last executing test programs: 17.536583396s ago: executing program 0 (id=7): r0 = socket(0x26, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00', 0x0}) syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r2 = syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000080)='./file1\x00', 0x0, &(0x7f00000069c0)=ANY=[@ANYBLOB="6c617a7974696d652c6e6f696e6c696e655f78617474722c6c617a7974696d652c6e6f626172726965722c6163746976655f6c6f67733d342c757365725f78617474722c6d6f64653d6c66732c616c6c6f635f6d6f64653d64656661756c742c00be9ee044c45511e65887f6fac9eba6d787c3684a836f23dbf8ad3dd5931c08b4d8bde7e8acbbf3bf3326f2faa5952a332ad2ced40c98a2affa2dad4d623f9ff3ffa81e45095548ab6200f069d0f63d20fd71d3043b0dd5c4cf9785f3f531abc19bc1678f5e0b33006bd1049ca45fd8500d67a5aa6e1c23d900000000007867738729e703bb122283fb2fae9813a0cfefcdf3dc968af1cf80e96649d943198a96d9b1af9c91506b30922be8537f54e65cf60c6b6a5798955796aea325770d6ccc93a95fad93b2c7bad114fcbc55036a301c23b07073c71555791db8919235022bb0ee4294211ab9b43f3fbedecd223722d937aa22b31e2e9c97e5ea94e4ab83d4e5811c7556813c334aec856af0a0c12b3c93ba5aa906c6e2268a0c6cbbb13f496d87c608604eb02b2c031d5ae40c75"], 0x1, 0x5531, &(0x7f0000006b80)="$eJzs3EtvG1UUAODrpOmbEiEW7DpShZRItVWnSQW7AK14iFQRjwUr6tiO5db2RLHjhKxYsEQs+CcIJFYs+Q0sWLNDLEDskIo89wY1PCpQHJsk3ydNz8yd6zPnjqpEZyZyAM6s+ezXn0vhWrgUQpgNIVwNodgvpa2wGsMLIYTrIYSZJ7ZSGv9j4HwI4XII4dooecxZSqc+vzm8sfLTW798892Fc1e++Pr76a0amLYXQwjdrbi/240xb8X4MI3Xhu0idpeHKcYT3UfpOI9xt7lRZNitHcyrFfF2K87Pt3b6o7jZqdVHsdXeLMa3evGC/WHrIE/xgYe17eK40dwoYrufF7G1H+va248/2/b7g5inkfJ9VKQPg8FBjOPNvWZcz9ajItZ7gzQe8+aN5t4oDlNMlwv1vNMo6tg4yp3+f3u73dvZy4bN7X4772UrlepLleqdcnU7bzQHzeVyrdu4s5wttDqjaeVBs9ZdbeV5q9Os1PPuYrbQqtfL1Wq2cLe50a71smq1crtyq7yymPZuZq/ffz/rNLKFUXy13dsZtDv9bDPfzuInFrOlyu2XF7Mb1ezdtfVs/Z1799bW3/vw7gf3X1l787U06S9lZQtLt5aWytVb5aXq4sld/+h3/X9a/yep6DGuH46k9LSTDyZXB8AJov8HpmGi/f9cGHv/H/T/Y6H/P7Prf5wc7QZytj21/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4DT7Ye7LN4qd+Xh8JY0/k4aeS8elEMJMCOHx35gN5w/lnE155v5h/tyfavi2FIoMo2tcSNvlEMJq2n579rjvAgAAAJxeX318/bPYrcd/5qddEJMUH9rMXH0wpnylEMLc/I9jyBLSw6bw/NGrikb/v8+FvTFlKx5gXRxTsvjI7dy4sv0rs4fCxSdCKYaZg5nnJ1oXAABwnA53ApPtQgAAAJikT6ddANNRvGlNf4ufXvNdiCG9ELx06AgAAAA4gUrTLgAAAAA4dkX/7/v/AAAA4HSL3/8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL+zcze5aQNRAICfDS609AdV3fcq3cExeoQuu4y4CkcgV8gFOAPZZZtdBBH2JAoRhBAbE6Lvk+xhbOvxjPDijUcDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABzTdTEbX1787teNs1zV08zdAAAAANssitm4/DCs+oN0/Fs69DP1s4jII2Jb7d6JTxsxOylOseP64lkOVxFlhPV39NL2JSL+pO3ux7F/BQAAAPi45pPpqKrWq93w1AnRpmrQJv/6t6F4WUQUw5uGouXr3a9XXbraPz60/n934/+Os9lhqZUDW1F7ysyDcsit21S0/TrpcX9s+k+arGry9tIBAADaslkJtFiFAAAA0LJ/p06A0yjfeqa5+GkCf69q0gvBzxs9AAAA4AwdOusZAAAAeI8GL54t6/8zWP/v+631/wAAAODNqvX/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOKZFMRvPJ9NR3TjLVT3N3A0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAPfvzjsIwDAZhcJMor07oAr7/Lc2C3bp1MwOCj38rAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABceRwvzzNejZlso9eZ5N3zSvLp1Ph2avw6N/5Jxrr7NwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7+/OSAiEQBFEwZ/zvpO9/WEnQM4gQAQ2PKmrRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAF/3ul/8TU+NMMnfaWDoeSdauGltXjb0HjaMH4+3fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXO/fvGzcVBwD8e+fzlRYQIaAMQYhKDLDQ9FpaujKAIgb+BKQovZbAlR9tBlpVoCxsKHMXBCNCSKCw9X/o3EpdytbhhiIxMYDss5PXo4iDKvaRfD7S8/vacvy+z4mifP2cAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA2fnMvzorNwiTuVsduP7i+XvR3pvrCze27y0Ur4s7fXP+L/Up8/r2Y7nSW2ksEAACAwyOr6/uIfuQ7q0XQXSjr/7w+p6j5v3l6Etf1/HTdX/d17V+0n3+6//zuQAuTcYqLXtgYDU/+NZVeto/znGfP/OMZvfLOl89esvIb0n1n67lxXt7Pzle3br3VL8MjTWQLAPwXJ+q+Cuq/h4p+0GZiABwavaoV7lX1f7bQbk4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAATehvxZN13ImI5d5eXLjz4Pp62U/t39y+u1y3szdubKfXLC6RR8SFjdHwZFMT+R+4cvXah2uj0fBy88FLEdHe6FXw3gznRLSZoeBxg271sz7bVx2PiPZzbj9o+RcTAAAHTl61oq6/l++sFsc6ixF/fPtw/f9KEkda/0/1af1///2zt9Ox0vp/0NgM59/K5qVPVq5cvfbaxqW1i8OLw49ePzV4Y3D63Jkz51bKZyUrnpgAAADwePpVS+v/7mLEeGr9/1gSx4z1/6dfDz5Px8rU/4+0t+jXdiYAAACH27PHf/u184jjnX4/Plvb3Lw8mGx3909Nti2k+q8dqVpa/2eLbWcFAAAANGG81Xlo/f98EseM6/9PfffCD+k1s4g4Wq3/n1j/eHS+uem05PeZzmri34n3faoAAADMtaNVS9f/8/L9/+7uKw/diHj15UlcfQzgTPV/9vaX36djpe//n25uinOpuzS5H2W/FNFbajsjAAAADrInqlYU+7/kO6sf/Hjs3b73/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACa9mcAAAD//6vIRLE=") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r3 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) getdents64(r2, &(0x7f0000000400)=""/231, 0xe7) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r6 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCETHTOOL(r6, 0x8946, &(0x7f0000000080)={'syz_tun\x00', 0x0}) socket$inet6(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'wg1\x00'}) r7 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r7, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xd}}, 0x10) sendmmsg$inet(r7, &(0x7f0000000380)=[{{&(0x7f0000000800)={0x2, 0xce24, @multicast1}, 0x10, 0x0}}, {{0x0, 0x0, &(0x7f0000000280)=[{0x0}, {&(0x7f0000000640)="df82fd81e8c4d6d9cdd0fc5f3fda51005f32b3f121e590e1e5e4055c3fab31f9b67968c60bae4e9cfbaeb5dec90743948de6fe056f62b8dc9d088991e0f2ba888cb8e8afacf941c7f06d22b6263700827cafbba8feb74803e3246df58fc6af47d7d4ddbb0828f46a08c1d8925203bcad593e8a5ff115bfc223fb5523f3a5a428b67e10ee0fd9f2f496c43c63a794f73a8fab8187792d4d5207f75c516e95932242a780976b327bda9d0af53764ede1a675273ef5f6ddc203172f4448b29a5619c338412349c72074c6846a3f8459a40d045e16e668b07f3481d784d69c45f5bb19156397b77bc1cf1fe928228406f960", 0xf0}], 0x2}}], 0x2, 0x2000c044) sendto$inet(r7, &(0x7f0000000c80)="e8", 0x6200, 0x12000000, 0x0, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000040)={@private0={0xfc, 0x0, '\x00', 0x1}, @private1={0xfc, 0x1, '\x00', 0x1}, @loopback, 0xffffffff, 0x5, 0x254a, 0x400, 0x7, 0x8, r1}) r8 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), r8) getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0xa) sendmsg$nl_route(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="4800000010000507000000000000000000000002", @ANYRES32=r9, @ANYBLOB="0000400000000002280012000c00010076657468"], 0x48}}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB="67358d6609000000000000000000000002200000", @ANYRES32=r9, @ANYBLOB="08000400ffffffff08000200e0"], 0x28}, 0x1, 0x0, 0x0, 0x8001}, 0x0) 15.027214861s ago: executing program 1 (id=12): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='./file0\x00', 0x2800000, &(0x7f0000000340)={[{@debug}, {@delalloc}, {@inlinecrypt}, {@test_dummy_encryption}, {@abort}, {@errors_continue}, {@delalloc}, {@nombcache}, {@grpquota}]}, 0x1, 0xbd0, &(0x7f0000001180)="$eJzs3M9rXVUeAPDvvfnZNp2XDsMwnU0zDEMLw7ymHVKmZcBWKm5cCLoVGtKXEvL6gyRSkwZ80X9A1LXgRlCL0oVdd6Pg1o3WrcWFUCQ2CiIaue9HkibvJU3zkhvTzwdO7jn33HvP95ubvHsOvPcCeGINZD/SiMMRcSGJKNT3pxHRXa31RlRqxy3Mz478ND87ksTi4gvfJ5FExIP52ZHGtZL69kC90RsRXzydxJ9fXzvu5PTM+HC5XJqot49PXb52fHJ65j9jl4cvlS6Vrpw49b+hk0OnBk8PtS3Xn785e/vHfzz7beWXD369+cNb7yVxNvrqfSvzqGe9ZQMxsPQ7WakzIobbcP3doKOez8o8k84NTkq3OSgAAFpKV8zh/hqF6IjlyVshPv0y1+AAAACAtljsiFgEAAAA9rjE+h8AAAD2uMb7AB7Mz440Sr7vSNhZ989FRH8t/4V6qfV0RqW67Y2uiNj/IImVH2tNaqdt2UBE3Pv69MdZiSafQ95ulbmI+Fuz+59U8++vfxJ6df5pRAy2YfyBVe0/Uv5n2zB+3vkD8GS6c672IFv7/EuX5j/R5PnX2eTZ9Tjyfv415n8La+Z/y/l3tJj/Pf+IY9x4/53rrfqy/P9/+5mPGiUbP9tuKalNuD8X8ffOZvknS/knLfK/sMG1k6hdovDb9VKrY/LOf/HdiKPRPP+GZP3vJzo+OlYuDdZ+Nh1j7vOhD1uNn3f+2f3f3yL/de5/b7bv2kNXav2lPi+dP3+rVd/G+affdScvVmvd9T2vDE9NTZyI6E6eW7v/5Pr5No5pXCPL/9g/1///b/b3n70mVOp/G1nmc/Vt1n5t1ZhP3bzxyXr5Z2u/PO//xc3f/+q+Nx5xjH999uaxVn0r179Zyca/l9TWwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQkEZEXyRpMSKSaj1Ni8WIAxHxl9iflq9OTv179OrLVy5mfRH90ZWOjpVLgxFRqLWTrH2iWl9un1zV/m9EHIqItwv7qu3iyNXyxbyTBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYMmBiOiLJC1GRBoRC4U0LRbzjgoAAABou/68AwAAAAC2nfU/AAAA7H3W/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGyzQ0fu3E0ionJmX7Vkuut9XblGBmy3NO8AgNx05B0AkJvOvAMAcrPJNb7pAuxByQb9vS17etoeCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC719HDd+4mEVE5s69aMt31vq6mZxzZweiA7ZTmHQCQm471Ojt3Lg5g5z32v/jB9sYB7Lzma3zgSZJs0N+7fEzl4Z6ebYsJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgN2nr1qStBgRabWepsVixMGI6I+uZHSsXBqMiD9FxFeFrp6s3ZN30AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALTd5PTM+HC5XJp4nEqytdNVVFpVXt0dYexsJdkdYdQqeb8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQh8npmfHhcrk0MZl3JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDeJqdnxofL5dLEI1RubebgFZW8cwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID+/BwAA//8v5A3O") r0 = open(&(0x7f00000001c0)='./file1\x00', 0x169a7e, 0x68) quotactl_fd$Q_SETQUOTA(r0, 0xffffffff80000800, 0x0, &(0x7f0000000200)={0x9, 0x7, 0x19ff, 0x8, 0xffffffffffff5b2b, 0x1c00000000000, 0xa, 0x0, 0x20}) 13.352710788s ago: executing program 0 (id=14): syz_emit_ethernet(0x4e, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaa"], 0x0) syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000280)='./file1\x00', 0x8080, &(0x7f0000000040)=ANY=[@ANYBLOB="636865636b3d7374726963742c757466383d312c757466383d302c757466383d312c6e66732c6572726f72733d72656d6f756e742d726f2c73686f72746e616d653d77696e6e742c00043518f9aad8a4f2c1cdb3e993cf0444d9d2d40bb509d4da042c2c85e3650de97db42c38cafa7a9d7503c3c985486cf7fdb62fb1fc80515e9bef7e9e56fb346de370b3eb3ecbc59d343c36bf04efc3d68033308b0014b0c677ae5ef2932cc05f566112668fa4f6844dcf823618a2993da771384e8fc12467a56b33e3b00030dbfd82ea2f8ddbeb1d04bac86815ebe0b9d084d60edf56b15e74589892dce80700000000000000b738dddfd38d20b443570197dc795020ecf541601ef9a5618869febf769dd50261849a47e170ba166b97e76a0261d0dc1fb3e2646595f1c8b49057d94f10f7b5e35ead0a38", @ANYRES8], 