last executing test programs: 5m33.27948677s ago: executing program 32 (id=57): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000000, &(0x7f00000006c0), 0x1, 0x512, &(0x7f0000000c40)="$eJzs3W1rZFcdAPD/vcmk2d3UTFVkLdgWW9ktujNJY9so0lYQfVVQ6/s1JpMQMsmEzKRuQtEsfgBBRAU/gG8EP4Ag+xFEWND3oqKI7upL3St35kbzMJMMySSzTn4/OJlz7sP5n3PJ3LkPh3sDuLJeioh3ImIsIl6NiOlielqk2OukfLnHjz5YzFMSWfbe35JIimn7deXl8Yi4Uaw2GRFf/0rEt5LjcZs7u2sL9XptqyhXW+ub1ebO7p3V9YWV2kptY25u9o35N+dfn5/JCufqZzki3vrSn370/Z99+a1ffebbv7/7l9vfyZv1hY912h0Ri+cK0EOn7lJ7W+zLt9HWRQQbkrw/pbFhtwIAgH7kx/gfjohPto//p2OsfTQHAAAAjJLs7an4VxKRAQAAACMrjYipSNJKMRZgKtK0UumM4f1oXE/rjWbr08uN7Y2lfF5EOUrp8mq9NlOMFS5HKcnLs8UY2/3ya0fKcxHxXET8cPpau1xZbNSXhn3xAwAAAK6IGy8ePv//53TazgMAAAAjptyzAAAAAIwKp/wAAAAw+pz/AwAAwEj76rvv5inbf4/30vs722uN9+8s1ZprlfXtxcpiY2uzstJorLSf2bd+Wn31RmPzs7Gxfa/aqjVb1ebO7t31xvZG6+7qoVdgAwAAAJfouRcf/C6JiL3PX2unKJ4DCHDIH4fdAGCQxobdAGBoxofdAGBoSqcuYQ8Boy45Zf7xwTuda4Xx64tpDwAAMHi3Pn78/v9EMe/0awPA/zNjfQDg6nF3D66u0llHAN4cdEuAYflQ5+OZXvN7Pryjj/v/nWsMWXamhgEAAAMz1U5JWimO06ciTSuViGfbrwUoJcur9dpMcX7w2+nSM3l5tr1mcuqYYQAAAAAAAAAAAAAAAAAAAAAAAACgI8uSyAAAAICRFpH+OWk/zT/i1vQrU4evDhx569dP3/vxvYVWa2s2YiL5+3Q+aSIiWj8ppr+WeSUAAAAAPAU65+nF5+ywWwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAqHn86IPF/XSZcf/6xYgod4s/HpPtz8koRcT1fyQxfmC9JCLGBhB/735E3OwWP4knWZaVi1Z0i3/tguOX25ume/w0Im4MID5cZQ/y/c873b5/abzU/uz+/Rsv0nn13v+l/93/jfXY/zx7pNzL8w9/Ue0Z/37E8+Pd9z/78ZNO/EMh8sLLffbxm9/Y3e0640CV3eIfjFVtrW9Wmzu7d1bXF1ZqK7WNubnZN+bfnH99fqa6vFqvFX+7hvnBJ3755KT+X+8Rv3y4/8e2/yt99T6Lfz+89+gjnUKpW/zbL3f//b3ZI35a/PZ9qsjn82/t5/c6+YNe+PlvXjip/0s9+j95Sv9v99X/+NyrX/veH7rOObY1AIDL0NzZXVuo12tbJ2Qm+1jmkjNvPx3NGGAmno5mDCuTfbfz/3i+es65+rFMdp7Vx2MAzZg49j0di7NWmETs5XX1+Q8JAACMmP8d9J90BwkAAAAAAAAAAAAAAAAAAAC4SGd8LNlkRPS98NGYe8PpKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAif4TAAD//4RX0Xo=") r0 = syz_pidfd_open(0x0, 0x0) r1 = pidfd_getfd(r0, r0, 0x0) setns(r1, 0x66020000) statx(0xffffffffffffff9c, 0x0, 0x0, 0xffff4a9c0080ffff, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, 0x0) setxattr$incfs_metadata(&(0x7f00000002c0)='./file0\x00', &(0x7f00000001c0), &(0x7f00000000c0)="007a9563f8efb1dd", 0x8, 0x0) lgetxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000680)=@known='user.incfs.metadata\x00', 0x0, 0x2) 5m24.886800122s ago: executing program 33 (id=108): pipe2(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',cache=fscache']) open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x4) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000400)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15) r4 = dup(r3) write$FUSE_BMAP(r4, &(0x7f0000000100)={0x18}, 0x18) mount$9p_fd(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_fscache}]}}) 5m10.744375364s ago: executing program 34 (id=187): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) r1 = syz_open_dev$radio(&(0x7f0000001640), 0x0, 0x2) ioctl$VIDIOC_LOG_STATUS(r1, 0x5646, 0x0) 4m59.714602173s ago: executing program 35 (id=227): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x8aba, 0x4, 0x4, 0x804, 0x7, 0xf, 0x120000, 0x5, 0x0, 0x8, 0x8000000000000001, 0x2, 0x0, 0x101, 0x3, 0x1], 0x8000000, 0x141200}) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@arm64={0x10, 0x2, 0xb6, '\x00', 0x2}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000700)={"d4ef22617613cd07d53f47bf7d71e0cc153317802b68f5713a002f3b4e19bbc5cf0de075103fb63653e5570ee002c2f4834098e8e71ef403239adf3d4297772976afe326cb6c1780db9e4a39b1d0c0b64d95249bd0bc7d39f3b5efe86b747b95aef343f1657eded05ed65601e254d33e0e1c04df2f3200a782f950f1a78884e0a4ff9e1ccc7c4607fd5e32c94ae37733e1de50bc20eda5faf495cd3dc48b7a4b5955e0eb44d4e13cfe74b7bd99795b78748a8b00216557499437d018d281a1e148c41a442e11767a3dcfee30706db3de50c34260d05ed4b61148949573ffd6f82c8dd039975f574a02599af55abc8894e68c2dbcf51cd4b945216102c6f55aae0ff9301c3d8ab47e9b9a490815e869fed73d17121f9533c4652a0f7a958c7d435b410834f3ee12715cfff8d77f10138c937ed4bd6fdf7302dbc787e14fd1df2d91a73620348078c7356a40c0858f21fe59cb3db37799c4595654d0ef7d441c4c2fbdef104196a5e0de795d3fbce054cbba4411e44ee177614e97ac1840f20463c94bcc2b52e4afffec689a58c3e305f3da8918d057f5e664103b4484e93cec7bca297bbb251f8be8703f7e6ef4a9bab15e7672e487de592c3dfdcd9e70355266ba135e4f00b8a2d46fa8260e7336257e1e46408041adb6516e2bf3bb128fe4b97ba4cc966418ad6553904945b7127cfb70c23466bb40cba44ffa74e7d82e2da2c7b69e367c3d5ff2d5988b84b1c4bd0919e5d47c0b8ce58ecd64a4d28b1d399e6f7de678d38de7fa853c5a96e138c8c96562dd54c8f957cf65b27ad24d32edb71154bcb97fedf10e0728f177e133236dd2b2226a9f5e72a4cf14fe676b57abf5ed7c2cb4c645a09a999d134d615d113280463e1a783608e0e10eb5ab5877a524d89bb922230417cb47a6a58c1b03e688a36233b34a46e7d29acca5dcf03b0d7ba2beafe43d6e76c1025b75f555aaf33a11eec54b78a2587e9d6027e9e3703f68a4a168d76366afb70394feaff343736183bef28e82016024cebf99cd97f816c97dbd620dfd87b5b3afa0f53d9e89c2c598cb61ed840a13a2fb21ce0ed1315ed55150ae793b9c7cc91807b80e6133a7a22c52b7c09bd386f42aa5b15e0652a506cd332a028d8207225ebc94153f3ffb8a61b1ddb7d6a843f8421ad2ce96b831f556359c74b32043592900a8d48ed5c7d3433f10b1d553a7372f692bb86d3be2326602ce5ff554dd0e3e191d1450d4558332048f4c4af90905c5a818a9dadfa16c73887b32098aa864dfdae534bc6c0438a3ac5929019706f392ce87f55efb307830da826833c20d1c3cdb8c2b6c11396747e071277d01c8cc15d34bf23a72f722f800ff06e11e8337f8fa9fe4ca383bfaacb686b6b8dac7fe4eafac3fa2f7a63dac4fe9457231004d8c68175db19debf152968dba02e3ecc5eff325df7a8b058d"}) 4m57.048263293s ago: executing program 36 (id=247): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3590], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10) rt_sigprocmask(0x2, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000040)='./file0\x00', 0x1004400, &(0x7f00000002c0)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x461}}, {@data_writeback}]}, 0x6, 0x588, &(0x7f00000009c0)="$eJzs3U1sHFcdAPD/TOzsOnGaFHooCGgohYCirmOnjapeWi5IUFUgFU49pNZ6Y0VeZyPvutTGB+fEgSsSlTjBhQsnDpU4IPWEuHKDG5dyQCooAtVICE01491kd7ObbOOPie3fTxrte/P1f2/kfeN5szMvgBPrYkRsR8TpiHgnIs5HUsxPulO8vjvl631yd6u+c3ernkSWvfWvqe4etuq99XvORsRPR8Sq9KXbG5sri81mY62bn+us3p5rb2y+eHN1cbmx3Li1sHBt/tqVV66+vLBvdX1u9Xcff+fmGz/6w++//NGft7/1k7zMr3WX5XXrWzXJsmzvAV/rHZfpmO3OSiMiP3Jv7H3vT4RT3fqcLrsgPJb87/FzEfF8N31PtbwyAQAHK8vOR3a+P39fOpDLsmTEOgDA0ZNf889Gkta61/+zkaa1WtGHV30mzqTNVrtz+UZr/VbS6+KbTm/cbDauFH2FEZWYTvL8fERcKKbd/MJQ/mpEPB0RP6/MFPlavdVcKuU/HgDg7ND5/z+V/PxfmWRTdwgA4ChzJgeAk+fB8/90KeUAAA6P638AOHn6zv8T3fkHAI6+6tCz/yNlyaGUBQA4HCP7/98+dz/9bDL0ii8A4Khz/x8ATpQfvPlmPmU7WVK8/3rp3Y31lda7Ly412iu11fV6rd5au11bbrWWi3f2rI7YxZ3+TLPVuj3/Uqy/N9dptDtz7Y3N66ut9Vud68V7va83PFgAAOV7+rkP/5pExParM8UUvbEcHv2DAOCISyNmyi4DUI5TZRcAKM1U2QUASqM/HnjUj3tH/kRoJiLeH7+NjgV4sl36wpj+/+H/DQbvB/x/H0bHBkrW/VrrBoATaG/9/3oP4Ch7+Infg0FwnGVZYjx/ADhhJriC9xNBOOYe6/4/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnHCzxZSkte5Y4LORprVaxLmIuBDTyY2bzcaViHgqIv5Sma7k+fmyCw0A7FH6j6Q7/tel8y/MDi89nfy3UnxGxI9/+dYv3lvs9IYOvDe/834xv7O2MDJA5eDrAAD0mRqe0TtPF599F/Kf3N2q96bDLODH394dXDSPu3N3q35/POKpbuGrkc878+9koDLJPg1MvH0nIp4drn96b/mF7sinw/Hz2OcOLH4UNZwdiD/4b1RaLNv9zI/F52cmjLcPZYbj4sO8/Xl91PcvjYvFZ/f7NzXYmFbjZw82ro+h1/7tZLvt305f/Hz/3z9XLdqaUe3fxUljvPTH745ddudU9sWpiF7snb72Z1e1SI2K/8KE8f/2pa88P+5gZb+KuBQPi7+bmuus3p5rb2z+9nsf/Gm5sdy4tbBwbf7alVeuvrwwV/RRz/V6qh/0z1cvPzW+/hFnxsSvPqL+X5+w/r/+3ztvf/Uh8b/5tVHx03jmIfHzc+I3Ym2i+ItnPhg7fHcef2lM/acG4p8e2C6fd3l4Z2P+ID/6++bSRAUFAA5Fe2NzZbHZbKxNkkhjc2Wxd6E58VYDiZnH2mrCRBzYnkcnpgcOQvWgYp0ds+g3n3mH03Gox2ffEnc+w8qVcop6Kpq9/qhHrtxdb3svQbNsD2W+OME6JTVIwKG5/6UvuyQAAAAAAAAAAAAAAMA47R92X/m3zw9F9T8MV3YdAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOL4+DQAA//+T6cce") dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x1, 0x4000010, 0xffffffffffffffff, 0xeac8a000) 4m53.777153218s ago: executing program 37 (id=251): r0 = socket$kcm(0x29, 0x2, 0x0) write$cgroup_pressure(r0, &(0x7f0000000140)={'full', 0x20, 0x0, 0x20, 0x7}, 0x2f) r1 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) mmap(&(0x7f00009ff000/0x600000)=nil, 0x600000, 0x0, 0x11, r1, 0x0) sendto$inet6(r1, 0x0, 0x0, 0xfffffeffffff7ffe, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendmmsg$inet6(r1, &(0x7f00000000c0)=[{{0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000000240)="784e8532bc51d9778e4bbb81e255693d2832f3802728ed763aacf318e80e1b19cf30c5f4214185052aab22dea830553c6db324352d6edce6927f9e747f08a659c1365f8b318c734936b24ccb80c8b9892cf2d5f5e6f9bd14951b8dac37e3c51873f21eb6a3d5b0f6852ef05a094926bd00f74ab5d68f2dbec3a6471ec5517ea7973b0eadd203e9d651881048bf4102cc30729aae5c8a1b3a4223a29d92aa550723d99f6596f26bfc66e02de540c397a62d50bb060246300520caddf20ae6701bac03fe94aec0bb32b8ee92dd974bb54ea2ccc2959f4f07e91cb2f22e8e16b11cee681e1f909bc6edfd7d05f7c914a76c9c99879bc728e358d8fcd7e3767117482364ed76b0bd26fca5cc821dfcc0320e2da567cf8e266adcfa020bdc376bb0e3a3cc9725682a957265884a6705f12b04414779837b8fe1ac5457fc005d8609efe3a00007d08ac5a9c7442bbd775f9d7ff490b3fb820e2f4e64c31cfa2101de770ad8d0903c2cf7f907fccfadad58b54d3e76d855ccc9e69fa067578ef929d153e148f0e611a40fe480ee02c2c6880a3ebf78f949e53ffef9aab25fb2816e2933f480d6d60a91c045b70211934ace2695a867eb88d29b2253174baaa56ce64db43e4f5cc822d371c92fd49dec3ac483d904343b3549e529cac2b8be9532f073d7e7c742cf7fa09b030b36671b397e03b9aca2dea714e57b7b429bd064b3c5406b960dfceba3b624c67490309875a87a93250a9113c7e051c506ecb935ed7beef8b644e7725c473250b4b88c78a33c7329ae801e09fed0a408a4e7af19c2fe674b1a56da16c8aad062b00dc84ea79442cfca1645ee35e9bc22ce3199862506cb15cd79c2704c5b86bd992045fe4f8b3e07a9fe59f7b829a232a5fa15b8bcc971857e036afa9651cf114ac34600be4f663f07067e1e55ed8aa1641f6381cb6ce2cb751f032bd6588835acf67ddf7a3af75526ca75bdcfc7a5566044af497610e79987c61d8e5d8292a88107a5b4ee93a34eac880433585092356f76f2633db86b1a1412e10d3932bb7a52d3007dd635bda34a82769e5a9bdade27aed4f9c68f8527924b07749980e1e15c708010274a6c6ebc5213fe31d3bc459051823b7ee6c32797239e40d4821209b498c95080a2ca90c479da86c164304e02a7e71b8f55586292cc9fafa4c5bda285a9de792d6a6a03e5a1f2a13eac02a95f87f13fbfbedc6533b78cf5ac5ce562ef504f95465814f9bb35495196b73780c0a5fc7c6a006ee2d34123c1224d9c08baf0611ba9e7ceb3ccf887e58a78fe236947c4a486c83e49e0070d4fa81a9652e690dcdae169ebd65c281a863905a7ecf9c8f19fe059b2022ef75ab1e9c7c1ad532ff25da12c5e250f601ce95844223310d9959fddc0e684979c6f15d7673512237239b9eb48f72a930e5cc64c382c662db18581eb0069b2242058812f1ae092e139411fc8ec242e8f7dd4da10bcd3f92c0715edf775ffaabd181a36d2a39ceb192e3ebdff02c0c75bd259e725fd4cd5c2722efc41f37ab25706485a265d683c8569c3209a930e05047074b3941f41003d550d923e6dd50110e18d965763727739902067e73a520270c5cb53d6fd22ec4ea8853d113451cb3da2a7a698c807ec394c1da0b9de2a1d62f24a2292c65640ef6a0924191133e80aa60e4f8f5adbae3131956b38c997085f25f54338653d65847f1602e1ad7eb9501f9867e1bfc2410c3fc6402a1f605c0088ef13db8cf967a868e7ae2713b1dc297a5ab33b27566df656d954ee44ffed8a15bac40262099a3287f40425cd146c4a9639321fd46dd85dab9000bce3558f7c99de2849d57041d79082b82faf85abf5ac0c325ca3645500d2bb04809ac3ab33c24b738765d80c610c917b756a1cd4da3ce0921ae1789ea8c3f00532fe97c435cda5a2f5013b90ea596389af1fbba1510ce50d3476019d70be6634ddabdc925324e0bf6914a803c9bccb9f4daa61e9250e05a0d6e906d68418f906dfdcc416441828680bc9160a932168adf51240bce901a1eee84f69dce9cee3378f8414188afc484cfb92043b352271552a152ecac0ec1ba19f1dc72db5d4155d5bf6a63aee9a702f1e194082e609bb30419901349d244a11617795b4580a849196f5c67ed4b060e42b394bbfb4bbfa601d2c8ddff5986563df99b5f02a0f61d56d11a47095651d7337c7c167a04e4a71596fe58486d74bc8ef0a82c370c9ed24e58ed5950b119664767fd6742e967199c4671f5b48a2d723dabc77fc7f9ac57cc36d95b0e336032ccb4647a5502e44db059bb0bce58e4ed4bdd6931cc92c782c75d44d4a1f25e6f6ca076f2ea586ac5daadc5599aa6e5bb26206ffc1310779cba10d72bdbb7ef62b9d22bec948b2153afa5a8e1c1d8d724fc673069c74564102400417452c5eb5350e2a50a732f76122a5648525fa1793a0af6e0a3dcb568a598f7c179e908b40f19fc10a16d53b112692adc1e4dc954009f726057acf04a9740f6bb66327e746dcd7b8b8851e622f9da2c9ddd124e300f03f07e77cf04a263329b435ed04eadb9dc91cfe396f41114283eccbf58f2dccfe32f908cea6678f7490bacbe60c75eb2754e9722b2c58771537966bfe1066c4d28bcceccdca07eb60ddc355aa710266da85e456aa83739fea4ad7dadf461c682201391fa550e12e01be5a2a2c55c3b697aa2e176aad4be5a8dbfb8043f72c5743992e5c7000608a2cf86d88885bf6e1e2173b1361cec282ef35bde24cf99c11110c16c1678c38b74738911ec3eac23067500103f0f5d7dff122fca66852126ce9ac10c7c065992b3fcd81f7d94adad6fcb45872d3fa97f5d704f1653dad962c16daa6978e2fcf41f10257c306fc05fe4cd20e30989b37b19e874f27a065c8d62f2b4194a1540199be22b7e267ce6d2ffc8243421d9f629f5048587ff5d91f8c7bbb9049b40d859e6d382926ba8f005deb18727cefd76198d00d92ef680b56864c9eea9dca35b0e90d0afe1440af704bf00bd68ca088c568088d6aa34a42d66645743ad481b9e5490cfcee486f456490a0e9c3a0bff49b528871a4dfb104a18ba6a22df288349b6fca36b1908c548e90cec26fa28a0772fa4e9418c8d02a3319bc9e8f3892fc933f465ccb6ec683fdc9dd5854bb1295d114bde2e84d04513897ed3ee41ecc1d6d0354c57046c58e390836f11b3e6d4712f7d61b221aa147a58c3903b319a3da746296e576ae21bca4c1c939986fe04145093c4b9173e1936e54c4bfd9aaa4efdd39f2a39e9554fe1bfee4597ce8c798b6233e22a8dcdc7e610ddf6a8c810e7429bb2fcd60f7108119112b3cc5a71fef1fac311afa0d034fd00954111ded4cf381d6a73cc4f6165052325e04566fbb2c644e8bd7e7cf3923af608af8f3537deaaef891bdc258a8341e742f62727444c2cb28ccf8c7e3d79d1162c29af2914627830fe3433c8beb27efc8e08f14581ee0acb0a761a2b0a1f219601c9bae3c6d92f2d3d712e9c239d2910e9ea0f539bc069b7e8a1e36abb4e3ec20ca1677fa0cf3c4d2d3180d15a3c808d0421b564fcb180316df4f46b33df1e57ca2644d8b3fcdd13fef43a3ab76982887a4751615e7665d639854c8c3a8bdceb6cee0fb00fb19f98c42cd6a555da3c4d6a5c6c3ca9f7ccece5bee4907e8676a05aaf4213d4e60c4f5f0bf1a8126b6555ec137dc5f7ca56901bf21329da5a6ad30ebd1d454d7ee3110ae88de0109084e1cdc6342b68883a5205ef763645cdf26815e9f99f8c4bcc5227142ba4e9da752abe3ce3a11f2df8aff40ea3db731c8c1992fc0ab2681c9613861f61f8173d7fafd7a3516e169a8c0541d7632a59641ad3c67ca2cde8dcfcababaa676e25f113d0a6bf3274fc532fafb6042b633051039d682d87477f3a14fa77a7966a6f019738c0a8eb737eea7464d4477f7be1a4553ae736f0dde836688cd4d90e0d207cb82b33f1207d893b1c720d3070c73d6a9b1e52634aea9117ba6a3c063c28e46a687ab0e239b0d95cc2eb76f2b1b6fa6963bb11489e490e70d7f2394cb350f952170a0f6c6338e8460579a1013d9bbc9cc438f617551803af00700e636d0545a4a6877698441b5961cf86d5c40fbbf95775d13dbb50de6a565bd98c3fc8db86278de0bdada8860917ae00345191f96cdffb43216705048851b9bb9cca1e14d394bd9ecd6f567cb16a17592535b0322d143e14f0f982262d5ea7f6790e16c49f6e8740c40be3ae70bf21e5691a175b0060e72c8025f46a439732b8cb8239a5e6823846838f54cb939beca1ca0425c3e43027b3526fc1ffe5e71b72a908002e2e5090e343e87c82cbf2f162f2fef4081c4212b9e4eed4f746a85859f33bcca464667b850851c6e6aafacf930c2f70e777133c651c1851ea8015a9f01cf7c41bf37af677dcd6ad9b0a8eb235f73db7f72007b9d12044451725c559f47deb4bf5054f154e805788a39e69754a054aff979122800365765843cce90a93a3bc6955963594e02da9f7fad62743419870c04751fcd7d8800fc17d6c1566fd1c35f9b464d235d7569f2d0cceeee1c5adbff3e87f3e67bc4beaa4a3fb948b2241b315d0d2a2060bdb2514eaae67a0add5ff446c8291c69d3acd9b7ffa4d01490994bf0135759ba56973d703883c4736c76f5dacb2629bdb429e41bce829bf72b13c0c3d0163efff66b3cde89a61ec6d4a0c3269924934575ff6a6656fc89e9d0d5a5d2a093022b9791763c14a76581e5e1e9f0cf56803e3a29fa93610cff5473a9299dff90e5bfd0e078bc0c4f48a7e379c63b5b048a5ddaeddb495c1631b871f053ad863e832fdc250c1de5242375734feb2895f905d77a1cb3219bb48c3a1403173e401f99d30e5af3731a08fc47186657353cef9e0a628cbf2f67bbe297c9e5bc1b99968f6d744e338a9b3618f180e49d1b641290b2beeaba720abdf6ef0391ab5499d15b5ee5480060e05bb1b50e6516f1f28588343c73c037f410a413cddaecaca940072844ad343a497984d45aa9b8e2be120b8bd0c6e786f5541e7d400d58431417001694a990af3270f82e4a8717e29514f78d0f8e8d9fb373268656b60c0c1c81999f86343a5271481bdf7b724b55d8ae05cb2ef6d81a7688d2f13a087b4759f3dae8762f76b4cd1fd61cf5b50667e1010c1ae5cd00761b7e077238647ba9206513bf9c62b507088c2d60e76030d572a86a217eca7480886aa9c3a93019316ffcb1555d978a1ed048adbdfd0b128eb073e5eb9593789b7474a8fe1695a7176deb561cd8cd656fd852df410aa4642f1c1534a272b9a0a6e6f1d660d035a4ed6f566678b83775f359a1119643b28b2466c1d192b54bcd3c2e7104ecf1d5fa70544bd38a0edbf26e9a6844bd9adade62cc76be8f2840c50afb9fe95698b945fe2fe17080f4c296b474e47179583f4cdf36fb93c4d53ff4d0697a221d497ce4240db574b53f60dd38862e7e04e64bfdd53639ea6c4b60ec39f7425dab78c7635fac31685b626b67119e3afb3e682fe3476e82b18f115b4b45366816012fb579d67e1f01028622ab891d3a44db13fb8b15ceb4aa88be06c80b049176fd368d32d06975d402b3f4078828edeb8ea49220e888ef3aec7f572aec2ad09c216626a9121f9533b6cb0e5084ebbc1c8b77ddd0021cf749310ab316c285090b50315e51eb6ea04411c77ed685ca0a674aafbb5d39e7752de1956b5811a8e6dc259a5bf1cc43ff94e0eca9bee7452bb81d52480b3760f3563617cd0a5a297cff0da357f678f95ce433de5cca614114916a3b35d4a911c0", 0x1000}], 0x1}}], 0x1, 0x0) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000006480)={&(0x7f0000b9a000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdb8, 0x0, 0x0, 0xfffffffffffffed8}, &(0x7f00000064c0)=0x40) 4m42.866345108s ago: executing program 38 (id=246): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000040)=0x90000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@local}) ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, &(0x7f0000000540)={{@hyper, 0x2}, @hyper, 0x0, 0x0, 0x5e}) r1 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f0000000100)=0xb0000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, &(0x7f0000000200)={@host, 0x1}) ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r1, 0x7a8, &(0x7f0000000540)={{@hyper, 0x2}, @any, 0x0, 0x0, 0x5e, 0xfffffffffffffff9, 0x6}) 4m22.547405367s ago: executing program 39 (id=370): r0 = syz_io_uring_setup(0x497, &(0x7f0000000200)={0x0, 0x7279, 0x0, 0x4, 0x18e}, &(0x7f0000000000), &(0x7f0000000280)) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x2c040, 0x0) r1 = timerfd_create(0x0, 0x0) r2 = socket$alg(0x26, 0x5, 0x0) close(0x3) bind$alg(r2, &(0x7f0000000540)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(cast6)\x00'}, 0x58) accept4(r2, 0x0, 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000680)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 4m18.062763636s ago: executing program 40 (id=393): pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mkdir(&(0x7f00000000c0)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@nfs_export_on}]}) chdir(&(0x7f00000001c0)='./bus\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) splice(r1, 0x0, r0, 0x0, 0x800000000ff, 0x0) 4m12.372541117s ago: executing program 41 (id=432): pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r3, 0x0, r5, 0x0, 0xf3a, 0x0) write(r1, &(0x7f0000000240)="94", 0x1) tee(r0, r5, 0x8f5, 0x100000000000000) read$FUSE(r4, &(0x7f00000003c0)={0x2020}, 0x2020) write(r2, 0x0, 0x0) 3m57.54751553s ago: executing program 42 (id=511): r0 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r0, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10) r1 = socket$tipc(0x1e, 0x5, 0x0) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000140)={0x10000042}, 0x10) r2 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000000)={0x2042, 0xfffffffd}, 0x10) r3 = socket$tipc(0x1e, 0x5, 0x0) sendmsg$tipc(r3, &(0x7f0000000380)={&(0x7f0000000140)=@name={0x1e, 0x2, 0x0, {{0x42, 0x80000009}}}, 0x10, 0x0}, 0x0) 3m48.174417986s ago: executing program 43 (id=564): sendmsg$ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x34, 0x0, 0x1, 0x0, 0x25dfdbfe, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_LANES={0x8, 0x9, 0x6}]}, 0x34}}, 0x40) lseek(0xffffffffffffffff, 0x2, 0x0) fcntl$addseals(0xffffffffffffffff, 0x409, 0x7) r0 = syz_usb_connect(0x0, 0x1cb, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000122f0d4071040403dfe4000000010902"], 0x0) syz_usb_connect$uac1(0x2, 0xaf, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000106b1d010140000102030109029d0003010100000904000000010100000a24010000000201020e06cb0256ceb91200000800fb0c24020302020205000909050c240200030200000000000e072406000100000924034605020005000924060500"], 0x0) syz_usb_connect$uac1(0x2, 0xaa, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000106b1d01014000010203010902980003010000000904000000010100000a2401000000020102132406040006030000000000000000000000000924030000010000ff0924050000f8431cfd0924030604030204001b240404020904"], 0x0) syz_usb_disconnect(r0) syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0xe8f, 0x12, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0) 3m31.071693279s ago: executing program 44 (id=578): setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r0) ptrace(0x8, r0) r1 = syz_pidfd_open(r0, 0x0) waitid$P_PIDFD(0x3, r1, 0x0, 0x2, 0x0) 3m25.302296786s ago: executing program 45 (id=686): r0 = syz_io_uring_setup(0xb9d, &(0x7f0000000240)={0x0, 0xfffffffe, 0x10100, 0x3}, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_READ=@use_registered_buffer={0x16, 0xc, 0x0, @fd_index=0x5, 0x8001, 0x0, 0x0, 0x14, 0x0, {0x1, r3}}) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r4, &(0x7f00000001c0)=ANY=[@ANYBLOB=' '], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x13, r4, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}) io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0) 2m41.88919398s ago: executing program 6 (id=971): ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000380)={{0x1, 0x1, 0x18}, './file0\x00'}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x8aba, 0x4, 0x2, 0x804, 0x7, 0x13, 0x11ffff, 0x5, 0x10001, 0x8, 0x8000000000000001, 0xba, 0x0, 0x101, 0x3, 0x1], 0x8000000, 0x141200}) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000001000000bfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff000000004e040100000000002d400200000000004704000001ed00007b130000000000001d440200000000007a0a00fe00ffffffc303000050000000b5000000000000009500000000000000023bc065b7a379d17cf9333379fc9e94af69912435f1a864a710aad58db6a6c3692e7f"], 0x0, 0xa}, 0x94) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@arm64={0x10, 0x2, 0xb6, '\x00', 0x2}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2m40.946307013s ago: executing program 6 (id=977): sendmsg$inet(0xffffffffffffffff, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000001080)=[{&(0x7f0000000040)="a72d11a15c048c0a7d63aebc5cea1f815108f6091475aeec600831aa9d3944e60bc2ad06a619c560aa0118b28f68f1eb14549d633b4b23f179fb680716faa43414787559be90843c35ab30acad8a6740140e00721abc2eb362f7bde53b3c992d3e28ccc20ec84fdc569947047f6c09a647ee8c0a747b951e66c068ccf1af93ee9e6f9528ff79e2f989383b05a690a6bec4634b867c9446c1c644b3010e8a3514c6328323b4bbdd602b8f0dace6aea70902c4ddd2a2f2810f1348b0d0df3c1e6a5938fcfdc87e7580c6be0c6a06eca62d6f787dd16add086a21391c4c707d8b61929d1252681b84c245e0efafe2e6e73ad86a3cf59235ab0eacbb414af92ec3cdac420a064a98e8cc18bdf63f8997f96436e0fe6f06fdbf47fff353b01a861babd4a38d126bfe3e29049e6cc883e6efae6e70ef9ed124b1b09887a58c991e223b6420dca5ae238027e91b17b1707dc5c0d5f59f0ca95614f1ea1d263c1ee54dfe31ae35eb3c8e3b931dff7920c57fbba89adf2e392c1ad719b90c7ade0d38ff9792934ef1fb12f51d8e2fad12486d5883d5b1a46696fad128c6805cfb25bc6487e1e407d6b266971b09d0d864a7a550284e24b6cdc9f4ae1081a638175dffef002c76ac5558d23e41edbe68f4b4950a13aa000326dae5a857603dc5a40d6c6618a98c7b6e1eebd325ea2c14601a25658965f40864fd015d9b2fff83ee5ed3212ebd9fa429f0140f633556ac07c0c08e67a1848c9942ecc47dd4ffede9a429e9e0472be7cdbcd117e621ddf745c00a814ffff0224634472577dc0b35a9c153409f1a2bddc193b20b4d244d9cbbd59816c46000c596865f58b4e640ed4a9ab6086cede697fb113560925498da83273e679e0e28b84961eb7b9c9b4fa916590965c76b48e5d453f27a821bd2bf0946ff2413ec30f7893d1f046e18f736c40ceda26dfc4a0a62f71a3606d3f72c0a858dfd7895e2572292e11af913c6b513a141d28e501ae7c49618d104aac9abb78466a636efb88120d0eef0a501558a5aa34784a9823f2802a0bcdf318f9b436b34b42a2a7cf513f80364ad9a699d2e23eb4f3a2bbce818bd20da61882b3dac699d05dc24f29b72471b712423ace6278c43df2be7a09e815517b86d8b3ce16af3d64a575958c5fd52aac53b391f3d2a67c24c6c13ec11428b61b80a6a58cbba1790a98d190a572070f63fc0b809669895ea9865c3066b06102f6f2c7171dc7f76e1931b3e4deb569ef9d07d5f86a848f50942e93c419c3a23489f14803b08182dfd48b8d4375be6b7", 0x394}], 0x1}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x7, 0x3, &(0x7f00000001c0)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000afcd48d6493790710000000000080000b2c6161dba392176dd2963038e1d69ba7ea94c500dc4ef2fad96ed406f21caf5adcf920569c00cc1199684fa7c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c987d669f381faca0f9d9924be41a9169bdfaf16da915b2e249f21c6eee84309e7a23c19a394830f2539fcb4e0b6eab1aa7d55545a34effa077faa55c59e88254f54077f799bf168301000000bfb1c0e6b1244d35b213bda84cc172afcc2e47a7d8b85a5e3d77ac463920e231b7ae0da8616d2b7958f91f5da6c025d060ab186d94af98af1da2b5952eb15855933a212304e035f7a35dfc72c81256a55a25f8fe3b28d7e53c78fbb888b0255f347160ec83070000000000004015cf10453f6c0b973b81a484ebad04859d928365a7ea3fab2e4b380a00d72bc0480f94479757306720399379d9271cf555c14d56b51c2298237bebfc08e0d5976a942b844139f1111f2dc5e46ac1c60a9b030074bfbcd4b09012175484135f0e519f0b1e4aaa026d570ecb5e8cddbed65ff702000000a3ff4f8a4cf796b07a6ff61c5552417fd703f7f14d8b78a602ca3cdf6a662d8bc9c89c9120072a5d00dcdd8595356c9b2492aaf1264d4ef4a410c882834867bcd2b6e558d17879570c8ad943e392955f4f979ea13201bafe4f0f6ea508000000a0c548552b571bed5647323478a9968100000005"], 0x0, 0x5, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1f}, 0x94) r0 = socket$kcm(0x11, 0x200000000000002, 0x300) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) close(r2) recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) setsockopt$sock_attach_bpf(r0, 0x107, 0x12, &(0x7f00000008c0)=r3, 0x4) r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000140)='syzkaller\x00'}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r4, 0x5, 0xd50, 0xfffffffffffffee0, &(0x7f0000000000)="259a53f271a76d2608004c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 2m40.735976081s ago: executing program 6 (id=978): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f0000000540)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) chdir(&(0x7f00000000c0)='./bus\x00') syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x20021, 0x0, 