_softirqs+0x2c4/0x970 [ 625.841903][ C0] ? do_softirq+0x11b/0x1e0 [ 625.841937][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 625.841978][ C0] do_softirq+0x11b/0x1e0 [ 625.842006][ C0] [ 625.842015][ C0] [ 625.842025][ C0] ? __pfx_do_softirq+0x10/0x10 [ 625.842055][ C0] ? __pfx_lockdep_softirqs_on+0x10/0x10 [ 625.842092][ C0] ? rcu_is_watching+0x15/0xb0 [ 625.842132][ C0] __local_bh_enable_ip+0x1bb/0x200 [ 625.842162][ C0] ? ieee80211_xmit+0x30f/0x3f0 [ 625.842185][ C0] ? __ieee80211_tx_skb_tid_band+0x49e/0x610 [ 625.842218][ C0] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 625.842252][ C0] ? __ieee80211_tx_skb_tid_band+0x4e2/0x610 [ 625.842287][ C0] ? ieee80211_tx_skb_tid+0x30/0x420 [ 625.842319][ C0] ieee80211_tx_skb_tid+0x264/0x420 [ 625.842348][ C0] ? ieee80211_tx_skb_tid+0x30/0x420 [ 625.842383][ C0] ieee80211_mgmt_tx+0x1b46/0x2180 [ 625.842425][ C0] ? trace_kmalloc+0x1f/0xd0 [ 625.842469][ C0] ? ieee80211_mgmt_tx+0xa2e/0x2180 [ 625.842515][ C0] cfg80211_mlme_mgmt_tx+0x950/0x16a0 [ 625.842557][ C0] nl80211_tx_mgmt+0xb0d/0x1190 [ 625.842591][ C0] ? __rtnl_unlock+0x1c1/0x1e0 [ 625.842628][ C0] ? __pfx_nl80211_tx_mgmt+0x10/0x10 [ 625.842671][ C0] ? __pfx_netdev_run_todo+0x10/0x10 [ 625.842731][ C0] genl_rcv_msg+0xb14/0xec0 [ 625.842760][ C0] ? mark_lock+0x9a/0x360 [ 625.842803][ C0] ? __pfx_genl_rcv_msg+0x10/0x10 [ 625.842862][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 625.842892][ C0] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 625.842923][ C0] ? __pfx_nl80211_tx_mgmt+0x10/0x10 [ 625.842956][ C0] ? __pfx_nl80211_post_doit+0x10/0x10 [ 625.842990][ C0] ? __pfx___might_resched+0x10/0x10 [ 625.843031][ C0] netlink_rcv_skb+0x1e3/0x430 [ 625.843070][ C0] ? __pfx_genl_rcv_msg+0x10/0x10 [ 625.843102][ C0] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 625.843155][ C0] ? __netlink_deliver_tap+0x77e/0x7c0 [ 625.843196][ C0] genl_rcv+0x28/0x40 [ 625.843223][ C0] netlink_unicast+0x7f0/0x990 [ 625.843269][ C0] ? __pfx_netlink_unicast+0x10/0x10 [ 625.843301][ C0] ? __virt_addr_valid+0x183/0x530 [ 625.843341][ C0] ? __check_object_size+0x49c/0x900 [ 625.843372][ C0] ? bpf_lsm_netlink_send+0x9/0x10 [ 625.843408][ C0] netlink_sendmsg+0x8e4/0xcb0 [ 625.843447][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 625.843474][ C0] ? __import_iovec+0x536/0x820 [ 625.843501][ C0] ? aa_sock_msg_perm+0x91/0x160 [ 625.843531][ C0] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 625.843564][ C0] ? security_socket_sendmsg+0x87/0xb0 [ 625.843602][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 625.843624][ C0] __sock_sendmsg+0x221/0x270 [ 625.843670][ C0] ____sys_sendmsg+0x525/0x7d0 [ 625.843712][ C0] ? __pfx_____sys_sendmsg+0x10/0x10 [ 625.843764][ C0] __sys_sendmsg+0x2b0/0x3a0 [ 625.843798][ C0] ? __pfx___sys_sendmsg+0x10/0x10 [ 625.843878][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 625.843913][ C0] ? do_syscall_64+0x100/0x230 [ 625.843939][ C0] ? do_syscall_64+0xb6/0x230 [ 625.843965][ C0] do_syscall_64+0xf3/0x230 [ 625.843988][ C0] ? clear_bhb_loop+0x35/0x90 [ 625.844022][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 625.844050][ C0] RIP: 0033:0x7f148ab75bd9 [ 625.844075][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 625.844096][ C0] RSP: 002b:00007f148b9fc048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 625.844124][ C0] RAX: ffffffffffffffda RBX: 