0x3, 0x232, &(0x7f0000000640)="$eJzs2r+LHGUYB/BnzsSLFy574i8SEF+0UJshd7VFDklAXFA0K0RBMvFmddlx99hZDlbEbKWtf4K1WNoJktLmGv8CC7trrkwhjmz21GzYFEHNJfHzaeaBd77M+zLvvDzFHLz29af9bp13i3GsZFmsXIhp3MxiI1biT9N49eUrPz3/7pX339xuty++k9Kl7cubWymlMy/8+MHn3714Y3z6ve/P/LAa+xsfHhxu/br/7P7Zg98vf9KrU69Og+E4FenacDgurlVl2unV/Tylt6uyqMvUG9TlaGG8Ww13dyepGOysr+2OyrpOxWCS+uUkjYdpPJqk4uOiN0h5nqf1teCf6Hx7s2nisDl5NZqmeeKbOH0j1n+JVmRPpuypC9kzV7PnptnZw6ZpHfdU+U94//9vtx3qpyKqr/Y6e535dT6+3Y1eVFHG+WjFbzHbJkfm9aU32hfPp1s24svq+lH++l7nscX8ZrRiY3l+c55Pi/nVWIs4GXGU34pWPL08v7U0fypeeem25+fRip8/imFUsROz7N/5LzZTev2t9h35c7fuAwB41OTpL0v7tzy/2/g8fw/94R391Yk4d+J4105EPfmsX1RVOXpki9kqH4BpKP7NYjXuKZVFTGf74IGY/OMPx6d3rMcS98niOQkAAAAAAAAAAMDD4n79gQsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHA3fwQAAP//rHDMJg==") mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff) 12.946174632s ago: executing program 1 (id=18): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f00000001c0)={0x79, 0x0, 0x78b}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000180)=@x86={0x6b, 0x4, 0x7, 0x0, 0x0, 0xff, 0x4, 0xa, 0xd, 0xa0, 0x8, 0x5, 0x0, 0x2, 0x9, 0x3, 0x3, 0x2e, 0x4, '\x00', 0x1, 0xffffffffffffff7f}) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000003, 0x13, r2, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x24040004) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000000c0)={[0x801, 0x3, 0x81, 0x4, 0x1, 0x0, 0x4, 0xfffffffffffff804, 0x909, 0x0, 0x0, 0x2000000000000, 0x7, 0x2, 0x1, 0x8], 0xeeee0000, 0x4fb40}) lchown(&(0x7f0000000000)='./file1\x00', 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12.230163686s ago: executing program 1 (id=20): mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x11, 0x3, &(0x7f0000000100)=ANY=[@ANYRESOCT=0x0], &(0x7f0000000300)='syzkaller\x00', 0x2, 0x0, 0x0, 0x41100, 0x3b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="650100001b"], 0x188}}, 0x0) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) r3 = openat(0xffffffffffffff9c, &(0x7f0000001280)='./file0\x00', 0x80000, 0x100) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000180)='./file0\x00', 0x100c404, &(0x7f0000000080)=ANY=[@ANYBLOB='nodots,check=strict,nodots,uid=', @ANYRESHEX=0xee00, @ANYBLOB="2c646973636172642c6e6f646f74732c6e6f646f74732c6e66732c6e6f646f74732c646f74732c756d61736b3d30303030303030303030303030303030303030303030362c616c6c6f775f7574696d653d30303030303000000000000000023030303030303030352c6e6f646f74732c6e6f646f74732c6e66733d0704616c655f72772c64656275672c6e6f646f34732c73686f77657865632c666c7573682c646d61736b3d30303030303030303030303030303030303030303030332c646f74732c646f74732c00"], 0x1, 0x1fa, &(0x7f0000000800)="$eJzs3cFqE10UAOCT/Gky+XHRnSAIIy50VdQnqEgFMSBUstBdQVdm1W5SN+3Ch/AVfC8fQLrKRq7EmXRimsYQyQzW79v0zJx7e++ZIZNscpKi8PX258iyVrT3Yz8mrdiNdsycBwBwk0xSim+p0PReAIB6rPH+/73mLQEAW/b6zduXTweDg8M8zyIuzsfD8bD4W+SfvxgcPMp/2q1mXYzHw/8u84/zxc8O0/xO/F/mnxTz88t0NyKG3Xh4v8hPc89eDfJf5/fi3ZZrBwAAAAAAAAAAAAAAAAAAAACAptyNfGZpf5+9vcV8v8wXR3P9gRb693TiTqc8rNoDpbM6igIAAAAAAAAAAAAAAAAAAIC/zMnpxw9Ho9H74yroRcT8mc6SMdcHrfIfrzW4+aAdm03vl2VusGirvETbLbC//OauE0TnT1b/1Pg9PRrlNazVX3l5U5oGy18Fs7YY107vRsTq1R8cbrr5SUpp9OXe8clppJWDq2dEr9YnEgAAAAAAAAAAAAAAAAAA/LvmvvV9RdbEhgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgAdXv/0+Dq2dWBmcRcSt+O3i21k5kjdYKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAzfUjAAD//3O1Ikk=") sendmsg$inet(0xffffffffffffffff, 0x0, 0x20000000) getdents64(r3, &(0x7f0000000080)=""/4096, 0x1000) statx(r3, 0x0, 0x0, 0x20, 0x0) 12.127897309s ago: executing program 0 (id=21): r0 = syz_usb_connect$cdc_ncm(0x2, 0x7a, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000020000402505a1a44000010203010902680002010040000904000001020e0000052406000105240000000d370f0100000000000000000006241a0000000c241b4800f3ff00050080050905810300020000000904010000020d00000904010102020d0000090582020004000000090503020002"], 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000780)={0x84, &(0x7f0000000300)=ANY=[@ANYBLOB="000a120000005ceb88210b"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) 9.568289576s ago: executing program 1 (id=23): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, 0x0) r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x0, 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe) 8.215455912s ago: executing program 0 (id=24): r0 = syz_usb_connect$cdc_ncm(0x0, 0x76, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000020000402505a1a44000010203010902640002010000000904000001020d0000052406000105240000000d240f0100000000000000000006241a00000008241c0700099e000905"], 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000200)={@cgroup=r1, 0x6, 0x0, 0x50d6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000005c0)={r3, r2, 0x15, 0x0, @val=@kprobe_multi=@syms={0x0, 0x0, 0x0}}, 0x30) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$IP6T_SO_GET_REVISION_TARGET(r4, 0x29, 0x45, &(0x7f00000007c0)={'NETMAP\x00'}, &(0x7f0000000800)=0x1e) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000140)='ext3\x00', &(0x7f0000000000)='./file1\x00', 0x18, &(0x7f0000000600)={[{@data_err_ignore}, {@data_err_abort}, {@nodiscard}, {}, {@prjquota}, {@nobarrier}, {@sysvgroups}, {@jqfmt_vfsv1}, {@nobh}, {@init_itable}, {@nouid32}, {@minixdf}, {@jqfmt_vfsv0}]}, 0x1, 0x590, &(0x7f0000000840)="$eJzs3U1rXFUfAPD/nSRN356nKZTyPCIS6MJK7aRJfKngoi5FiwXd1yGZhpJJp2QmpYkF24V14UaLIGJB3OvelRS/gJ+ioIUiZdCFLiJ35k4yTSbJNJ0mY+b3g9ucc9/+99xzz+m5984wAfSt0fSfXMT/I+LzJOJIRCTZssHIFo421qs9ujGVTkksL7//e1JfL80399Xc7lCW+V9E/PxJxKnc+riVxaXZQqlUnM/yY9W5q2OVxaXTl+cKM8WZ4pWJycmzr05OvPH6a10r60sX/vz6vXtvn/3sRO2rHx4cvZPEuTicLWstx1O42ZoZjdHsnAzFuTUrjjf+dCNmT0h2+wDYloGsnQ9F2gcciYGs1QN738cRsQz0qUT7hz7VHAfUHt1o3sLtmXvSTjx8q3ED1Hy2sfocYLDxbCT21++NDtaSx+6M0pM10oX4aYwff7t7J52ie88hALZ081ZEnBkcXN//JVn/t31nOlhnbQz9H+yce+n45+V245/cyvgn2ox/DrVpu9uxdfvPPehCmA2l4783o335MyMDWe4/9THfUHLpcqmY9m3/jYiTMTSc5sc3iXG2dn95o2Wt4790SuM3x4LZcTwYHH58m+lCtfA0ZW718FbEc23Hv8lK/Sdt6j89Hxc6jHG8ePeFjZZtXf5na/m7iBfb1v/qG61k8/eTY/XrYax5VRxYF+OP28d/2Sj+bpc/rf+Dm5d/JGl9X1t58hjf7v+ruHbe3582/j5W/uj8+t+XfFBP78vmXS9Uq/PjEfuSd9fPn1jdtplvrp+W/+SJzfu/1ev/p5X9pLX8YYflv33s++f3b7CsF+p/+onq/8kT99/56JuN4nfW/71ST53M5nTS/21xXEOx7asZAAAAAAAAelcuIg5HksuvpHO5fL7xEvtYHMyVypXqqUvlhSvTUf+u7EgM5epvulfeyTY+DzGefR62+fmIiTX5yYg4GhFfDhyo5/NT5dL0rpYcAAAAAAAAAAAAAAAAAAAAeseh9t//r/t1YJMNh3fqCIFnyk9+Q/9q1/5vtma68UtPQE/q5P//pDVj8A97xibtv9byG+HAHuT+H/qX9g/9S/uH/qX9Q//S/qF/af8AAAAAAAAAAAAAAAAAAAAAAAAAAADQVRfOn0+n5dqjG1Npfvra4sJs+drp6WJlNj+3MJWfKs9fzc+UyzOlYn6qPLfV/krl8tXxiVi4PlYtVqpjlcWli3PlhSvVi5fnCjPFi8WhHSkVAAAAAAAAAAAAAAAAAAAA/LtUFpdmC6VScX4nE8MRseNBey+RnoZdiP5Fd3c42BsnU6LLid3umQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABg1T8BAAD//6QSNRI=") r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) munmap(&(0x7f0000002000/0x1000)=nil, 0x1000) pwrite64(r5, &(0x7f00000000c0)='a', 0x200000c1, 0x9000) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000340)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x20, 0x80, 0x1c, {0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10}}, 0x0, 0x0, 0x0, 0x0}) r6 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r6, 0x29, 0x20, &(0x7f0000000280)={@mcast1, 0x800, 0x0, 0x105, 0x9}, 0x20) 5.960558538s ago: executing program 3 (id=26): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x88840, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe1000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000040)="64fb26360f85000066b9b40b000066b806a2000066ba000000000f30baa100b0d1ee0f3566b8070000000f23c00f21f86635030002000f23f8f40f09f2360c59f3df22", 0x43}], 0x1, 0x61, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 5.960387538s ago: executing program 2 (id=27): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x0) 5.939869849s ago: executing program 1 (id=28): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = epoll_create1(0x0) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) epoll_pwait(r0, &(0x7f0000000000)=[{}], 0x1, 0x240000, 0x0, 0x0) r1 = syz_usb_connect$midi(0x0, 0x24, &(0x7f0000000200)=ANY=[@ANYBLOB="12010002000000108c0d02014000010203010902120001010560"], 0x0) syz_usb_control_io$sierra_net(r1, 0x0, 0x0) syz_usb_control_io$uac1(r1, 0x0, 0x0) syz_usb_control_io$rtl8150(r1, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) syz_usb_control_io$lan78xx(r1, &(0x7f00000000c0)={0x14, 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0003cc000000cc03"]}, 0x0) syz_usb_control_io$rtl8150(r1, 0x0, 0x0) syz_usb_control_io$rtl8150(r1, 0x0, 0x0) syz_usb_control_io(r1, &(0x7f0000000340)={0x2c, 0x0, &(0x7f0000000100)={0x0, 0x3, 0x2, @string={0x2}}, 0x0, 0x0, 0x0}, 0x0) 5.752021235s ago: executing program 2 (id=29): syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000f40)={[{@utf8no}, {@utf8}, {@fat=@check_strict}, {@utf8}, {@shortname_winnt}, {@iocharset={'iocharset', 0x3d, 'macgaelic'}}, {@fat=@check_strict}, {@uni_xlateno}, {@uni_xlate}, {@fat=@allow_utime={'allow_utime', 0x3d, 0xc}}, {@numtail}, {@utf8no}, {@utf8no}, {@utf8}, {@iocharset={'iocharset', 0x3d, 'cp865'}}]}, 0x1, 