0x1, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000440)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x10000, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './bus'}}], [], 0x2c}) mount$overlay(0x0, 0x0, 0x0, 0x0, 0x0) 2m40.63146467s ago: executing program 6 (id=981): syz_mount_image$udf(&(0x7f0000000000), &(0x7f00000094c0)='./file1\x00', 0x4000, &(0x7f0000001940)=ANY=[], 0x1, 0xc25, &(0x7f0000002580)="$eJzs3V9oXNl9B/DfmStZY22aaLOJN2mz6UBKYpTa+F9sBZcgZxW1AccbIit0n6LRHzvDyiMjyY03bYPakhb6ErovpS9FNF1ayEPpQ7ePVZotJJRCCXlIHwqCJss+9EEPgdKWjcK9c0Ya2fJau15ZsvfzMePvnTu/OzrnntGdO6AzNwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAiM9+7tKp0+mgWwEAPExXJr506myKgYNuBwDw8Fz1+R8AAAAAAAAAAAAAAA67FEUcixSDr2ykqep+R/1yq33r9uTY+O6bHU2RohZFVV/e6qfPnD33qfMXRrr55tu/0z4cz01cvdR4duHGzcW5paW52cZkuzWzMDu352d40O3vNFztgMaNF27NXru21Dhz8uyOh28PvTbwxLGhixdOnB/p1k6OjY9P9NT09b/tn36Xe83wOBJFNCPFG0Ovp2ZE1OLB98V9Xjv77WjVieGqE5Nj41VH5lvN9nL5YKrlqlpEo2ej0e4+eghj8UBGI1bK5pcNHi67N3Gzudicnp9rfLG5uNxabi20U63T2rI/jajFSIpYjYj1XSb59kcRH40UL53aSNMRUXT3wyericH3b09tH/q4B2U7G/0Rq7VHYMwOsYEo4kqk+Nmrx2Om3Gf5Fh+P+EKZr0S8XOZnIlL5wjgX8VOTxR8bfVHEv0WKhbSRZqvjQfe4cvnLjc+3ry301HaPK4/8+8PDdMiPTfUoYro64m+kt3+yAwAAAAAAAAAAAAAAAMA77WgU8e1I8UfP/E41rziqeenvuzjynud/s3fO+NP3eZ6y9mRErNT2Nie3P08dTrXy3z50jD2pRxHfyPP//uCgGwMAAAAAAAAAAAAAAAAAAPCuVsTzkeIrJ46n1aiu/XskqmuKt9rXG1eb0/Odq8J2r/3bvWb65ubmZiN1cjTnVM6VnKs513Ku54xa3j7naM6pnCs5V3Ou5VzPGUXePudozqmcKzlXc67lXM8ZfXn7nKM5p3Ku5FzNuZZzPWcckmv3AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8TmpRxM8jxbe+tpEiRcRoxFR0cm3goFsHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJTqqYiTkWLt+Xp1f7UWcTUifr65udm9RcRGmQ/qoPsKAAAAAAAAAAAAAAAAAAAAh1Yq4mOR4qn/20iNiLg99NrAE8eGLl44cX6kiCJSWdJb/9zE1UuNZxdu3FycW1qam21MtlszC7Nze/1x9cut9q3bk2Pj+9KZ+zq6z+0/Wn924eaLi63rX13e9fHB+qXppeXF5szuD8fRqEVM9a4Zrho8OTZeNXq+1WxXm6baPRpYixjda2cAAAAAAAAAAAAAAAAAAAA4NAZTEZ+LFD/5z3OpO2+8rzPn/5c694qt2pd/b/u7AObvyK7e7w/Yy3Laa0OHq4n3jcmx8fGJntV9/XeXlm1KqYinI8UnXvpQNR8+xeCuc+PLuveWdTfO5bqhXynrVnZU1Ycnx8YbVxbaJy7Nzy/MNJeb0/NzjYmbzZn8xQEre+0GAAAAAAAAAAAAAAAAAAAA7GYwFfGjSPHff/vvqXvd+Tz/v69zr2f+/29UU+gr9bQzt1Rz+99bze3vLL/v4sjgR5+51/r9mP9ftimlIr4ZKc7+6EPV9fS78/+n7qgt6/4kUrz+zEdyXe1IWdfsdqfzjNda83Onytq/jBS/+ka3Nqra67n2qe3a02Xt0Ujx5xs7a7+aaz+wXXumrD0eKb73X7vXfnC79mxZ+5NI8Y9/0+jWDpa1v5trj23XnpxZmJ+9324tx/87keKvr/xW6vb5nuPf8/0PK3fklrvG/M2X36nxH+pZt5LH9Y/z+DfvM/7nI8V36h/JdZ19P50ff7L6f3v8PxEp/uNfd9Zey7Xv3649vdduHbRy/L8dKb77Fz/e6nMe//74+/+N7RHfOf6/3Lczt14lBzT+T/asG8rtmnnru+NdZ+nFr7/QnJ+fW7RgwYKFrYWDPjLxMJTv/38aKf7/WJG65zH5/f89nXvb53//843t9/+Ld+SWA3r/f3/Puov5rKW/L6K+fONm/9MR9aUXv36idaN5fe76XPvM6VOf/vT506dOn+8/0j25217a8757HJTj/4NI8cO/++HW55it87/K7uf/g3fklgMa/6d6+7TjvGbPu+JdqRz/v4oUT372x1ufN3eO/87z/+7n/+Mf25lbv38HNP4f6Fk3lNvVeov7AgAAAAAAAAAA4FEymIr4s0jx23/466k7h2gvf/83e0duOaC//zrWs272Ic1r2PNOBgA4RMrzvw9Gin/a/P7WXO6d53/xa93a3vO/ezkM1/8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBHXYoifj9SDL6ykdYGyvsd9cut9q3bk2Pju292NEWKWhRVfXmrnz5z9tynzl8Y6eabb/9O+3A8N3H1UuPZhRs3F+eWluZmG5Pt1szC7Nyen+FBt7/TcLUDGjdeuDV77dpS48zJszsevj302sATx4YuXjhxfqRTO9CYHBsfn+ip6et/2z/9Luke649EEd+PFG8MvZ6+OxBRiwffF/d57ey3o1UnhqtOTI6NVx2ZbzXby+WDqZarahGNno1Gu/soj9t+jsUDGY1YKZtfNni47N7EzeZic3p+rvHF5uJya7m10E61TmvL/jSiFiMpYjUi1gfufrr+KOKbkeKlUxvpnwciiu5++OSViS+dOnv/9tT2oY97ULaz0R+xWnsExuwQG4gi/iFS/OzV4/G9gYi+6Nzi4xFfKPOViJfL/ExEKl8Y5yJ+usvriEdTXxRxLlIspI306kB5POgeVy5/ufH59rWFntruceWRf394mA75sakeRfygOuJvpH/xew0AAAAAAAAAAAAAAABwiBSxGim+cuJ4quYHb80pbrWvN642p+c70/q6c/+6c6Y3Nzc3G6mTozmncq7kXM25lnM9Z9Ty9jlHc07lXMm5mnMt53rOKPL2OUdzTuVcybmacy3nes7oy9vnHM05lXMl52rOtZzrOeOQzN0DAAAAAAAAAAAAAAAAAAAeL7Uoqqu4f+trG2lzoHN96ano5JrrgT72fhEAAP//gMd2Mw==") r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, 0x0) syz_open_pts(r0, 0x0) creat(&(0x7f0000000200)='./bus\x00', 0x10) mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x400, 0x0, 0x0, 0x1, 0x0, "ef35af413bb901527fe4d0ce5d29c3ee5e5c3676345a41499db7aac63a01000000000000004faa2ae2c084a0ea0000000000000000000c00002000", "036c47c678082004f2ff0000000000335263bdbcef759ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b700000000000000f0fffffffff2ff180cedb600", [0x4]}) open(&(0x7f00000004c0)='./file0\x00', 0x64842, 0x0) 2m40.373401537s ago: executing program 6 (id=984): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0xc65, 0x5, &(0x7f0000006680)) r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x11, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) futex(&(0x7f000000cffc)=0x1, 0xd, 0x0, 0x0, 0x0, 0xfffffffc) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuset.memory_pressure\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000000), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) 2m39.97719068s ago: executing program 6 (id=987): r0 = socket$tipc(0x1e, 0x5, 0x0) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000140)={0x42}, 0x10) r1 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r1, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x3, 0x4}}, 0x10) bind$tipc(r1, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42, 0x3}}}, 0x10) bind$tipc(r1, &(0x7f0000000140)=@name={0x1e, 0x2, 0x0, {{0x42, 0x2}}}, 0x10) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000300)={0x42, 0x1}, 0x10) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) close_range(r2, 0xffffffffffffffff, 0x0) 2m39.819514868s ago: executing program 46 (id=987): r0 = socket$tipc(0x1e, 0x5, 0x0) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000140)={0x42}, 0x10) r1 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r1, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x3, 0x4}}, 0x10) bind$tipc(r1, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42, 0x3}}}, 0x10) bind$tipc(r1, &(0x7f0000000140)=@name={0x1e, 0x2, 0x0, {{0x42, 0x2}}}, 0x10) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000300)={0x42, 0x1}, 0x10) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) close_range(r2, 0xffffffffffffffff, 0x0) 2m10.760618743s ago: executing program 4 (id=1195): bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x3, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, 0x9}, 0x94) r1 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) r2 = fsmount(r1, 0x0, 0x0) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000100)={r0, r2, 0x3, 0x0, @val=@iter={0x0}}, 0x20) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4) connect$inet6(r3, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c) 2m10.593069604s ago: executing program 4 (id=1197): syz_usb_connect(0x0, 0x1c5, &(0x7f0000000200)=ANY=[@ANYBLOB="120100002aa9dc20560800bc7fb2010203010902b3"], 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_io_uring_setup(0x10d2, &(0x7f0000000480)={0x0, 0x7734, 0x80, 0x0, 0x34f}, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) syz_usb_connect(0x0, 0x2d, 0x0, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x30, 0x0, 0x0, 0x4}]}, 0x10) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x15523ea56aa22b9a, 0x0, 0x0, 0x0, 0x12345}) io_uring_enter(r0, 0x47bc, 0x0, 0x0, 0x0, 0x0) 2m8.338447047s ago: executing program 4 (id=1220): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000040000000000a40000000160a01080000000000000000020000000900020073797a30000000000900010073797a3000000000140003800800024000000000080001400000000014000000110001"], 0x68}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETFLOWTABLE(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000ec0)={&(0x7f0000000640)=ANY=[@ANYBLOB="20000000170a0101"], 0x20}}, 0x0) r2 = syz_io_uring_setup(0x9e, &(0x7f0000000640)={0x0, 0x5865, 0x10, 0x2, 0x24d}, &(0x7f00000006c0)=0x0, &(0x7f00000001c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f00000002c0)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000600)=[{&(0x7f0000001800)=""/216, 0xd8}], 0x1}) io_uring_enter(r2, 0x100847c0, 0x0, 0x1, 0x0, 0x0) 2m8.010018077s ago: executing program 4 (id=1223): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000300)='./file2\x00', 0x4c4, &(0x7f0000000340)={[{@max_batch_time={'max_batch_time', 0x3d, 0x4}}, {@bsdgroups}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@user_xattr}, {@errors_remount}, {@nombcache}]}, 0x1, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV") mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0) mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x18d811, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='mountinfo\x00') read$FUSE(r1, &(0x7f0000003480)={0x2020}, 0x2020) 2m7.930392816s ago: executing program 9 (id=1224): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="b4050000200080006110600000000000c60000000000000095000000000000009f33ef60916e6e893f1eeb0be20000d072f5b89c3043c47c896ce0bc8731fa595b6b4d45ef26dcca5582054d54d53cd2b6db714e4b94bdae214fa68a0557eb3c5ca683a4b6fc89398f2b9000f224891060017c4700de60beac671e8e8fdecb03588aa6007e71f871ab5c2ff88afc6002084e5b52710aeee835cf0d78e45f70983826fb8579c1fb47d2c5553d2ccb5fc5b51fe6b174ebd9907dcff414ed55b0d18a93ee341ab59016f81860324b800c00000000000092d9c5fe34ccb80a61ffcb3363073fd8962823ee45f5d7394e9510f4a801efdf008499d7aca1afac6c702cfabe8a9c55c8dafcdb110036e14c1035cafdfef6a358cbfadb3579a285580a3c080d4e0a48d7bdc38a0437c8c1b3aa408a"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x12, 0x4, 0x4, 0x12}, 0x50) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@map=r2, r1, 0x26}, 0x10) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000a80)={r2, &(0x7f0000000940), &(0x7f0000000a40)=@tcp6=r0}, 0x20) shutdown(r0, 0x0) shutdown(r0, 0x0) recvmmsg(r0, &(0x7f0000000280)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000b80)=""/4119, 0xf72}], 0x1}}], 0x1, 0x140, 0x0) 2m7.308336527s ago: executing program 9 (id=1225): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0) setsockopt$inet_int(r0, 0x0, 0xc, &(0x7f0000000040)=0xfffffffc, 0x4) setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x2a8, 0x320, 0xffffff80, 0x178, 0x0, 0x178, 0x488, 0x22b, 0x258, 0x488, 0x258, 0x2034, 0x0, {[{{@uncond, 0x1d, 0xa8, 0xc8, 0x340, {0x1e0002a8, 0x7203000000000000}}, @unspec=@NOTRACK={0x20}}, {{@ipv6={@loopback, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [], [], 'veth1_to_bridge\x00', 'geneve1\x00'}, 0x0, 0xa8, 0x110}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, '\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x308) setsockopt$inet_int(r0, 0x0, 0x8, &(0x7f0000000180)=0x8, 0x4) recvmmsg(r0, &(0x7f0000000040), 0x291962b, 0x45833af92e4b39ff, 0x0) 2m6.642961547s ago: executing program 4 (id=1231): sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="8400000000010104000000000000000002000000240001801400018008000100ac1414bb08000200ac0314bb0c0002800500010000000000240002801400018008000100ac1414aa08000200ac1414000c00028005"], 0x84}}, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x12, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x90) r0 = socket(0x1, 0x803, 0x0) getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="440000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000150012800b0001006970766c616e00000400028708000500", @ANYRES32=r1], 0x44}}, 0x8000) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x11, 0x80a, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) sendmsg$nl_route(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="780000001000010400"/20, @ANYRES32=r4, @ANYBLOB="60300300001400005800128009000100626f6e6400000000480002802c0008"], 0x78}}, 0x0) 2m6.151597361s ago: executing program 9 (id=1235): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x0, 0x0, &(0x7f0000000040)=""/87, 0x0}) ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000400)=0x4000000) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f00000008c0)) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000500)=0x1) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af04, &(0x7f0000000200)) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000a40)={0x1, 0x0, [{0x3000, 0x31, &(0x7f00000003c0)=""/49}]}) 2m5.981066035s ago: executing program 4 (id=1237): r0 = syz_io_uring_setup(0x1f6a, &(0x7f0000000480)={0x0, 0x9caf, 0x0, 0x0, 0x387}, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) r3 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) write$midi(r4, &(0x7f0000000500)="f4064abac144", 0x6) r5 = dup(r3) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_ACCEPT={0xd, 0x0, 0x5, r5, 0x0, 0x0, 0x0, 0x80800, 0x1}) io_uring_enter(r0, 0x47ba, 0x0, 0x0, 0x0, 0x0) ioctl$SNDCTL_SEQ_PANIC(r5, 0x5111) 2m5.520239289s ago: executing program 47 (id=1237): r0 = syz_io_uring_setup(0x1f6a, &(0x7f0000000480)={0x0, 0x9caf, 0x0, 0x0, 0x387}, &(0x7f00000000c0)=0x0, &(0x7f0000000080)=0x0) r3 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) write$midi(r4, &(0x7f0000000500)="f4064abac144", 0x6) r5 = dup(r3) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_ACCEPT={0xd, 0x0, 0x5, r5, 0x0, 0x0, 0x0, 0x80800, 0x1}) io_uring_enter(r0, 0x47ba, 0x0, 0x0, 0x0, 0x0) ioctl$SNDCTL_SEQ_PANIC(r5, 0x5111) 2m5.512905689s ago: executing program 9 (id=1240): syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x9, &(0x7f0000000000)={[{@nombcache}, {@jqfmt_vfsv0}, {@abort}, {}, {@noquota}, {@usrjquota, 0x2e}], [], 0x2e}, 0x6, 0x48d, &(0x7f0000000980)="$eJzs3EtvG1UbAOB3xnV6/5qv3wV6AQIFEXFJmrRAF2xAIHWDhARIZRnStCpNG9QEiVYVTREqS9RfACyR+AWsYIOAFYgtSGyQEFKFuqGwGjT2TOpcHGzHjil+HsntOTNnfM47M8c+MyfjAAbWSP5PErErIr4fithTzy4vMFL/79bNy9O/37w8nUSWvfRrUiv3283L02XRcrudRWY0jUjfTeLAGvXOX7x0dmp2duZCkR9fOPfG+PzFS4+fOTd1eub0zPnJY8eOHpl46snJJ7oS5+68rfvfnju47/ir11+YPnH9ta8+yZfvKtY3xlE33PJ7b2+yfCRGlu/LBg9F/JRlWct1/N3tbkgnW/rYENpSiYj8cFXz/h97ohK3D96eeP6dvjYO6Kksy7Ktq5ZWysRiBvyDJdF0VbqpDQE2WflFn1//lq9NHH703Y1n6hdAedy3ild9zZZIizLVFde33TQSEScW//ggf8Wa9yEAALrrs3z889ha4780/t9Q7l9Rnxsajoh/R8TeiPhPRPw3Iv4XUSt7V0Tc3Wb9Iyvyq8c/3zabXumKfPz3dDG3dXv8N1SLvzBcKXK7a/FXk1NnZmcOF/tkNKpb8/zEOnV8/tx37y9lti1f1zj+y195/eVYsC79ZcuKG3QnpxamuhB6zY2rS4GuGP8mSzMBSUTsi4j9Hbx/vs/OPPLxwWbr/zr+dXRhnin7KOLh+vFfjBXxl5L15yfHt8XszOHx8qxY7etvrr3YrP4Nxd8FN65G7Fh1/kdj/MNJ43ztfPt1XPvhvabXNJ2e/0PJy7X0ULHsramFhQsTEUPJ4urlk7e3LfNl+Tz+0UNrxZ/W3uPDYrsDEZGfxPdExL0RcV/R9vsj4oGIOLRO/F8+++DrncffW3n8J9s6/u0nKme/+LRZ/a0d/6O11GixpJXPv1YbuJF9BwAAAHeKtPY38Ek6tpRO07GxiFdq93Z3pLNz8wuPnpp78/zJ+t/KD0c1Le90pQ33QyeKe8NlfnJF/kjtvnGWZdn2Wn5sem62V3PqQGt2Nun/uZ8r/W4d0HNtzaM1e6INuCO11f9XPy0E3ME8rw2Dq9X+X+1xO4DN5/sfBtda/f9KxK0+NAXYZL7/YXDp/zC49H8YXPo/DKSNPNe/XmLv8Y43zzZUe/n7Kh1u/mNP9sZ6iUqnm29t42cOepCIdM1V1YjoS3vaSqS9qyI/+drbKj+QrRa+0umJ3XZi2cfEUD8+mwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrhzwAAAP//dNfhIw==") mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) open_tree(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x89901) mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='mountinfo\x00') read$FUSE(r1, &(0x7f00000020c0)={0x2020}, 0x2020) 2m4.945002922s ago: executing program 9 (id=1246): mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x26) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) r1 = fanotify_init(0xf00, 0x0) fanotify_mark(r1, 0x105, 0x5000003a, r0, 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x10) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f00000001c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) chdir(&(0x7f0000000140)='./bus\x00') openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='freezer.self_freezing\x00', 0x275a, 0x0) 2m3.568416507s ago: executing program 9 (id=1251): r0 = fsopen(&(0x7f0000000280)='configfs\x00', 0x1) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) fchdir(r1) r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0) getdents64(r3, &(0x7f0000000280)=""/100, 0x64) getdents64(r2, &(0x7f00000000c0)=""/85, 0x55) getdents(r2, 0xfffffffffffffffd, 0x58) 2m3.228462989s ago: executing program 48 (id=1251): r0 = fsopen(&(0x7f0000000280)='configfs\x00', 0x1) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) fchdir(r1) r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0) getdents64(r3, &(0x7f0000000280)=""/100, 0x64) getdents64(r2, &(0x7f00000000c0)=""/85, 0x55) getdents(r2, 0xfffffffffffffffd, 0x58) 1m12.20408586s ago: executing program 0 (id=1571): mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0) mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1/file4\x00', 0x1c0) mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1/file4/file6\x00', 0x1c0) mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file1/file4/file7\x00', 0x1c0) r0 = landlock_create_ruleset(&(0x7f0000000700)={0x2115}, 0x18, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file1/file4\x00', 0x200000, 0x0) landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r0, 0x1, &(0x7f0000000340)={0x2000, r1}, 0x0) landlock_restrict_self(r0, 0x4) landlock_restrict_self(r0, 0x0) renameat2(0xffffffffffffff9c, &(0x7f0000000580)='./file1/file4/file6\x00', 0xffffffffffffff9c, &(0x7f00000005c0)='./file1/file4/file7/file6\x00', 0x0) 1m12.043795082s ago: executing program 0 (id=1573): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0xc) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff001000000800395032303030"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_DIRENT(r2, &(0x7f0000000000)=ANY=[@ANYBLOB="58000000000000009fed2788c5532994414b47034801d524faf416638217", @ANYRES32], 0x58) mount$9p_fd(0x0, &(0x7f00000025c0)='./file0\x00', &(0x7f0000002340), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) chdir(&(0x7f0000000100)='./file0\x00') read$FUSE(r0, &(0x7f0000000300)={0x2020}, 0x2020) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) 1m11.799414449s ago: executing program 0 (id=1578): r0 = socket$inet_smc(0x2b, 0x1, 0x0) pipe2$9p(0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x181040, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000037c0)=[{{0x0, 0x0, &(0x7f0000000380)}}], 0x1, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000240)=@x86={0x10, 0x8, 0x5, 0x0, 0x3, 0x2, 0x6, 0x1, 0x0, 0xca, 0x6, 0x0, 0x0, 0x278a, 0x4, 0x3, 0x7, 0x5, 0x10, '\x00', 0x28, 0x80000001}) ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000000000070000040"]) getsockopt$IP_VS_SO_GET_TIMEOUT(r0, 0x0, 0x486, &(0x7f0000000040), &(0x7f0000000280)=0xc) 1m11.118744941s ago: executing program 0 (id=1588): stat(&(0x7f0000000080)='./file0\x00', &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r1 = syz_mount_image$udf(&(0x7f0000000c40), &(0x7f0000000c80)='./file0\x00', 0x2810489, &(0x7f0000000580)={[{@gid={'gid', 0x3d, r0}}, {@umask={'umask', 0x3d, 0x5}}, {@dmode={'dmode', 0x3d, 0x3}}, {@nostrict}, {@unhide}, {@undelete}, {@shortad}, {@uid_ignore}, {@shortad}, {@uid}, {@adinicb}, {@uid_ignore}, {@fileset={'fileset', 0x3d, 0x4}}, {@uid_forget}]}, 0x4, 0xc24, &(0x7f0000000d00)="$eJzs3V9oXOl5B+D3myOtJW/TzG42zh/nYmAD2Xqzi2R51yregBwrIgvGa1ZWLhYKGluyO6w0kiW5eEMJLiSUkLa45CKXNWwCvauvWggNuFfbEgKiV6UXxW03Zns3CaQtvViVM/ONNNLalrK2JXn9PMb+nTnznpnvzOrVnDN7zpwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACK+/o2TQ8Npr0cBAOymM5NvDo14/weAJ8o5+/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGwvRRHfjRTv/qCVptu3OwZON5pXrk6NT9x9scEUKSpRtOvLvwPDR0eOvfLq8dFu3n/5h+0L8cbkuZO1Uwvzi0uzy8uzM7WpZuPCwszsjh/hQZff6kj7BajNv31l5uLF5drRl0c23X21eufA04eqJ0YPj7zVrZ0an5iY7Knp6//Yz/4R6eE9FJ8gT0UR34wU7730QapHRCUevBe2+d3xqA1GX9l/7ZWYGp9or8hco95cKe9MlVzVF1HtWWis2yO70IsPZCziWvnfqRzwkXL1JhfrS/Xzc7O1s/WllcZKY6GZKp3RlutTjUqMpojFiGgVez149pv+KOJYpLjz61Y6HxFFtw9ePDP55tDI9g/QtwuDvMfTVouI1XgMehb2qQNRxF9Gih9OD8WF3Ffttnk/4itlvhZxucxbKa7n26n8BTEa8SvvJ/BY64sifhEpFlIrzXR7v71defpbtdebFxd6arvblY/9/sFusm3CPjYQRZxvb/G30sf/sAsAAAAAAAAAAAAA2B1F/DRS3Jx/IS1G7zmljeal2rn6+bnOUcHdY/9ream1tbW1aupkLedQzrGcZ3NO51zMeS3n9Zw3ct7MeSvnas7bOVs5o5KfP2ct51DOsZxnc07nXMx5Lef1nDdy3sx5K+dqzts5WznDeU8AAAAAAAAAAAAAAAAAAAA8ZINRxESkuPHuH7WvKx3t69J/+sTomfHneq8Z/7ltHqesfTkifho7uyZvf77WeKqUfx7+egHbG4givpOv//cnez0YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgX6hEEd+NFD/6TStFioixiOno5O1ir0cHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJQGUhGnIsV/fWOgfXs1Ir4YER+ulX8i/ndtq70eMQAAAAAAAAAAAAAAAAAAAHwCpSIuR4ofv9dK1Yi4Wr1z4OlD1ROjh0feKqKIVJb01r8xee5k7dTC/OLS7PLy7Extqtm4sDAzu9OnGzjdaF65OjU+8UhWZluDj3j8gwOnFhbfWWpc+sOVu95/cODk+eWVpfqFu98dg9EXMdQ750h7wFPjE+1BzzXqzfaiqXKPAfZF1Ha6MgAAAAAAAAAAAAAAAAAAAOwbB1MR45Hi+Z8dS93zxvs65/x/qnOrWK/9yR9vfBfA3Jbs6v3+gJ1Mp50O9Ej7xPva1PjExGTP7L7+j5aWY0qpiM9GisN///n2+fApDt713Piy7s8ixej/Hct11cNl3dimqoEjU+MTtTMLzZdOzs0tXKiv1M/PzdYmF+sXdvzFAQAAAAAAAAAAAAAAAAAAAHAfB1MRfx4pjr2+mrrXnc/n//d1bvWc//9aRPey8wNpc65rn9v/u+1z+zvTnz4x+vrR5+81/1Gc/1+OKaUiPowUz/zV59vX0++e/z+0pbas+3Gk+MX3vpTrKk+VdcPd1ek84sXG3OxQWftipPj+2W5ttGtfzbWf2agdLmv/IVI8+weba4/n2uc2ao+WtXcixcSZu9d+dqN2pKwdjBRf/dNat/ZgWfv1XHtoo/blCwtzMzt9eXkylf3/b5Hiy8PfTN2f+Xv2f8/3f1zbkus+0vP3n35Y/V/tmXct9/Va7v/hbfr/cqT4i+tfynWd3jua73+m/e9G/38/UvzepzbXvpJrn92oHd7pasFeKvv/nyLF6u1/Wf+Zz/2fO2ujQ3v7/4t9m7O7XbBX/f9Mz7xqHtfIb/lawJNm+Z1vv12fm5tdMmHChIn1ib3+zQQ8auX2/39Hiq9dLlJ3PzZv//9O59bG/v//fGdj+//Elly3R9v/z/bMO5H3Wvr7IgZW5hf7PxcxsPzOt19qzNcvzV6abY6MjB7//WPDR48P9z/V3bnfmNrxawePu7L/344UP/mbf17/HHvz/v/dP/87uCXX7VH/f6Z3nTbt1+z4pYAnTtn/fx0p/vXGB+v/v+l+n/91P+d74fnNOdgt2qP+f65nXi3/M9oz74Ui4uROnwsAAAAAAAAAAB4TB1MRP4sUf9v6x/Vr3m8+/ie+3K3tPf7vXvbD9f8BgPsr3/8nI8XPD341db9DZifH/89syXV7dPzvoZ55M7t0XvOOX2QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiYUhRxIFK8+4NWul2UtzsGTjeaV65OjU/cfbHBFCkqUbTry78Dw0dHjr3y6vHRbt5/+YftC/HG5LmTtVML84tLs8vLszO1qWbjwsLM7I4f4UGX3+pI+wWozb99ZebixeXa0ZdHNt19tXrnwNOHqidGD4+81a2dGp+YmOyp6ev/2M/+EenhPRSfIE9FET+PFO+99EH69yKiEg/eC9v87njUBqOv7L/2SkyNT7RXZK5Rb66Ud6ZKruqLqPYsNNbtkV3oxQcyFnEtIirlgI+Uqze5WF+qn5+brZ2tL600VhoLzVTpjLZcn2pUYjRFLEZEq9jrwbPf9EcRfxcp7vy6lf6jiCi6ffDimck3h0a2f4C+XRjkPZ62WkSsxmPQs7BPHYginosUP5weiv8sOn3Vbpv3I75S5msRl8u8leJ6vp3KXxCjEb/yfgKPtb4o4mykWEit9H6Re7+9XXn6W7XXmxcXemq725WP/f7BbrJtwj42EEX8sr3F30q/9H4OAAAAAAAAAAAAAPtcEV+LFDfnX0jt80PXzyltNC/VztXPz3UO6+8e+1/LS62tra1VUydrOYdyjuU8m3M652LOazmv57yR82bOWzlXc97O2coZlfz8OWs5h3KO5TybczrnYs5rOa/nvJHzZs5bOVdz3s7ZyhmOkwYAAAAAAAAAAAAAAAAA4BGpRBHfixQ/+k0rrRWd68tORydvO88VPtH+PwAA//9mFkcG") mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0) mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f00000001c0)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0) move_mount(r1, 0x0, r1, 0x0, 0x353) mount$bind(&(0x7f0000000880)='./file0/../file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc11, 0x0) mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000180)='./file0/file0/file0\x00', 0x0, 0x887008, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00') read$FUSE(r2, &(0x7f0000006b40)={0x2020}, 0x206e) 1m10.462042184s ago: executing program 0 (id=1594): socket$packet(0x11, 0x3, 0x300) r0 = socket$packet(0x11, 0x2, 0x300) sendto$packet(r0, 0x0, 0x0, 0x20008801, 0x0, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@ipv6_newaddr={0x34, 0x14, 0x1, 0x0, 0x0, {0xa, 0x0, 0xa1, 0x0, r3}, [@IFA_ADDRESS={0x14, 0x1, @mcast1={0xff, 0x5}}, @IFA_FLAGS={0x8, 0x8, 0x402}]}, 0x34}}, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) sendmsg$nl_route(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000640)=ANY=[@ANYBLOB="3400000014000b032bbd7000fcdbdf250a281000", @ANYRES32=r5, @ANYBLOB="080008000604000014000100ff"], 0x34}}, 0x0) 1m9.324093888s ago: executing program 0 (id=1597): syz_mount_image$exfat(&(0x7f0000000100), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000600)=ANY=[], 0x2, 