00007f148ad04038 RCX: 00007f148ab75bd9 [ 625.844143][ C0] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 000000000000000a [ 625.844160][ C0] RBP: 00007f148abe4e60 R08: 0000000000000000 R09: 0000000000000000 [ 625.844176][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 625.844191][ C0] R13: 000000000000006e R14: 00007f148ad04038 R15: 00007fffa97c7998 [ 625.844228][ C0] [ 625.844241][ C0] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 626.825226][ C0] CPU: 0 UID: 0 PID: 13040 Comm: syz.4.2436 Not tainted 6.10.0-rc6-next-20240703-syzkaller #0 [ 626.835480][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 626.845547][ C0] Call Trace: [ 626.848837][ C0] [ 626.851703][ C0] dump_stack_lvl+0x241/0x360 [ 626.856413][ C0] ? __pfx_dump_stack_lvl+0x10/0x10 [ 626.861638][ C0] ? __pfx__printk+0x10/0x10 [ 626.866248][ C0] ? _printk+0xd5/0x120 [ 626.870431][ C0] ? vscnprintf+0x5d/0x90 [ 626.874782][ C0] panic+0x349/0x870 [ 626.878729][ C0] ? __warn+0x177/0x4e0 [ 626.882895][ C0] ? __pfx_panic+0x10/0x10 [ 626.887330][ C0] ? show_trace_log_lvl+0x4e6/0x520 [ 626.892572][ C0] __warn+0x34b/0x4e0 [ 626.896589][ C0] ? kcov_remote_start+0x5a2/0x7e0 [ 626.901728][ C0] report_bug+0x2b3/0x500 [ 626.906105][ C0] ? kcov_remote_start+0x5a2/0x7e0 [ 626.911246][ C0] handle_bug+0x3e/0x70 [ 626.915415][ C0] exc_invalid_op+0x1a/0x50 [ 626.919928][ C0] asm_exc_invalid_op+0x1a/0x20 [ 626.924812][ C0] RIP: 0010:kcov_remote_start+0x5a2/0x7e0 [ 626.930557][ C0] Code: 24 00 00 00 00 9c 8f 04 24 f7 04 24 00 02 00 00 0f 85 a6 01 00 00 41 f7 c6 00 02 00 00 0f 84 93 fa ff ff fb e9 8d fa ff ff 90 <0f> 0b 90 e8 c6 a8 fd 09 89 c0 48 c7 c7 c8 d4 02 00 48 03 3c c5 40 [ 626.950184][ C0] RSP: 0018:ffffc90000006d70 EFLAGS: 00010002 [ 626.956267][ C0] RAX: 0000000080010101 RBX: ffff88801bf8da00 RCX: 0000000000000002 [ 626.964259][ C0] RDX: dffffc0000000000 RSI: ffffffff8bcada80 RDI: ffffffff8c207f20 [ 626.972250][ C0] RBP: 0100000000000005 R08: ffffffff930107f7 R09: 1ffffffff26020fe [ 626.980234][ C0] R10: dffffc0000000000 R11: fffffbfff26020ff R12: ffffffff81938d8e [ 626.988217][ C0] R13: ffff88801e5f7000 R14: 0000000000000006 R15: ffff8880b942d4c8 [ 626.996202][ C0] ? kcov_remote_start+0x9e/0x7e0 [ 627.001263][ C0] ? usb_unanchor_urb+0xa3/0xc0 [ 627.006130][ C0] ? usb_anchor_suspend_wakeups+0x3a/0x40 [ 627.011866][ C0] __usb_hcd_giveback_urb+0x405/0x6e0 [ 627.017254][ C0] ? __pfx___usb_hcd_giveback_urb+0x10/0x10 [ 627.023168][ C0] ? do_raw_spin_unlock+0x13c/0x8b0 [ 627.028404][ C0] dummy_timer+0x830/0x45d0 [ 627.032938][ C0] ? __pfx_lock_release+0x10/0x10 [ 627.037994][ C0] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 627.044337][ C0] ? __hrtimer_run_queues+0x477/0xd50 [ 627.049728][ C0] ? do_raw_spin_unlock+0x13c/0x8b0 [ 627.054961][ C0] ? __pfx_dummy_timer+0x10/0x10 [ 627.059942][ C0] ? __pfx_dummy_timer+0x10/0x10 [ 627.064903][ C0] __hrtimer_run_queues+0x59b/0xd50 [ 627.070117][ C0] ? ktime_get_update_offsets_now+0x3c/0x250 [ 627.076128][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 627.081868][ C0] hrtimer_interrupt+0x396/0x990 [ 627.086843][ C0] __sysvec_apic_timer_interrupt+0x110/0x3f0 [ 627.092845][ C0] sysvec_apic_timer_interrupt+0x52/0xc0 [ 627.098496][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 627.104492][ C0] RIP: 0010:stack_trace_consume_entry+0x9/0x280 [ 627.110750][ C0] Code: 3d f1 11 0a 