0x378, &(0x7f0000001100)="$eJzs3U9oHFUYAPBvM/lbqMlBKArC6E2Q0D94UDyklBSKe1FZqiLiYlOVbCxkcTE9dBsv4lHwKghexIMePPQsgiJexINX68GqeNDeChaf7O7s7qS7SSNlrcHf77B8ee99896bvGQnk8zLSyuxfm4mzl+/fi3m5ysxvXJqJW5UYimy6Lsco2bHlAEAB8ONlOKP1LPPlMqEhwQATFj3/f+Vw6WSt77cq33y7g8AB17x8//CXm3mR4t+eqLzemFy4wIAJmfk/v9DU+Xq2Z2/6p8u/VUAAHBQPfPc80+erEY8nefzERtvt2qtWjw+rD95Pl6LRqzF0ViMmxG9C4XOS6X7evpMdfVonuft+HkpahHxQasWsdFu1XpXCiezbv5cHIvFWCryi6uNlFJ2+rPq6rG8KyIut7v9x0alVZuJQ0X/PxyKtTgeedw7kh9xprp6PC8OUNvo57cjtof3LTrjX47F+O7luBCNOLdwNlLqX9ZUVy8dy/NTqbojv1Wbi3ODszDmDggAAAAAAAAAAAAAAAAAAAAAANyB5XxgabD/TRru37O8PKa+uz9OL7/YH2i7tz9QmkuR0u9vvjD1ThY79ge6dX+eVm06pu7u1AEAAAAAAAAAAAAAAAAAAOA/o7k1G/VGY22zuXVxvRy0N5tbUxHRKXn960++WIjRNrcJpos+SlV5UXRxvZ6yfuOU7WhTBFmn837Jx1cGIy63mRvMYuww5navajQOP/htNQZzfyDrH/mvYZssxk8wpZSKWYwceeOe3pAGJTPDKe96xk4UwfHbnNWrKaXdjnPpxdGsqERM//NP3N5B6gRfXXv1vhPNI492Sz5PPQ8/snj26nsf/rpeb3R67mh8NLvZvJnW68XH4xfb7kFWWj+V4hxWyith+tasmdKq295ZVc++/+3Z+9/9Zn+9p3LJG2PaZL3pfLrZ3KoUXyndqtle0Cm7JWuhcSYbWQkzYxb/nQVjF9uR91fqVy79+Mt+j1P6JmGjDgAAAAAAAAAAAAAAAAAA+FeUnhUvHvQtHvad2SvrsaeKYH7yIwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAyRv+//9SsD1Ssp/gz3aMVs2tbTYj5u/2NAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+J/7OwAA//8I12ac") open(&(0x7f0000000640)='./file0\x00', 0x10000, 0x9e) 5.244227422s ago: executing program 2 (id=30): openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xb, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf51c}, 0x94) sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB="9f801c00180000000000000010fc010000000000000e0200000003000000005f00"/43], 0x0, 0x2b, 0x0, 0x5}, 0x28) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) r1 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r2 = syz_open_procfs(0x0, &(0x7f00000001c0)='pagemap\x00') pread64(r2, &(0x7f000001a240)=""/102400, 0x19000, 0x1000000000) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="010000000600100004012200a4e2"], 0x48) ioctl$USBDEVFS_IOCTL(r1, 0xc0105512, &(0x7f0000000200)) add_key$keyring(&(0x7f00000000c0), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) keyctl$chown(0x4, 0x0, 0xee01, 0x0) r6 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)={0x4c, r6, 0x1, 0x70bd28, 0x25dfdbfb, {}, [@WGDEVICE_A_IFNAME={0x14, 0x2, 'wg1\x00'}, @WGDEVICE_A_PRIVATE_KEY={0x24, 0x3, @b}]}, 0x4c}, 0x1, 0x0, 0x0, 0x240460d0}, 0x44000) 5.243992482s ago: executing program 3 (id=31): r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000040)={@private0={0xfc, 0x0, '\x00', 0x1}, 0x8, 0x1, 0x0, 0x4, 0x1, 0x8a3}, 0x20) 5.000177391s ago: executing program 3 (id=32): r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x1, 0x0) fchdir(r1) fchmodat(0xffffffffffffff9c, &(0x7f0000000300)='.\x00', 0xffffffd3) mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x408, 0x103) 4.788204118s ago: executing program 3 (id=33): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x83, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f0000000080)="b805000000090200e1490000320f01d9660ff7e31bf7ececea55bf000000010000c0fe0fae41d90100c8800000c00f3209083667dbd20f300f0826f30fc7b205000000660fc775022e0ffa600c980f320f3566b85700", 0x56}], 0x48, 0x17, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000140)=[@text16={0x10, 0x0}], 0x1, 0x6bb6c4a5b2d35090, 0x0, 0x0) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f00000001c0)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 3.591563638s ago: executing program 2 (id=34): r0 = syz_mount_image$msdos(&(0x7f0000000740), &(0x7f0000007f80)='./file0\x00', 0x1000000, &(0x7f0000000340)={[{@nodots}, {@fat=@time_offset={'time_offset', 0x3d, 0x40f}}, {@dots}, {@fat=@codepage={'codepage', 0x3d, '932'}}, {@fat=@nfs}, {@fat=@gid={'gid', 0x3d, 0xee00}}, {@dots}, {@nodots}, {@nodots}, {@nodots}, {@nodots}, {@nodots}, {@nodots}, {@fat=@usefree}, {@nodots}, {@fat=@sys_immutable}, {@fat=@dos1xfloppy}, {@nodots}, {@fat=@nocase}, {@nodots}, {@dots}, {@fat=@uid}]}, 0x0, 0x207, &(0x7f0000007d40)="$eJzs3TFrE2EYB/Dn0tpcXMwmiMKBi4MUdXWpSAUxICoddFKoLq0Idoku7ehH8AM6OJbiEAQ5SS/JpUkT2yTtWf39hvLc8+97d294SW7Jm9fX329tfth59+3q10jTJGprsRadJJpRi769mKg2OQIA/ladPI/9vDDUTiq8JQDgjE34/B/2a8rwxJMCAFw8L16+evKg1Vp/nmVpxEF+pWjvtTeK4tHj1vqdLMuy78+a5aiDdntjaZDfzUafHbr5pbjcy+9lhaP5Sty6GV/2f7S7jezh09ZIXo/NaTeeHv5tzjl9AAAAAAAAAAAAAAAAAAAAAACoxI3I+poRt+8X3XJ/n9XV4byr0cuLo8H+QGP7+yzHteXeYbk9UL57XhMDAAAAAAAAAAAAAAAAAACAC2Tn0+etN9vbbz+WRT0ijnZOUyS9Ex92lvrF6c9zTkUtFn7mhU25fvYvQnrcAiiLleOjxvRRY0XjDysqWfQiyWYe/nOuxT9azDivlYiY6+q1yVEnz/MTLuO+elVvTgAAAAAAAAAAAAAAAAAA8J8pv/Q7nqVV3BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAVKD8/f8Zit2IOME/Dy7WqHSqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/MN+BwAA//+AUC4g") getdents64(r0, &(0x7f00000021c0)=""/4096, 0x1000) 3.412312434s ago: executing program 2 (id=35): gettid() timer_create(0x6, &(0x7f0000000080)={0x0, 0x4001b, 0x4, @thr={&(0x7f00000000c0)="cfb2634ff623dbcc22afc156016485c5f76a16bd3b74e406034dc79a2f3ab6c6b27d999fdfc87c4e14842d53f1b0c1fe989f17c795086a9a3f3bdbe853487fe0fee91eb381ea836310baa52f4b599ed47ab420c39698936b6783fc6d34d047e380c7ab0025b4f6e873a852bc247c0d02d544351bca91a8555d4f2c5d096f7b78d98db776515c84100000002e5b0f4e7943bfbd483d3ed700"/163, &(0x7f0000000180)="48f4f6d7984c26963dd927ca485aa51570bb9049ffa50cdd346e7e830aac57659f25882eda86736b526ca3c97ca9a45f3a3035c7ef6a84b50fe4a41248e2e1eec5fcc669fb5293ddd67c10f390381650bb937610adbf0412c5df3514b6e2cf38"}}, &(0x7f0000000000)=0x0) r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f00000083c0)={{0x1, 0x3, 0x5}}) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r1, 0x40505412, &(0x7f00000000c0)={0x4, 0x8}) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7fff, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3ff}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, 0x0, &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$sock_attach_bpf(r4, 0x1, 0x32, &(0x7f0000000180)=r3, 0x4) sendmsg$inet(r5, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x20000000) readv(r1, &(0x7f0000000200)=[{&(0x7f0000003140)=""/4096, 0x20}], 0x1) r6 = getpid() sched_setscheduler(r6, 0x1, &(0x7f0000000100)=0x5) fcntl$lock(r1, 0x5, &(0x7f0000000040)={0x0, 0x5, 0x3ed4, 0x80000001, r6}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x9) r7 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r7, 0x29, 0x5, 0x0, 0x0) timer_getoverrun(r0) fchown(0xffffffffffffffff, 0x0, 0x0) 3.256414309s ago: executing program 2 (id=36): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x19) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, 0x0) close(r1) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) 3.135184344s ago: executing program 3 (id=37): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, 0x0) r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x0, 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe) 1.807300629s ago: executing program 0 (id=38): syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000700)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000012c0), 0xfe, 0x244, &(0x7f0000000400)="$eJzs3T9oJFUcB/DvzO565m6RUxtB/AMiooFwdoJNbBQCEoKIoEJExEZJhJhgl1jZWGitksomiJ3RUtIEG0WwipoiNoIGC4OFFiu7k0hMVqNu3Dkynw9MZibz3vzesPN9u83sBmisq0mmk7SSTCbpJCmON7i7Wq4e7q5PbM8nvd4TPxWDdtV+5ajflSRrSR5KslUWeamdrGw+s/fLzmP3vbncuff9zacnxnqRh/b3dh8/eG/2jY9mHlz54qsfZotMp/un6zp/xZD/tYvklv+j2HWiaNc9Av6Judc+/Lqf+1uT3DPIfydlqhfvraUbtjp54N2/6vv2j1/ePs6xAuev1+v03wPXekDjlEm6KcqpJNV2WU5NVZ/hv2ldLl9eXHp18sXF5YUX6p6pgPPSTXYf/eTSx1dO5P/7VpV/4OLq5//JuY1v+9sHrbpHA4zFHdWqn//J51bvj/xD48g/NJf8Q3PJPzSX/ENzyT80l/zDBdb5+8PyD80l/9Bc8g/NdTz/AECz9C7V/QQyUJe65x8AAAAAAAAAAAAAAAAAAOC09Ynt+aNlXDU/eyfZfyRJe1j91uD3iJMbB38v/1z0m/2hqLqN5Nm7RjzBiD6o+enrm76rt/7nd9Zbf3UhWXs9ybV2+/T9Vxzef//dzWcc7zw/YoF/qTix//BT461/0m8b9daf2Uk+7c8/14bNP2VuG6yHzz/ds79i+Uyv/DriCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABib3wMAAP//+kBtTA==") syz_mount_image$fuse(0x0, &(0x7f0000000940)='./file0\x00', 0x48008, 0x0, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x8000) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = creat(&(0x7f0000000200)='./file1\x00', 0x12e) close(r3) userfaultfd(0x80001) r4 = socket$unix(0x1, 0x5, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000040), 0x200000, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="440000001000010400000000fcdbdf", @ANYRES32=0x0, @ANYBLOB="452800001008040024001280090001007866726d000000001400028008000100030000000800020004000000"], 0x44}}, 0x4008894) syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x5, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x4008, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) 1.358718294s ago: executing program 3 (id=39): prlimit64(0x0, 0xe, 0x0, 0x0) getpgrp(0x0) syz_usb_connect(0x3, 0x24, &(0x7f00000002c0)={{0x12, 0x1, 0x310, 0xd3, 0xfd, 0x15, 0x10, 0x20dc, 0x79c, 0xa6f5, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0xa9, 0x90, 0x2, "", [{{0x9, 0x4, 0x69, 0xc, 0x0, 0x8, 0x3, 0x1, 0x4}}]}}]}}, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0}) 755.448554ms ago: executing program 1 (id=40): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x30000c6, &(0x7f00000004c0)={[{@nombcache}, {@grpjquota}, {@dioread_lock}, {@noauto_da_alloc}, {@errors_remount}, {@user_xattr}]}, 0x1, 