0x1509, &(0x7f0000001c40)="$eJzs3Au0jtXWOPA511oPm8Sb5L7mmg9vclkkSS4JiSRJjiS5JSRJkoTEJrckJCH3JPeQ3EJyv99yT5IjSZKQkGT9h079nXM63+l83znn842z52+MZ+w19/vO+c5nz733+zxrjL2/7jCoSr2qleowM/xT8E8fUgEgBQD6AkAWAIgAoGTWklkBh0IGjan/3IuIf60Hpl7pDsSVJPNP22T+aZvMP22T+adtMv+0Teaftsn80zaZvxBp2dZpua6RI+0e/3v7/yD7///nyPv/f5DDRUd/vr7odR3/Gyky/7RN5p+2yfzTNpl/2ibzT9tk/v/hIoCKf+dhmX/aJvMXIi270vvPclzZ40p//wkhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGESBvOhcsMAPy6vtJ9CSGEEEIIIYQQ4l8npP/zKN2Va0QIIYQQQgghhBD/RggKNBiIIB2khxTIABnhKsgEV0NmyAIJuAaywrWQDa6D7JADckIuyA15IC9YIHDAEEM+yA9JuB4KwA1QEApBYSgCHopCMbgRisNNUAJuhpJwC5SCW6E0lIGyUA5ug/JwO1SAilAJ7oDKcCdUgapwF1SDu6E63AM14F6oCfdBLbgfasMfoA48AHXhQagHD0F9eBgaQENoBI2hyf8o/3noAi9AV+gGqdAdesCL0BN6QW/oA33hJegHL0N/eAUGwEAYBK/CYHgNhsDrMBSGwXB4A0bASBgFo2EMjIVx8CaMh7dgArwNE2ESTIYpMBWmwXR4B2bATJgF78JseA/mwFyYB/NhAbwPC2ERLIYPYAl8CEthGSyHFbASVsFqWANrYR2shw2wETbBZtgCW+Ej2AbbYQfshF2wG/bAx7AXPoF98Cnsh8/+Oj/L388/+1f5HREQUKFCgwbTYTpMwRTMiBkxE2bCzJgZE5jArJgVs2E2zI7ZMSfmxNyYG/NiXiQkZGTMh/kwiUksgAWwIBbEwlgYPXoshsWwON6EJbAElsSSWApLYWksg2WwHJbD8lgeK2AFrISVsDJWxipYBe/Cu/BurI7VsQbWwJpYE2thLayNtbEO1sG6WBfrYT2sj/WxATbARtgIm2ATbIpNsRk2wxbYAltiS2yFrbA1tsY22AbbYltsh+2wPbbHDtgBO2In7ITP4/P4Ar6A3bCy6o49sAf2xJ7YG/tgH3wJ++HL+DK+ggNwIA7CV/FVfA2H4BkcisNwOA7H8mokjsLRyGosjsNxOB7H4wScgBNxEk7CKTgVp+F0nI4zcCbOxHdxNr6H7+FcnIvzcQEuwIW4CBfjYlyCZ3EpLsPluAJX4ipciWtwLa7B9bgB1+Mm3IRbcAt+hB/hdtyOO3En7sbd+DF+jJ/gJzgA9+N+PIAH8CAexEN4CA/jYTyCR/AoHsVjeAyP43E8gSfxFJ7E03gaz+BZPIfn8Dyexwv4bO4v6+4utG4AqEuMMiqdSqdSVIrKqDKqTCqTyqwyq4RKqKwqq8qmsqnsKrvKqXKq3Cq3yqvyKlKkWMUqn8qnkiqpCqgCqqAqqAqrwsorr4qpYqq4Kq5KqBKqpLpFlVK3qtKqjGruy6lyqrxq4SuoiqqSqqQqqztVFVVVVVXVVDVVXVVXNVQNVVPVVLXU/aq26o698QF1aTL11ECsrwZhA9VQNVKN1Wv4iGqqhmAz1Vy1UI+pYTgUW6mmvrV6UrVRo7CtelqNxmdUezUWO6jnVEfVSXVWz6suqpnv+ut2p5qCPVUv1Vv1UTPwTnVpYlXUK2qAGqgGqVfVfHxNDVGvq6FqmBqu3lAj1Eg1So1WY9RYNU69qcart9QE9baaqCapyWqKmqqmqenqHTVDzVSz1LtqtnpPzVFz1Tw1Xy1Q76uFapFarD5QS9SHaqlapparFWqlWqVWqzVqrVqn1qsNaqPapDarLWqr+khtU9vVDrVT7VK71R71sdqrPlH71Kdqv/pMHVB/VAfV5+qQ+kIdVl+qI+ordVR9rY6pb9Rx9a06oU6qU+o7dVp9r86os+qc+kGdVz+qC+ondVEFBRq10lobHel0Or1O0Rl0Rn2VBn21zqyz6IS+RmfV1+ps+jqdXefQOXUunVvn0Xm11aSdZh3rfDq/TurrdQF9gy6oC+nCuoj2uqgupm/UxfVNuoS+WZfUt+hS+lZdWpfRZXU5fZsur2/XFXRFXUnfoSvrO3UVXVXfpavpu3V1fY+uoe/VNfV9upa+X9fWf9B19AO6rn5Q19MP6fr6Yd1AN9SNdGPdRD+im+pHdTPdXLfQj+mW+nHdSj+hW+sndRv9lG6rn9bt9DO6vX5Wd9DP6Y66k+6sf9IXddBddTedqrvrHvpF3VP30r11H91Xv6T76Zd1f/2KHqAH6kH6VT1Yv6aH6Nf1UD1MD9dv6BF6pB6lR+sxeqwep9/U4/VbeoJ+W0/Uk/RkPUVP1dN0718qzfoH8t/6G/n9f371LXqr/khv09v1Dr1T79K79R69R+/Ve/U+vU/v1/v1AX1AH9QH9SF9SB/Wh/URfUQf1Uf1MX1MH9fH9Ql9Uv+gv9On9ff6jD6rz+of9Hl9Xl/45WsABo0y2hgTmXQmvUkxGUxGc5XJZK42mU0WkzDXmKzmWpPNXGeymxwmp8llcps8Jq+xhowzbGKTz+Q3SXO9KWBuMAVNIVPYFDHeFDXFzI3/dP7v9dfENDFNTVPTzDQzLUwL09K0NK1MK9PatDZtTBvT1rQ17Uw70960Nx1MB9PRdDSdTWfTxXQxXU1Xk2pSTQ/zoulpepnepo/pa14y/Uw/09/0NwPMADPIDDKDzWAzxAwxQ81QM9wMNyPMCDPKjDJjzBgzzowz4814M8FMMBPNRDPZTDZTzVQz3Uw3M8wMM8vMMrPNbDPHzDHzzDyzwCwwC81Cs9gsNkvMErPULDPLzAqzwqwyq8was8asM+vMBrPBbDKbzFKz1Ww128w2s8PsMLvMLrPH7DF7zV6zz+wz+81+c8AcMAfNQXPIHDKHzWFzxBwxR81Rc8wcM8fNcXPCnDCnzClz2pw2Z8wZc86cM+fNeXPBXDAXzcVLl32RilRkIhOli9JFKVFKlDHKGGWKMkWZo8xRIkpEWaOsUbbouih7lCPKGeWKckd5olSwEUUu4iiO8kX5o2R0fVQguiEqGBWKCkdFIh8VjYpFN0bFo5uiEtHNUcnolqhUdGtUOioTlY3KRbdF5aPbowpRxahSdEdUObozqhJVje6KqkV3R9Wje6Ia0b1Rzei+qFZ0f1Q7+kNUJ3ogqhs9GNWLHorqRw9HDaKGUaOocdTkX1o/hDM5HvVdbTebarvbHvZF29P2sr1tH9vXvmT72Zdtf/uKHWAH2kH2VTvYvmaH2NftUDvMDrdv2BF2pB1lR9sxdqwdZ9+04+1bdoJ92060k+xkO8VOtdPsdPuOnWFn2ln2XTvbvmfn2Ll2np1vF9j37UK7yC62H9gl9kO71C6zy+0Ku9KusqvtGrvWrrPr7Qa70W6ym+0Wu9V+ZLfZ7XaH3Wl32d12j/3Y7rWf2H32U7vffmYP2D/ag/Zze8h+YQ/bL+0R+5U9ar+2x+w39rj91p6wJ+0p+509bb+3Z+xZe87+YM/bH+0F+5O9aMOli/tLb+9kyFA6SkcplEIZKSNlokyUmTJTghKUlbJSNspG2Sk75aSclJtyU17KS5cwMeWjfJSkJBWgAlSQClJhKkyePBWjYlScilMJKkElqSSVolJUmkpTWSpLt9FtdDvdThWpIt1Bd9CddCdVpapUjapRdapONagG1aSaVItqUW2qTXWoDtWlulSP6lF9qk8NqAE1okbUhJpQU2pKzagZtaAW1JJaUitqRa2pNbWhNtSW2lI7akftqT11oA7UkTpSZ+pMXagLdaWulEqp1IN6UE/qSb2pN/WlvtSP+lF/6k8DaAANokE0mAbTEBpCQ2kYDac3aASNpFE0msbQWBpH42g8jacJNIEm0kSaTJNpKk2l6TSdZtAMmkWzaDbNpjk0h+bRPFpAC2ghLaTFtJiW0BJaSktpOS2nlbSSVtNqWktraT2tp420kTbTZtpKW2kbbaMdtIN20S7aQ3toL+2lfbSP9tN+OkAH6CAdpEN0iA7TYTpCR+goHaVjdIyO03E6QSfoFJ2i03SaztAZOkfn6Dz9SBfoJ7pIgVKcgozuKpfJXe0yuywuxWVwl+IIAC7FOV0ul9vlcXmdddldjr+IyTlX0BVyhV0R511RV8zd+Ju4tCvjyrpy7jZX3t3uKvwmrubudtXdPa6Gu9dVdXf9RVzT3edquYdcbfewq+MaurqusavnHnL13cOugWvoGrnGrqV73LVyT7jW7knXxj31m3ihW+TWunVuvdvg9rpP3Dn3gzvqvnbn3Y+uq+vm+rqXXD/3suvvXnED3MDfxMPdG26EG+lGudFujBv7m3iym+KmumluunvHzXAzfxMvcO+72W6xm+Pmunlu/s/xpZ4Wuw/cEvehW+qWueVuhVvpVrnVbs3/73WF2+Q2uy1uj/vYbXPb3Q630+1yu3+OL53HPvep2+8+c0fcV+6g+9wdcsfcYfflz/Gl8zvmvnHH3bfuhDvpTrnv3Gn3vTvjzv58/pfO/Tv3k7voggNGVqzZcMTpOD2ncAbOyFdxJr6aM3MWTvA1nJWv5Wx8HWfnHJyTc3FuzsN52TKxY+aY83F+TvL1XIBv4IJciAtzEfZclIvxjVycb+ISfDOX5Fu4FN/KpbkMl+VyfBuX59u5AlfkSnwHVw6Bq3BVvour8d1cne/hGnwv1+T7uBbfz7X5D1yHH+C6/CDX44e4Pj/MDbghN+LG3IQf4ab8KDfj5tyCH+OW/Di34ie4NT/JbfgpbstPczt+htvzs9yBn+OO3Ik78/PchV/grtyNU7k79+AXuSf34t7ch/vyS9yPX+b+/AoP4IE8iF/lwfwaD+HXeSgP4+H8Bo/gkTyKR/MYHsvj+E0ez2/xBH6bJ/IknsxTeCpP4+n8Ds/gmTyL3+XZ/B7P4bk8j+fzAn6fF/IiXswf8BL+kJfyMl7OK3glr+LVvIbX8jpezxt4I2/izbyFt/JHvI238w7eybt4N+/hj3kvf8L7+FPez5/xAf4jH+TP+RB/wYf5Sz7CX/FR/pqP8Td8nL/lE3yST/F3fJq/5zN8ls/xD3yef+QL/BNf5MAQY6xiHZs4itPF6eOUOEOcMb4qzhRfHWeOs8SJ+Jo4a3xtnC2+Ls4e54hzxrni3HGeOG9sY4pdzHEc54vzx8n4+rhAfENcMC4UF46LxD4uGheLb4yLxzfFJeKb45LxLXGp+NYYUsvED91bLr4tLh/fHleIK8aV4jviyvGdcZW4anxXXC2+O64e3xPXiO+NS8T3xbXi++Pa8R/iOvEDcd34wbhe/FBcP344bhA3jBvFjeMm8SNx0/jRuFncPG4RPxa3jB+PW8VPxK3jJ+M28VO/+3hq3D3uEb8YvxiHcI/65T4xuTC5KLk4+UFySfLD5NLksuTy5IrkyuSq5OrkmuTa5Lrk+uSG5MbkpuTm5JZkCFXTg0evvPbGRz6dT+9TfAaf0V/lM/mrfWafxSf8NT6rv9Zn89f57D6Hz+lz+dw+j8/rrSfvPPvY5/P5fdJf7wv4G3xBX8gX9kW890V9Md/YN/FNfFP/qG/mm/sW/jH/mH/cP+6f8E/4J30b/5Rv65/27fwzvr1/1j/rn/MdfSff2T/vu/gXfFffzaf6VN/D9/A9fU/f2/f2fX1f38/38/19fz/AD/CD/CA/2A/2Q/wQP9QP9cP9cD/Cj/Cj/Cg/xo/x4/w4P96P9xP8BD/RT/ST/WQ/1U/10/10P8PP8LP8LD+74Gw/x8/x8/w8v8Av8Av9Qr/YL/ZL/BK/1C/1y/1yv9Kv9Kv9ar/Wr/Xr/Xq/0W/0m/1mv9Vv9dv8Nr/D7/C7/C6/x+/xe/1ev8/v8/v9fn/AH/AH/UF/yH/hD/sv/RH/lT/qv/bH/Df+uP/Wn/An/Sn/nT/tv/dn/Fl/zv/gz/sf/QX/k7/ogx+XeDMxPvFWYkLi7cTExKTE5MSUxNTEtMT0xDuJGYmZiVmJdxOzE+8l5iTmJuYl5icWJN5PLEwsSixOfJBYkvgwsTSxLLE8sSKxMrEqEUKebXHIF/KHZLg+FAg3hIKhUCgcigQfioZi4cZQPNwUSoSbQ8lwSygVbg2lQ5lQNjwcGoSGoVFoHJqER0LT8GhoFpqHFuGx0DI8HlqFJ0Lr8GRoE54KbcPToV14JrQPz4YO4bnQMXQKncPzoUt4IXQN3UJq6B56hBdDz9Ar9A59Qt/wUugXXg79wythQBgYBoVXw+DwWhgSXg9Dw7AwPLwRRoSRYVQYHcaEsWFceDOMD2+FCeHtMDFMCpPDlDA1TAvTwzthRpgZZoV3w+zwXpgT5oZ5YX5YEN4PC8OisDh8EJaED8PSsCwsDyvCyrAqrA5rwtqwLqwPG8LGsClsDlvC1vBR2Ba2hx1hZ9gVdoc94eOwN3wS9oVPw/7wWTgQ/hgOhs/DofBFOBy+DEfCV+Fo+DocC9+E4+HbcCKcDKfCd+F0+D6cCWfDufBDOB9+DBfCT+Gi/M2aEEIIIcQ/RP/O493/xufSAcCvt0Q9AODq7bkO/3XNjdn/tO6lcrdMAMCT3To88OtRuXJqauovz12qIco/FwASf1n/13gZtIDHoTU0h+J/s79eqtN5/p36yVsAMv5ZTgpcji/Xv+m/qP/IY8MXlorPZf079ecCFMx/OScDXI4v1y/xX9TP0fR3+s/w+TiAZn+Wkwkux5frF4NH4Slo/RfPFEIIIYQQQggh/qSXKtvu9+6fL92f5zaXc9LD5fj37s+FEEIIIYQQQghx5T3TqfMTj7Ru3bzdP7bAX/YF/ntZspDFf84iwy8/Ov9X+vk3La7kbyUhhBBCCCHEv8Pli/4r3YkQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCJF2/W/8O7ErfY5CCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCHElfb/AgAA//+wBDLo") openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x181242, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000003c0)='./file1\x00', 0x2, 0x92) write$FUSE_DIRENTPLUS(r0, &(0x7f0000000780)=ANY=[], 0x4000) creat(&(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x10) mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4, 0x1) creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000005c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) rename(&(0x7f0000001800)='./file0\x00', &(0x7f0000001080)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 1m8.165283888s ago: executing program 49 (id=1597): syz_mount_image$exfat(&(0x7f0000000100), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000600)=ANY=[], 0x2, 0x1509, &(0x7f0000001c40)="$eJzs3Au0jtXWOPA511oPm8Sb5L7mmg9vclkkSS4JiSRJjiS5JSRJkoTEJrckJCH3JPeQ3EJyv99yT5IjSZKQkGT9h079nXM63+l83znn842z52+MZ+w19/vO+c5nz733+zxrjL2/7jCoSr2qleowM/xT8E8fUgEgBQD6AkAWAIgAoGTWklkBh0IGjan/3IuIf60Hpl7pDsSVJPNP22T+aZvMP22T+adtMv+0Teaftsn80zaZvxBp2dZpua6RI+0e/3v7/yD7///nyPv/f5DDRUd/vr7odR3/Gyky/7RN5p+2yfzTNpl/2ibzT9tk/v/hIoCKf+dhmX/aJvMXIi270vvPclzZ40p//wkhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGESBvOhcsMAPy6vtJ9CSGEEEIIIYQQ4l8npP/zKN2Va0QIIYQQQgghhBD/RggKNBiIIB2khxTIABnhKsgEV0NmyAIJuAaywrWQDa6D7JADckIuyA15IC9YIHDAEEM+yA9JuB4KwA1QEApBYSgCHopCMbgRisNNUAJuhpJwC5SCW6E0lIGyUA5ug/JwO1SAilAJ7oDKcCdUgapwF1SDu6E63AM14F6oCfdBLbgfasMfoA48AHXhQagHD0F9eBgaQENoBI2hyf8o/3noAi9AV+gGqdAdesCL0BN6QW/oA33hJegHL0N/eAUGwEAYBK/CYHgNhsDrMBSGwXB4A0bASBgFo2EMjIVx8CaMh7dgArwNE2ESTIYpMBWmwXR4B2bATJgF78JseA/mwFyYB/NhAbwPC2ERLIYPYAl8CEthGSyHFbASVsFqWANrYR2shw2wETbBZtgCW+Ej2AbbYQfshF2wG/bAx7AXPoF98Cnsh8/+Oj/L388/+1f5HREQUKFCgwbTYTpMwRTMiBkxE2bCzJgZE5jArJgVs2E2zI7ZMSfmxNyYG/NiXiQkZGTMh/kwiUksgAWwIBbEwlgYPXoshsWwON6EJbAElsSSWApLYWksg2WwHJbD8lgeK2AFrISVsDJWxipYBe/Cu/BurI7VsQbWwJpYE2thLayNtbEO1sG6WBfrYT2sj/WxATbARtgIm2ATbIpNsRk2wxbYAltiS2yFrbA1tsY22AbbYltsh+2wPbbHDtgBO2In7ITP4/P4Ar6A3bCy6o49sAf2xJ7YG/tgH3wJ++HL+DK+ggNwIA7CV/FVfA2H4BkcisNwOA7H8mokjsLRyGosjsNxOB7H4wScgBNxEk7CKTgVp+F0nI4zcCbOxHdxNr6H7+FcnIvzcQEuwIW4CBfjYlyCZ3EpLsPluAJX4ipciWtwLa7B9bgB1+Mm3IRbcAt+hB/hdtyOO3En7sbd+DF+jJ/gJzgA9+N+PIAH8CAexEN4CA/jYTyCR/AoHsVjeAyP43E8gSfxFJ7E03gaz+BZPIfn8Dyexwv4bO4v6+4utG4AqEuMMiqdSqdSVIrKqDKqTCqTyqwyq4RKqKwqq8qmsqnsKrvKqXKq3Cq3yqvyKlKkWMUqn8qnkiqpCqgCqqAqqAqrwsorr4qpYqq4Kq5KqBKqpLpFlVK3qtKqjGruy6lyqrxq4SuoiqqSqqQqqztVFVVVVVXVVDVVXVVXNVQNVVPVVLXU/aq26o698QF1aTL11ECsrwZhA9VQNVKN1Wv4iGqqhmAz1Vy1UI+pYTgUW6mmvrV6UrVRo7CtelqNxmdUezUWO6jnVEfVSXVWz6suqpnv+ut2p5qCPVUv1Vv1UTPwTnVpYlXUK2qAGqgGqVfVfHxNDVGvq6FqmBqu3lAj1Eg1So1WY9RYNU69qcart9QE9baaqCapyWqKmqqmqenqHTVDzVSz1LtqtnpPzVFz1Tw1Xy1Q76uFapFarD5QS9SHaqlapparFWqlWqVWqzVqrVqn1qsNaqPapDarLWqr+khtU9vVDrVT7VK71R71sdqrPlH71Kdqv/pMHVB/VAfV5+qQ+kIdVl+qI+ordVR9rY6pb9Rx9a06oU6qU+o7dVp9r86os+qc+kGdVz+qC+ondVEFBRq10lobHel0Or1O0Rl0Rn2VBn21zqyz6IS+RmfV1+ps+jqdXefQOXUunVvn0Xm11aSdZh3rfDq/TurrdQF9gy6oC+nCuoj2uqgupm/UxfVNuoS+WZfUt+hS+lZdWpfRZXU5fZsur2/XFXRFXUnfoSvrO3UVXVXfpavpu3V1fY+uoe/VNfV9upa+X9fWf9B19AO6rn5Q19MP6fr6Yd1AN9SNdGPdRD+im+pHdTPdXLfQj+mW+nHdSj+hW+sndRv9lG6rn9bt9DO6vX5Wd9DP6Y66k+6sf9IXddBddTedqrvrHvpF3VP30r11H91Xv6T76Zd1f/2KHqAH6kH6VT1Yv6aH6Nf1UD1MD9dv6BF6pB6lR+sxeqwep9/U4/VbeoJ+W0/Uk/RkPUVP1dN0718qzfoH8t/6G/n9f371LXqr/khv09v1Dr1T79K79R69R+/Ve/U+vU/v1/v1AX1AH9QH9SF9SB/Wh/URfUQf1Uf1MX1MH9fH9Ql9Uv+gv9On9ff6jD6rz+of9Hl9Xl/45WsABo0y2hgTmXQmvUkxGUxGc5XJZK42mU0WkzDXmKzmWpPNXGeymxwmp8llcps8Jq+xhowzbGKTz+Q3SXO9KWBuMAVNIVPYFDHeFDXFzI3/dP7v9dfENDFNTVPTzDQzLUwL09K0NK1MK9PatDZtTBvT1rQ17Uw70960Nx1MB9PRdDSdTWfTxXQxXU1Xk2pSTQ/zoulpepnepo/pa14y/Uw/09/0NwPMADPIDDKDzWAzxAwxQ81QM9wMNyPMCDPKjDJjzBgzzowz4814M8FMMBPNRDPZTDZTzVQz3Uw3M8wMM8vMMrPNbDPHzDHzzDyzwCwwC81Cs9gsNkvMErPULDPLzAqzwqwyq8was8asM+vMBrPBbDKbzFKz1Ww128w2s8PsMLvMLrPH7DF7zV6zz+wz+81+c8AcMAfNQXPIHDKHzWFzxBwxR81Rc8wcM8fNcXPCnDCnzClz2pw2Z8wZc86cM+fNeXPBXDAXzcVLl32RilRkIhOli9JFKVFKlDHKGGWKMkWZo8xRIkpEWaOsUbbouih7lCPKGeWKckd5olSwEUUu4iiO8kX5o2R0fVQguiEqGBWKCkdFIh8VjYpFN0bFo5uiEtHNUcnolqhUdGtUOioTlY3KRbdF5aPbowpRxahSdEdUObozqhJVje6KqkV3R9Wje6Ia0b1Rzei+qFZ0f1Q7+kNUJ3ogqhs9GNWLHorqRw9HDaKGUaOocdTkX1o/hDM5HvVdbTebarvbHvZF29P2sr1tH9vXvmT72Zdtf/uKHWAH2kH2VTvYvmaH2NftUDvMDrdv2BF2pB1lR9sxdqwdZ9+04+1bdoJ92060k+xkO8VOtdPsdPuOnWFn2ln2XTvbvmfn2Ll2np1vF9j37UK7yC62H9gl9kO71C6zy+0Ku9KusqvtGrvWrrPr7Qa70W6ym+0Wu9V+ZLfZ7XaH3Wl32d12j/3Y7rWf2H32U7vffmYP2D/ag/Zze8h+YQ/bL+0R+5U9ar+2x+w39rj91p6wJ+0p+509bb+3Z+xZe87+YM/bH+0F+5O9aMOli/tLb+9kyFA6SkcplEIZKSNlokyUmTJTghKUlbJSNspG2Sk75aSclJtyU17KS5cwMeWjfJSkJBWgAlSQClJhKkyePBWjYlScilMJKkElqSSVolJUmkpTWSpLt9FtdDvdThWpIt1Bd9CddCdVpapUjapRdapONagG1aSaVItqUW2qTXWoDtWlulSP6lF9qk8NqAE1okbUhJpQU2pKzagZtaAW1JJaUitqRa2pNbWhNtSW2lI7akftqT11oA7UkTpSZ+pMXagLdaWulEqp1IN6UE/qSb2pN/WlvtSP+lF/6k8DaAANokE0mAbTEBpCQ2kYDac3aASNpFE0msbQWBpH42g8jacJNIEm0kSaTJNpKk2l6TSdZtAMmkWzaDbNpjk0h+bRPFpAC2ghLaTFtJiW0BJaSktpOS2nlbSSVtNqWktraT2tp420kTbTZtpKW2kbbaMdtIN20S7aQ3toL+2lfbSP9tN+OkAH6CAdpEN0iA7TYTpCR+goHaVjdIyO03E6QSfoFJ2i03SaztAZOkfn6Dz9SBfoJ7pIgVKcgozuKpfJXe0yuywuxWVwl+IIAC7FOV0ul9vlcXmdddldjr+IyTlX0BVyhV0R511RV8zd+Ju4tCvjyrpy7jZX3t3uKvwmrubudtXdPa6Gu9dVdXf9RVzT3edquYdcbfewq+MaurqusavnHnL13cOugWvoGrnGrqV73LVyT7jW7knXxj31m3ihW+TWunVuvdvg9rpP3Dn3gzvqvnbn3Y+uq+vm+rqXXD/3suvvXnED3MDfxMPdG26EG+lGudFujBv7m3iym+KmumluunvHzXAzfxMvcO+72W6xm+Pmunlu/s/xpZ4Wuw/cEvehW+qWueVuhVvpVrnVbs3/73WF2+Q2uy1uj/vYbXPb3Q630+1yu3+OL53HPvep2+8+c0fcV+6g+9wdcsfcYfflz/Gl8zvmvnHH3bfuhDvpTrnv3Gn3vTvjzv58/pfO/Tv3k7voggNGVqzZcMTpOD2ncAbOyFdxJr6aM3MWTvA1nJWv5Wx8HWfnHJyTc3FuzsN52TKxY+aY83F+TvL1XIBv4IJciAtzEfZclIvxjVycb+ISfDOX5Fu4FN/KpbkMl+VyfBuX59u5AlfkSnwHVw6Bq3BVvour8d1cne/hGnwv1+T7uBbfz7X5D1yHH+C6/CDX44e4Pj/MDbghN+LG3IQf4ab8KDfj5tyCH+OW/Di34ie4NT/JbfgpbstPczt+htvzs9yBn+OO3Ik78/PchV/grtyNU7k79+AXuSf34t7ch/vyS9yPX+b+/AoP4IE8iF/lwfwaD+HXeSgP4+H8Bo/gkTyKR/MYHsvj+E0ez2/xBH6bJ/IknsxTeCpP4+n8Ds/gmTyL3+XZ/B7P4bk8j+fzAn6fF/IiXswf8BL+kJfyMl7OK3glr+LVvIbX8jpezxt4I2/izbyFt/JHvI238w7eybt4N+/hj3kvf8L7+FPez5/xAf4jH+TP+RB/wYf5Sz7CX/FR/pqP8Td8nL/lE3yST/F3fJq/5zN8ls/xD3yef+QL/BNf5MAQY6xiHZs4itPF6eOUOEOcMb4qzhRfHWeOs8SJ+Jo4a3xtnC2+Ls4e54hzxrni3HGeOG9sY4pdzHEc54vzx8n4+rhAfENcMC4UF46LxD4uGheLb4yLxzfFJeKb45LxLXGp+NYYUsvED91bLr4tLh/fHleIK8aV4jviyvGdcZW4anxXXC2+O64e3xPXiO+NS8T3xbXi++Pa8R/iOvEDcd34wbhe/FBcP344bhA3jBvFjeMm8SNx0/jRuFncPG4RPxa3jB+PW8VPxK3jJ+M28VO/+3hq3D3uEb8YvxiHcI/65T4xuTC5KLk4+UFySfLD5NLksuTy5IrkyuSq5OrkmuTa5Lrk+uSG5MbkpuTm5JZkCFXTg0evvPbGRz6dT+9TfAaf0V/lM/mrfWafxSf8NT6rv9Zn89f57D6Hz+lz+dw+j8/rrSfvPPvY5/P5fdJf7wv4G3xBX8gX9kW890V9Md/YN/FNfFP/qG/mm/sW/jH/mH/cP+6f8E/4J30b/5Rv65/27fwzvr1/1j/rn/MdfSff2T/vu/gXfFffzaf6VN/D9/A9fU/f2/f2fX1f38/38/19fz/AD/CD/CA/2A/2Q/wQP9QP9cP9cD/Cj/Cj/Cg/xo/x4/w4P96P9xP8BD/RT/ST/WQ/1U/10/10P8PP8LP8LD+74Gw/x8/x8/w8v8Av8Av9Qr/YL/ZL/BK/1C/1y/1yv9Kv9Kv9ar/Wr/Xr/Xq/0W/0m/1mv9Vv9dv8Nr/D7/C7/C6/x+/xe/1ev8/v8/v9fn/AH/AH/UF/yH/hD/sv/RH/lT/qv/bH/Df+uP/Wn/An/Sn/nT/tv/dn/Fl/zv/gz/sf/QX/k7/ogx+XeDMxPvFWYkLi7cTExKTE5MSUxNTEtMT0xDuJGYmZiVmJdxOzE+8l5iTmJuYl5icWJN5PLEwsSixOfJBYkvgwsTSxLLE8sSKxMrEqEUKebXHIF/KHZLg+FAg3hIKhUCgcigQfioZi4cZQPNwUSoSbQ8lwSygVbg2lQ5lQNjwcGoSGoVFoHJqER0LT8GhoFpqHFuGx0DI8HlqFJ0Lr8GRoE54KbcPToV14JrQPz4YO4bnQMXQKncPzoUt4IXQN3UJq6B56hBdDz9Ar9A59Qt/wUugXXg79wythQBgYBoVXw+DwWhgSXg9Dw7AwPLwRRoSRYVQYHcaEsWFceDOMD2+FCeHtMDFMCpPDlDA1TAvTwzthRpgZZoV3w+zwXpgT5oZ5YX5YEN4PC8OisDh8EJaED8PSsCwsDyvCyrAqrA5rwtqwLqwPG8LGsClsDlvC1vBR2Ba2hx1hZ9gVdoc94eOwN3wS9oVPw/7wWTgQ/hgOhs/DofBFOBy+DEfCV+Fo+DocC9+E4+HbcCKcDKfCd+F0+D6cCWfDufBDOB9+DBfCT+Gi/M2aEEIIIcQ/RP/O493/xufSAcCvt0Q9AODq7bkO/3XNjdn/tO6lcrdMAMCT3To88OtRuXJqauovz12qIco/FwASf1n/13gZtIDHoTU0h+J/s79eqtN5/p36yVsAMv5ZTgpcji/Xv+m/qP/IY8MXlorPZf079ecCFMx/OScDXI4v1y/xX9TP0fR3+s/w+TiAZn+Wkwkux5frF4NH4Slo/RfPFEIIIYQQQggh/qSXKtvu9+6fL92f5zaXc9LD5fj37s+FEEIIIYQQQghx5T3TqfMTj7Ru3bzdP7bAX/YF/ntZspDFf84iwy8/Ov9X+vk3La7kbyUhhBBCCCHEv8Pli/4r3YkQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCJF2/W/8O7ErfY5CCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCHElfb/AgAA//+wBDLo") openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x181242, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000003c0)='./file1\x00', 0x2, 0x92) write$FUSE_DIRENTPLUS(r0, &(0x7f0000000780)=ANY=[], 0x4000) creat(&(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x10) mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4, 0x1) creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000005c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) rename(&(0x7f0000001800)='./file0\x00', &(0x7f0000001080)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 1m8.159969474s ago: executing program 1 (id=1600): mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f00000005c0)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) mknodat$loop(r0, &(0x7f0000001600)='./file1\x00', 0x2000, 0x0) chdir(&(0x7f00000003c0)='./bus\x00') linkat(r0, &(0x7f0000000000)='./file1\x00', r0, &(0x7f0000000240)='./file0\x00', 0x0) unlink(&(0x7f0000000080)='./file0\x00') symlink(&(0x7f0000000000)='./file1\x00', &(0x7f0000004540)='./file0\x00') 1m7.872606525s ago: executing program 1 (id=1605): syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) syz_init_net_socket$llc(0x1a, 0x801, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffebe}, 0x90) r0 = syz_io_uring_setup(0x24fa, &(0x7f0000000b80)={0x0, 0x2000000, 0x10100, 0x0, 0x215}, &(0x7f0000000280)=0x0, &(0x7f0000000240)=0x0) sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='8'], 0x38}}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r3, &(0x7f0000000180)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x8, 0x0, @fd, 0x10, 0x0, 0xfffdfff9, 0x5, 0x259792cd96d38d81}) io_uring_enter(r0, 0x2d3e, 0x0, 0x8, 0x0, 0x0) 1m7.626212004s ago: executing program 1 (id=1607): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfb, {0x0, 0x0, 0x0, r3, {0x0, 0x1}, {0xffff, 0xffff}, {0xffff, 0x9}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0xe0000000, 0x5, 0xb7, 0x2, 0x1, 0x1, 0x4, 0x3, 0x1}}}}]}, 0x58}}, 0x4000) r4 = socket(0x10, 0x803, 0x0) r5 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=@newtfilter={0xa4, 0x2c, 0xd2b, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {0xb, 0x3}, {}, {0x1, 0x9}}, [@filter_kind_options=@f_u32={{0x8}, {0x70, 0x2, [@TCA_U32_SEL={0x14, 0x5, {0x0, 0x6, 0x0, 0x9, 0x401, 0x1000, 0x8a3, 0xd5}}, @TCA_U32_ACT={0x58, 0x7, [@m_skbmod={0x54, 0x1, 0x0, 0x0, {{0xb}, {0x28, 0x2, 0x0, 0x1, [@TCA_SKBMOD_PARMS={0x24, 0x2, {{0x4cc0, 0x3, 0x4, 0x7, 0x400000}, 0xc}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x2}}}}]}]}}, @TCA_RATE={0x6, 0x5, {0x8, 0x7}}]}, 0xa4}, 0x1, 0x0, 0x0, 0x81}, 0x800) 1m4.438418202s ago: executing program 1 (id=1620): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) syz_mount_image$f2fs(&(0x7f0000000380), &(0x7f0000000400)='./bus\x00', 0xa18008, &(0x7f0000000480)=ANY=[@ANYBLOB="6167655f657874656e745f63616368652c6e6f6c617a7974696d652c616c6c6f635f6d6f64653d64656661756c742c6163746976655f6c6f67733d362c61636c2c6661756c745f696e6a656374696f6e3d30303030303030303030303030303030313236322c61636c2c6e6f61636c2c636f6d70726573735f63616368652c6261636b67726f756e645f67633d6f66662c6e6f626172726965722c636f6d70726573735f63616368652c6d6f64653d6c66732c00a0f136a7b12c237938b84e413b4410176f83a54dc492582695e005d110d725abbe2adec1ac2f6f77d172f0a20b3c1a8f19a6b28a8e0ba53dc3bf8ebe1ba50407cd64781927026076251050bd3ce7"], 0x1, 0x5505, &(0x7f00000079c0)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S") mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000440)='./bus\x00', 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x10000, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './bus'}}], [], 0x2c}) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x40) getdents(r0, 0x0, 0x0) getdents(r0, 0x0, 0x58) 1m3.706772028s ago: executing program 1 (id=1622): r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000100)={@multicast2, @loopback}, 0xc) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000008500000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = socket$netlink(0x10, 0x3, 0x0) writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1) writev(r1, &(0x7f0000000400)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1) r2 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40) setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027fa80a010000000004"], 0x57) setsockopt$inet_mreqsrc(r0, 0x0, 0x24, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc) 1m2.201097238s ago: executing program 1 (id=1632): sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newsa={0xf0, 0x10, 0x713, 0x70bd26, 0x0, {{@in6=@ipv4={'\x00', '\xff\xff', @multicast2}, @in=@dev={0xac, 0x14, 0x14, 0x1b}, 0x4e23, 0x1, 0x0, 0x3, 0x2, 0x0, 0x0, 0x3a, 0x0, 0xffffffffffffffff}, {@in6=@remote, 0x0, 0x32}, @in=@dev={0xac, 0x14, 0x14, 0x33}, {0x0, 0x0, 0x8, 0xa, 0x6}, {0x0, 0x0, 0x2, 0xfffffffffffffffc}, {0xc, 0x0, 0x2}, 0x70bd28, 0x0, 0x2, 0x4}}, 0xf0}, 0x1, 0x0, 0x0, 0xc0}, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000040)=ANY=[@ANYBLOB="12000000120001000200000000000000100000000c00001700000000000000000f10"], 0x30}], 0x1, 0x0, 0x0, 0x20004000}, 0x0) r2 = dup(r1) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 1m1.955597873s ago: executing program 50 (id=1632): sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newsa={0xf0, 0x10, 0x713, 0x70bd26, 0x0, {{@in6=@ipv4={'\x00', '\xff\xff', @multicast2}, @in=@dev={0xac, 0x14, 0x14, 0x1b}, 0x4e23, 0x1, 0x0, 0x3, 0x2, 0x0, 0x0, 0x3a, 0x0, 0xffffffffffffffff}, {@in6=@remote, 0x0, 0x32}, @in=@dev={0xac, 0x14, 0x14, 0x33}, {0x0, 0x0, 0x8, 0xa, 0x6}, {0x0, 0x0, 0x2, 0xfffffffffffffffc}, {0xc, 0x0, 0x2}, 0x70bd28, 0x0, 0x2, 0x4}}, 0xf0}, 0x1, 0x0, 0x0, 0xc0}, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000040)=ANY=[@ANYBLOB="12000000120001000200000000000000100000000c00001700000000000000000f10"], 0x30}], 0x1, 0x0, 0x0, 0x20004000}, 0x0) r2 = dup(r1) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 4.11301289s ago: executing program 3 (id=1906): mkdir(&(0x7f0000000140)='./control\x00', 0x8) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10) r1 = inotify_init1(0x0) inotify_add_watch(r1, &(0x7f0000000180)='./control\x00', 0xa4000960) r2 = inotify_init1(0x0) inotify_add_watch(r2, &(0x7f0000000000)='./control\x00', 0x40000000) rmdir(&(0x7f0000000100)='./control\x00') socket$inet6(0xa, 0x800000000000002, 0x0) 3.927326875s ago: executing program 3 (id=1909): r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) ioctl$SG_IO(r0, 0x2285, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) write$sndseq(r1, &(0x7f0000000180)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}], 0x38) write$sndseq(r1, &(0x7f0000000640)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {0x8}, @ext={0x0, 0x0}}, {0x0, 0x0, 0x0, 0x0, @tick, {0xa}, {0x0, 0x5}, @addr}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32={[0x0, 0x8, 0xf]}}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw32={[0x0, 0x101]}}, {0x1, 0x0, 0x0, 0x0, @tick, {0x0, 0x40}, {}, @connect}, {0x0, 0x4, 0x3, 0x80, @tick=0xfffffffa, {}, {}, @control={0x6, 0x7fff, 0x8}}, {0x0, 0x0, 0x0, 0x0, @time={0xffffff85}, {}, {}, @time=@time}], 0xc4) write$sndseq(r1, &(0x7f0000002840)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @addr}], 0x54) write$sndseq(r1, &(0x7f0000000300)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @result}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @queue}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, 0x0}}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @time}, {0x0, 0x0, 0x0, 0x0, @tick=0x6, {}, {}, @connect={{0x8}}}, {0x0, 0x0, 0x0, 0x0, @tick=0xfffffffc, {0x6}, {}, @control}], 0xc4) write$sndseq(r1, &(0x7f0000000a40)=[{0x0, 0x0, 0x0, 0x0, @time, {0x0, 0x8}}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {0x0, 0x20}, @raw32}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @queue}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @queue}], 0x8c) write$sndseq(r0, &(0x7f0000000c00)=[{0x0, 0x0, 0x0, 0x0, @time={0x9, 0xefa}, {}, {}, @addr}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32={[0x0, 0x0, 0x800]}}, {0x0, 0x0, 0x2, 0x6, @time, {}, {}, @control}], 0x54) write$sndseq(r1, &(0x7f0000000f80)=[{0x0, 0x0, 0x0, 0x0, @tick, {0x3}, {}, @queue}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @quote}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @addr}, {}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @quote}], 0xc4) 3.873772238s ago: executing program 5 (id=1910): socket$xdp(0x2c, 0x3, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0x3cfa, 0x0, 0x2, 0x3b9}, &(0x7f0000000000)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r2, 0x47f6, 0x0, 0x2, 0x0, 0x0) 3.792292422s ago: executing program 3 (id=1911): socket(0x2, 0x80805, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r0 = socket(0x2a, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000080)={'batadv0\x00', 0x0}) ioctl$sock_SIOCOUTQ(r1, 0x5411, &(0x7f0000000000)) sendto$packet(r1, &(0x7f0000000240)="f2435f203b000000000000000000", 0xe, 0x0, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @remote}, 0x14) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=ANY=[@ANYBLOB="3c00000013000100000000000000000000000002", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=r2, @ANYBLOB="1400350064756d6d7930"], 0x3c}}, 0x0) ioctl$SIOCSIFMTU(r0, 0x8922, &(0x7f0000000080)={'dummy0\x00'}) 3.517419331s ago: executing program 3 (id=1912): r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) r2 = syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100, 0x0, 0x0, 0x0, r1}, &(0x7f0000000180)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r0, 0x0, 0x0, 0x0, {}, 0x1}) io_uring_enter(r2, 0x2ded, 0xef92, 0x0, 0x0, 0x0) r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0) ioctl$PPPIOCNEWUNIT(r5, 0xc004743e, &(0x7f0000000040)) ioctl$PPPIOCSACTIVE(r5, 0x40047459, &(0x7f0000000080)={0xfffffffffffffe43, 0x0}) read(r5, 0x0, 0x5d) 2.450588698s ago: executing program 3 (id=1917): socket$nl_netfilter(0x10, 0x3, 0xc) syz_open_procfs$pagemap(0x0, &(0x7f0000000100)) openat$vcs(0xffffffffffffff9c, &(0x7f0000000180), 0x840, 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) close_range(r1, 0xffffffffffffffff, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_usb_connect$uac1(0x3, 0xdc, &(0x7f00000001c0)=ANY=[@ANYBLOB="12010000000000106b1d01014000010203010902ca0003010070000904000000010100000a24010800000201020d24060000030800000000000000240803960c03112d9cd2ce0c240208000103000000ff000924060506020100000924030003030005490c240206", @ANYRES8=r2, @ANYRES16=r0], 0x0) 2.205181223s ago: executing program 5 (id=1920): syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='setgroups\x00') getpid() sched_setaffinity(0x0, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) 2.00053916s ago: executing program 7 (id=1923): mkdir(&(0x7f0000000100)='./file0\x00', 0x0) syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c}) recvfrom(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$fuse(&(0x7f0000000140), &(0x7f00000001c0)='./file0\x00', 0x40000, &(0x7f0000000280)=ANY=[], 0x1, 0x0, 0x0) ioctl$BTRFS_IOC_GET_DEV_STATS(0xffffffffffffffff, 0xc4089434, &(0x7f0000000240)={0x0, 0x0, 0x0, [], [0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x87, 0x0, 0x0, 0xc, 0x1, 0x7f, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x100000000000000, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x100, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x3d, 0x1, 0x6, 0x3, 0x0, 0x0, 0xffffffffff7ffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x4, 0x0, 0x5, 0x5, 0x0, 0x8000000000000000, 0x3, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff9, 0xfffffffffffffffe, 0x3d60, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x6, 0x4, 0xfffffffffffffffd, 0x0, 0x0, 0xffffffffffffffff, 0x4, 0xfffffffffffffffd, 0x0, 0x0, 0x2, 0x3, 0x0, 0x0, 0x3fffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x7]}) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='freezer.self_freezing\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000280), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000003, 0x28011, r0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0xc0189436, &(0x7f0000000140)) 1.506848946s ago: executing program 7 (id=1927): syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000200)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4000, &(0x7f0000000300), 0xd, 