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 55 41 57 41 56 <41> 55 41 54 53 48 83 ec 18 48 89 fb 48 ba 00 00 00 00 00 fc ff df [ 627.130362][ C0] RSP: 0018:ffffc90000007500 EFLAGS: 00000282 [ 627.136440][ C0] RAX: 0000000000000002 RBX: ffffffff8b07728a RCX: ffff88801bf8da00 [ 627.144419][ C0] RDX: ffffc90002141000 RSI: ffffffff8b07728a RDI: ffffc90000007600 [ 627.152404][ C0] RBP: ffffc900000075b0 R08: ffffffff813756e2 R09: ffffffff814110bf [ 627.160385][ C0] R10: 0000000000000003 R11: ffffffff817f2bd0 R12: ffff88801bf8da00 [ 627.168370][ C0] R13: ffffffff817f2bd0 R14: ffffc90000007600 R15: ffffc90000007520 [ 627.176361][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 627.182540][ C0] ? ieee80211_rx_list+0x2d1a/0x3780 [ 627.187870][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 627.194040][ C0] ? unwind_next_frame+0x196f/0x2a00 [ 627.199338][ C0] ? arch_stack_walk+0x132/0x1b0 [ 627.204314][ C0] ? ieee80211_rx_list+0x2d1a/0x3780 [ 627.209635][ C0] arch_stack_walk+0x143/0x1b0 [ 627.214413][ C0] ? ieee80211_rx_list+0x2d1a/0x3780 [ 627.219743][ C0] stack_trace_save+0x118/0x1d0 [ 627.224612][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 627.230005][ C0] ? mark_lock+0x9a/0x360 [ 627.234362][ C0] kasan_save_track+0x3f/0x80 [ 627.239054][ C0] ? kasan_save_track+0x3f/0x80 [ 627.243913][ C0] ? kasan_save_free_info+0x40/0x50 [ 627.249128][ C0] ? poison_slab_object+0xe0/0x150 [ 627.254269][ C0] ? __kasan_slab_free+0x37/0x60 [ 627.259220][ C0] ? kmem_cache_free+0x145/0x350 [ 627.264185][ C0] ? skb_release_data+0x64d/0x880 [ 627.269228][ C0] ? consume_skb+0xb1/0x160 [ 627.273792][ C0] ? skb_release_data+0x64d/0x880 [ 627.278837][ C0] kasan_save_free_info+0x40/0x50 [ 627.283885][ C0] poison_slab_object+0xe0/0x150 [ 627.288836][ C0] ? skb_release_data+0x64d/0x880 [ 627.293874][ C0] __kasan_slab_free+0x37/0x60 [ 627.298650][ C0] kmem_cache_free+0x145/0x350 [ 627.303440][ C0] skb_release_data+0x64d/0x880 [ 627.308317][ C0] consume_skb+0xb1/0x160 [ 627.312659][ C0] ieee80211_rx_list+0x2d1a/0x3780 [ 627.317789][ C0] ? __lock_acquire+0x1359/0x2000 [ 627.322843][ C0] ? __pfx_ieee80211_rx_list+0x10/0x10 [ 627.328344][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 627.333387][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 627.339386][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 627.345740][ C0] ? ieee80211_rx_napi+0xd6/0x3c0 [ 627.350780][ C0] ieee80211_rx_napi+0x18a/0x3c0 [ 627.355758][ C0] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 627.362140][ C0] ? __pfx_ieee80211_rx_napi+0x10/0x10 [ 627.367642][ C0] ? skb_dequeue+0x113/0x150 [ 627.372350][ C0] ieee80211_handle_queued_frames+0xe7/0x1e0 [ 627.378355][ C0] tasklet_action_common+0x321/0x4d0 [ 627.383692][ C0] ? __pfx_tasklet_action_common+0x10/0x10 [ 627.389516][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 627.395863][ C0] ? workqueue_softirq_action+0xce/0x140 [ 627.401520][ C0] handle_softirqs+0x2c4/0x970 [ 627.406304][ C0] ? do_softirq+0x11b/0x1e0 [ 627.410826][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 627.416132][ C0] do_softirq+0x11b/0x1e0 [ 627.420472][ C0] [ 627.423411][ C0] [ 627.426350][ C0] ? __pfx_do_softirq+0x10/0x10 [ 627.431216][ C0] ? __pfx_lockdep_softirqs_on+0x10/0x10 [ 627.436876][ C0] ? rcu_is_watching+0x15/0xb0 [ 627.441660][ C0] __local_bh_enable_ip+0x1bb/0x200 [ 627.446878][ C0] ? ieee80211_xmit+0x30f/0x3f0 [ 627.451739][ C0] ? __ieee80211_tx_skb_tid_band+0x49e/0x610 [ 627.457733][ C0] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 627.463468][ C0] ? __ieee80211_tx_skb_tid_band+0x4e2/0x610 [ 627.469478][ C0] ? ieee80211_tx_skb_tid+0x30/0x420 [ 627.474789][ C0] ieee80211_tx_skb_tid+0x264/0x420 [ 627.480004][ C0] ? ieee80211_tx_skb_tid+0x30/0x420 [ 627.485340][ C0] ieee80211_mgmt_tx+0x1b46/0x2180 [ 627.490470][ C0] ? trace_kmalloc+0x1f/0xd0 [ 627.495088][ C0] ? ieee80211_mgmt_tx+0xa2e/0x2180 [ 627.500312][ C0] cfg80211_mlme_mgmt_tx+0x950/0x16a0 [ 627.505705][ C0] nl80211_tx_mgmt+0xb0d/0x1190 [ 627.510581][ C0] ? __rtnl_unlock+0x1c1/0x1e0 [ 627.515367][ C0] ? __pfx_nl80211_tx_mgmt+0x10/0x10 [ 627.520685][ C0] ? __pfx_netdev_run_todo+0x10/0x10 [ 627.526003][ C0] genl_rcv_msg+0xb14/0xec0 [ 627.530534][ C0] ? mark_lock+0x9a/0x360 [ 627.534907][ C0] ? __pfx_genl_rcv_msg+0x10/0x10 [ 627.539965][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 627.545001][ C0] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 627.550388][ C0] ? __pfx_nl80211_tx_mgmt+0x10/0x10 [ 627.555689][ C0] ? __pfx_nl80211_post_doit+0x10/0x10 [ 627.561166][ C0] ? __pfx___might_resched+0x10/0x10 [ 627.566475][ C0] netlink_rcv_skb+0x1e3/0x430 [ 627.571266][ C0] ? __pfx_genl_rcv_msg+0x10/0x10 [ 627.576308][ C0] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 627.581626][ C0] ? __netlink_deliver_tap+0x77e/0x7c0 [ 627.587105][ C0] genl_rcv+0x28/0x40 [ 627.591101][ C0] netlink_unicast+0x7f0/0x990 [ 627.595887][ C0] ? __pfx_netlink_unicast+0x10/0x10 [ 627.601192][ C0] ? __virt_addr_valid+0x183/0x530 [ 627.606329][ C0] ? __check_object_size+0x49c/0x900 [ 627.611629][ C0] ? bpf_lsm_netlink_send+0x9/0x10 [ 627.616760][ C0] netlink_sendmsg+0x8e4/0xcb0 [ 627.621547][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 627.626845][ C0] ? __import_iovec+0x536/0x820 [ 627.631710][ C0] ? aa_sock_msg_perm+0x91/0x160 [ 627.636661][ C0] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 627.641969][ C0] ? security_socket_sendmsg+0x87/0xb0 [ 627.647445][ C0] ? __pfx_netlink_sendmsg+0x10/0x10 [ 627.652741][ C0] __sock_sendmsg+0x221/0x270 [ 627.657470][ C0] ____sys_sendmsg+0x525/0x7d0 [ 627.662263][ C0] ? __pfx_____sys_sendmsg+0x10/0x10 [ 627.667664][ C0] __sys_sendmsg+0x2b0/0x3a0 [ 627.672276][ C0] ? __pfx___sys_sendmsg+0x10/0x10 [ 627.677441][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 627.683788][ C0] ? do_syscall_64+0x100/0x230 [ 627.688563][ C0] ? do_syscall_64+0xb6/0x230 [ 627.693252][ C0] do_syscall_64+0xf3/0x230 [ 627.697764][ C0] ? clear_bhb_loop+0x35/0x90 [ 627.702459][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 627.708368][ C0] RIP: 0033:0x7f148ab75bd9 [ 627.712796][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 627.732413][ C0] RSP: 002b:00007f148b9fc048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 627.740844][ C0] RAX: ffffffffffffffda RBX: 00007f148ad04038 RCX: 00007f148ab75bd9 [ 627.748826][ C0] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 000000000000000a [ 627.756804][ C0] RBP: 00007f148abe4e60 R08: 0000000000000000 R09: 0000000000000000 [ 627.764783][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 627.772765][ C0] R13: 000000000000006e R14: 00007f148ad04038 R15: 00007fffa97c7998 [ 627.780768][ C0] [ 627.784127][ C0] Kernel Offset: disabled [ 627.788584][ C0] Rebooting in 86400 seconds..