0x569, &(0x7f0000000940)="$eJzs3U1rXFUfAPD/nWT6/jxNoRQVkYALK7WTJvGlgou61mJB93VIbkPJpFMyk9LEgu3CrqW4EQviXly7LH4BF36GghaKlKALN5E7uTOdJDPJtJ0mU+f3g1vOuS8598y5/9NzcmYyAQyt8eyfQsTLEfF1EnE0IpL82GjkB8fXz1t9dGMm25JYW/v0z6RxXpZv/qzmdYfzzEsR8ctXEacKW8utLa/MlyuVdDHPT9QXrk7UlldOX14oz6Vz6ZWp6emz70xPvf/eu32r65sX/v72k3sjee7YnSTOxZE8116PZ3CzPTMe4/lrUoxzm06c7ENhgyTpuPenXb8PnsxIHufFyPqAozGSRz3w3/dlRKwBQyp54vj/rfh87gTYXc1xQHNu36d58Avj4YfrE6Ct9R9d/91IHGjMjQ6tJhtmRtl8d6wP5Wdl/PzH3TvZFv37PQTAjm7eiogzo6Nb+78k7/+e3pkeztlchv4Pds+9bPzzVqfxT6E1/okO45/DHWL3aewc/4UHfSimq2z890HH8W9r0WpsJM/9rzHmKyaXLlfSrG/7f0ScjOL+LL/des7Z1ftr3Y61j/+yLSu/ORbM7+PB6P6N18yW6+VnqXO7h7ciXuk4/k1a7Z90aP/s9bjQYxkn0ruvdTu2c/2fr7UfIt7o2P6PV7SS7dcnJxrPw0Tzqdjqr9snfu1W/l7XP2v/Q9vXfyxpX6+ttV890lMZ3x/4J43WevJGG+ofvT//+5LPGul9+b7r5Xp9cTJiX/Jxa3+huX/q8bXNfPP8rP4nX9++/+v0/B+MiM97qn3E7eM/vtrt2CC0/2zH9m/Nbje1/5Mn7n/0xXfdyu+t/3u7kTqZ7+ml/+v1Bp/ltQMAAAAAAIBBU4iII5EUSq10oVAqrb+/43gcKlSqtfqpS9WlK7PR+KzsWBQLzZXuo23vh5jMVwyb+alN+emIOBYR34wcbORLM9XK7F5XHgAAAAAAAAAAAAAAAAAAAAbE4S6f/8/8vvXPux/Y/TsEnitf+Q3Da8f478c3PQEDyf//MLzEPwwv8Q/DS/zD8BL/MLzEPwwv8Q/DS/wDAAAAAAAAAAAAAAAAAAAAAAAAAABAX104fz7b1lYf3ZjJ8rPXlpfmq9dOz6a1+dLC0kxpprp4tTRXrc5V0tJMdWGnn1epVq9OTsXS9Yl6WqtP1JZXLi5Ul67UL15eKM+lF9PirtQKAAAAAAAAAAAAAAAAAAAAXiy15ZX5cqWSLkpIPFVidDBuQ6LPib3umQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgsX8DAAD//welMww=") lsetxattr$trusted_overlay_upper(&(0x7f0000000080)='./file1\x00', &(0x7f0000000840), &(0x7f0000000940)=ANY=[], 0x361, 0x0) setxattr$security_ima(&(0x7f0000000100)='./file1\x00', &(0x7f0000000140), &(0x7f00000013c0)=ANY=[], 0x700, 0x0) syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='./file0\x00', 0x2800000, &(0x7f0000000140)={[{@debug}, {@delalloc}, {@inlinecrypt}, {@test_dummy_encryption}, {@errors_continue}, {@noquota}, {@delalloc}, {@barrier}]}, 0x1, 0xbd0, &(0x7f0000000480)="$eJzs3M9rXVUeAPDvvfnZNp2XDsMwnU0zDEMLw7ymHVKmZcBWKm5cCLoVGtKXEvL6gyRSkwZ80X9A1LXgRlCL0oVdd6Pg1o3WrcWFUCQ2CiIaue9HkibvJU3zkhvTzwdO7jn33HvP95ubvHsOvPcCeGINZD/SiMMRcSGJKNT3pxHRXa31RlRqxy3Mz478ND87ksTi4gvfJ5FExIP52ZHGtZL69kC90RsRXzydxJ9fXzvu5PTM+HC5XJqot49PXb52fHJ65j9jl4cvlS6Vrpw49b+hk0OnBk8PtS3Xn785e/vHfzz7beWXD369+cNb7yVxNvrqfSvzqGe9ZQMxsPQ7WakzIobbcP3doKOez8o8k84NTkq3OSgAAFpKV8zh/hqF6IjlyVshPv0y1+AAAACAtljsiFgEAAAA9rjE+h8AAAD2uMb7AB7Mz440Sr7vSNhZ989FRH8t/4V6qfV0RqW67Y2uiNj/IImVH2tNaqdt2UBE3Pv69MdZiSafQ95ulbmI+Fuz+59U8++vfxJ6df5pRAy2YfyBVe0/Uv5n2zB+3vkD8GS6c672IFv7/EuX5j/R5PnX2eTZ9Tjyfv415n8La+Z/y/l3tJj/Pf+IY9x4/53rrfqy/P9/+5mPGiUbP9tuKalNuD8X8ffOZvknS/knLfK/sMG1k6hdovDb9VKrY/LOf/HdiKPRPP+GZP3vJzo+OlYuDdZ+Nh1j7vOhD1uNn3f+2f3f3yL/de5/b7bv2kNXav2lPi+dP3+rVd/G+affdScvVmvd9T2vDE9NTZyI6E6eW7v/5Pr5No5pXCPL/9g/1///b/b3n70mVOp/G1nmc/Vt1n5t1ZhP3bzxyXr5Z2u/PO//xc3f/+q+Nx5xjH999uaxVn0r179Zyca/l9TWwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQkEZEXyRpMSKSaj1Ni8WIAxHxl9iflq9OTv179OrLVy5mfRH90ZWOjpVLgxFRqLWTrH2iWl9un1zV/m9EHIqItwv7qu3iyNXyxbyTBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYMmBiOiLJC1GRBoRC4U0LRbzjgoAAABou/68AwAAAAC2nfU/AAAA7H3W/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGyzQ0fu3E0ionJmX7Vkuut9XblGBmy3NO8AgNx05B0AkJvOvAMAcrPJNb7pAuxByQb9vS17etoeCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC719HDd+4mEVE5s69aMt31vq6mZxzZweiA7ZTmHQCQm471Ojt3Lg5g5z32v/jB9sYB7Lzma3zgSZJs0N+7fEzl4Z6ebYsJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgN2nr1qStBgRabWepsVixMGI6I+uZHSsXBqMiD9FxFeFrp6s3ZN30AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALTd5PTM+HC5XJp4nEqytdNVVFpVXt0dYexsJdkdYdQqeb8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQh8npmfHhcrk0MZl3JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDeJqdnxofL5dLEI1RubebgFZW8cwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID+/BwAA//8v5A3O") lsetxattr$trusted_overlay_upper(&(0x7f0000000280)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000900)=ANY=[@ANYBLOB], 0xfe37, 0x2) 0s ago: executing program 0 (id=41): r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280), 0x42, 0x0) ioctl$FUSE_DEV_IOC_CLONE(r0, 0x8004e500, &(0x7f0000000040)=r0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.121' (ED25519) to the list of known hosts. [ 77.861100][ T5758] cgroup: Unknown subsys name 'net' [ 77.996855][ T5758] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 79.654900][ T5758] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 81.234664][ T5776] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 81.255629][ T5779] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 81.264223][ T5781] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 81.264572][ T5779] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 81.273483][ T5781] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 81.286514][ T5783] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 81.295769][ T5781] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 81.303858][ T5783] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 81.312123][ T5781] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 81.320049][ T5781] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 81.320315][ T5783] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 81.329807][ T5784] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 81.342378][ T5784] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 81.344288][ T5783] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 81.350987][ T5784] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 81.357542][ T5783] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 81.364927][ T5784] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 81.373122][ T5783] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 81.378267][ T5784] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 81.385676][ T5783] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 81.392574][ T5784] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 81.401545][ T5783] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 81.407032][ T5778] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 81.420261][ T5784] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 81.878538][ T5772] chnl_net:caif_netlink_parms(): no params data found [ 81.955203][ T5773] chnl_net:caif_netlink_parms(): no params data found [ 82.045403][ T5770] chnl_net:caif_netlink_parms(): no params data found [ 82.083552][ T5772] bridge0: port 1(bridge_slave_0) entered blocking state [ 82.092779][ T5772] bridge0: port 1(bridge_slave_0) entered disabled state [ 82.101022][ T5772] bridge_slave_0: entered allmulticast mode [ 82.107858][ T5772] bridge_slave_0: entered promiscuous mode [ 82.125277][ T5772] bridge0: port 2(bridge_slave_1) entered blocking state [ 82.132523][ T5772] bridge0: port 2(bridge_slave_1) entered disabled state [ 82.139787][ T5772] bridge_slave_1: entered allmulticast mode [ 82.146555][ T5772] bridge_slave_1: entered promiscuous mode [ 82.203580][ T5772] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 82.223546][ T5772] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 82.244350][ T5771] chnl_net:caif_netlink_parms(): no params data found [ 82.254746][ T5773] bridge0: port 1(bridge_slave_0) entered blocking state [ 82.262137][ T5773] bridge0: port 1(bridge_slave_0) entered disabled state [ 82.269528][ T5773] bridge_slave_0: entered allmulticast mode [ 82.276332][ T5773] bridge_slave_0: entered promiscuous mode [ 82.325331][ T5773] bridge0: port 2(bridge_slave_1) entered blocking state [ 82.334606][ T5773] bridge0: port 2(bridge_slave_1) entered disabled state [ 82.342527][ T5773] bridge_slave_1: entered allmulticast mode [ 82.349519][ T5773] bridge_slave_1: entered promiscuous mode [ 82.394004][ T5770] bridge0: port 1(bridge_slave_0) entered blocking state [ 82.401338][ T5770] bridge0: port 1(bridge_slave_0) entered disabled state [ 82.408538][ T5770] bridge_slave_0: entered allmulticast mode [ 82.416581][ T5770] bridge_slave_0: entered promiscuous mode [ 82.436139][ T5772] team0: Port device team_slave_0 added [ 82.455065][ T5770] bridge0: port 2(bridge_slave_1) entered blocking state [ 82.462607][ T5770] bridge0: port 2(bridge_slave_1) entered disabled state [ 82.470427][ T5770] bridge_slave_1: entered allmulticast mode [ 82.477328][ T5770] bridge_slave_1: entered promiscuous mode [ 82.486647][ T5773] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 82.500369][ T5773] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 82.511249][ T5772] team0: Port device team_slave_1 added [ 82.595891][ T5772] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 82.603179][ T5772] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 82.629535][ T5772] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 82.642061][ T5771] bridge0: port 1(bridge_slave_0) entered blocking state [ 82.649166][ T5771] bridge0: port 1(bridge_slave_0) entered disabled state [ 82.656752][ T5771] bridge_slave_0: entered allmulticast mode [ 82.664886][ T5771] bridge_slave_0: entered promiscuous mode [ 82.674713][ T5773] team0: Port device team_slave_0 added [ 82.686071][ T5770] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 82.696508][ T5772] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 82.704043][ T5772] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 82.730548][ T5772] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 82.749148][ T5771] bridge0: port 2(bridge_slave_1) entered blocking state [ 82.756786][ T5771] bridge0: port 2(bridge_slave_1) entered