0x5f6, &(0x7f0000000c00)="$eJzs3c9rHFUcAPDvbH40aapJi6j1YBdEWtAmTdpKEQ/tVUqoP/DixdiktXbbhiaiqUJTqBdBvIgInjxYwT9Ci732pCB48OJJCkWlR8GV2cyk2exufmyTbOx8PrDNzHsz8950882befvebACFVU7/KUXsjYjpJGIwmV/M644ss7yw3b2/PzqdvpKoVl/7M4kkS8u3T7KfA9nOfRHx049J7OlqLHdm7sr5iUpl6nK2PjJ7YXpkZu7KwXMXJs5OnZ26OPbC2LGjR44eGz3U1nldbZJ28vq77w9+Mv7mN1/9k4x++9t4Esfj5WzDpecREb+U2iq1XjnKtf+TpDFr4NgGHH876Mp+T5a+xUl3ByvEuuTvX09EPBGD0RX337zB+PiVjlYO2FTVJKIKFFQi/qGg8uuA/N5+2X1wbMR9MLA93T2x0AHQGP/dC32D0VfrG9h5L4ml3TpJRLTXM1dvV0TcvjV+/cyt8evR2A8HbKL5axHxZLP4T2rxPxR9MVSL/1Jd/KfXBaeyn2n6q22Wv7yruDH+D7d5ZGA1C/Hft2L8R4v4f2tJ/L/dZvnl+4vv9NfFf3+7pwQAAAAAAACFdfNERDzf7PP/0uL4n2gy/mcgIo5vQPnlZeuNn/+X7mxAMUATd09EvNR0/G8pH/071JUtPVIbD9CTnDlXmToUEY9GxIHo2ZGuj65QxsFP93zZKq+cjf/LX2n5t7OxgFk97nTvqN9ncmJ24kHPG4i4ey3iqabjf5PF9j9p0v6nfw+m11jGnmdvnGqVt3r8A5ul+nXE/qbt//2nViQrP59jpHY9MJJfFTR6+sPPvm9Vfrvx7xET8ODS9n/nyvE/lCx9Xs/M+ss4PNddbZXX7vV/b/J67ZEzvVnaBxOzs5dHI3qTk11pal362PrrDA+jPB7yeEnj/8AzK/f/Nbv+74+I+WXHTv6qn1Oce/zfgd9b1cf1P3ROGv+T62r/178wdmPoh1blr639P1Jr6w9kKfr/YMEXeZj21qc3RuFiQNdlbXV9AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBhUIqIXZGUhheXS6Xh4YiBiHgsdpYql2Zmnztz6b2Lk2le7fv/S/k3/Q4urCf59/8PLVkfW7Z+OCJ2R8TnXf219eHTlyqTnT55AAAAAAAAAAAAAAAAAAAA2CYGWsz/T/3R1enaAZuuu9MVADqmSfz/3Il6AFtP+w/FJf6huMQ/FJf4h+IS/1Bc4h+KS/xDcYl/AAAAAAB4qOzed/PXJCLmX+yvvVK9WV5PR2sGbLZSpysAdIxH/EBxGfoDxeUeH0hWye9rudNqe65k+vQD7AwAAAAAAAAAAAAAhbN/r/n/UFTm/0Nxmf8PxZXP/9/X4XoAW889PhCrzORvOv9/1b0AAAAAAAAAAAAAgI00M3fl/ESlMnV5Ixd2xBo3/m4zSm934Y3tUY2tXKhWq1fT34LtUp//+UI+FH6LS++OtW2cz/Vb25E79zcJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACo918AAAD//x99I+M=") r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e000100000000000000000000000000000000000000000a00"], 0xb8}}, 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0x2, 0x0, 0x25dfdbfe, {{@in6=@private0, @in=@remote, 0x0, 0x4, 0x0, 0x0, 0xa, 0x60, 0x60, 0x3b, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {}, 0x9, 0x0, 0x0, 0x0, 0x2}}, 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x50) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9"], 0xb8}}, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001780)=ANY=[@ANYBLOB="b80000001300e99900000000fedbdf25fc0000000000000000000000000000400000000000000000000000000000000000000400000000000a006080"], 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x0) sendmsg$nl_xfrm(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0xcb23c9c9931e99e9, 0x0, 0x0, {{@in6=@private0, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x40, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x9}, {0x0, 0x5}}}, 0xb8}}, 0x4000) 1.372678969s ago: executing program 8 (id=1928): r0 = socket(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_GET_WOWLAN(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000340)={0x0, 0x30}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) getsockname$packet(r3, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB="380000001000050700bbc0000000010007000000", @ANYRES32=r4, @ANYBLOB="00000000000000001800120008000100736974000c0002000800020006"], 0x38}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="50000000100001042dbd70000000000000000000", @ANYRES32=r5, @ANYBLOB="000000000000000030001280080001007369740024000280080014"], 0x50}}, 0x0) sendmmsg(r0, &(0x7f0000000000), 0x400000000000235, 0x0) 1.371845759s ago: executing program 2 (id=1929): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) sendmsg$unix(0xffffffffffffffff, 0x0, 0xc800) recvmmsg(0xffffffffffffffff, &(0x7f0000001140), 0x700, 0x2, 0x0) unshare(0x68040200) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) write(r1, &(0x7f0000000340)="41000000010001", 0x7) 1.221232717s ago: executing program 7 (id=1930): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000180)=ANY=[@ANYBLOB="680000001000030400"/20, @ANYRES32, @ANYBLOB="0000000000000000400012800c0001006d6163766c616e003000028008000100100000001c0005"], 0x68}}, 0x64000004) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r1, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690addcfbe1fbb66ec", 0xff3b}], 0x1, 0x1) close(r1) socket(0x10, 0x3, 0x0) r2 = socket$inet(0x2, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'bond_slave_1\x00', 0x0}) bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='\f'], 0x48) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="4400000010000100039a00"/20, @ANYRES32=r3, @ANYBLOB="000020000008000024001200140001006272696467655f736c617665800000000c00050008"], 0x3}}, 0x0) splice(r0, 0x0, r1, 0x0, 0x10500, 0x0) 1.208741106s ago: executing program 8 (id=1931): r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000007, 0x38011, r0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = dup(r2) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil}) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0) syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) 982.288657ms ago: executing program 5 (id=1932): prlimit64(0x0, 0xe, 0x0, 0x0) r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) fchdir(r1) symlink(&(0x7f0000000000)='./file1\x00', &(0x7f0000004540)='./file0\x00') r2 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f0000000300)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000240)='./file0\x00', 0x0, 0x80}) io_uring_enter(r2, 0x3516, 0x0, 0x0, 0x0, 0xfffffdcf) 981.607542ms ago: executing program 8 (id=1933): socket$inet_tcp(0x2, 0x1, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket(0x10, 0x3, 0x0) r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x4, 0x6}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x80, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0) close(0x3) 960.162764ms ago: executing program 7 (id=1934): syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000300)='./file1\x00', 0x0, &(0x7f0000000040)=ANY=[], 0x1, 0x67d, &(0x7f0000000780)="$eJzs3c1vXFfdB/DvnUzsTNonddOkzYMq1WokQFgkfpELZkNACHlRQVUWrK3EaayM02K7lVsh6vC67aJ/QFl4g1ghsY9UWLCBXXfI7CohsekGsxo013fG4/FLxm3jccrnE905595zz7m/87tz77xY0QT4nzU/kfqDFJmfeHm9vb61OdPc2pxZ7tSTjCbZSOpJakmKf7darQ+TG0nRHaboK/d5f2nu1Y8+2fp4Z61eLeX+taP69an22+jbvNHZNp7kTFV+BnvGu/mZxyu6kd9IcrUqYejOJmnt8ZO/PNlt6dE4qPe5E4kReLSKndfNVK/HXWPJ+epCb78P6Lzy1k4+wsGMDrhf/zsIAAAAeNwM8hn4qe1sZ724cALhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwBfCxu7v/xfVUuvUx1N0fv9/pNqWqn66vHC83R88qjgAAAAAAAAA4ET8o3x8YTvbWc+FztZWUf7N/8Vy5VL5+ETezGoWs5JrWc9C1rKWlUwlGesZbmR9YW1tZWqAntMH9px+SLijVdn4POYOAAAAAAAAAF84P8/87t//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgNCiSMztFivs9m8dSqyc5l2SkvWEj+Vun/jh7MOwAAAAA4AQ8tZ3trOdCZ71V5FKSZ8vvAM7lzdzLWpaylmYWc6v8XmDnU39ta3OmubU5s7z1w4PG/c6/jhVGOWJ2vns4+MhXyj0auf1Wp8/NvJ5mbqVW9my7UsazOdPZY3nvQe63Yyq+XRkwsltV2Z75e1W5z7vHmuxhjvllyliZkbO5naUyR5NVbO1sPF1lorvs7XrMs9N/pKnUusFe6jtS3yQ+Vc7PV2V7Pr8+LOdD0Z+J6Z5n37NH5zz5yh9//+PJqn56pjSYM1XZKh8b+zMx05OJ5wbJxJ3mvbt3bq9OPG6Z2GeyzMTl7vp8vp8fZSLjeSUrWcpbWchaFjOe75W1herkFz2X/CGZurFn7ZWHRTJSPUN3TtbxYnqx7HshS/lBXs+tLOal8t90pvKNzGY2cz1n+PLRZ7i86muHXPWt/zsw+KtfrSqNJL+pygMd2vCotPP6dE9ee++5Y2Vb75bdLF0cIEvHvDfWv1RV2sf4RVWeDv2ZmOrJxDNHZ+K35W1ltXnv7sqdhTcGO9zF93qO+6tTdUttP18utk9Wubb32dFue6a75958tdsudfvV9rVd7raVV2pRP/RKHanew+0fabpse+7Atpmy7UpPW6Pbdq37fguAU+/8186PNP7Z+Gvjg8YvG3caL5/77ug3R58fydk/nf1WffLMl2vPF3/IB/nZ7ud/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg01t9+527C83m4kpfpdVqvXtI00lX6g8JdV8l439/ot2hs6WVblPn58xOcBb//2Qy9BwOvfKfVqtVbSkO2ed3fz41iWpVTkXqhlQZ3j0JOBnX15bfuL769jtfX1peeG3xtcV7c7Ozc5Nzsy/NXL+91Fyc3HkcdpTAo7D7oj/sSAAAAAAAAAAAAIBBncR/Jxj2HAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDH2/xE6g9SZGry2mR7fWtzptleOvXdPetJakmKnybFh8mN7CwZ6xmuOOw47y/NvfrRJ1sf745V7+xfO6rfYDaqJeNJzuyU9z+v8W5W5ZGKo6ZQdGfYTtjVTuJg2P4bAAD//8o1Bh8=") openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) openat$sw_sync_info(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa8442, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1, 0xc, &(0x7f0000000100)=ANY=[@ANYBLOB="180800000000000000000000000000008500000023000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = dup(r0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mount$9p_fd(0x0, &(0x7f00000001c0)='.\x00', &(0x7f0000000180), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB='A']) 954.34422ms ago: executing program 3 (id=1935): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x111, 0x0, 0x0, 0x0, 0x20, 0x5543, 0x781, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x40, 0x9, [{{0x9, 0x4, 0x0, 0x4, 0x2, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x7, 0x84, 0x1, {0x22, 0x7}}, {{{0x9, 0x5, 0x81, 0x3, 0x200, 0x5, 0x51, 0x5}}}}}]}}]}}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r1}, 0x0, &(0x7f0000000040)}, 0x20) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r2}, &(0x7f0000000280), &(0x7f0000000080)}, 0x20) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10) syz_usb_control_io$hid(r0, &(0x7f00000000c0)={0x24, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x22, 0x7, {[@main=@item_012={0x0, 0x0, 0xa}, @local=@item_012={0x2, 0x2, 0x2, "d967"}, @global=@item_012={0x2, 0x1, 0x9, '\x00\x00'}]}}, 0x0}, 0x0) 884.028349ms ago: executing program 2 (id=1936): socket$inet6_sctp(0xa, 0x5, 0x84) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) r0 = syz_io_uring_setup(0x1458, &(0x7f00000004c0)={0x0, 0x4, 0x10180, 0x2000, 0x3ae}, &(0x7f0000000100)=0x0, &(0x7f00000000c0)=0x0) sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB='9'], 0x38}}, 0x4000) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r3, &(0x7f0000000180)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_SPLICE={0x1e, 0x60, 0x0, @fd_index=0x1, 0x80, {}, 0x4, 0x5}) io_uring_enter(r0, 0x2d3e, 0xfffffffd, 0x0, 0x0, 0x0) 768.954965ms ago: executing program 2 (id=1937): pipe2(&(0x7f0000000000)={0x0, 0x0}, 0x0) r2 = fanotify_init(0x0, 0x0) fanotify_mark(r2, 0x1, 0x4000102b, r0, 0x0) vmsplice(r1, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, 0x0) readv(0xffffffffffffffff, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) write(r5, &(0x7f0000000340), 0x11000) vmsplice(r4, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) 739.039219ms ago: executing program 7 (id=1938): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r0, 0x89a1, &(0x7f0000000900)={'bridge0\x00', @broadcast}) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCGSOFTCAR(r1, 0x5414, 0x0) open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0) stat(&(0x7f00000001c0)='./bus\x00', &(0x7f0000000880)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(r2, 0xee01, 0x0) setresuid(0x0, 0x0, 0x0) syz_usb_connect(0x5, 0x265, &(0x7f0000000240)=ANY=[@ANYBLOB="120100039ac1084099112700584f01020301090253020108ab400509048708077f3a8240052406000105240002000d240f010800000001000004fb06241aff7f030905020208000009037a0e16cae65ec607888daa6284191cb38a7cbf140e63700eb749b5e9185dc979aead2316a278d1307e124e670b2f9d6cc22da9824579a7f0592068a2c16b199224b4c0fc16d043d466d8e4e2901424c033f31e43e4a6d42c349071d62da90000000076258a8a10516c011158a28273062c6b28b87430c3e025d80725010100100009050d0c08000c0f07090501021000020104090507102000680a064505e2ce18697f903ebff1db5a99a8b4333545cc5c72df7547744f084e7d38170b608905599196354dd2d2dc51288432f80358bbc4c54cba28ab8f4521ffcf85b8d2f045979323bf870c6f9626bf95eb26b7cb8e5f5eae4fcf015198e19d490d975df698dd7b5f24fa518c9267aa77bb62e937196e60bbd50d37f69ec44afabc5f7f406b5d1bce8c432ba005d752d67ba9bf04456a986e8597cba67200b3aa3d712d4c84227124c598ea50e42e29d4ad1e276345bea1982f042f57ff2747f43d08ecd3a8fb825a6ae8d0d59543e9930f52421421be2c01710905070808000501e67710da7aede0ef55bdfb8534e47776a57e33b0d39c38e4fb9ac6d733f6385f6e10a489a68c125aaecf5506c5c16de5a3210c1b12f461e0364d60dfcee8e21bb6853d73fadd3e4d0817517ee1d420de20e304a6e4e82339ed23fc18a874115892d92810da78c8a52fa183b5a7e53428f5c20a408b7c3a7c072501032f020009050902"], &(0x7f0000000200)={0xa, &(0x7f0000000000)={0xa, 0x6, 0x300, 0x60, 0x0, 0x2, 0x40, 0xbc}, 0x0, 0x0}) 731.991277ms ago: executing program 8 (id=1939): r0 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000180)={0x42}, 0x10) r1 = socket$tipc(0x1e, 0x5, 0x0) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000000)={0x40000042}, 0x10) r2 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f00000001c0)={0x8000042}, 0x10) r3 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r3, &(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0xfffffffd}}, 0x10) r4 = socket$tipc(0x1e, 0x2, 0x0) sendmsg$tipc(r4, &(0x7f00000006c0)={&(0x7f0000000540)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x2, 0x10000000}}, 0x10, 0x0}, 0x0) 558.918094ms ago: executing program 5 (id=1940): socket$inet6_sctp(0xa, 0x1, 0x84) syz_init_net_socket$x25(0x9, 0x5, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffebe}, 0x90) r0 = syz_io_uring_setup(0x24fd, &(0x7f0000000b80)={0x0, 0xfffffffd, 0x10100, 0xfffffffc, 0x33a}, &(0x7f0000000100)=0x0, &(0x7f0000000040)=0x0) sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='8'], 0x38}}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r3, &(0x7f0000000180)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_SPLICE={0x1e, 0x21, 0x0, @fd=r3, 0xe5, {}, 0x1, 0x4, 0x1}) io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0) 499.575316ms ago: executing program 8 (id=1941): r0 = socket$inet(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000540)={0x2, 0x4e20, @broadcast}, 0x10) r1 = socket$inet(0x2, 0x1, 0x0) setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000356ffc)=0xffffffffffffff40, 0x4) bind$inet(r1, &(0x7f0000e15000)={0x2, 0x4e20, @multicast2}, 0x10) listen(r0, 0x0) r2 = socket$inet(0x2, 0x1, 0x0) setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000356ffc)=0xffffffffffffff40, 0x4) setsockopt$sock_int(r2, 0x1, 0x2, &(0x7f0000000040)=0x7f, 0x4) bind$inet(r2, &(0x7f0000e15000)={0x2, 0x4e20, @multicast2}, 0x10) 445.172823ms ago: executing program 2 (id=1942): r0 = socket$netlink(0x10, 0x3, 0x400000000000004) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f0000000040)={&(0x7f0000000000)=""/5, 0x1c000, 0x800}, 0x20) setsockopt$XDP_TX_RING(r2, 0x11b, 0x3, &(0x7f00000003c0)=0x800, 0x4) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'netdevsim0\x00', 0x0}) setsockopt$XDP_UMEM_FILL_RING(r2, 0x11b, 0x5, &(0x7f00000000c0)=0x40, 0x4) setsockopt$XDP_UMEM_COMPLETION_RING(r2, 0x11b, 0x6, &(0x7f0000000280)=0x20, 0x4) bind$xdp(r2, &(0x7f00000001c0)={0x2c, 0x0, r3}, 0x2a) writev(r0, &(0x7f0000019440)=[{&(0x7f0000000200)="480000001400190d7ebdeb75fd0d8c562c84d8c033ed7a80ffe0090f000060000000a2bc5603ca00000f7f89000000200000004a2471083ec6991778581acb6c0101ff0000000309", 0x48}], 0x1) 366.219236ms ago: executing program 5 (id=1943): syz_init_net_socket$llc(0x1a, 0x1, 0x0) socket$igmp(0x2, 0x3, 0x2) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000300)='attr/current\x00') r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000200)={0x0, 0x7}, 0x8) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000340)={0x0, 0xcc}, 0x8) r1 = socket$inet6(0xa, 0x802, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000280)=[@in6={0xa, 0x4e23, 0x0, @loopback, 0x7}], 0x1c) sendmmsg$inet6(r0, &(0x7f0000000640)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x2, @loopback, 0x3}, 0x1c, &(0x7f0000000440)=[{&(0x7f0000000300)="06", 0x1}], 0x1}}], 0x1, 0x3404c8d4) setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000040)=ANY=[@ANYRES32, @ANYRES16=r0, @ANYRES16=r1], 0x1000f) 304.520192ms ago: executing program 2 (id=1944): mount(0x0, 0x0, &(0x7f0000000080)='devpts\x00', 0x0, 0x0) mount$binder(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0xe2ca6, &(0x7f00000000c0)={[{@max={'max', 0x3d, 0x1000000}}]}) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000700000045000000a000020095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', r2}, 0x18) unshare(0x22020600) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000003c0)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000880)=@newqdisc={0x6c, 0x24, 0x4ee4e6a52ff56541, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0x0, 0x5}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x3c, 0x2, {{}, [@TCA_NETEM_RATE64={0xc, 0x8, 0xb5e711c8a8eb3847}, @TCA_NETEM_RATE={0x14, 0x6, {0x6, 0x0, 0x0, 0x6}}]}}}]}, 0x6c}}, 0x0) 304.147733ms ago: executing program 8 (id=1945): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000180)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeea, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x6, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000017000000bca30000000000002403000040feffff6b0af0ff0000000071a4f0ff000000001f030000000000002e0a0200000000002604fdffffff000061140800000000001d430000000000007a0a00fe0000001f6114100000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4fffe2158dfb8ef1e50becb19bc461e91a7168e5181554a090f30002af51efd601b6bf01c8e8b1fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb3fa3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5973acc706db6b861b8c10a7cbd0b723906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff6194732827a58f0177184b6a89adaf17b0a6041bdef728f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5901a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f1000000006eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab51380d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb1188883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcc536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d648532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2654026c6ea08b83b123145ab5703dad844ceb201efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0900000000000000ff0f4000000000f00700003c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fcdb4c1011e32f808890205f3a6da2819d2f9e77c7c64affa555ec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963442aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2869291b7d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e637d4219ef7ec61261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ecab5d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addbc4b3093c91b8068c5adfcb0d7fd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f37382000000000000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23577949a50f2d0455cf799b3746979f99f6a1527f004f37e84fb478199dc1020f4beb98b8074bf7df8b5e783637daf121f175a81cffff4ac55a4385e9a617aa6c8e10d4202c5afeb06e2f9115553f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5f07918e6fddcd821da67a0785585a4443440dc65600e64a6a274000000000000000000000000000000000000000000000009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4120260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa61071799e1acb3928143be1c1023a375e528285544d0064b91f00f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d3b332240d450fdb0a9a69f432e277f3a0386eb2bd1305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07e18b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e8c0a0d213c3ffad44d2a376def42e41e9fc3167a257e040fa7cf32c221aaac6cfdeb33c27500001a0000000000000000000017350000c11ae694b0f7a4f9c2f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d10522a7a945b93fb705b95b6aa3f999ce700ffe794e27a8fab1e6984c8bdc12360627137ab6737b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481ffe46a4ce86be0b1f8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0b74903580ac987fd637c80d6c7d0de4614195e40d797c0348dd70f36a220e8b3710fb5358c27e90793bcb9ee6319342c4b239ca8cbc6fc83d32e6eb62ad92e43991f2447be9c2a1ae1119eafb901a43d57e885116d19aa152bfb89f8d0b2516f80120a1cddff771657f3d0288ec3899f1e3ba0151c4037148fb479de703fd52b6573349c28d1b107d859b4961324c17756dde99de1924a1d2b7095d34a55060f47f4407d89acf9f285b20c2e6b3d0491d0d3591b0d94713332b6b79c8297117b0d14eff64e0aca8a4b4aa773d8fba1217e9519952419bb9dd998d0ec870ff00b6d556018602738fbc6cec89d6dd13cf55b96f6fe9a137d2d6a56ad78e52c23ed080000000000002bc261a781fd14126c146a0aac4221839a4b9bbf61e4bba695a41e2109eba8e40c370267cc51ffadbd15cafc97a4d3edfdcb9b5729307c6bdaf7b69325fb05fa8a9869de0600ee477d71bf3e36d1d9019edfa27aae24b632f251df210c86a18fae731ecb8b0d48357378caf2b6789509b1bacfd4fa812fc341875cfa5e798bbf59770000000000000000c8a594ea3c3347962d9113b1fecdfad5a8da641053f02e49456f5d21674521e67a5b18ea451eccf69dd6af928d2d68da9304a2271d96c22fdcea26498d26229110b1aade386b113045033a6188d56e675564d8cb8d5b40114b0f5bf15dd64c9ece60b8588ee8777d0ea8f4713b258427c7d90f9e93348e17723ba9ab8ae790f74cc41ae5795d35f3cec40dff485d2802c08611454d9ea784a205bcc07ec26f906f3cf45bb37014ab6f22af6213618e242b283ea9d3f0677ee598072ec06f7170009d92bb7eddd12c378dfd3e74ec056ee83eef666423d934fc5908c9ff98715218a5964f1e00000000426ac9588e27aefe307f49662990ee823568bbc2f89596ced7c6c52d76b8096f1848410843b93fd404f535be474f456778b5ef85abb8fc2336abd5ea64a6efea8a5aca0015499b0200780a7bae4df603bd3c72808cf300440b1b638a6640f7de8d0d82f359ca2f779cd48cd8d3603f4f69e47f386988c9b7b5d6dd3d48a1fdca78fa04d7c87bea42161a4c0d7cf0125b43dc9d8845f3c05a08acda647e7143d0e0aee2949a45e2848890522c2288072467d2afe269f589fb7e034b92d3ca245b16b71998711bfe206c9690b6d0eebb06a29349229eb45ff15c63aa2c82c56d7420738cd1b04eb16e87cb524315d7361ea3635d3799bb7fcc56aa5e1dbe031a7a12554dee6754b72f43a6fddf427f32ec3df274a88097725679769beebf1aa6eb09d5154e4900000000000d0f7160a05911d969879953d3d4702b78825d5ed789711b77d40dc31e0b8fc651b45559da463f00000000000000005bae7859839f856e7a397913eec7977f6231c5f11849b3deabc60c5ccf240d16924eb760a969813be02a229c674045b88915518a17b683268f10358e1c0b20cfc2bd105e5e1db7fed951b8faf126267bb38b8d356f63d3433d3dee643503a8ba4968adf6673f720c474ecf324d989235f1b52aacfe52e4519af87b7e1594728d6d6fff1248e72d5b1b1b692b2b732f0f2ac0714079fd7bf97bf2b5687d1db91daa5210d09ebe66d00ff4f35143be01585e629d408f2d00a0a290db76adc5f57e160b2c188bb1ecc4e7d2948788e4f9c1bcaf91dac53a2f525f7385d5d82728b5217908748f4c22b6d79700"/4153], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff97, 0x5, &(0x7f00000000c0), 0xffffffffffffffc2}, 0x48) 199.711426ms ago: executing program 5 (id=1946): syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000080)={0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="010000000000000025000000000000004831ff53"], 0x3d}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x0, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0xfffffffffffffffe]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x400000000000002, 0x5, 0xfffffffffffffffe, 0x4, 0x2, 0x0, 0xefffffffffffffff, 0x0, 0x0, 0x2000000, 0x4000, 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x80000000], 0x0, 0x41901}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 77.283856ms ago: executing program 2 (id=1947): getpid() r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r1 = socket$pptp(0x18, 0x1, 0x2) bind$pptp(r1, &(0x7f0000000000)={0x18, 0x2, {0x0, @local}}, 0x1e) connect$pptp(r1, &(0x7f0000000080)={0x18, 0x2, {0x0, @rand_addr=0x64010102}}, 0x1e) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000015c0), 0x2300, 0x0) ioctl$PPPIOCATTCHAN(r2, 0x40047438, &(0x7f0000000040)=0x1) readv(r2, &(0x7f00000002c0)=[{&(0x7f00000000c0)=""/75, 0x4b}], 0x1) close_range(r0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008031, 0xffffffffffffffff, 0x0) 0s ago: executing program 7 (id=1948): syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="6e6f646973636172642c6261636b67726f756e645f67633d73796e632c6261636b67726f756e645f67633d6f6e2c6e6f757365725f78617474722c6e6f71756f74612c64697361626c655f726f6c6c5f666f72776172642c67635f6d657267652c6e6f757365725f78617474722c636865636b706f696e743d64697361626c652c757365725f78617474722c6673796e635f6d6f64653d7374726963742c646973636172645f756e69743d73656374696f6e2c636865636b706f696e743d64697361626c652c6e6f696e6c696e655f64656e7472792c00ec6da92d1c80a6c720380e3c2c55bf27596d2776ce408c4bb19b149757508e1c7e919c6c2047023baa412d14fa75c8cac6e5f103e13ea52708af0a7c5da8af4ecb6612"], 0x2, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.current\x00', 0x275a, 0x0) lseek(r0, 0x7fffffffffffffff, 0x0) sendfile(r0, r0, &(0x7f0000000080)=0x9, 0x6) pwritev2(0xffffffffffffffff, 0x0, 0x0, 0x5405, 0x0, 0x0) openat$uhid(0xffffffffffffff9c, 0x0, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) ioctl$F2FS_IOC_SET_PIN_FILE(0xffffffffffffffff, 0x4004f50d, 0x0) lsetxattr$security_capability(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x0, 0x0, 0x3) kernel console output (not intermixed with test programs): ease wait. [ 253.011226][ T9238] XFS (loop3): Quotacheck: Done. [ 253.187052][ T8366] XFS (loop3): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3 [ 253.227363][ T5904] usb 5-1-port1: cannot disable (err = -71) [ 253.230225][ T5864] usb 5-1: USB disconnect, device number 5 [ 253.413000][ T5857] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 253.421789][ T5857] Bluetooth: hci2: Injecting HCI hardware error event [ 253.431828][ T5857] Bluetooth: hci2: hardware error 0x00 [ 254.357701][ T9276] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 254.365013][ T9276] IPv6: NLM_F_CREATE should be set when creating new route [ 254.404542][ T9276] lo: entered allmulticast mode [ 254.420750][ T9276] tunl0: entered allmulticast mode [ 254.433440][ T9276] gre0: entered allmulticast mode [ 254.458996][ T9276] gretap0: entered allmulticast mode [ 254.534212][ T9276] erspan0: entered allmulticast mode [ 254.561358][ T9276] ip_vti0: entered allmulticast mode [ 254.589230][ T9276] ip6_vti0: entered allmulticast mode [ 254.621291][ T9276] sit0: entered allmulticast mode [ 254.664196][ T9276] ip6tnl0: entered allmulticast mode [ 254.711377][ T9276] ip6gre0: entered allmulticast mode [ 254.740144][ T9276] syz_tun: entered allmulticast mode [ 254.761856][ T9276] ip6gretap0: entered allmulticast mode [ 254.792877][ T43] usb 5-1: new full-speed USB device number 6 using dummy_hcd [ 254.804719][ T9276] bridge0: port 2(bridge_slave_1) entered disabled state [ 254.813909][ T9276] bridge0: port 1(bridge_slave_0) entered disabled state [ 254.851902][ T9276] bridge0: entered allmulticast mode [ 254.905247][ T9276] vcan0: entered allmulticast mode [ 254.917935][ T9276] bond0: entered allmulticast mode [ 254.924310][ T9276] bond_slave_0: entered allmulticast mode [ 254.947239][ T43] usb 5-1: New USB device found, idVendor=0c45, idProduct=613a, bcdDevice=c4.6d [ 254.956656][ T9276] bond_slave_1: entered allmulticast mode [ 254.962416][ T43] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 254.988186][ T43] usb 5-1: Product: syz [ 255.012824][ T43] usb 5-1: Manufacturer: syz [ 255.037290][ T9276] team0: entered allmulticast mode [ 255.048518][ T43] usb 5-1: SerialNumber: syz [ 255.057480][ T9276] team_slave_0: entered allmulticast mode [ 255.075997][ T9276] team_slave_1: entered allmulticast mode [ 255.084209][ T43] usb 5-1: config 0 descriptor?? [ 