disabled state [ 82.764273][ T5771] bridge_slave_1: entered allmulticast mode [ 82.771339][ T5771] bridge_slave_1: entered promiscuous mode [ 82.781538][ T5773] team0: Port device team_slave_1 added [ 82.789442][ T5770] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 82.866860][ T5771] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 82.888987][ T5770] team0: Port device team_slave_0 added [ 82.896207][ T5773] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 82.903362][ T5773] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 82.929646][ T5773] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 82.942652][ T5773] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 82.949770][ T5773] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 82.975812][ T5773] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 82.988600][ T5771] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 83.018466][ T5770] team0: Port device team_slave_1 added [ 83.050334][ T5771] team0: Port device team_slave_0 added [ 83.064035][ T5772] hsr_slave_0: entered promiscuous mode [ 83.070446][ T5772] hsr_slave_1: entered promiscuous mode [ 83.097015][ T5771] team0: Port device team_slave_1 added [ 83.125185][ T5770] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 83.132429][ T5770] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 83.158634][ T5770] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 83.205541][ T5770] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 83.212644][ T5770] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 83.239557][ T5770] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 83.254533][ T5773] hsr_slave_0: entered promiscuous mode [ 83.261620][ T5773] hsr_slave_1: entered promiscuous mode [ 83.267828][ T5773] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 83.275710][ T5773] Cannot create hsr debugfs directory [ 83.299659][ T5771] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 83.306651][ T5771] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 83.333262][ T5771] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 83.352489][ T5771] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 83.359568][ T5771] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 83.386622][ T5771] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 83.432448][ T5784] Bluetooth: hci0: command tx timeout [ 83.491605][ T5770] hsr_slave_0: entered promiscuous mode [ 83.498899][ T5770] hsr_slave_1: entered promiscuous mode [ 83.505572][ T5770] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 83.509736][ T5784] Bluetooth: hci3: command tx timeout [ 83.513688][ T5783] Bluetooth: hci2: command tx timeout [ 83.518722][ T51] Bluetooth: hci1: command tx timeout [ 83.532384][ T5770] Cannot create hsr debugfs directory [ 83.592764][ T5771] hsr_slave_0: entered promiscuous mode [ 83.599143][ T5771] hsr_slave_1: entered promiscuous mode [ 83.605934][ T5771] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 83.613867][ T5771] Cannot create hsr debugfs directory [ 83.927899][ T5772] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 83.944929][ T5772] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 83.977345][ T5772] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 83.987081][ T5772] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 84.046622][ T5773] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 84.069041][ T5773] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 84.088750][ T5773] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 84.107384][ T5773] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 84.202673][ T5770] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 84.215242][ T5770] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 84.225670][ T5770] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 84.235758][ T5770] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 84.354911][ T5771] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 84.377880][ T5771] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 84.387665][ T5771] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 84.414855][ T5771] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 84.438223][ T5772] 8021q: adding VLAN 0 to HW filter on device bond0 [ 84.482411][ T5773] 8021q: adding VLAN 0 to HW filter on device bond0 [ 84.522589][ T5772] 8021q: adding VLAN 0 to HW filter on device team0 [ 84.549106][ T5773] 8021q: adding VLAN 0 to HW filter on device team0 [ 84.561334][ T5770] 8021q: adding VLAN 0 to HW filter on device bond0 [ 84.576450][ T1095] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.584722][ T1095] bridge0: port 1(bridge_slave_0) entered forwarding state [ 84.623079][ T1095] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.630382][ T1095] bridge0: port 1(bridge_slave_0) entered forwarding state [ 84.646413][ T1095] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.653563][ T1095] bridge0: port 2(bridge_slave_1) entered forwarding state [ 84.668378][ T5770] 8021q: adding VLAN 0 to HW filter on device team0 [ 84.701153][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.709614][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 84.719845][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.726973][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 84.778939][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.786110][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 84.897914][ T5771] 8021q: adding VLAN 0 to HW filter on device bond0 [ 85.017432][ T5771] 8021q: adding VLAN 0 to HW filter on device team0 [ 85.044972][ T41] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.052219][ T41] bridge0: port 1(bridge_slave_0) entered forwarding state [ 85.135261][ T1095] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.142612][ T1095] bridge0: port 2(bridge_slave_1) entered forwarding state [ 85.333660][ T5773] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 85.471623][ T5773] veth0_vlan: entered promiscuous mode [ 85.509717][ T51] Bluetooth: hci0: command tx timeout [ 85.510516][ T5773] veth1_vlan: entered promiscuous mode [ 85.526180][ T5770] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 85.557198][ T5772] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 85.589676][ T51] Bluetooth: hci2: command tx timeout [ 85.595161][ T51] Bluetooth: hci1: command tx timeout [ 85.600832][ T5784] Bluetooth: hci3: command tx timeout [ 85.694307][ T5773] veth0_macvtap: entered promiscuous mode [ 85.704065][ T5771] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 85.735967][ T5770] veth0_vlan: entered promiscuous mode [ 85.764500][ T5773] veth1_macvtap: entered promiscuous mode [ 85.777975][ T5772] veth0_vlan: entered promiscuous mode [ 85.800150][ T5770] veth1_vlan: entered promiscuous mode [ 85.826381][ T5773] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 85.841521][ T5772] veth1_vlan: entered promiscuous mode [ 85.865672][ T5773] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 85.890964][ T5773] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.902138][ T5773] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.912237][ T5773] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.921300][ T5773] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.932568][ T5771] veth0_vlan: entered promiscuous mode [ 85.958157][ T5771] veth1_vlan: entered promiscuous mode [ 86.002269][ T5770] veth0_macvtap: entered promiscuous mode [ 86.027059][ T5770] veth1_macvtap: entered promiscuous mode [ 86.048239][ T5772] veth0_macvtap: entered promiscuous mode [ 86.092113][ T5772] veth1_macvtap: entered promiscuous mode [ 86.108643][ T5771] veth0_macvtap: entered promiscuous mode [ 86.118376][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 86.133320][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 86.145158][ T5770] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 86.178008][ T5771] veth1_macvtap: entered promiscuous mode [ 86.191693][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 86.202782][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 86.214868][ T5770] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 86.236787][ T5770] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.246209][ T5770] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.259925][ T5770] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.268693][ T5770] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.310961][ T5772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 86.321838][ T142] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 86.337050][ T142] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 86.344905][ T5772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 86.354958][ T5772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 86.365537][ T5772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 86.377043][ T5772] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 86.396507][ T5771] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 86.408479][ T5771] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 86.418769][ T5771] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 86.429454][ T5771] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 86.439392][ T5771] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 86.449923][ T5771] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 86.461740][ T5771] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 86.480355][ T5772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 86.492739][ T5772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 86.503109][ T5772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 86.517359][ T5772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 86.530511][ T5772] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 86.564903][ T5772] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.574698][ T5772] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.584292][ T5772] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.593109][ T5772] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.616822][ T3464] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 86.625236][ T5771] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 86.639151][ T3464] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 86.642544][ T5771] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 86.656942][ T5771] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 86.679315][ T5771] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 86.689246][ T5771] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 86.700044][ T5771] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 86.714798][ T5771] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 86.732931][ T5771] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.742727][ T5771] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.752085][ T5771] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.761645][ T5771] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.970970][ T142] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 86.978885][ T142] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 87.061557][ T3464] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 87.082435][ T3464] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 87.092888][ T5837] syz.3.4[5837]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 87.141444][ T5837] loop3: detected capacity change from 0 to 256 [ 87.155880][ T5837] exfat: Deprecated parameter 'utf8' [ 87.196949][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 87.216558][ T5837] exfat: Deprecated parameter 'utf8' [ 87.229593][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 87.266969][ T41] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 87.291117][ T41] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 87.310613][ T1095] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 87.336501][ T1095] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 87.364383][ T5837] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x97423c56, utbl_chksum : 0xe619d30d) [ 87.467140][ T1095] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 87.507812][ T1095] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 87.589469][ T51] Bluetooth: hci0: command tx timeout [ 87.598731][ T5837] syz.3.4: attempt to access beyond end of device [ 87.598731][ T5837] loop3: rw=524288, sector=272, nr_sectors = 128 limit=256 [ 87.627309][ T5837] syz.3.4: attempt to access beyond end of device [ 87.627309][ T5837] loop3: rw=524288, sector=400, nr_sectors = 256 limit=256 [ 87.672775][ T51] Bluetooth: hci1: command tx timeout [ 87.678269][ T51] Bluetooth: hci3: command tx timeout [ 87.685341][ T51] Bluetooth: hci2: command tx timeout [ 87.711311][ T5840] loop0: detected capacity change from 0 to 512 [ 87.719735][ T5837] syz.3.4: attempt to access beyond end of device [ 87.719735][ T5837] loop3: rw=0, sector=272, nr_sectors = 8 limit=256 [ 87.733334][ T5842] binfmt_misc: register: failed to install interpreter file ./file0 [ 87.821907][ T27] audit: type=1800 audit(1774824147.579:2): pid=5837 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.4" name="file0" dev="loop3" ino=1048590 res=0 errno=0 [ 87.879150][ T5840] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 87.901341][ T5845] syzkaller0: entered promiscuous mode [ 87.906882][ T5845] syzkaller0: entered allmulticast mode [ 87.940010][ T5840] ext4 filesystem being mounted at /0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 88.034682][ T5840] EXT4-fs error (device loop0): ext4_map_blocks:608: inode #2: block 18: comm syz.0.1: lblock 23 mapped to illegal pblock 18 (length 1) [ 88.252431][ T5851] loop1: detected capacity change from 0 to 512 [ 88.274589][ T5851] ======================================================= [ 88.274589][ T5851] WARNING: The mand mount option has been deprecated and [ 88.274589][ T5851] and is ignored by this kernel. Remove the mand [ 88.274589][ T5851] option from the mount to silence this warning. [ 88.274589][ T5851] ======================================================= [ 89.274644][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 89.434146][ T5855] loop1: detected capacity change from 0 to 512 [ 89.613551][ T5855] EXT4-fs error (device loop1): ext4_xattr_inode_iget:441: inode #12: comm syz.1.8: missing EA_INODE flag [ 89.671867][ T51] Bluetooth: hci0: command tx timeout [ 89.712756][ T5855] EXT4-fs error (device loop1): ext4_xattr_inode_iget:446: comm syz.1.8: error while reading EA inode 12 err=-117 [ 89.862710][ T5859] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 89.976198][ T5784] Bluetooth: hci3: command tx timeout [ 89.982680][ T5784] Bluetooth: hci1: command tx timeout [ 89.988894][ T51] Bluetooth: hci2: command tx timeout [ 90.078795][ T27] audit: type=1326 audit(1774824149.549:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5852 comm="syz.3.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcf259c819 code=0x7ffc0000 [ 90.385468][ T27] audit: type=1326 audit(1774824149.549:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5852 comm="syz.3.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcf259c819 code=0x7ffc0000 [ 90.410578][ T5855] EXT4-fs (loop1): 1 orphan inode deleted [ 90.438037][ T5855] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 90.519426][ T27] audit: type=1326 audit(1774824149.559:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5852 comm="syz.3.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcf259c819 code=0x7ffc0000 [ 90.545311][ T5858] xt_CT: No such helper "pptp" [ 90.599486][ T27] audit: type=1326 audit(1774824149.559:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5852 comm="syz.3.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcf259c819 code=0x7ffc0000 [ 90.679362][ T27] audit: type=1326 audit(1774824149.559:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5852 comm="syz.3.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fbcf259c819 code=0x7ffc0000 [ 90.728683][ T5855] overlayfs: overlay with incompat feature 'volatile' cannot be mounted [ 90.749529][ T27] audit: type=1326 audit(1774824149.559:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5852 comm="syz.3.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcf259c819 code=0x7ffc0000 [ 90.819263][ T27] audit: type=1326 audit(1774824149.559:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5852 comm="syz.3.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcf259c819 code=0x7ffc0000 [ 90.865576][ T5771] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 90.889314][ T27] audit: type=1326 audit(1774824149.569:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5852 comm="syz.3.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcf259c819 code=0x7ffc0000 [ 90.959507][ T27] audit: type=1326 audit(1774824149.569:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5852 comm="syz.3.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcf259c819 code=0x7ffc0000 [ 91.074865][ T5866] loop1: detected capacity change from 0 to 512 [ 91.238149][ T5866] EXT4-fs (loop1): orphan cleanup on readonly fs [ 91.313738][ T5866] EXT4-fs error (device loop1): ext4_acquire_dquot:6949: comm syz.1.10: Failed to acquire dquot type 1 [ 91.357189][ T5866] EXT4-fs error (device loop1): ext4_acquire_dquot:6949: comm syz.1.10: Failed to acquire dquot type 1 [ 91.385756][ T5869] loop3: detected capacity change from 0 to 512 [ 91.400026][ T5866] EXT4-fs error (device loop1): ext4_validate_block_bitmap:439: comm syz.1.10: bg 0: block 248: padding at end of block bitmap is not set [ 91.424520][ T5869] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 91.452780][ T5866] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6655: Corrupt filesystem [ 91.469371][ T5869] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 91.500152][ T5866] EXT4-fs error (device loop1): ext4_acquire_dquot:6949: comm syz.1.10: Failed to acquire dquot type 1 [ 91.521896][ T5869] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 91.562666][ T5862] loop0: detected capacity change from 0 to 40427 [ 91.565457][ T5866] EXT4-fs (loop1): 1 orphan inode deleted [ 91.577461][ T5862] F2FS-fs (loop0): Invalid SB checksum offset: 0 [ 91.586988][ T5862] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock [ 91.600915][ T5869] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2853: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 91.613959][ T5866] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 91.632065][ T5862] F2FS-fs (loop0): invalid