255.091317][ T9276] dummy0: entered allmulticast mode [ 255.109986][ T9276] nlmon0: entered allmulticast mode [ 255.117927][ T43] gspca_main: sonixj-2.14.0 probing 0c45:613a [ 255.129416][ T9276] caif0: entered allmulticast mode [ 255.145259][ T9276] batadv0: entered allmulticast mode [ 255.168425][ T9276] vxcan0: entered allmulticast mode [ 255.190274][ T9276] vxcan1: entered allmulticast mode [ 255.206631][ T9276] veth0: entered allmulticast mode [ 255.236566][ T9276] veth1: entered allmulticast mode [ 255.326005][ T9276] wg0: entered allmulticast mode [ 255.342769][ T9288] loop6: detected capacity change from 0 to 1024 [ 255.352381][ T9276] wg1: entered allmulticast mode [ 255.360859][ T9276] wg2: entered allmulticast mode [ 255.371677][ T9276] veth0_to_bridge: entered allmulticast mode [ 255.394080][ T9288] EXT4-fs: Ignoring removed oldalloc option [ 255.400061][ T9288] EXT4-fs: Ignoring removed bh option [ 255.419286][ T9276] veth1_to_bridge: entered allmulticast mode [ 255.440385][ T9276] veth0_to_bond: entered allmulticast mode [ 255.449512][ T9288] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 255.478265][ T9276] veth1_to_bond: entered allmulticast mode [ 255.498651][ T9276] veth0_to_team: entered allmulticast mode [ 255.505140][ T30] audit: type=1804 audit(1751636522.968:44): pid=9288 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.6.956" name="/newroot/93/file1/bus" dev="loop6" ino=18 res=1 errno=0 [ 255.511048][ T9276] veth1_to_team: entered allmulticast mode [ 255.553229][ T5857] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 255.554146][ T9276] veth0_to_batadv: entered allmulticast mode [ 255.646793][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.657888][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.664784][ T9276] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 255.674424][ T9276] batadv_slave_0: entered allmulticast mode [ 255.709501][ T9276] veth1_to_batadv: entered allmulticast mode [ 255.729708][ T9276] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 255.752156][ T9276] batadv_slave_1: entered allmulticast mode [ 255.841563][ T9276] xfrm0: entered allmulticast mode [ 255.856331][ T9276] veth0_to_hsr: entered allmulticast mode [ 255.874458][ T9276] hsr_slave_0: entered allmulticast mode [ 255.888691][ T9276] veth1_to_hsr: entered allmulticast mode [ 255.905333][ T9276] hsr_slave_1: entered allmulticast mode [ 255.919703][ T9276] hsr0: entered allmulticast mode [ 255.932145][ T9276] veth1_virt_wifi: entered allmulticast mode [ 255.978049][ T9276] veth0_virt_wifi: entered allmulticast mode [ 256.022490][ T9276] net veth1_virt_wifi virt_wifi0: entered allmulticast mode [ 256.048012][ T9276] veth1_vlan: entered allmulticast mode [ 256.129671][ T9276] veth0_vlan: entered allmulticast mode [ 256.261206][ T9276] vlan0: entered allmulticast mode [ 256.289492][ T9276] vlan1: entered allmulticast mode [ 256.313235][ T9276] macvlan0: entered allmulticast mode [ 256.337736][ T9276] macvlan1: entered allmulticast mode [ 256.364090][ T9276] ipvlan0: entered allmulticast mode [ 256.379949][ T9276] ipvlan1: entered allmulticast mode [ 256.410479][ T9276] geneve0: entered allmulticast mode [ 256.453736][ T7589] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 256.483312][ T9276] geneve1: entered allmulticast mode [ 256.514502][ T9276] netdevsim netdevsim8 netdevsim0: entered allmulticast mode [ 256.576542][ T9276] netdevsim netdevsim8 netdevsim1: entered allmulticast mode [ 256.616348][ T9276] netdevsim netdevsim8 netdevsim2: entered allmulticast mode [ 256.635919][ T9276] netdevsim netdevsim8 netdevsim3: entered allmulticast mode [ 256.871585][ T9297] loop6: detected capacity change from 0 to 40427 [ 256.891399][ T9297] F2FS-fs (loop6): build fault injection rate: 690 [ 256.898055][ T9297] F2FS-fs (loop6): Image doesn't support compression [ 256.905245][ T9297] F2FS-fs (loop6): Image doesn't support compression [ 256.923110][ T9297] F2FS-fs (loop6): invalid crc value [ 256.934746][ T43] gspca_sonixj: reg_r err -71 [ 256.972882][ T43] sonixj 5-1:0.0: probe with driver sonixj failed with error -71 [ 256.998751][ T9297] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5 [ 257.002291][ T9276] mac80211_hwsim hwsim43 wlan0: entered allmulticast mode [ 257.023222][ T43] usb 5-1: USB disconnect, device number 6 [ 257.094512][ T7589] syz-executor: attempt to access beyond end of device [ 257.094512][ T7589] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 257.109701][ T7589] CPU: 0 UID: 0 PID: 7589 Comm: syz-executor Not tainted 6.16.0-rc4-next-20250704-syzkaller #0 PREEMPT(full) [ 257.109730][ T7589] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 257.109742][ T7589] Call Trace: [ 257.109751][ T7589] [ 257.109760][ T7589] dump_stack_lvl+0x189/0x250 [ 257.109797][ T7589] ? __pfx_dump_stack_lvl+0x10/0x10 [ 257.109818][ T7589] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 257.109844][ T7589] ? __pfx_queue_work_on+0x10/0x10 [ 257.109869][ T7589] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 257.109894][ T7589] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 257.109920][ T7589] ? f2fs_hw_is_readonly+0x39b/0x470 [ 257.109958][ T7589] f2fs_handle_critical_error+0x37c/0x540 [ 257.109998][ T7589] f2fs_write_end_io+0x495/0x810 [ 257.110020][ T7589] ? blkg_put+0x22/0x240 [ 257.110058][ T7589] __submit_merged_bio+0x27a/0x6a0 [ 257.110097][ T7589] __submit_merged_write_cond+0x255/0x530 [ 257.110138][ T7589] f2fs_write_data_pages+0x261d/0x3000 [ 257.110205][ T7589] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 257.110243][ T7589] ? arch_stack_walk+0xfc/0x150 [ 257.110310][ T7589] ? __mod_zone_page_state+0xd7/0x140 [ 257.110348][ T7589] ? folios_put_refs+0x560/0x640 [ 257.110380][ T7589] ? __pfx_folios_put_refs+0x10/0x10 [ 257.110398][ T7589] ? rcu_is_watching+0x15/0xb0 [ 257.110431][ T7589] ? __lock_acquire+0xab9/0xd20 [ 257.110483][ T7589] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 257.110507][ T7589] do_writepages+0x32e/0x550 [ 257.110546][ T7589] ? do_raw_spin_unlock+0x122/0x240 [ 257.110578][ T7589] filemap_fdatawrite+0x199/0x240 [ 257.110603][ T7589] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 257.110690][ T7589] ? do_raw_spin_unlock+0x122/0x240 [ 257.110721][ T7589] f2fs_sync_dirty_inodes+0x31f/0x830 [ 257.110765][ T7589] f2fs_write_checkpoint+0x95a/0x1df0 [ 257.110820][ T7589] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 257.110894][ T7589] ? try_to_wake_up+0x7e5/0x1290 [ 257.110929][ T7589] ? kill_f2fs_super+0x298/0x6c0 [ 257.110959][ T7589] kill_f2fs_super+0x2c3/0x6c0 [ 257.110992][ T7589] ? __pfx_kill_f2fs_super+0x10/0x10 [ 257.111013][ T7589] ? radix_tree_delete_item+0x2b6/0x400 [ 257.111048][ T7589] ? shrinker_free+0x2ce/0x3e0 [ 257.111083][ T7589] deactivate_locked_super+0xb9/0x130 [ 257.111107][ T7589] cleanup_mnt+0x425/0x4c0 [ 257.111138][ T7589] ? lockdep_hardirqs_on+0x9c/0x150 [ 257.111169][ T7589] task_work_run+0x1d1/0x260 [ 257.111200][ T7589] ? __pfx_task_work_run+0x10/0x10 [ 257.111225][ T7589] ? __x64_sys_umount+0x122/0x160 [ 257.111256][ T7589] ? exit_to_user_mode_loop+0x40/0x110 [ 257.111297][ T7589] exit_to_user_mode_loop+0xec/0x110 [ 257.111327][ T7589] do_syscall_64+0x2bd/0x3b0 [ 257.111353][ T7589] ? lockdep_hardirqs_on+0x9c/0x150 [ 257.111378][ T7589] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 257.111397][ T7589] ? clear_bhb_loop+0x60/0xb0 [ 257.111423][ T7589] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 257.111443][ T7589] RIP: 0033:0x7f67dad8fc57 [ 257.111461][ T7589] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 257.111479][ T7589] RSP: 002b:00007ffdc2104d48 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 257.111500][ T7589] RAX: 0000000000000000 RBX: 00007f67dae10925 RCX: 00007f67dad8fc57 [ 257.111514][ T7589] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdc2104e00 [ 257.111527][ T7589] RBP: 00007ffdc2104e00 R08: 0000000000000000 R09: 0000000000000000 [ 257.111540][ T7589] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffdc2105e90 [ 257.111554][ T7589] R13: 00007f67dae10925 R14: 000000000003ebe4 R15: 00007ffdc2105ed0 [ 257.111592][ T7589] [ 257.111600][ T7589] F2FS-fs (loop6): Stopped filesystem due to reason: 3 [ 257.258944][ T30] audit: type=1326 audit(1751636524.728:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9301 comm="syz.7.960" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6f7ef8e929 code=0x0 [ 257.554980][ T9276] mac80211_hwsim hwsim44 wlan1: entered allmulticast mode [ 257.581475][ T9276] team1: entered allmulticast mode [ 257.644955][ T65] netdevsim netdevsim8 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 257.695110][ T65] netdevsim netdevsim8 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 257.833984][ T65] netdevsim netdevsim8 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 257.876105][ T65] netdevsim netdevsim8 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 259.852779][ T847] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 259.883821][ T9348] overlayfs: lowerdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection. [ 259.982591][ T9353] loop6: detected capacity change from 0 to 2048 [ 259.997219][ T9353] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 260.015176][ T847] usb 4-1: Using ep0 maxpacket: 32 [ 260.031449][ T847] usb 4-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be [ 260.053611][ T847] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 260.067424][ T847] usb 4-1: config 0 descriptor?? [ 260.077100][ T847] gspca_main: vc032x-2.14.0 probing 0ac8:0321 [ 260.096799][ T9353] loop6: detected capacity change from 2048 to 0 [ 260.109082][ T9353] syz.6.981: attempt to access beyond end of device [ 260.109082][ T9353] loop6: rw=0, sector=1437, nr_sectors = 1 limit=0 [ 260.174581][ T7589] syz-executor: attempt to access beyond end of device [ 260.174581][ T7589] loop6: rw=0, sector=1437, nr_sectors = 1 limit=0 [ 260.204171][ T7589] syz-executor: attempt to access beyond end of device [ 260.204171][ T7589] loop6: rw=0, sector=1437, nr_sectors = 1 limit=0 [ 260.248560][ T7589] syz-executor: attempt to access beyond end of device [ 260.248560][ T7589] loop6: rw=2049, sector=128, nr_sectors = 1 limit=0 [ 260.262454][ T7589] Buffer I/O error on dev loop6, logical block 128, lost sync page write [ 260.322255][ T7589] bridge0: port 3(syz_tun) entered disabled state [ 260.354653][ T7589] syz_tun (unregistering): left allmulticast mode [ 260.361132][ T7589] syz_tun (unregistering): left promiscuous mode [ 260.367832][ T7589] bridge0: port 3(syz_tun) entered disabled state [ 261.007048][ T5861] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 261.019314][ T5861] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 261.030205][ T5861] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 261.040262][ T5861] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 261.048281][ T5861] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 261.299575][ T9371] chnl_net:caif_netlink_parms(): no params data found [ 261.447572][ T9384] netlink: 'syz.8.992': attribute type 6 has an invalid length. [ 261.455488][ T9384] netlink: 'syz.8.992': attribute type 7 has an invalid length. [ 261.463668][ T9384] netlink: 'syz.8.992': attribute type 7 has an invalid length. [ 261.482601][ T9384] netlink: 12902 bytes leftover after parsing attributes in process `syz.8.992'. [ 261.500218][ T9371] bridge0: port 1(bridge_slave_0) entered blocking state [ 261.510306][ T9371] bridge0: port 1(bridge_slave_0) entered disabled state [ 261.523171][ T9371] bridge_slave_0: entered allmulticast mode [ 261.532035][ T9371] bridge_slave_0: entered promiscuous mode [ 261.685211][ T9371] bridge0: port 2(bridge_slave_1) entered blocking state [ 261.692412][ T9371] bridge0: port 2(bridge_slave_1) entered disabled state [ 261.718070][ T9371] bridge_slave_1: entered allmulticast mode [ 261.733503][ T9371] bridge_slave_1: entered promiscuous mode [ 261.877216][ T9371] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 261.917302][ T847] gspca_vc032x: reg_r err -71 [ 261.922062][ T847] gspca_vc032x: I2c Bus Busy Wait 00 [ 261.926311][ T9388] geneve2: entered promiscuous mode [ 261.945874][ T847] gspca_vc032x: I2c Bus Busy Wait 00 [ 261.958695][ T1324] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 261.971136][ T847] gspca_vc032x: I2c Bus Busy Wait 00 [ 261.982220][ T847] gspca_vc032x: I2c Bus Busy Wait 00 [ 261.992495][ T847] gspca_vc032x: I2c Bus Busy Wait 00 [ 261.998749][ T1324] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 262.007949][ T847] gspca_vc032x: I2c Bus Busy Wait 00 [ 262.020337][ T847] gspca_vc032x: I2c Bus Busy Wait 00 [ 262.041438][ T9371] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 262.082826][ T847] gspca_vc032x: I2c Bus Busy Wait 00 [ 262.098792][ T847] gspca_vc032x: I2c Bus Busy Wait 00 [ 262.121069][ T847] gspca_vc032x: I2c Bus Busy Wait 00 [ 262.142767][ T847] gspca_vc032x: I2c Bus Busy Wait 00 [ 262.237715][ T1324] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 262.242721][ T847] gspca_vc032x: I2c Bus Busy Wait 00 [ 262.290896][ T847] gspca_vc032x: I2c Bus Busy Wait 00 [ 262.300918][ T847] gspca_vc032x: I2c Bus Busy Wait 00 [ 262.313436][ T1324] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 262.342474][ T847] gspca_vc032x: I2c Bus Busy Wait 00 [ 262.372844][ T847] gspca_vc032x: I2c Bus Busy Wait 00 [ 262.378184][ T847] gspca_vc032x: I2c Bus Busy Wait 00 [ 262.396637][ T847] gspca_vc032x: I2c Bus Busy Wait 00 [ 262.416906][ T9371] team0: Port device team_slave_0 added [ 262.422504][ T847] gspca_vc032x: Unknown sensor... [ 262.427664][ T847] vc032x 4-1:0.0: probe with driver vc032x failed with error -22 [ 262.460647][ T847] usb 4-1: USB disconnect, device number 2 [ 262.479498][ T9371] team0: Port device team_slave_1 added [ 262.580368][ T9371] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 262.605976][ T9371] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 262.679193][ T9371] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 262.717523][ T9371] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 262.740984][ T9371] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 262.768644][ T9371] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 262.924785][ T9371] hsr_slave_0: entered promiscuous mode [ 262.931773][ T9371] hsr_slave_1: entered promiscuous mode [ 262.938632][ T9371] debugfs: 'hsr0' already exists in 'hsr' [ 262.944657][ T9371] Cannot create hsr debugfs directory [ 263.077114][ T5861] Bluetooth: hci1: command tx timeout [ 263.413627][ T9421] bpq0: entered promiscuous mode [ 263.419087][ T9421] bpq0: entered allmulticast mode [ 263.750486][ T9371] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 263.786540][ T9371] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 263.809478][ T9371] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 264.588552][ T9371] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 265.010548][ T9450] loop3: detected capacity change from 0 to 4096 [ 265.034032][ T9450] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 265.082059][ T9450] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 4096) [ 265.096250][ T9371] 8021q: adding VLAN 0 to HW filter on device bond0 [ 265.148417][ T9371] 8021q: adding VLAN 0 to HW filter on device team0 [ 265.153454][ T5861] Bluetooth: hci1: command tx timeout [ 265.214552][ T1324] bridge0: port 1(bridge_slave_0) entered blocking state [ 265.221791][ T1324] bridge0: port 1(bridge_slave_0) entered forwarding state [ 265.240193][ T9455] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 265.290355][ T1324] bridge0: port 2(bridge_slave_1) entered blocking state [ 265.297494][ T1324] bridge0: port 2(bridge_slave_1) entered forwarding state [ 265.685263][ T9468] tls_set_device_offload_rx: netdev not found [ 265.704516][ T9464] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 265.855526][ T9371] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 266.987558][ T9371] veth0_vlan: entered promiscuous mode [ 267.054406][ T9371] veth1_vlan: entered promiscuous mode [ 267.233248][ T5861] Bluetooth: hci1: command tx timeout [ 267.251362][ T9371] veth0_macvtap: entered promiscuous mode [ 267.262018][ T9371] veth1_macvtap: entered promiscuous mode [ 267.298536][ T9371] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 267.312441][ T9371] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 267.348432][ T1333] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 267.387043][ T1333] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 267.409886][ T1333] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 267.454830][ T1333] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 267.702070][ T6510] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 267.722057][ T9509] loop3: detected capacity change from 0 to 32768 [ 267.733113][ T6510] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 267.761039][ T9509] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1030 (9509) [ 267.777080][ T65] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 267.791533][ T65] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 267.811815][ T9509] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 267.842821][ T9509] BTRFS info (device loop3): using sha256 (sha256-lib) checksum algorithm [ 267.873210][ T9509] BTRFS info (device loop3): disk space caching is enabled [ 267.880460][ T9509] BTRFS warning (device loop3): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 267.978377][ T9509] BTRFS info (device loop3): rebuilding free space tree [ 268.055900][ T9509] BTRFS info (device loop3): disabling free space tree [ 268.079872][ T9509] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 268.108822][ T9509] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 268.298568][ T9551] gtp0: entered promiscuous mode [ 268.450957][ T8366] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 269.220563][ T9583] syz_tun: entered allmulticast mode [ 269.314637][ T5861] Bluetooth: hci1: command tx timeout [ 269.364573][ T9583] dvmrp8: entered allmulticast mode [ 269.419673][ T9578] syz_tun: left allmulticast mode [ 270.092849][ T5931] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 270.264781][ T5931] usb 5-1: Using ep0 maxpacket: 8 [ 270.351577][ T5931] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 270.363755][ T5931] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 270.372213][ T5931] usb 5-1: Product: syz [ 270.380233][ T5931] usb 5-1: Manufacturer: syz [ 270.422759][ T5931] usb 5-1: SerialNumber: syz [ 270.495855][ T5931] usb 5-1: config 0 descriptor?? [ 270.772912][ T5931] usb 5-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 270.781901][ T9611] loop3: detected capacity change from 0 to 1024 [ 270.801991][ T9611] EXT4-fs: Invalid want_extra_isize 3 [ 271.465682][ T9621] loop3: detected capacity change from 0 to 32768 [ 271.629289][ T9621] bcachefs (loop3): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nocow [ 271.629316][ T9621] allowing incompatible features above 0.0: (unknown version) [ 271.629329][ T9621] features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes [ 271.648811][ T9624] loop9: detected capacity change from 0 to 32768 [ 271.687080][ T9621] bcachefs (loop3): Using encoding defined by superblock: utf8-12.1.0 [ 271.702298][ T9621] bcachefs (loop3): initializing new filesystem [ 271.722530][ T9621] bcachefs (loop3): going read-write [ 271.747659][ T9621] bcachefs (loop3): marking superblocks [ 271.787092][ T9621] bcachefs (loop3): initializing freespace [ 271.801207][ T9624] bcachefs (loop9): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names [ 271.801236][ T9624] allowing incompatible features above 0.0: (unknown version) [ 271.801248][ T9624] features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes [ 271.839135][ T9621] bcachefs (loop3): done initializing freespace [ 271.843900][ T9621] bcachefs (loop3): reading snapshots table [ 271.843989][ T9621] bcachefs (loop3): reading snapshots done [ 271.916415][ T9621] bcachefs (loop3): loop3: Superblock write was silently dropped! (seq 0 expected 42) [ 271.923489][ T9624] bcachefs (loop9): Using encoding defined by superblock: utf8-12.1.0 [ 271.966962][ T5931] dvb_usb_rtl28xxu 5-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32 [ 271.983392][ T9621] bcachefs (loop3): done starting filesystem [ 272.003229][ T9624] bcachefs (loop9): initializing new filesystem [ 272.022387][ T9624] bcachefs (loop9): going read-write [ 272.038318][ T9624] bcachefs (loop9): marking superblocks [ 272.090030][ T9624] bcachefs (loop9): initializing freespace [ 272.116673][ T9624] bcachefs (loop9): done initializing freespace [ 272.179417][ T5931] usb 5-1: USB disconnect, device number 7 [ 272.189481][ T9624] bcachefs (loop9): reading snapshots table [ 272.198046][ T30] audit: type=1800 audit(1751636539.668:46): pid=9651 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1068" name="file1" dev="loop3" ino=4099 res=0 errno=0 [ 272.210435][ T9624] bcachefs (loop9): reading snapshots done [ 272.231566][ T9621] syz.3.1068 (9621) used greatest stack depth: 16616 bytes left [ 272.330140][ T9624] bcachefs (loop9): done starting filesystem [ 272.344029][ T8366] bcachefs (loop3): shutting down [ 272.367860][ T30] audit: type=1800 audit(1751636539.838:47): pid=9619 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.1067" name="file0" dev="loop9" ino=4098 res=0 errno=0 [ 272.377772][ T8366] bcachefs (loop3): going read-only [ 272.423403][ T8366] bcachefs (loop3): finished waiting for writes to stop [ 272.493328][ T8366] bcachefs (loop3): flushing journal and stopping allocators, journal seq 5 [ 272.579831][ T9371] bcachefs (loop9): shutting down [ 272.588265][ T9371] bcachefs (loop9): going read-only [ 272.589065][ T8366] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 5 [ 272.594240][ T9371] bcachefs (loop9): finished waiting for writes to stop [ 272.619045][ T9371] bcachefs (loop9): flushing journal and stopping allocators, journal seq 4 [ 272.656813][ T8366] bcachefs (loop3): clean shutdown complete, journal seq 6 [ 272.674509][ T8366] bcachefs (loop3): marking filesystem clean [ 272.696460][ T9371] bcachefs (loop9): flushing journal and stopping allocators complete, journal seq 4 [ 272.708554][ T9371] bcachefs (loop9): clean shutdown complete, journal seq 5 [ 272.716965][ T9371] bcachefs (loop9): marking filesystem clean [ 272.762380][ T9371] bcachefs (loop9): shutdown complete [ 272.859150][ T8366] bcachefs (loop3): shutdown complete [ 273.929897][ T5852] libceph: connect (1)[c::]:6789 error -101 [ 273.949405][ T5852] libceph: mon0 (1)[c::]:6789 connect error [ 274.031455][ T9688] netlink: 48 bytes leftover after parsing attributes in process `syz.8.1088'. [ 274.068167][ T9688] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 274.075463][ T9688] IPv6: NLM_F_CREATE should be set when creating new route [ 274.265780][ T5852] libceph: connect (1)[c::]:6789 error -101 [ 274.279736][ T5852] libceph: mon0 (1)[c::]:6789 connect error [ 274.722007][ T9679] ceph: No mds server is up or the cluster is laggy [ 274.988024][ T30] audit: type=1326 audit(1751636542.458:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9704 comm="syz.3.1073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8de398e929 code=0x7ffc0000 [ 275.042814][ T30] audit: type=1326 audit(1751636542.458:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9704 comm="syz.3.1073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8de398e929 code=0x7ffc0000 [ 275.089491][ T30] audit: type=1326 audit(1751636542.458:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9704 comm="syz.3.1073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=161 compat=0 ip=0x7f8de398e929 code=0x7ffc0000 [ 275.159556][ T30] audit: type=1326 audit(1751636542.458:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9704 comm="syz.3.1073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8de398e929 code=0x7ffc0000 [ 275.394324][ T10] usb 10-1: new high-speed USB device number 3 using dummy_hcd [ 275.508230][ T9720] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1099'. [ 275.592446][ T10] usb 10-1: New USB device found, idVendor=0bfd, idProduct=010c, bcdDevice=2d.16 [ 275.603587][ T10] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 275.613428][ T10] usb 10-1: Product: syz [ 275.617858][ T10] usb 10-1: Manufacturer: syz [ 275.622647][ T10] usb 10-1: SerialNumber: syz [ 275.631566][ T10] usb 10-1: config 0 descriptor?? [ 275.679939][ T10] kvaser_usb 10-1:0.0: error -ENODEV: Cannot get usb endpoint(s) [ 275.918622][ T847] usb 10-1: USB disconnect, device number 3 [ 276.230639][ T9744] binder: 9743:9744 unknown command 0 [ 276.251961][ T9744] binder: 9743:9744 ioctl c0306201 200000001040 returned -22 [ 277.604499][ T30] audit: type=1326 audit(1751636545.068:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9765 comm="syz.3.1117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8de398e929 code=0x7fc00000 [ 278.087475][ T9780] cgroup: fork rejected by pids controller in /syz8 [ 278.092807][ T30] audit: type=1326 audit(1751636545.548:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9765 comm="syz.3.1117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f8de398e929 code=0x7fc00000 [ 278.662878][ T43] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 278.872882][ T43] usb 4-1: Using ep0 maxpacket: 32 [ 278.884552][ T43] usb 4-1: config 0 has an invalid interface number: 89 but max is 0 [ 278.912270][ T43] usb 4-1: config 0 has no interface number 0 [ 278.956777][ T43] usb 4-1: New USB device found, idVendor=12d1, idProduct=7ef3, bcdDevice=54.68 [ 278.966619][ T43] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 278.988201][ T43] usb 4-1: Product: syz [ 279.002336][ T9831] loop4: detected capacity change from 0 to 32768 [ 279.002586][ T43] usb 4-1: Manufacturer: syz [ 279.032740][ T43] usb 4-1: SerialNumber: syz [ 279.036673][ T9831] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1127 (9831) [ 279.076450][ T43] usb 4-1: config 0 descriptor?? [ 279.120354][ T9831] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 279.124714][ T43] hub 4-1:0.89: bad descriptor, ignoring hub [ 279.153028][ T43] hub 4-1:0.89: probe with driver hub failed with error -5 [ 279.166790][ T43] option 4-1:0.89: GSM modem (1-port) converter detected [ 279.182873][ T9831] BTRFS info (device loop4): using sha256 (sha256-lib) checksum algorithm [ 279.193195][ T9831] BTRFS info (device loop4): disk space caching is enabled [ 279.200506][ T9831] BTRFS warning (device loop4): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 279.269859][ T9831] BTRFS info (device loop4): rebuilding free space tree [ 279.305593][ T9831] BTRFS info (device loop4): disabling free space tree [ 279.321395][ T9831] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 279.332147][ T9831] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 279.419550][ T30] audit: type=1800 audit(1751636546.888:54): pid=9831 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1127" name="file1" dev="loop4" ino=260 res=0 errno=0 [ 279.449329][ T9865] overlayfs: failed to clone upperpath [ 279.477148][ T847] usb 4-1: USB disconnect, device number 3 [ 279.508158][ T847] option 4-1:0.89: device disconnected [ 279.766208][ T1324] BTRFS info (device loop4): qgroup scan completed (inconsistency flag cleared) [ 279.945873][ T8056] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 280.482963][ T847] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 280.652797][ T43] usb 10-1: new full-speed USB device number 4 using dummy_hcd [ 280.653007][ T847] usb 5-1: Using ep0 maxpacket: 8 [ 280.673462][ T847] usb 5-1: config 179 has an invalid interface number: 65 but max is 0 [ 280.682063][ T847] usb 5-1: config 179 has no interface number 0 [ 280.689097][ T847] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 280.700746][ T847] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 280.712550][ T847] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 280.730122][ T847] usb 5-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 280.745254][ T847] usb 5-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 280.754840][ T847] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 280.767265][ T9887] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 280.804953][ T43] usb 10-1: config 4 has an invalid interface number: 63 but max is 1 [ 280.842326][ T43] usb 10-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 280.860212][ T43] usb 10-1: config 4 has 1 interface, different from the descriptor's value: 2 [ 280.869300][ T43] usb 10-1: config 4 has no interface number 0 [ 280.882091][ T43] usb 10-1: config 4 interface 63 altsetting 12 endpoint 0x7 has invalid wMaxPacketSize 0 [ 280.892235][ T43] usb 10-1: config 4 interface 63 has no altsetting 0 [ 280.906230][ T43] usb 10-1: New USB device found, idVendor=1235, idProduct=0010, bcdDevice=2c.2c [ 280.940063][ T43] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 280.965361][ T43] usb 10-1: Product: syz [ 280.974089][ T43] usb 10-1: Manufacturer: syz [ 280.978801][ T43] usb 10-1: SerialNumber: syz [ 281.100887][ T5852] usb 5-1: USB disconnect, device number 8 [ 281.100947][ C0] xpad 5-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 281.115710][ C0] dummy_hcd dummy_hcd.4: timer fired with no URBs pending? [ 281.238117][ T43] usb 10-1: USB disconnect, device number 4 [ 283.048380][ T9932] loop3: detected capacity change from 0 to 40427 [ 283.066935][ T9932] F2FS-fs (loop3): build fault injection rate: 690 [ 283.073625][ T9932] F2FS-fs (loop3): Image doesn't support compression [ 283.081532][ T9932] F2FS-fs (loop3): Image doesn't support compression [ 283.088266][ T9932] F2FS-fs (loop3): build fault injection type: 0x4 [ 283.103005][ T9932] F2FS-fs (loop3): invalid crc value [ 283.153791][ T9932] F2FS-fs (loop3): Start checkpoint disabled! [ 283.165968][ T9932] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6 [ 283.984793][ T49] kworker/u8:3: attempt to access beyond end of device [ 283.984793][ T49] loop3: rw=1, sector=77824, nr_sectors = 2056 limit=40427 [ 284.083647][ T49] kworker/u8:3: attempt to access beyond end of device [ 284.083647][ T49] loop3: rw=1, sector=79880, nr_sectors = 2040 limit=40427 [ 284.122335][ T49] kworker/u8:3: attempt to access beyond end of device [ 284.122335][ T49] loop3: rw=1, sector=49152, nr_sectors = 2048 limit=40427 [ 284.159724][ T49] kworker/u8:3: attempt to access beyond end of device [ 284.159724][ T49] loop3: rw=1, sector=51200, nr_sectors = 2048 limit=40427 [ 284.258022][ T49] kworker/u8:3: attempt to access beyond end of device [ 284.258022][ T49] loop3: rw=1, sector=57344, nr_sectors = 4120 limit=40427 [ 284.462297][ T49] kworker/u8:3: attempt to access beyond end of device [ 284.462297][ T49] loop3: rw=1, sector=61464, nr_sectors = 8168 limit=40427 [ 284.483864][ T49] kworker/u8:3: attempt to access beyond end of device [ 284.483864][ T49] loop3: rw=1, sector=69632, nr_sectors = 8 limit=40427 [ 284.498351][ T49] kworker/u8:3: attempt to access beyond end of device [ 284.498351][ T49] loop3: rw=1, sector=69640, nr_sectors = 8 limit=40427 [ 284.587509][ T49] kworker/u8:3: attempt to access beyond end of device [ 284.587509][ T49] loop3: rw=1, sector=69648, nr_sectors = 8 limit=40427 [ 284.682259][ T49] kworker/u8:3: attempt to access beyond end of device [ 284.682259][ T49] loop3: rw=1, sector=69656, nr_sectors = 8 limit=40427 [ 285.668381][ T65] CPU: 0 UID: 0 PID: 65 Comm: kworker/u8:4 Not tainted 6.16.0-rc4-next-20250704-syzkaller #0 PREEMPT(full) [ 285.668411][ T65] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 285.668424][ T65] Workqueue: writeback wb_workfn (flush-7:3) [ 285.668461][ T65] Call Trace: [ 285.668468][ T65] [ 285.668477][ T65] dump_stack_lvl+0x189/0x250 [ 285.668506][ T65] ? __pfx_dump_stack_lvl+0x10/0x10 [ 285.668529][ T65] ? __pfx_queue_work_on+0x10/0x10 [ 285.668549][ T65] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 285.668573][ T65] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 285.668602][ T65] ? f2fs_hw_is_readonly+0x39b/0x470 [ 285.668638][ T65] f2fs_handle_critical_error+0x37c/0x540 [ 285.668676][ T65] f2fs_write_end_io+0x495/0x810 [ 285.668697][ T65] ? blkg_put+0x22/0x240 [ 285.668734][ T65] __submit_merged_bio+0x27a/0x6a0 [ 285.668764][ T65] ? _raw_spin_unlock+0x28/0x50 [ 285.668790][ T65] f2fs_submit_page_write+0x1fc9/0x20c0 [ 285.668854][ T65] do_write_page+0x747/0xb10 [ 285.668892][ T65] f2fs_outplace_write_data+0x11a/0x220 [ 285.668921][ T65] f2fs_do_write_data_page+0x12ea/0x1a40 [ 285.668956][ T65] ? __pfx_f2fs_do_write_data_page+0x10/0x10 [ 285.668975][ T65] ? css_rstat_updated+0x393/0x4e0 [ 285.669017][ T65] f2fs_write_single_data_page+0xa68/0x1680 [ 285.669057][ T65] ? __pfx_f2fs_write_single_data_page+0x10/0x10 [ 285.669101][ T65] ? mlock_drain_local+0x79/0x490 [ 285.669129][ T65] ? mlock_drain_local+0x28e/0x490 [ 285.669163][ T65] f2fs_write_data_pages+0x195b/0x3000 [ 285.669224][ T65] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 285.669296][ T65] ? __lock_acquire+0xab9/0xd20 [ 285.669349][ T65] ? __lock_acquire+0xab9/0xd20 [ 285.669388][ T65] ? __lock_acquire+0xab9/0xd20 [ 285.669435][ T65] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 285.669459][ T65] do_writepages+0x32e/0x550 [ 285.669487][ T65] ? reacquire_held_locks+0x127/0x1d0 [ 285.669507][ T65] ? writeback_sb_inodes+0x384/0x1010 [ 285.669538][ T65] __writeback_single_inode+0x145/0xff0 [ 285.669560][ T65] ? do_raw_spin_unlock+0x122/0x240 [ 285.669589][ T65] writeback_sb_inodes+0x6c7/0x1010 [ 285.669619][ T65] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 285.669660][ T65] ? __pfx_writeback_sb_inodes+0x10/0x10 [ 285.669728][ T65] ? rcu_is_watching+0x15/0xb0 [ 285.669759][ T65] wb_writeback+0x43b/0xaf0 [ 285.669790][ T65] ? queue_io+0x3d1/0x590 [ 285.669815][ T65] ? __pfx_wb_writeback+0x10/0x10 [ 285.669846][ T65] ? _raw_spin_unlock_irq+0x23/0x50 [ 285.669875][ T65] wb_workfn+0x409/0xef0 [ 285.669921][ T65] ? __pfx_wb_workfn+0x10/0x10 [ 285.669956][ T65] ? __lock_acquire+0xab9/0xd20 [ 285.669997][ T65] ? process_scheduled_works+0x9ef/0x17b0 [ 285.670024][ T65] ? _raw_spin_unlock_irq+0x23/0x50 [ 285.670045][ T65] ? process_scheduled_works+0x9ef/0x17b0 [ 285.670068][ T65] ? process_scheduled_works+0x9ef/0x17b0 [ 285.670090][ T65] process_scheduled_works+0xae1/0x17b0 [ 285.670142][ T65] ? __pfx_process_scheduled_works+0x10/0x10 [ 285.670182][ T65] worker_thread+0x8a0/0xda0 [ 285.670233][ T65] kthread+0x70e/0x8a0 [ 285.670259][ T65] ? __pfx_worker_thread+0x10/0x10 [ 285.670278][ T65] ? __pfx_kthread+0x10/0x10 [ 285.670305][ T65] ? _raw_spin_unlock_irq+0x23/0x50 [ 285.670326][ T65] ? lockdep_hardirqs_on+0x9c/0x150 [ 285.670348][ T65] ? __pfx_kthread+0x10/0x10 [ 285.670373][ T65] ret_from_fork+0x3fc/0x770 [ 285.670396][ T65] ? __pfx_ret_from_fork+0x10/0x10 [ 285.670422][ T65] ? __switch_to_asm+0x39/0x70 [ 285.670445][ T65] ? __switch_to_asm+0x33/0x70 [ 285.670468][ T65] ? __pfx_kthread+0x10/0x10 [ 285.670494][ T65] ret_from_fork_asm+0x1a/0x30 [ 285.670537][ T65] [ 285.671059][ T65] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 286.149262][ T9969] netlink: 24 bytes leftover after parsing attributes in process `syz.9.1175'. [ 286.534380][ T9973] loop9: detected capacity change from 0 to 512 [ 286.556225][ T9973] EXT4-fs (loop9): feature flags set on rev 0 fs, running e2fsck is recommended [ 286.646625][ T9973] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 286.794994][ T9371] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 286.962757][ T5852] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 287.000562][ T9987] netlink: 4 bytes leftover after parsing attributes in process `syz.9.1180'. [ 287.293295][ T5852] usb 4-1: Using ep0 maxpacket: 16 [ 287.308001][ T5852] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 287.330294][ T5852] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 287.342217][ T5852] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 287.356078][ T5852] usb 4-1: Product: syz [ 287.361615][ T5852] usb 4-1: Manufacturer: syz [ 287.368321][ T5852] usb 4-1: SerialNumber: syz [ 287.385452][ T5852] usb 4-1: config 0 descriptor?? [ 287.397981][ T5852] em28xx 4-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 287.409411][ T5852] em28xx 4-1:0.0: DVB interface 0 found: bulk [ 288.204226][ T9999] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1185'. [ 288.224732][ T9999] bridge0: port 3(syz_tun) entered disabled state [ 288.271912][ T9999] syz_tun (unregistering): left allmulticast mode [ 288.279428][ T9999] syz_tun (unregistering): left promiscuous mode [ 288.349155][ T9999] bridge0: port 3(syz_tun) entered disabled state [ 288.401246][ T5852] em28xx 4-1:0.0: unknown em28xx chip ID (0) [ 289.647201][ T5852] em28xx 4-1:0.0: failed to get i2c transfer status from bridge register (error=-5) [ 289.659634][ T5852] em28xx 4-1:0.0: board has no eeprom [ 289.754145][ T5852] em28xx 4-1:0.0: Identified as PCTV tripleStick (292e) (card=94) [ 289.777596][ T5852] em28xx 4-1:0.0: dvb set to bulk mode. [ 289.820361][ T5864] em28xx 4-1:0.0: Binding DVB extension [ 289.837713][ T5852] usb 4-1: USB disconnect, device number 4 [ 289.871690][ T5852] em28xx 4-1:0.0: Disconnecting em28xx [ 289.989015][ T5864] em28xx 4-1:0.0: Registering input extension [ 290.026970][ T5852] em28xx 4-1:0.0: Closing input extension [ 290.089631][ T5852] em28xx 4-1:0.0: Freeing device [ 290.333142][ T5904] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 290.439510][T10047] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1204'. [ 290.492776][ T5904] usb 5-1: Using ep0 maxpacket: 32 [ 290.500723][ T5904] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 290.511494][ T5904] usb 5-1: config 0 has no interfaces? [ 290.521637][ T5904] usb 5-1: New USB device found, idVendor=0856, idProduct=bc00, bcdDevice=b2.7f [ 290.531132][ T5904] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 290.539397][ T5904] usb 5-1: Product: syz [ 290.543716][ T5904] usb 5-1: Manufacturer: syz [ 290.548960][ T5904] usb 5-1: SerialNumber: syz [ 290.557609][ T5904] usb 5-1: config 0 descriptor?? [ 291.689566][ T5904] usb 5-1: USB disconnect, device number 9 [ 292.303216][T10089] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1220'. [ 292.713796][T10094] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1222'. [ 292.756667][T10095] loop4: detected capacity change from 0 to 512 [ 292.830558][T10095] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 292.890300][T10095] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 293.083405][T10097] vlan2: entered allmulticast mode [ 293.118112][T10097] bond1: entered allmulticast mode [ 293.530291][T10095] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 293.634713][T10095] EXT4-fs (loop4): 1 truncate cleaned up [ 293.675229][T10095] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 293.960997][ T8056] EXT4-fs error (device loop4): ext4_readdir:264: inode #11: block 54: comm syz-executor: path /125/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 294.056213][ T8056] EXT4-fs (loop4): Remounting filesystem read-only [ 294.261856][ T8467] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 294.338443][ T8467] bridge0: port 3(syz_tun) entered disabled state [ 294.438559][ T8467] syz_tun (unregistering): left allmulticast mode [ 294.462488][ T8467] syz_tun (unregistering): left promiscuous mode [ 294.474862][ T8467] bridge0: port 3(syz_tun) entered disabled state [ 294.719120][ T13] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 294.924857][ T13] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 295.043178][ T13] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 295.148519][T10133] loop9: detected capacity change from 0 to 512 [ 295.196593][T10133] EXT4-fs (loop9): orphan cleanup on readonly fs [ 295.212843][T10133] EXT4-fs (loop9): Cannot turn on journaled quota: type 0: error -13 [ 295.224714][ T13] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 295.242054][T10133] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters [ 295.281107][T10133] EXT4-fs error (device loop9): ext4_clear_blocks:876: inode #13: comm syz.9.1240: attempt to clear invalid blocks 2 len 1 [ 295.339421][T10133] EXT4-fs error (device loop9): ext4_free_branches:1023: inode #13: comm syz.9.1240: invalid indirect mapped block 1819239214 (level 0) [ 295.372191][T10133] EXT4-fs error (device loop9): ext4_free_branches:1023: inode #13: comm syz.9.1240: invalid indirect mapped block 1819239214 (level 1) [ 295.401178][T10133] EXT4-fs (loop9): 1 truncate cleaned up [ 295.419108][T10133] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 295.568548][ T13] bridge_slave_1: left allmulticast mode [ 295.574298][ T13] bridge_slave_1: left promiscuous mode [ 295.577714][ T9371] EXT4-fs error (device loop9): htree_dirblock_to_tree:1080: inode #2: block 13: comm syz-executor: bad entry in directory: inode out of bounds - offset=24, inode=85, rec_len=20, size=1024 fake=0 [ 295.580061][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 295.629593][ T13] bridge_slave_0: left allmulticast mode [ 295.635702][ T13] bridge_slave_0: left promiscuous mode [ 295.641481][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 295.761584][ T9371] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 295.798019][T10149] netlink: 24 bytes leftover after parsing attributes in process `syz.7.1247'. [ 295.901514][ T5857] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 295.913755][ T5857] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 295.922324][ T5857] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 295.931816][ T5857] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 295.957799][ T5857] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 296.130609][T10146] loop3: detected capacity change from 0 to 32768 [ 296.211254][T10146] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 296.280991][T10146] (syz.3.1245,10146,1):ocfs2_get_block:141 get_block on system inode 0xffff88806eefc178 (65) [ 296.310996][T10146] OCFS2: ERROR (device loop3): int __ocfs2_find_path(struct ocfs2_caching_info *, struct ocfs2_extent_list *, u32, path_insert_t *, void *): Owner 65 has invalid tree depth 312 in extent list [ 296.334110][T10146] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 296.345254][T10146] OCFS2: File system is now read-only. [ 296.351883][T10146] (syz.3.1245,10146,1):ocfs2_find_leaf:1948 ERROR: status = -30 [ 296.368799][T10146] (syz.3.1245,10146,1):ocfs2_get_clusters_nocache:421 ERROR: status = -30 [ 296.379086][T10146] (syz.3.1245,10146,1):ocfs2_get_clusters:634 ERROR: status = -30 [ 296.389902][T10146] (syz.3.1245,10146,1):ocfs2_extent_map_get_blocks:681 ERROR: status = -30 [ 296.426716][T10146] (syz.3.1245,10146,1):ocfs2_get_block:153 ERROR: get_blocks() failed, inode: 0xffff88806eefc178, block: 0 [ 296.462611][T10146] (syz.3.1245,10146,0):ocfs2_get_block:141 get_block on system inode 0xffff88806eefc178 (65) [ 296.483118][T10146] OCFS2: ERROR (device loop3): int __ocfs2_find_path(struct ocfs2_caching_info *, struct ocfs2_extent_list *, u32, path_insert_t *, void *): Owner 65 has invalid tree depth 312 in extent list [ 296.538012][T10146] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 296.559764][T10146] (syz.3.1245,10146,1):ocfs2_find_leaf:1948 ERROR: status = -30 [ 296.577910][T10146] (syz.3.1245,10146,1):ocfs2_get_clusters_nocache:421 ERROR: status = -30 [ 296.589609][T10146] (syz.3.1245,10146,1):ocfs2_get_clusters:634 ERROR: status = -30 [ 296.642862][T10146] (syz.3.1245,10146,1):ocfs2_extent_map_get_blocks:681 ERROR: status = -30 [ 296.657612][T10146] (syz.3.1245,10146,1):ocfs2_get_block:153 ERROR: get_blocks() failed, inode: 0xffff88806eefc178, block: 0 [ 296.708394][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 296.722609][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 296.746243][ T13] bond0 (unregistering): Released all slaves [ 296.769607][ T8366] ocfs2: Unmounting device (7,3) on (node local) [ 297.122950][ T5904] kernel write not supported for file bpf-prog (pid: 5904 comm: kworker/0:3) [ 297.314747][ T13] hsr_slave_0: left promiscuous mode [ 297.322504][ T13] hsr_slave_1: left promiscuous mode [ 297.333584][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 297.341027][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 297.353306][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 297.363454][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 297.423718][ T13] veth1_macvtap: left promiscuous mode [ 297.429388][ T13] veth0_macvtap: left promiscuous mode [ 297.435697][ T13] veth1_vlan: left promiscuous mode [ 297.441139][ T13] veth0_vlan: left promiscuous mode [ 298.046944][ T5857] Bluetooth: hci1: command tx timeout [ 298.466411][ T5164] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 298.477601][ T5164] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 298.501237][ T5164] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 298.533391][ T5164] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 298.541661][ T5164] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 299.563273][ T13] team0 (unregistering): Port device team_slave_1 removed [ 300.133245][ T5164] Bluetooth: hci1: command tx timeout [ 300.218579][ T13] team0 (unregistering): Port device team_slave_0 removed [ 300.600601][ T5164] Bluetooth: hci2: command tx timeout [ 300.626144][T10191] netlink: 'syz.8.1260': attribute type 2 has an invalid length. [ 302.193630][ T5164] Bluetooth: hci1: command tx timeout [ 302.518473][T10151] chnl_net:caif_netlink_parms(): no params data found [ 302.693067][ T5164] Bluetooth: hci2: command tx timeout [ 303.508160][T10237] net_ratelimit: 10 callbacks suppressed [ 303.508179][T10237] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 303.668975][ T13] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 304.064406][ T13] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 304.137610][T10151] bridge0: port 1(bridge_slave_0) entered blocking state [ 304.173031][T10151] bridge0: port 1(bridge_slave_0) entered disabled state [ 304.190493][T10151] bridge_slave_0: entered allmulticast mode [ 304.208893][T10151] bridge_slave_0: entered promiscuous mode [ 304.229212][T10151] bridge0: port 2(bridge_slave_1) entered blocking state [ 304.246585][T10151] bridge0: port 2(bridge_slave_1) entered disabled state [ 304.273123][ T5164] Bluetooth: hci1: command tx timeout [ 304.283027][T10151] bridge_slave_1: entered allmulticast mode [ 304.290814][T10151] bridge_slave_1: entered promiscuous mode [ 304.298180][T10182] chnl_net:caif_netlink_parms(): no params data found [ 304.344813][T10260] loop3: detected capacity change from 0 to 8 [ 304.356003][ T13] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 304.370656][T10260] unable to read id index table [ 304.558510][ T13] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 304.629062][T10151] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 304.652972][T10151] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 304.755457][ T5164] Bluetooth: hci2: command tx timeout [ 304.808509][ T30] audit: type=1804 audit(1751636572.278:55): pid=10278 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.8.1289" name="file0" dev="tmpfs" ino=688 res=1 errno=0 [ 304.809698][T10278] ref_ctr going negative. vaddr: 0x200000ffc002, curr val: -29824, delta: 1 [ 304.846300][T10278] ref_ctr increment failed for inode: 0x2b0 offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff88805ac12800 [ 304.867965][T10151] team0: Port device team_slave_0 added [ 304.909702][T10151] team0: Port device team_slave_1 added [ 304.921840][T10182] bridge0: port 1(bridge_slave_0) entered blocking state [ 304.941984][T10182] bridge0: port 1(bridge_slave_0) entered disabled state [ 304.955042][T10182] bridge_slave_0: entered allmulticast mode [ 304.963712][T10282] loop3: detected capacity change from 0 to 128 [ 304.965958][T10182] bridge_slave_0: entered promiscuous mode [ 304.985086][T10282] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 304.999102][T10282] ext4 filesystem being mounted at /101/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 305.087444][T10182] bridge0: port 2(bridge_slave_1) entered blocking state [ 305.113126][T10182] bridge0: port 2(bridge_slave_1) entered disabled state [ 305.128125][T10182] bridge_slave_1: entered allmulticast mode [ 305.137319][T10182] bridge_slave_1: entered promiscuous mode [ 305.190038][ T8366] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 305.207859][T10151] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 305.219231][T10151] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 305.261834][T10151] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 305.329028][T10291] overlayfs: failed to clone upperpath [ 305.336332][T10151] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 305.356601][T10151] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 305.383329][T10151] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 305.408540][T10182] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 305.451665][T10294] loop3: detected capacity change from 0 to 1024 [ 305.460873][T10182] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 305.473210][T10294] EXT4-fs (loop3): Test dummy encryption mode enabled [ 305.487784][T10294] EXT4-fs (loop3): stripe (9) is not aligned with cluster size (16), stripe is disabled [ 305.529555][T10294] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 305.670469][T10294] fscrypt: AES-256-CBC-CTS using implementation "cts-cbc-aes-aesni" [ 305.690003][T10182] team0: Port device team_slave_0 added [ 305.720994][T10294] fscrypt: AES-256-XTS using implementation "xts-aes-aesni-avx" [ 305.741209][ T13] bridge_slave_1: left allmulticast mode [ 305.750686][ T13] bridge_slave_1: left promiscuous mode [ 305.777847][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 305.824935][ T13] bridge_slave_0: left allmulticast mode [ 305.830697][ T13] bridge_slave_0: left promiscuous mode [ 305.841335][ T8366] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 305.846033][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 306.757970][T10321] overlayfs: failed to clone upperpath [ 306.844552][ T5164] Bluetooth: hci2: command tx timeout [ 307.087035][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 307.108961][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 307.129986][ T13] bond0 (unregistering): Released all slaves [ 307.281778][T10151] hsr_slave_0: entered promiscuous mode [ 307.325049][T10151] hsr_slave_1: entered promiscuous mode [ 307.356544][T10151] debugfs: 'hsr0' already exists in 'hsr' [ 307.382043][T10151] Cannot create hsr debugfs directory [ 307.418459][T10182] team0: Port device team_slave_1 added [ 307.806579][T10182] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 307.837626][T10182] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 307.927078][T10182] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 308.133480][T10182] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 308.140463][T10182] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 