crc value [ 91.683359][ T5869] EXT4-fs (loop3): 1 truncate cleaned up [ 91.736454][ T5771] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 91.750620][ T5869] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 91.986661][ T5862] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0 [ 91.996851][ T5864] loop2: detected capacity change from 0 to 40427 [ 91.998066][ T5862] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 92.053340][ T5864] F2FS-fs (loop2): invalid crc value [ 92.069615][ T5875] loop1: detected capacity change from 0 to 4096 [ 92.070591][ T5773] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 92.079139][ T5875] EXT4-fs: inline encryption not supported [ 92.111733][ T5864] F2FS-fs (loop2): Found nat_bits in checkpoint [ 92.318457][ T42] cfg80211: failed to load regulatory.db [ 92.352258][ T5864] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 92.956488][ T5883] netlink: 24 bytes leftover after parsing attributes in process `syz.0.7'. [ 93.483212][ T5875] EXT4-fs (loop1): Test dummy encryption mode enabled [ 93.527339][ T5875] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a856c019, mo2=0103] [ 93.535811][ T5875] System zones: 0-5 [ 93.546958][ T5875] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 93.848202][ T5771] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 93.910663][ T5893] loop3: detected capacity change from 0 to 512 [ 93.940255][ T5893] EXT4-fs: Ignoring removed nomblk_io_submit option [ 94.021207][ T5893] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 94.082934][ T5893] ext4 filesystem being mounted at /5/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 94.183637][ T5897] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 94.460322][ T5903] loop0: detected capacity change from 0 to 128 [ 95.002813][ T5915] loop1: detected capacity change from 0 to 256 [ 96.039197][ C0] sched: RT throttling activated [ 96.139738][ T5817] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 96.363959][ T5817] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 96.404612][ T5817] usb 4-1: New USB device found, idVendor=0cbb, idProduct=f001, bcdDevice= 0.00 [ 96.429295][ T5817] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 96.516704][ T5817] usb 4-1: config 0 descriptor?? [ 96.558255][ T5817] usbhid 4-1:0.0: couldn't find an input interrupt endpoint [ 97.323567][ T5924] loop2: detected capacity change from 0 to 256 [ 97.473920][ T5924] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d) [ 99.039926][ T5834] usb 1-1: new full-speed USB device number 2 using dummy_hcd [ 99.669931][ T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!! [ 100.140991][ T5760] usb 4-1: USB disconnect, device number 2 [ 100.186554][ T5931] trusted_key: encrypted_key: insufficient parameters specified [ 100.761395][ T5773] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 101.100808][ T5942] loop2: detected capacity change from 0 to 256 [ 101.224034][ T5942] FAT-fs (loop2): Directory bread(block 64) failed [ 101.249896][ T5834] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 101.259360][ T5942] FAT-fs (loop2): Directory bread(block 65) failed [ 101.269656][ T5942] FAT-fs (loop2): Directory bread(block 66) failed [ 101.276245][ T5942] FAT-fs (loop2): Directory bread(block 67) failed [ 101.288596][ T5942] FAT-fs (loop2): Directory bread(block 68) failed [ 101.301816][ T5942] FAT-fs (loop2): Directory bread(block 69) failed [ 101.312707][ T5942] FAT-fs (loop2): Directory bread(block 70) failed [ 101.323978][ T5942] FAT-fs (loop2): Directory bread(block 71) failed [ 101.332241][ T5942] FAT-fs (loop2): Directory bread(block 72) failed [ 101.339073][ T5942] FAT-fs (loop2): Directory bread(block 73) failed [ 101.472826][ T5834] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 101.490183][ T5834] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 101.519969][ T5834] usb 1-1: config 1 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 101.563825][ T5834] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 101.585569][ T5834] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 101.606000][ T5834] usb 1-1: Product: syz [ 101.620539][ T5834] usb 1-1: Manufacturer: syz [ 101.626276][ T5834] usb 1-1: SerialNumber: syz [ 101.666852][ T5834] cdc_ncm 1-1:1.0: CDC Union missing and no IAD found [ 101.686264][ T5834] cdc_ncm 1-1:1.0: bind() failure [ 102.975204][ T5958] loop0: detected capacity change from 0 to 1024 [ 102.982987][ T5958] EXT4-fs: Ignoring removed nobh option [ 102.997270][ T5958] EXT4-fs: Project quota feature not enabled. Cannot enable project quota enforcement. [ 103.190944][ T42] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 103.248624][ T5963] loop2: detected capacity change from 0 to 256 [ 103.401051][ T42] usb 2-1: Using ep0 maxpacket: 16 [ 103.421016][ T42] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 103.452285][ T42] usb 2-1: config 1 has 0 interfaces, different from the descriptor's value: 1 [ 103.482355][ T42] usb 2-1: New USB device found, idVendor=0d8c, idProduct=0102, bcdDevice= 0.40 [ 103.497895][ T42] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 103.506401][ T42] usb 2-1: Product: syz [ 103.514443][ T42] usb 2-1: Manufacturer: syz [ 103.519294][ T42] usb 2-1: SerialNumber: syz [ 103.849241][ T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!! [ 103.929235][ T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!! [ 103.939228][ T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!! [ 103.969241][ T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!! [ 104.239230][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 104.802135][ T5974] trusted_key: encrypted_key: insufficient parameters specified [ 104.869074][ T5817] usb 1-1: USB disconnect, device number 3 [ 105.419908][ T1207] usb 2-1: USB disconnect, device number 2 [ 105.527042][ T5976] loop0: detected capacity change from 0 to 128 [ 105.590797][ T5976] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 105.636684][ T5976] ext4 filesystem being mounted at /5/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 106.626307][ T5985] loop1: detected capacity change from 0 to 1024 [ 106.782900][ T5985] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 106.820807][ T5770] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 106.911843][ T5985] ================================================================== [ 106.919983][ T5985] BUG: KASAN: out-of-bounds in ext4_xattr_set_entry+0x94b/0x1e90 [ 106.927766][ T5985] Read of size 18446744073709551588 at addr ffff888077d1d040 by task syz.1.40/5985 [ 106.937085][ T5985] [ 106.939434][ T5985] CPU: 1 PID: 5985 Comm: syz.1.40 Not tainted syzkaller #0 [ 106.946851][ T5985] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 106.956942][ T5985] Call Trace: [ 106.960268][ T5985] [ 106.963233][ T5985] dump_stack_lvl+0x18c/0x250 [ 106.968009][ T5985] ? read_lock_is_recursive+0x20/0x20 [ 106.973422][ T5985] ? show_regs_print_info+0x20/0x20 [ 106.978752][ T5985] ? load_image+0x400/0x400 [ 106.983298][ T5985] ? _raw_spin_lock_irqsave+0xc0/0x100 [ 106.988796][ T5985] ? __virt_addr_valid+0x18c/0x540 [ 106.993999][ T5985] ? __virt_addr_valid+0x469/0x540 [ 106.999234][ T5985] print_report+0xa8/0x210 [ 107.003693][ T5985] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 107.009202][ T5985] kasan_report+0x117/0x150 [ 107.013757][ T5985] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 107.019270][ T5985] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 107.024787][ T5985] kasan_check_range+0x241/0x290 [ 107.029782][ T5985] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 107.035286][ T5985] __asan_memmove+0x29/0x70 [ 107.039870][ T5985] ext4_xattr_set_entry+0x94b/0x1e90 [ 107.045218][ T5985] ext4_xattr_block_set+0xae8/0x32b0 [ 107.050553][ T5985] ? ext4_destroy_inode+0x200/0x200 [ 107.055796][ T5985] ? proc_nr_inodes+0x230/0x230 [ 107.060687][ T5985] ? do_raw_spin_unlock+0x121/0x230 [ 107.065931][ T5985] ? _raw_spin_unlock+0x28/0x40 [ 107.070821][ T5985] ? ext4_xattr_block_find+0x350/0x350 [ 107.076326][ T5985] ? ext4_xattr_ibody_set+0x50d/0x6a0 [ 107.081747][ T5985] ext4_xattr_set_handle+0xe2e/0x14c0 [ 107.087176][ T5985] ? ext4_xattr_inode_free_quota+0x1b0/0x1b0 [ 107.093211][ T5985] ? __ext4_journal_start_sb+0x259/0x560 [ 107.098896][ T5985] ext4_xattr_set+0x252/0x340 [ 107.103621][ T5985] ? ext4_xattr_set_credits+0x2f0/0x2f0 [ 107.109211][ T5985] ? evm_protected_xattr_common+0x170/0x190 [ 107.115135][ T5985] ? ext4_xattr_security_get+0x40/0x40 [ 107.120628][ T5985] __vfs_setxattr+0x431/0x470 [ 107.125351][ T5985] __vfs_setxattr_noperm+0x12d/0x5e0 [ 107.130690][ T5985] vfs_setxattr+0x16b/0x2f0 [ 107.135265][ T5985] ? xattr_permission+0x470/0x470 [ 107.140333][ T5985] ? __mnt_want_write+0x223/0x2a0 [ 107.145410][ T5985] ? path_setxattr+0x3a1/0x5d0 [ 107.150217][ T5985] path_setxattr+0x3f3/0x5d0 [ 107.154863][ T5985] ? simple_xattrs_free+0x150/0x150 [ 107.160137][ T5985] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 107.166158][ T5985] ? lock_chain_count+0x20/0x20 [ 107.171127][ T5985] __x64_sys_setxattr+0xbb/0xd0 [ 107.176011][ T5985] do_syscall_64+0x55/0xa0 [ 107.180432][ T5985] ? clear_bhb_loop+0x40/0x90 [ 107.185110][ T5985] ? clear_bhb_loop+0x40/0x90 [ 107.189785][ T5985] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 107.195701][ T5985] RIP: 0033:0x7f5180b9c819 [ 107.200129][ T5985] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 107.219842][ T5985] RSP: 002b:00007f5181994028 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc [ 107.228287][ T5985] RAX: ffffffffffffffda RBX: 00007f5180e15fa0 RCX: 00007f5180b9c819 [ 107.236347][ T5985] RDX: 00002000000013c0 RSI: 0000200000000140 RDI: 0000200000000100 [ 107.244333][ T5985] RBP: 00007f5180c32c91 R08: 0000000000000000 R09: 0000000000000000 [ 107.252313][ T5985] R10: 0000000000000700 R11: 0000000000000246 R12: 0000000000000000 [ 107.260305][ T5985] R13: 00007f5180e16038 R14: 00007f5180e15fa0 R15: 00007fff0be7a1a8 [ 107.268311][ T5985] [ 107.271353][ T5985] [ 107.273719][ T5985] Allocated by task 5985: [ 107.278073][ T5985] kasan_set_track+0x4e/0x70 [ 107.282698][ T5985] __kasan_kmalloc+0x8f/0xa0 [ 107.287292][ T5985] __kmalloc_node_track_caller+0xb2/0x230 [ 107.293018][ T5985] kmemdup+0x2b/0x70 [ 107.296918][ T5985] ext4_xattr_block_set+0x9ea/0x32b0 [ 107.302201][ T5985] ext4_xattr_set_handle+0xe2e/0x14c0 [ 107.307571][ T5985] ext4_xattr_set+0x252/0x340 [ 107.312262][ T5985] __vfs_setxattr+0x431/0x470 [ 107.316946][ T5985] __vfs_setxattr_noperm+0x12d/0x5e0 [ 107.322242][ T5985] vfs_setxattr+0x16b/0x2f0 [ 107.326822][ T5985] path_setxattr+0x3f3/0x5d0 [ 107.331407][ T5985] __x64_sys_setxattr+0xbb/0xd0 [ 107.336275][ T5985] do_syscall_64+0x55/0xa0 [ 107.340741][ T5985] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 107.346646][ T5985] [ 107.349001][ T5985] The buggy address belongs to the object at ffff888077d1d000 [ 107.349001][ T5985] which belongs to the cache kmalloc-1k of size 1024 [ 107.363065][ T5985] The buggy address is located 64 bytes inside of [ 107.363065][ T5985] 1024-byte region [ffff888077d1d000, ffff888077d1d400) [ 107.369483][ T1207] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 107.376332][ T5985] [ 107.376341][ T5985] The buggy address belongs to the physical page: [ 107.376350][ T5985] page:ffffea0001df4600 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x77d18 [ 107.376371][ T5985] head:ffffea0001df4600 order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 107.376387][ T5985] flags: 0xfff00000000840(slab|head|node=0|zone=1|lastcpupid=0x7ff) [ 107.376403][ T5985] page_type: 0xffffffff() [ 107.376420][ T5985] raw: 00fff00000000840 ffff888017c41dc0 dead000000000122 0000000000000000 [ 107.432770][ T5985] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 107.441362][ T5985] page dumped because: kasan: bad access detected [ 107.447768][ T5985] page_owner tracks the page as allocated [ 107.453479][ T5985] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x152820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 142, tgid 142 (kworker/u4:6), ts 106840753368, free_ts 106836307410 [ 107.474147][ T5985] post_alloc_hook+0x1c1/0x200 [ 107.478918][ T5985] get_page_from_freelist+0x1951/0x19e0 [ 107.484462][ T5985] __alloc_pages+0x1f0/0x460 [ 107.489051][ T5985] alloc_slab_page+0x5d/0x160 [ 107.493720][ T5985] new_slab+0x87/0x2d0 [ 107.497807][ T5985] ___slab_alloc+0xc5d/0x12f0 [ 107.502500][ T5985] __kmem_cache_alloc_node+0x19e/0x250 [ 107.507955][ T5985] __kmalloc+0xa4/0x230 [ 107.512107][ T5985] ieee802_11_parse_elems_full+0xb9/0x20c0 [ 107.517927][ T5985] ieee80211_inform_bss+0x127/0x1080 [ 107.523282][ T5985] rdev_inform_bss+0x106/0x410 [ 107.528076][ T5985] cfg80211_inform_bss_frame_data+0xb8b/0x13d0 [ 107.534228][ T5985] ieee80211_bss_info_update+0x759/0x9b0 [ 107.539882][ T5985] ieee80211_ibss_rx_queued_mgmt+0x18ae/0x2c80 [ 107.546029][ T5985] ieee80211_iface_work+0x717/0xc70 [ 107.551226][ T5985] cfg80211_wiphy_work+0x225/0x260 [ 107.556344][ T5985] page last free stack trace: [ 107.561023][ T5985] free_unref_page_prepare+0x7b2/0x8c0 [ 107.566494][ T5985] free_unref_page+0x32/0x2e0 [ 107.571172][ T5985] __unfreeze_partials+0x1cf/0x210 [ 107.576275][ T5985] put_cpu_partial+0x17c/0x250 [ 107.581031][ T5985] __slab_free+0x319/0x400 [ 107.585448][ T5985] qlist_free_all+0x75/0xd0 [ 107.589966][ T5985] kasan_quarantine_reduce+0x143/0x160 [ 107.595431][ T5985] __kasan_slab_alloc+0x22/0x80 [ 107.600303][ T5985] slab_post_alloc_hook+0x6e/0x4b0 [ 107.605410][ T5985] __kmem_cache_alloc_node+0x13a/0x250 [ 107.610867][ T5985] __kmalloc+0xa4/0x230 [ 107.615017][ T5985] ext4_find_extent+0x2be/0xc90 [ 107.619521][ T1207] usb 4-1: Using ep0 maxpacket: 16 [ 107.619859][ T5985] ext4_ext_map_blocks+0x298/0x6800 [ 107.628800][ T1207] usb 4-1: unable to get BOS descriptor or descriptor too short [ 107.630160][ T5985] ext4_map_blocks+0x9e2/0x1b80 [ 107.630189][ T5985] ext4_convert_unwritten_extents+0x2c2/0x5f0 [ 107.630217][ T5985] ext4_convert_unwritten_io_end_vec+0xff/0x170 [ 107.644842][ T1207] usb 4-1: config 0 has an invalid interface number: 105 but max is 0 [ 107.648786][ T5985] [ 107.648801][ T5985] Memory state around the buggy address: [ 107.648814][ T5985] ffff888077d1cf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.648826][ T5985] ffff888077d1cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 107.648838][ T5985] >ffff888077d1d000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 107.658388][ T1207] usb 4-1: config 0 has no interface number 0 [ 107.663218][ T5985] ^ [ 107.663235][ T5985] ffff888077d1d080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 107.663246][ T5985] ffff888077d1d100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 107.663254][ T5985] ================================================================== [ 107.705152][ T5985] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 107.705167][ T5985] CPU: 1 PID: 5985 Comm: syz.1.40 Not tainted syzkaller #0 [ 107.705185][ T5985] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 107.705195][ T5985] Call Trace: [ 107.705202][ T5985] [ 107.705208][ T5985] dump_stack_lvl+0x18c/0x250 [ 107.705241][ T5985] ? show_regs_print_info+0x20/0x20 [ 107.705265][ T5985] ? load_image+0x400/0x400 [ 107.705291][ T5985] panic+0x2dc/0x730 [ 107.705310][ T5985] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 107.705334][ T5985] ? bpf_jit_dump+0xd0/0xd0 [ 107.705355][ T5985] ? _raw_spin_unlock_irqrestore+0x111/0x120 [ 107.705375][ T5985] ? _raw_spin_unlock+0x40/0x40 [ 107.705394][ T5985] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 107.705417][ T5985] check_panic_on_warn+0x84/0xa0 [ 107.705437][ T5985] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 107.705458][ T5985] end_report+0x6f/0x130 [ 107.705477][ T5985] kasan_report+0x128/0x150 [ 107.705497][ T5985] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 107.705521][ T5985] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 107.705542][ T5985] kasan_check_range+0x241/0x290 [ 107.705562][ T5985] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 107.705583][ T5985] __asan_memmove+0x29/0x70 [ 107.705606][ T5985] ext4_xattr_set_entry+0x94b/0x1e90 [ 107.705636][ T5985] ext4_xattr_block_set+0xae8/0x32b0 [ 107.705659][ T5985] ? ext4_destroy_inode+0x200/0x200 [ 107.705684][ T5985] ? proc_nr_inodes+0x230/0x230 [ 107.705705][ T5985] ? do_raw_spin_unlock+0x121/0x230 [ 107.705727][ T5985] ? _raw_spin_unlock+0x28/0x40 [ 107.705748][ T5985] ? ext4_xattr_block_find+0x350/0x350 [ 107.705769][ T5985] ? ext4_xattr_ibody_set+0x50d/0x6a0 [ 107.705794][ T5985] ext4_xattr_set_handle+0xe2e/0x14c0 [ 107.705823][ T5985] ? ext4_xattr_inode_free_quota+0x1b0/0x1b0 [ 107.705848][ T5985] ? __ext4_journal_start_sb+0x259/0x560 [ 107.705872][ T5985] ext4_xattr_set+0x252/0x340 [ 107.705898][ T5985] ? ext4_xattr_set_credits+0x2f0/0x2f0 [ 107.705920][ T5985] ? evm_protected_xattr_common+0x170/0x190 [ 107.705937][ T5985] ? ext4_xattr_security_get+0x40/0x40 [ 107.705954][ T5985] __vfs_setxattr+0x431/0x470 [ 107.705979][ T5985] __vfs_setxattr_noperm+0x12d/0x5e0 [ 107.706003][ T5985] vfs_setxattr+0x16b/0x2f0 [ 107.706035][ T5985] ? xattr_permission+0x470/0x470 [ 107.706054][ T5985] ? __mnt_want_write+0x223/0x2a0 [ 107.706079][ T5985] ? path_setxattr+0x3a1/0x5d0 [ 107.706101][ T5985] path_setxattr+0x3f3/0x5d0 [ 107.706125][ T5985] ? simple_xattrs_free+0x150/0x150 [ 107.706156][ T5985] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 107.706182][ T5985] ? lock_chain_count+0x20/0x20 [ 107.706204][ T5985] __x64_sys_setxattr+0xbb/0xd0 [ 107.706226][ T5985] do_syscall_64+0x55/0xa0 [ 107.706248][ T5985] ? clear_bhb_loop+0x40/0x90 [ 107.706267][ T5985] ? clear_bhb_loop+0x40/0x90 [ 107.706287][ T5985] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 107.706307][ T5985] RIP: 0033:0x7f5180b9c819 [ 107.706322][ T5985] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 107.706336][ T5985] RSP: 002b:00007f5181994028 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc [ 107.706356][ T5985] RAX: ffffffffffffffda RBX: 00007f5180e15fa0 RCX: 00007f5180b9c819 [ 107.706368][ T5985] RDX: 00002000000013c0 RSI: 0000200000000140 RDI: 0000200000000100 [ 107.706379][ T5985] RBP: 00007f5180c32c91 R08: 0000000000000000 R09: 0000000000000000 [ 107.706389][ T5985] R10: 0000000000000700 R11: 0000000000000246 R12: 0000000000000000 [ 107.706399][ T5985] R13: 00007f5180e16038 R14: 00007f5180e15fa0 R15: 00007fff0be7a1a8 [ 107.706417][ T5985] [ 107.708410][ T5985] Kernel Offset: disabled