308.232775][T10182] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 308.654671][T10182] hsr_slave_0: entered promiscuous mode [ 308.661357][T10182] hsr_slave_1: entered promiscuous mode [ 308.692114][T10182] debugfs: 'hsr0' already exists in 'hsr' [ 308.702765][T10182] Cannot create hsr debugfs directory [ 308.821533][ T13] hsr_slave_0: left promiscuous mode [ 308.861060][ T13] hsr_slave_1: left promiscuous mode [ 308.867681][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 308.892980][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 308.901590][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 308.930563][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 308.974723][ T13] veth1_macvtap: left promiscuous mode [ 308.980310][ T13] veth0_macvtap: left promiscuous mode [ 309.003012][ T13] veth1_vlan: left promiscuous mode [ 309.008402][ T13] veth0_vlan: left promiscuous mode [ 310.464294][ T13] team0 (unregistering): Port device team_slave_1 removed [ 310.598449][ T13] team0 (unregistering): Port device team_slave_0 removed [ 311.707175][T10336] ip6gre1: entered allmulticast mode [ 312.710355][T10151] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 312.726891][T10151] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 312.739209][T10151] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 312.769451][T10151] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 313.157620][T10151] 8021q: adding VLAN 0 to HW filter on device bond0 [ 313.212135][T10151] 8021q: adding VLAN 0 to HW filter on device team0 [ 313.241577][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 313.248728][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 313.267165][ T6510] bridge0: port 2(bridge_slave_1) entered blocking state [ 313.274324][ T6510] bridge0: port 2(bridge_slave_1) entered forwarding state [ 313.321405][T10182] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 313.347977][T10182] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 313.376832][T10182] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 313.394600][T10182] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 313.632221][T10182] 8021q: adding VLAN 0 to HW filter on device bond0 [ 313.674751][T10182] 8021q: adding VLAN 0 to HW filter on device team0 [ 313.697119][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 313.704315][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 313.724738][ T65] bridge0: port 2(bridge_slave_1) entered blocking state [ 313.731913][ T65] bridge0: port 2(bridge_slave_1) entered forwarding state [ 313.780229][T10151] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 313.915721][T10151] veth0_vlan: entered promiscuous mode [ 313.950527][T10151] veth1_vlan: entered promiscuous mode [ 314.081594][T10151] veth0_macvtap: entered promiscuous mode [ 314.094517][T10151] veth1_macvtap: entered promiscuous mode [ 314.168209][T10151] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 314.229079][T10151] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 314.260171][ T49] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 314.288707][ T49] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 314.334460][ T49] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 314.350306][ T49] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 314.416242][T10182] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 314.649683][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 314.670698][T10182] veth0_vlan: entered promiscuous mode [ 314.676891][ T5857] Bluetooth: hci5: command 0x1003 tx timeout [ 314.681954][ T5164] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 314.728791][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 314.831501][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 314.839815][T10182] veth1_vlan: entered promiscuous mode [ 314.856050][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 314.960570][T10182] veth0_macvtap: entered promiscuous mode [ 315.043452][T10182] veth1_macvtap: entered promiscuous mode [ 315.289093][T10182] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 315.413345][T10182] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 315.501365][ T13] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 315.512813][ T13] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 315.527803][ T13] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 315.741689][ T13] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 315.794557][T10472] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1344'. [ 316.794999][T10487] overlayfs: failed to clone upperpath [ 316.902841][ T1324] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 316.910687][ T1324] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 317.016592][ T5852] libceph: connect (1)[c::]:6789 error -101 [ 317.027028][ T1324] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 317.033273][ T5852] libceph: mon0 (1)[c::]:6789 connect error [ 317.061030][ T1324] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 317.079310][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.086014][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.092754][T10496] capability: warning: `syz.7.1353' uses 32-bit capabilities (legacy support in use) [ 317.294770][ T5852] libceph: connect (1)[c::]:6789 error -101 [ 317.301246][ T5852] libceph: mon0 (1)[c::]:6789 connect error [ 317.340060][T10481] loop0: detected capacity change from 0 to 32768 [ 317.816430][T10489] ceph: No mds server is up or the cluster is laggy [ 317.826860][ T5942] libceph: connect (1)[c::]:6789 error -101 [ 317.842922][ T5942] libceph: mon0 (1)[c::]:6789 connect error [ 320.528589][T10557] Illegal XDP return value 4294967294 on prog (id 240) dev N/A, expect packet loss! [ 320.600527][T10561] loop3: detected capacity change from 0 to 128 [ 320.620817][T10561] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 320.678161][T10561] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 320.809469][T10548] loop1: detected capacity change from 0 to 32768 [ 320.901299][ T30] audit: type=1804 audit(1751636588.368:56): pid=10548 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1370" name="/newroot/4/file0/bus" dev="loop1" ino=7 res=1 errno=0 [ 320.905935][T10548] Invalid ELF header len 8 [ 321.000719][ T30] audit: type=1800 audit(1751636588.438:57): pid=10573 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1382" name="file1" dev="overlay" ino=52 res=0 errno=0 [ 321.036812][T10574] loop3: detected capacity change from 0 to 1024 [ 321.048965][T10574] EXT4-fs: Ignoring removed nomblk_io_submit option [ 321.068724][T10576] binder: 10575:10576 ioctl c0306201 200000000180 returned -22 [ 321.091249][T10574] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 321.508565][T10588] Failed to enqueue queue_pair DETACH event datagram for context (ID=0x0) [ 321.730143][ T8366] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 323.090135][ C1] vcan0: j1939_tp_rxtimer: 0xffff888057c89c00: rx timeout, send abort [ 323.100916][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888057c89c00: 0x2f000: (3) A timeout occurred and this is the connection abort to close the session. [ 324.019474][T10638] loop3: detected capacity change from 0 to 256 [ 324.054855][T10638] vfat: Bad value for 'dmask' [ 326.832366][T10689] loop0: detected capacity change from 0 to 128 [ 326.833053][T10687] overlayfs: failed to clone upperpath [ 326.861862][T10689] EXT4-fs (loop0): Test dummy encryption mode enabled [ 326.908878][T10689] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 326.977538][T10689] ext4 filesystem being mounted at /11/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 327.325272][T10670] loop3: detected capacity change from 0 to 32768 [ 327.338684][T10670] btrfs: Unknown parameter 'measure' [ 327.389559][T10151] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 328.037055][T10710] netlink: 2048 bytes leftover after parsing attributes in process `syz.3.1415'. [ 328.081858][T10710] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1415'. [ 329.591980][T10745] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1443'. [ 329.915042][T10750] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1445'. [ 330.067358][T10753] loop1: detected capacity change from 0 to 2048 [ 330.246589][T10753] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 331.284729][ T30] audit: type=1107 audit(1751636598.748:58): pid=10783 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 331.550820][T10796] bpq0: left promiscuous mode [ 331.555920][T10796] bpq0: left allmulticast mode [ 332.132338][T10816] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 332.880905][T10826] syz_tun: entered promiscuous mode [ 332.932929][T10826] vlan2: entered promiscuous mode [ 333.852133][T10837] loop1: detected capacity change from 0 to 4096 [ 333.996614][T10837] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 334.053480][T10837] ntfs3(loop1): Failed to load $Extend (-22). [ 334.059984][T10837] ntfs3(loop1): Failed to initialize $Extend. [ 334.245501][T10837] ntfs3(loop1): ino=1b, "file0" ntfs_readdir [ 334.513306][ T5164] Bluetooth: hci0: command 0x0406 tx timeout [ 334.833306][T10856] team0: Device gtp0 is of different type [ 335.790246][T10866] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1490'. [ 335.911996][T10871] loop1: detected capacity change from 0 to 32768 [ 335.970388][T10871] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1491 (10871) [ 335.990649][T10871] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 336.001127][T10871] BTRFS info (device loop1): using crc32c (crc32c-lib) checksum algorithm [ 336.020601][T10871] BTRFS info (device loop1): using free-space-tree [ 337.001367][T10871] BTRFS info (device loop1): rebuilding free space tree [ 337.199223][ T30] audit: type=1800 audit(1751636604.668:59): pid=10871 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1491" name="bus" dev="loop1" ino=263 res=0 errno=0 [ 337.485513][T10871] BTRFS info (device loop1 state M): max_inline set to 0 [ 337.758198][T10182] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 337.905860][T10920] netlink: 'syz.0.1506': attribute type 12 has an invalid length. [ 341.611374][T10983] loop1: detected capacity change from 0 to 32768 [ 341.771725][T10983] XFS (loop1): Mounting V5 Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4 [ 342.100121][T10983] XFS (loop1): Starting recovery (logdev: internal) [ 342.287067][T10983] XFS (loop1): Ending recovery (logdev: internal) [ 342.331075][T10983] XFS (loop1): Metadata CRC error detected at xfs_allocbt_read_verify+0x42/0xe0, xfs_bnobt block 0x4 [ 342.352421][T10983] XFS (loop1): Unmount and run xfs_repair [ 342.379796][T10983] XFS (loop1): First 128 bytes of corrupted metadata buffer: [ 342.406374][T10983] 00000000: 53 55 4d 59 00 00 00 02 ff ff ff ff ff ff ff ff SUMY............ [ 342.425023][T10983] 00000010: 00 00 00 00 00 00 00 04 00 00 00 01 00 00 00 40 ...............@ [ 342.438608][T10983] 00000020: 9f 91 83 2a 3b 79 45 c3 9d 6d ed 0b c7 35 7f e4 ...*;yE..m...5.. [ 342.480685][T10983] 00000030: 00 00 00 00 25 47 cc 81 00 00 00 0d 00 00 00 03 ....%G.......... [ 342.499314][T11009] loop0: detected capacity change from 0 to 32768 [ 342.505081][T10983] 00000040: 00 00 0e a8 00 00 11 58 00 00 00 00 00 00 00 00 .......X........ [ 342.523730][T10983] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 342.536188][T10983] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 342.545796][T10983] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 342.555701][T11009] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1535 (11009) [ 342.560082][T10983] XFS (loop1): metadata I/O error in "xfs_btree_read_buf_block+0x290/0x470" at daddr 0x4 len 4 error 74 [ 342.720106][T11009] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 342.732867][T11009] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm [ 342.741493][T11009] BTRFS info (device loop0): using free-space-tree [ 342.757099][T10983] XFS (loop1): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x517/0x8e0 (fs/xfs/xfs_trans_buf.c:311). Shutting down filesystem. [ 342.780839][T10983] XFS (loop1): Please unmount the filesystem and rectify the problem(s) [ 342.867204][T10182] XFS (loop1): Unmounting Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4 [ 343.020263][T11009] BTRFS info (device loop0): rebuilding free space tree [ 343.437092][T10151] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 345.856860][ T30] audit: type=1804 audit(1751636613.328:60): pid=11078 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1551" name="/newroot/40/file0" dev="tmpfs" ino=237 res=1 errno=0 [ 345.989195][T11080] loop3: detected capacity change from 0 to 8 [ 346.446721][T11093] loop1: detected capacity change from 0 to 512 [ 346.601616][T11093] EXT4-fs (loop1): 1 orphan inode deleted [ 346.654247][T11093] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 346.670389][ T1324] Quota error (device loop1): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 346.695702][ T1324] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:5: Failed to release dquot type 1 [ 346.710384][T11093] ext4 filesystem being mounted at /37/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 346.741677][ T30] audit: type=1800 audit(1751636614.208:61): pid=11093 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1558" name="bus" dev="loop1" ino=16 res=0 errno=0 [ 348.258313][T10182] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 348.517982][T11126] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 348.618526][T11130] netlink: 32 bytes leftover after parsing attributes in process `syz.8.1572'. [ 348.628390][T11130] netlink: 32 bytes leftover after parsing attributes in process `syz.8.1572'. [ 349.465949][T11162] overlayfs: failed to clone upperpath [ 349.781141][T11167] loop0: detected capacity change from 0 to 2048 [ 349.813962][T11168] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1590'. [ 349.839380][T11167] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found [ 349.857482][T11167] UDF-fs: Scanning with blocksize 512 failed [ 349.907663][T11167] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 351.770219][ T13] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 351.855330][T11191] loop1: detected capacity change from 0 to 256 [ 351.922241][T11191] FAT-fs (loop1): Directory bread(block 64) failed [ 351.939135][T11191] FAT-fs (loop1): Directory bread(block 65) failed [ 351.948074][ T13] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 351.962021][T11191] FAT-fs (loop1): Directory bread(block 66) failed [ 351.970921][T11191] FAT-fs (loop1): Directory bread(block 67) failed [ 351.986725][T11191] FAT-fs (loop1): Directory bread(block 68) failed [ 352.002529][T11191] FAT-fs (loop1): Directory bread(block 69) failed [ 352.009459][T11191] FAT-fs (loop1): Directory bread(block 70) failed [ 352.018786][T11191] FAT-fs (loop1): Directory bread(block 71) failed [ 352.025694][T11191] FAT-fs (loop1): Directory bread(block 72) failed [ 352.032291][T11191] FAT-fs (loop1): Directory bread(block 73) failed [ 352.186046][ T6510] bio_check_eod: 1512 callbacks suppressed [ 352.186065][ T6510] kworker/u8:12: attempt to access beyond end of device [ 352.186065][ T6510] loop1: rw=1, sector=1224, nr_sectors = 4 limit=256 [ 352.244639][ T13] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 352.381232][ T13] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 352.475637][T11196] Set syz0 is full, maxelem 0 reached [ 352.855258][ T13] bridge_slave_1: left allmulticast mode [ 352.881381][ T13] bridge_slave_1: left promiscuous mode [ 352.899775][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 353.023322][ T13] bridge_slave_0: left allmulticast mode [ 353.029000][ T13] bridge_slave_0: left promiscuous mode [ 353.042505][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 353.324082][ T5164] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 353.336824][ T5164] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 353.354377][ T5164] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 353.377159][ T5164] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 353.395410][ T5164] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 355.473028][ T5164] Bluetooth: hci1: command tx timeout [ 355.831598][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 355.848698][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 355.861566][ T13] bond0 (unregistering): Released all slaves [ 355.924612][T11249] vlan2: entered promiscuous mode [ 355.929804][T11249] bridge0: entered promiscuous mode [ 355.936096][T11249] vlan2: entered allmulticast mode [ 355.950032][T11250] bridge_slave_0: left promiscuous mode [ 356.024864][T11250] bridge0: port 1(bridge_slave_0) entered disabled state [ 356.556878][T11259] loop1: detected capacity change from 0 to 40427 [ 356.573463][T11259] F2FS-fs (loop1): build fault injection rate: 690 [ 356.580051][T11259] F2FS-fs (loop1): Image doesn't support compression [ 356.586866][T11259] F2FS-fs (loop1): Image doesn't support compression [ 356.596193][T11259] F2FS-fs (loop1): invalid crc value [ 356.674602][T11259] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 356.695947][T11250] bridge_slave_1: left promiscuous mode [ 356.707261][T11250] bridge0: port 2(bridge_slave_1) entered disabled state [ 356.729545][T11250] bond0: (slave bond_slave_0): Releasing backup interface [ 356.742244][T11259] syz.1.1620: attempt to access beyond end of device [ 356.742244][T11259] loop1: rw=524288, sector=45064, nr_sectors = 8 limit=40427 [ 356.759429][T11259] syz.1.1620: attempt to access beyond end of device [ 356.759429][T11259] loop1: rw=0, sector=45064, nr_sectors = 8 limit=40427 [ 356.762584][T11250] bond0: (slave bond_slave_1): Releasing backup interface [ 356.788789][T11259] syz.1.1620: attempt to access beyond end of device [ 356.788789][T11259] loop1: rw=0, sector=45064, nr_sectors = 8 limit=40427 [ 356.825507][T11250] team0: Port device team_slave_0 removed [ 356.828598][T10182] syz-executor: attempt to access beyond end of device [ 356.828598][T10182] loop1: rw=0, sector=45064, nr_sectors = 8 limit=40427 [ 356.848402][T11250] team0: Port device team_slave_1 removed [ 356.878635][T11250] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 356.887318][ T6509] kworker/u8:11: attempt to access beyond end of device [ 356.887318][ T6509] loop1: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 356.912947][ T6509] CPU: 1 UID: 0 PID: 6509 Comm: kworker/u8:11 Not tainted 6.16.0-rc4-next-20250704-syzkaller #0 PREEMPT(full) [ 356.912976][ T6509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 356.912989][ T6509] Workqueue: writeback wb_workfn (flush-7:1) [ 356.913025][ T6509] Call Trace: [ 356.913033][ T6509] [ 356.913041][ T6509] dump_stack_lvl+0x189/0x250 [ 356.913071][ T6509] ? __pfx_dump_stack_lvl+0x10/0x10 [ 356.913091][ T6509] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 356.913116][ T6509] ? __pfx_queue_work_on+0x10/0x10 [ 356.913138][ T6509] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 356.913161][ T6509] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 356.913187][ T6509] ? f2fs_hw_is_readonly+0x39b/0x470 [ 356.913223][ T6509] f2fs_handle_critical_error+0x37c/0x540 [ 356.913261][ T6509] f2fs_write_end_io+0x495/0x810 [ 356.913281][ T6509] ? blkg_put+0x22/0x240 [ 356.913317][ T6509] __submit_merged_bio+0x27a/0x6a0 [ 356.913354][ T6509] __submit_merged_write_cond+0x255/0x530 [ 356.913400][ T6509] f2fs_write_data_pages+0x261d/0x3000 [ 356.913459][ T6509] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 356.913496][ T6509] ? __pfx_f2fs_available_free_memory+0x10/0x10 [ 356.913548][ T6509] ? __pfx_f2fs_balance_fs_bg+0x10/0x10 [ 356.913574][ T6509] ? trace_f2fs_writepages+0x7f/0x200 [ 356.913602][ T6509] ? f2fs_write_node_pages+0x478/0x6e0 [ 356.913630][ T6509] ? __bfs+0x151/0x2a0 [ 356.913643][ T6509] ? __pfx_hlock_conflict+0x10/0x10 [ 356.913686][ T6509] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 356.913710][ T6509] do_writepages+0x32e/0x550 [ 356.913733][ T6509] ? reacquire_held_locks+0x127/0x1d0 [ 356.913749][ T6509] ? writeback_sb_inodes+0x384/0x1010 [ 356.913774][ T6509] __writeback_single_inode+0x145/0xff0 [ 356.913792][ T6509] ? do_raw_spin_unlock+0x122/0x240 [ 356.913819][ T6509] writeback_sb_inodes+0x6c7/0x1010 [ 356.913847][ T6509] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 356.913889][ T6509] ? __pfx_writeback_sb_inodes+0x10/0x10 [ 356.913957][ T6509] ? rcu_is_watching+0x15/0xb0 [ 356.913987][ T6509] wb_writeback+0x43b/0xaf0 [ 356.914015][ T6509] ? queue_io+0x3d1/0x590 [ 356.914039][ T6509] ? __pfx_wb_writeback+0x10/0x10 [ 356.914068][ T6509] ? _raw_spin_unlock_irq+0x23/0x50 [ 356.914092][ T6509] wb_workfn+0x409/0xef0 [ 356.914138][ T6509] ? __pfx_wb_workfn+0x10/0x10 [ 356.914171][ T6509] ? __lock_acquire+0xab9/0xd20 [ 356.914211][ T6509] ? process_scheduled_works+0x9ef/0x17b0 [ 356.914238][ T6509] ? _raw_spin_unlock_irq+0x23/0x50 [ 356.914257][ T6509] ? process_scheduled_works+0x9ef/0x17b0 [ 356.914274][ T6509] ? process_scheduled_works+0x9ef/0x17b0 [ 356.914293][ T6509] process_scheduled_works+0xae1/0x17b0 [ 356.914338][ T6509] ? __pfx_process_scheduled_works+0x10/0x10 [ 356.914381][ T6509] worker_thread+0x8a0/0xda0 [ 356.914426][ T6509] kthread+0x70e/0x8a0 [ 356.914452][ T6509] ? __pfx_worker_thread+0x10/0x10 [ 356.914470][ T6509] ? __pfx_kthread+0x10/0x10 [ 356.914496][ T6509] ? _raw_spin_unlock_irq+0x23/0x50 [ 356.914517][ T6509] ? lockdep_hardirqs_on+0x9c/0x150 [ 356.914538][ T6509] ? __pfx_kthread+0x10/0x10 [ 356.914563][ T6509] ret_from_fork+0x3fc/0x770 [ 356.914585][ T6509] ? __pfx_ret_from_fork+0x10/0x10 [ 356.914611][ T6509] ? __switch_to_asm+0x39/0x70 [ 356.914633][ T6509] ? __switch_to_asm+0x33/0x70 [ 356.914654][ T6509] ? __pfx_kthread+0x10/0x10 [ 356.914679][ T6509] ret_from_fork_asm+0x1a/0x30 [ 356.914721][ T6509] [ 356.921312][ T6509] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 357.273458][ T6509] CPU: 1 UID: 0 PID: 6509 Comm: kworker/u8:11 Not tainted 6.16.0-rc4-next-20250704-syzkaller #0 PREEMPT(full) [ 357.273488][ T6509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 357.273502][ T6509] Workqueue: writeback wb_workfn (flush-7:1) [ 357.273538][ T6509] Call Trace: [ 357.273546][ T6509] [ 357.273555][ T6509] dump_stack_lvl+0x189/0x250 [ 357.273584][ T6509] ? __pfx_dump_stack_lvl+0x10/0x10 [ 357.273604][ T6509] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 357.273628][ T6509] ? __pfx_queue_work_on+0x10/0x10 [ 357.273651][ T6509] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 357.273674][ T6509] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 357.273700][ T6509] ? f2fs_hw_is_readonly+0x39b/0x470 [ 357.273737][ T6509] f2fs_handle_critical_error+0x37c/0x540 [ 357.273776][ T6509] f2fs_write_end_io+0x495/0x810 [ 357.273796][ T6509] ? blkg_put+0x22/0x240 [ 357.273837][ T6509] __submit_merged_bio+0x27a/0x6a0 [ 357.273874][ T6509] __submit_merged_write_cond+0x255/0x530 [ 357.273903][ T6509] f2fs_write_data_pages+0x261d/0x3000 [ 357.273951][ T6509] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 357.273980][ T6509] ? __pfx_f2fs_available_free_memory+0x10/0x10 [ 357.274031][ T6509] ? __pfx_f2fs_balance_fs_bg+0x10/0x10 [ 357.274057][ T6509] ? trace_f2fs_writepages+0x7f/0x200 [ 357.274082][ T6509] ? f2fs_write_node_pages+0x478/0x6e0 [ 357.274104][ T6509] ? __bfs+0x151/0x2a0 [ 357.274119][ T6509] ? __pfx_hlock_conflict+0x10/0x10 [ 357.274162][ T6509] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 357.274184][ T6509] do_writepages+0x32e/0x550 [ 357.274211][ T6509] ? reacquire_held_locks+0x127/0x1d0 [ 357.274230][ T6509] ? writeback_sb_inodes+0x384/0x1010 [ 357.274261][ T6509] __writeback_single_inode+0x145/0xff0 [ 357.274282][ T6509] ? do_raw_spin_unlock+0x122/0x240 [ 357.274311][ T6509] writeback_sb_inodes+0x6c7/0x1010 [ 357.274351][ T6509] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 357.274392][ T6509] ? __pfx_writeback_sb_inodes+0x10/0x10 [ 357.274467][ T6509] ? rcu_is_watching+0x15/0xb0 [ 357.274500][ T6509] wb_writeback+0x43b/0xaf0 [ 357.274533][ T6509] ? queue_io+0x3d1/0x590 [ 357.274556][ T6509] ? __pfx_wb_writeback+0x10/0x10 [ 357.274584][ T6509] ? _raw_spin_unlock_irq+0x23/0x50 [ 357.274611][ T6509] wb_workfn+0x409/0xef0 [ 357.274659][ T6509] ? __pfx_wb_workfn+0x10/0x10 [ 357.274695][ T6509] ? __lock_acquire+0xab9/0xd20 [ 357.274737][ T6509] ? process_scheduled_works+0x9ef/0x17b0 [ 357.274765][ T6509] ? _raw_spin_unlock_irq+0x23/0x50 [ 357.274785][ T6509] ? process_scheduled_works+0x9ef/0x17b0 [ 357.274803][ T6509] ? process_scheduled_works+0x9ef/0x17b0 [ 357.274824][ T6509] process_scheduled_works+0xae1/0x17b0 [ 357.274884][ T6509] ? __pfx_process_scheduled_works+0x10/0x10 [ 357.274928][ T6509] worker_thread+0x8a0/0xda0 [ 357.274984][ T6509] kthread+0x70e/0x8a0 [ 357.275011][ T6509] ? __pfx_worker_thread+0x10/0x10 [ 357.275030][ T6509] ? __pfx_kthread+0x10/0x10 [ 357.275057][ T6509] ? _raw_spin_unlock_irq+0x23/0x50 [ 357.275079][ T6509] ? lockdep_hardirqs_on+0x9c/0x150 [ 357.275101][ T6509] ? __pfx_kthread+0x10/0x10 [ 357.275127][ T6509] ret_from_fork+0x3fc/0x770 [ 357.275150][ T6509] ? __pfx_ret_from_fork+0x10/0x10 [ 357.275178][ T6509] ? __switch_to_asm+0x39/0x70 [ 357.275200][ T6509] ? __switch_to_asm+0x33/0x70 [ 357.275222][ T6509] ? __pfx_kthread+0x10/0x10 [ 357.275248][ T6509] ret_from_fork_asm+0x1a/0x30 [ 357.275294][ T6509] [ 357.275301][ T6509] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 357.563086][ T5164] Bluetooth: hci1: command tx timeout [ 357.931561][T11283] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1629'. [ 357.943097][ T13] hsr_slave_0: left promiscuous mode [ 357.950952][ T13] hsr_slave_1: left promiscuous mode [ 357.959256][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 357.967358][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 357.977323][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 357.985035][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 358.000039][T11284] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1629'. [ 358.028186][ T13] veth1_macvtap: left promiscuous mode [ 358.037035][ T13] veth0_macvtap: left promiscuous mode [ 358.050648][ T13] veth1_vlan: left promiscuous mode [ 358.056778][ T13] veth0_vlan: left promiscuous mode [ 358.830733][T11296] netlink: 'syz.7.1634': attribute type 1 has an invalid length. [ 358.909443][ T13] team0 (unregistering): Port device team_slave_1 removed [ 358.984242][ T13] team0 (unregistering): Port device team_slave_0 removed [ 359.028422][ T5861] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 359.041868][ T5861] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 359.061811][ T5861] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 359.084680][ T5861] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 359.110204][ T5861] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 359.636183][T11296] 8021q: adding VLAN 0 to HW filter on device bond1 [ 359.713100][T11297] bond1: (slave gretap1): making interface the new active one [ 359.717294][ T5864] libceph: connect (1)[c::]:6789 error -101 [ 359.727454][ T5861] Bluetooth: hci1: command tx timeout [ 359.735111][ T5864] libceph: mon0 (1)[c::]:6789 connect error [ 359.740689][T11297] bond1: (slave gretap1): Enslaving as an active interface with an up link [ 359.853905][T11304] ceph: No mds server is up or the cluster is laggy [ 360.001051][T11215] chnl_net:caif_netlink_parms(): no params data found [ 360.119371][ T5861] Bluetooth: hci3: command 0x0406 tx timeout [ 360.308246][T11215] bridge0: port 1(bridge_slave_0) entered blocking state [ 360.332850][T11215] bridge0: port 1(bridge_slave_0) entered disabled state [ 360.340347][T11215] bridge_slave_0: entered allmulticast mode [ 360.355363][T11215] bridge_slave_0: entered promiscuous mode [ 360.384279][T11215] bridge0: port 2(bridge_slave_1) entered blocking state [ 360.391950][T11215] bridge0: port 2(bridge_slave_1) entered disabled state [ 360.401150][T11215] bridge_slave_1: entered allmulticast mode [ 360.409554][T11215] bridge_slave_1: entered promiscuous mode [ 360.429670][T11298] chnl_net:caif_netlink_parms(): no params data found [ 360.494534][T11215] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 360.536322][T11215] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 360.635909][ T13] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 360.850309][T11335] bridge: RTM_NEWNEIGH with invalid ether address [ 360.862089][T11215] team0: Port device team_slave_0 added [ 361.073441][ T13] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 361.122243][T11215] team0: Port device team_slave_1 added [ 361.147733][T11339] syz_tun: entered allmulticast mode [ 361.153218][ T5857] Bluetooth: hci2: command tx timeout [ 361.346588][ T13] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 361.504669][T11337] syz_tun: left allmulticast mode [ 361.625555][ T13] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 361.665210][T11215] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 361.672186][T11215] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 361.709891][T11215] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 361.732605][T11298] bridge0: port 1(bridge_slave_0) entered blocking state [ 361.740948][T11298] bridge0: port 1(bridge_slave_0) entered disabled state [ 361.751168][T11298] bridge_slave_0: entered allmulticast mode [ 361.769276][T11298] bridge_slave_0: entered promiscuous mode [ 361.788640][T11298] bridge0: port 2(bridge_slave_1) entered blocking state [ 361.795925][ T5857] Bluetooth: hci1: command tx timeout [ 361.818302][T11298] bridge0: port 2(bridge_slave_1) entered disabled state [ 361.830637][T11298] bridge_slave_1: entered allmulticast mode [ 361.859405][T11298] bridge_slave_1: entered promiscuous mode [ 361.868848][T11215] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 361.902741][T11215] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 361.956871][T11215] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 362.083271][T11298] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 362.141531][T11298] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 362.282511][T11215] hsr_slave_0: entered promiscuous mode [ 362.300395][T11215] hsr_slave_1: entered promiscuous mode [ 362.323774][T11215] debugfs: 'hsr0' already exists in 'hsr' [ 362.329606][T11215] Cannot create hsr debugfs directory [ 362.368296][T11298] team0: Port device team_slave_0 added [ 362.395880][T11298] team0: Port device team_slave_1 added [ 362.598767][T11298] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 362.608969][T11298] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 362.686252][T11298] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 362.829707][T11373] loop3: detected capacity change from 0 to 1024 [ 362.844085][T11298] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 362.853247][T11373] EXT4-fs: Ignoring removed orlov option [ 362.858338][T11298] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 362.932597][T11298] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 362.976058][T11373] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 363.004504][ T13] bridge_slave_1: left allmulticast mode [ 363.010189][ T13] bridge_slave_1: left promiscuous mode [ 363.171678][ T30] audit: type=1804 audit(1751636630.638:62): pid=11373 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.1657" name="/newroot/176/file1/bus" dev="loop3" ino=18 res=1 errno=0 [ 363.213605][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 363.234167][ T5857] Bluetooth: hci2: command tx timeout [ 363.259838][ T13] bridge_slave_0: left allmulticast mode [ 363.297758][ T13] bridge_slave_0: left promiscuous mode [ 363.304747][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 363.877259][ T8366] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 364.104491][T11386] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 364.160450][T11386] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 364.196365][T11386] kvm: requested 12571 ns i8254 timer period limited to 200000 ns [ 364.224220][T11386] kvm: requested 12571 ns i8254 timer period limited to 200000 ns [ 364.259725][T11386] kvm: requested 85485 ns i8254 timer period limited to 200000 ns [ 364.283044][T11386] kvm: requested 93028 ns i8254 timer period limited to 200000 ns [ 364.317223][T11386] kvm: requested 7542 ns i8254 timer period limited to 200000 ns [ 364.378725][T11386] kvm: requested 10057 ns i8254 timer period limited to 200000 ns [ 364.405039][T11386] kvm: requested 155047 ns i8254 timer period limited to 200000 ns [ 364.425905][T11386] kvm: requested 160914 ns i8254 timer period limited to 200000 ns [ 365.512816][ T5857] Bluetooth: hci2: command tx timeout [ 365.914985][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 365.966308][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 365.994234][ T13] bond0 (unregistering): Released all slaves [ 366.404209][T11298] hsr_slave_0: entered promiscuous mode [ 366.420306][T11298] hsr_slave_1: entered promiscuous mode [ 366.437195][T11298] debugfs: 'hsr0' already exists in 'hsr' [ 366.447787][T11298] Cannot create hsr debugfs directory [ 367.156174][ T13] hsr_slave_0: left promiscuous mode [ 367.185082][ T13] hsr_slave_1: left promiscuous mode [ 367.205556][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 367.231472][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 367.289705][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 367.330018][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 367.552974][ T5857] Bluetooth: hci2: command tx timeout [ 367.641745][T11474] loop3: detected capacity change from 0 to 40427 [ 367.664761][T11474] F2FS-fs (loop3): invalid crc value [ 367.711315][ T13] veth1_macvtap: left promiscuous mode [ 367.733180][ T13] veth0_macvtap: left promiscuous mode [ 367.738900][ T13] veth1_vlan: left promiscuous mode [ 367.759602][ T13] veth0_vlan: left promiscuous mode [ 367.810775][T11474] F2FS-fs (loop3): Start checkpoint disabled! [ 367.821259][T11474] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6 [ 367.918499][ T36] kworker/u8:2: attempt to access beyond end of device [ 367.918499][ T36] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 367.976265][ T36] CPU: 1 UID: 0 PID: 36 Comm: kworker/u8:2 Not tainted 6.16.0-rc4-next-20250704-syzkaller #0 PREEMPT(full) [ 367.976294][ T36] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 367.976307][ T36] Workqueue: writeback wb_workfn (flush-7:3) [ 367.976350][ T36] Call Trace: [ 367.976359][ T36] [ 367.976368][ T36] dump_stack_lvl+0x189/0x250 [ 367.976398][ T36] ? __pfx_dump_stack_lvl+0x10/0x10 [ 367.976417][ T36] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 367.976442][ T36] ? __pfx_queue_work_on+0x10/0x10 [ 367.976464][ T36] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 367.976487][ T36] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 367.976512][ T36] ? f2fs_hw_is_readonly+0x39b/0x470 [ 367.976549][ T36] f2fs_handle_critical_error+0x37c/0x540 [ 367.976586][ T36] f2fs_write_end_io+0x495/0x810 [ 367.976605][ T36] ? blkg_put+0x22/0x240 [ 367.976644][ T36] __submit_merged_bio+0x27a/0x6a0 [ 367.976683][ T36] __submit_merged_write_cond+0x255/0x530 [ 367.976720][ T36] f2fs_write_data_pages+0x261d/0x3000 [ 367.976792][ T36] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 367.976811][ T36] ? __local_bh_enable_ip+0x12d/0x1c0 [ 367.976847][ T36] ? rcu_is_watching+0x15/0xb0 [ 367.976949][ T36] ? __asan_memset+0x22/0x50 [ 367.976969][ T36] ? bpf_send_signal_common+0x407/0x540 [ 367.977015][ T36] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 367.977039][ T36] do_writepages+0x32e/0x550 [ 367.977069][ T36] ? reacquire_held_locks+0x127/0x1d0 [ 367.977089][ T36] ? writeback_sb_inodes+0x384/0x1010 [ 367.977123][ T36] __writeback_single_inode+0x145/0xff0 [ 367.977146][ T36] ? do_raw_spin_unlock+0x122/0x240 [ 367.977177][ T36] writeback_sb_inodes+0x6c7/0x1010 [ 367.977235][ T36] ? __pfx_writeback_sb_inodes+0x10/0x10 [ 367.977311][ T36] ? rcu_is_watching+0x15/0xb0 [ 367.977344][ T36] wb_writeback+0x43b/0xaf0 [ 367.977377][ T36] ? queue_io+0x3d1/0x590 [ 367.977403][ T36] ? __pfx_wb_writeback+0x10/0x10 [ 367.977436][ T36] ? _raw_spin_unlock_irq+0x23/0x50 [ 367.977466][ T36] wb_workfn+0x409/0xef0 [ 367.977513][ T36] ? __pfx_wb_workfn+0x10/0x10 [ 367.977549][ T36] ? __lock_acquire+0xab9/0xd20 [ 367.977594][ T36] ? process_scheduled_works+0x9ef/0x17b0 [ 367.977622][ T36] ? _raw_spin_unlock_irq+0x23/0x50 [ 367.977643][ T36] ? process_scheduled_works+0x9ef/0x17b0 [ 367.977660][ T36] ? process_scheduled_works+0x9ef/0x17b0 [ 367.977683][ T36] process_scheduled_works+0xae1/0x17b0 [ 367.977742][ T36] ? __pfx_process_scheduled_works+0x10/0x10 [ 367.977790][ T36] worker_thread+0x8a0/0xda0 [ 367.977846][ T36] kthread+0x70e/0x8a0 [ 367.977875][ T36] ? __pfx_worker_thread+0x10/0x10 [ 367.977894][ T36] ? __pfx_kthread+0x10/0x10 [ 367.977921][ T36] ? _raw_spin_unlock_irq+0x23/0x50 [ 367.977943][ T36] ? lockdep_hardirqs_on+0x9c/0x150 [ 367.977965][ T36] ? __pfx_kthread+0x10/0x10 [ 367.977991][ T36] ret_from_fork+0x3fc/0x770 [ 367.978015][ T36] ? __pfx_ret_from_fork+0x10/0x10 [ 367.978043][ T36] ? __switch_to_asm+0x39/0x70 [ 367.978066][ T36] ? __switch_to_asm+0x33/0x70 [ 367.978088][ T36] ? __pfx_kthread+0x10/0x10 [ 367.978114][ T36] ret_from_fork_asm+0x1a/0x30 [ 367.978159][ T36] [ 367.978168][ T36] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 371.715418][ T13] team0 (unregistering): Port device team_slave_1 removed [ 371.792427][ T13] team0 (unregistering): Port device team_slave_0 removed [ 371.974917][T11516] netlink: 'syz.3.1689': attribute type 11 has an invalid length. [ 372.394188][T11518] netlink: 240 bytes leftover after parsing attributes in process `syz.7.1690'. [ 372.602037][T11523] overlayfs: failed to clone upperpath [ 374.470206][T11298] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 374.625837][T11298] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 374.656926][T11298] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 374.760849][T11298] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 374.953816][T11215] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 375.037070][T11215] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 375.063265][T11215] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 375.175271][T11215] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 375.283885][T11566] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1707'. [ 375.315775][T11566] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1707'. [ 375.487470][T11298] 8021q: adding VLAN 0 to HW filter on device bond0 [ 375.745336][T11215] 8021q: adding VLAN 0 to HW filter on device bond0 [ 375.753921][T11581] batadv_slave_0: entered promiscuous mode [ 375.759759][T11581] batadv_slave_0: left allmulticast mode [ 375.830133][T11298] 8021q: adding VLAN 0 to HW filter on device team0 [ 376.516979][T11457] bridge0: port 1(bridge_slave_0) entered blocking state [ 376.524174][T11457] bridge0: port 1(bridge_slave_0) entered forwarding state [ 376.590343][T11215] 8021q: adding VLAN 0 to HW filter on device team0 [ 376.672640][T11457] bridge0: port 2(bridge_slave_1) entered blocking state [ 376.679859][T11457] bridge0: port 2(bridge_slave_1) entered forwarding state [ 376.725018][T11457] bridge0: port 1(bridge_slave_0) entered blocking state [ 376.732263][T11457] bridge0: port 1(bridge_slave_0) entered forwarding state [ 376.808509][T11457] bridge0: port 2(bridge_slave_1) entered blocking state [ 376.815753][T11457] bridge0: port 2(bridge_slave_1) entered forwarding state [ 376.880637][T11588] overlayfs: failed to clone upperpath [ 378.556574][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.575608][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.702161][T11609] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 378.825470][T11215] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 378.908515][T11609] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 379.211608][T11298] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 379.318331][T11609] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 379.365069][T11215] veth0_vlan: entered promiscuous mode [ 379.402340][T11215] veth1_vlan: entered promiscuous mode [ 379.494900][T11609] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 379.590074][T11215] veth0_macvtap: entered promiscuous mode [ 379.640785][T11215] veth1_macvtap: entered promiscuous mode [ 379.932283][T11215] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 379.962608][T11467] netdevsim netdevsim7 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 379.988442][T11215] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 380.083551][ T13] netdevsim netdevsim7 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 380.097809][ T13] netdevsim netdevsim7 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 380.144678][ T13] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 380.160927][ T13] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 380.242413][ T13] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 380.267696][ T13] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 380.325092][T11448] netdevsim netdevsim7 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 380.369990][T11298] veth0_vlan: entered promiscuous mode [ 380.419338][T11298] veth1_vlan: entered promiscuous mode [ 380.484346][T11467] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 380.492196][T11467] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 380.541444][T11467] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 380.573265][T11467] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 380.617248][T11298] veth0_macvtap: entered promiscuous mode [ 380.632448][T11298] veth1_macvtap: entered promiscuous mode [ 380.712463][T11298] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 380.748090][T11298] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 380.774566][ T13] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 380.809332][ T13] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 380.822549][ T13] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 380.836424][T11638] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1599'. [ 380.874283][ T13] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 381.055884][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 381.076142][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 381.138589][T11448] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 381.147869][T11448] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 382.472761][ T5942] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 382.652231][ T5942] usb 6-1: Using ep0 maxpacket: 8 [ 382.674831][ T5942] usb 6-1: config index 0 descriptor too short (expected 301, got 45) [ 383.030796][ T5942] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 383.062124][ T5942] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 383.072241][ T5942] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 383.082568][ T5942] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 383.095982][ T5942] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 383.105710][ T5942] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 383.445546][ T5942] usb 6-1: usb_control_msg returned -32 [ 383.451180][ T5942] usbtmc 6-1:16.0: can't read capabilities [ 385.316345][ T5942] usb 6-1: USB disconnect, device number 3 [ 385.435566][T11704] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1744'. [ 386.120025][T11710] loop5: detected capacity change from 0 to 256 [ 386.788510][ T30] audit: type=1326 audit(1751636654.258:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11711 comm="syz.3.1748" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f8de398e929 code=0x0 [ 387.866111][T11728] netlink: 'syz.3.1753': attribute type 12 has an invalid length. [ 387.922800][T11728] netlink: 'syz.3.1753': attribute type 29 has an invalid length. [ 387.953256][T11728] netlink: 148 bytes leftover after parsing attributes in process `syz.3.1753'. [ 388.039221][T11728] netlink: 'syz.3.1753': attribute type 1 has an invalid length. [ 388.184391][T11728] netlink: 'syz.3.1753': attribute type 2 has an invalid length. [ 388.330522][T11728] netlink: 39 bytes leftover after parsing attributes in process `syz.3.1753'. [ 388.785092][T11735] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1755'. [ 391.909358][T11785] loop2: detected capacity change from 0 to 512 [ 391.961636][T11785] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 392.017404][T11786] macvlan2: entered promiscuous mode [ 392.050697][T11785] EXT4-fs (loop2): invalid journal inode [ 392.079516][T11785] EXT4-fs (loop2): can't get journal size [ 392.086764][T11786] macvlan2: entered allmulticast mode [ 392.123465][T11786] batadv0: entered promiscuous mode [ 392.172631][T11786] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 392.190440][T11786] bond0: (slave macvlan2): Enslaving as an active interface with an up link [ 392.235680][T11785] EXT4-fs (loop2): 1 truncate cleaned up [ 392.254387][T11785] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 392.673798][T11215] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 392.764145][T11801] wg2: entered promiscuous mode [ 392.771885][T11801] wg2: entered allmulticast mode [ 392.777080][ T9] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 393.088238][ T9] usb 6-1: Using ep0 maxpacket: 32 [ 393.285873][ T9] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 9 [ 393.297895][ T9] usb 6-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 393.307314][ T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 393.317728][ T9] usb 6-1: Product: syz [ 393.322552][ T9] usb 6-1: Manufacturer: syz [ 393.327418][ T9] usb 6-1: SerialNumber: syz [ 393.335156][ T9] usb 6-1: config 0 descriptor?? [ 393.340983][T11797] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 393.370477][ T9] input: syz syz as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/input/input13 [ 393.464877][T11813] syz.3.1778: attempt to access beyond end of device [ 393.464877][T11813] nbd3: rw=0, sector=2, nr_sectors = 2 limit=0 [ 393.480625][T11813] vxfs: unable to read disk superblock at 1 [ 393.487208][T11813] syz.3.1778: attempt to access beyond end of device [ 393.487208][T11813] nbd3: rw=0, sector=16, nr_sectors = 2 limit=0 [ 393.500039][T11813] vxfs: unable to read disk superblock at 8 [ 393.505943][T11813] vxfs: can't find superblock. [ 393.934415][T11815] netlink: 40 bytes leftover after parsing attributes in process `syz.7.1779'. [ 394.056625][ T43] usb 6-1: USB disconnect, device number 4 [ 394.056641][ C0] usbtouchscreen 6-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19 [ 396.197400][T11851] loop2: detected capacity change from 0 to 256 [ 396.219629][T11851] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011a39, chksum : 0xd7c18d7b, utbl_chksum : 0xe619d30d) [ 397.869820][T11878] binder: 11877:11878 ioctl c0306201 2000000003c0 returned -14 [ 397.995078][T11886] syz_tun: entered allmulticast mode [ 398.017591][T11884] syz_tun: left allmulticast mode [ 399.652833][ T847] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 399.819412][ T847] usb 3-1: New USB device found, idVendor=0403, idProduct=6010, bcdDevice=c6.98 [ 399.858866][T11910] loop3: detected capacity change from 0 to 40427 [ 399.980448][ T847] usb 3-1: New USB device strings: Mfr=0, Product=8, SerialNumber=0 [ 399.998606][T11910] F2FS-fs (loop3): invalid crc value [ 400.037801][ T847] usb 3-1: Product: syz [ 400.073942][ T847] usb 3-1: config 0 descriptor?? [ 400.115540][ T847] ftdi_sio 3-1:0.0: FTDI USB Serial Device converter detected [ 400.163870][ T847] ftdi_sio ttyUSB0: unknown device type: 0xc698 [ 400.288688][T11910] F2FS-fs (loop3): Start checkpoint disabled! [ 400.319255][T11910] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6 [ 400.372749][ T847] usb 3-1: USB disconnect, device number 8 [ 400.383767][ T847] ftdi_sio 3-1:0.0: device disconnected [ 400.806765][T11910] F2FS-fs (loop3): ino:10, start:0, end:8192, need to trigger GC to reclaim enough free segment when checkpoint is enabled [ 400.892405][ T13] kworker/u8:1: attempt to access beyond end of device [ 400.892405][ T13] loop3: rw=1, sector=77824, nr_sectors = 408 limit=40427 [ 400.935863][ T13] kworker/u8:1: attempt to access beyond end of device [ 400.935863][ T13] loop3: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 401.059312][ T13] CPU: 0 UID: 0 PID: 13 Comm: kworker/u8:1 Not tainted 6.16.0-rc4-next-20250704-syzkaller #0 PREEMPT(full) [ 401.059342][ T13] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 401.059356][ T13] Workqueue: writeback wb_workfn (flush-7:3) [ 401.059392][ T13] Call Trace: [ 401.059400][ T13] [ 401.059409][ T13] dump_stack_lvl+0x189/0x250 [ 401.059440][ T13] ? __pfx_dump_stack_lvl+0x10/0x10 [ 401.059460][ T13] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 401.059485][ T13] ? __pfx_queue_work_on+0x10/0x10 [ 401.059509][ T13] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 401.059533][ T13] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 401.059559][ T13] ? f2fs_hw_is_readonly+0x39b/0x470 [ 401.059596][ T13] f2fs_handle_critical_error+0x37c/0x540 [ 401.059636][ T13] f2fs_write_end_io+0x495/0x810 [ 401.059656][ T13] ? blkg_put+0x22/0x240 [ 401.059696][ T13] __submit_merged_bio+0x27a/0x6a0 [ 401.059736][ T13] __submit_merged_write_cond+0x255/0x530 [ 401.059776][ T13] f2fs_write_data_pages+0x261d/0x3000 [ 401.059843][ T13] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 401.059970][ T13] ? f2fs_write_meta_pages+0x357/0x450 [ 401.060044][ T13] ? __lock_acquire+0xab9/0xd20 [ 401.060082][ T13] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 401.060105][ T13] do_writepages+0x32e/0x550 [ 401.060136][ T13] ? reacquire_held_locks+0x127/0x1d0 [ 401.060156][ T13] ? writeback_sb_inodes+0x384/0x1010 [ 401.060190][ T13] __writeback_single_inode+0x145/0xff0 [ 401.060214][ T13] ? do_raw_spin_unlock+0x122/0x240 [ 401.060245][ T13] writeback_sb_inodes+0x6c7/0x1010 [ 401.060301][ T13] ? __pfx_writeback_sb_inodes+0x10/0x10 [ 401.060381][ T13] ? rcu_is_watching+0x15/0xb0 [ 401.060414][ T13] wb_writeback+0x43b/0xaf0 [ 401.060448][ T13] ? queue_io+0x3d1/0x590 [ 401.060474][ T13] ? __pfx_wb_writeback+0x10/0x10 [ 401.060508][ T13] ? _raw_spin_unlock_irq+0x23/0x50 [ 401.060538][ T13] wb_workfn+0x409/0xef0 [ 401.060589][ T13] ? __pfx_wb_workfn+0x10/0x10 [ 401.060625][ T13] ? __lock_acquire+0xab9/0xd20 [ 401.060669][ T13] ? process_scheduled_works+0x9ef/0x17b0 [ 401.060698][ T13] ? _raw_spin_unlock_irq+0x23/0x50 [ 401.060719][ T13] ? process_scheduled_works+0x9ef/0x17b0 [ 401.060738][ T13] ? process_scheduled_works+0x9ef/0x17b0 [ 401.060760][ T13] process_scheduled_works+0xae1/0x17b0 [ 401.060820][ T13] ? __pfx_process_scheduled_works+0x10/0x10 [ 401.060864][ T13] worker_thread+0x8a0/0xda0 [ 401.060922][ T13] kthread+0x70e/0x8a0 [ 401.060951][ T13] ? __pfx_worker_thread+0x10/0x10 [ 401.060971][ T13] ? __pfx_kthread+0x10/0x10 [ 401.061004][ T13] ? _raw_spin_unlock_irq+0x23/0x50 [ 401.061027][ T13] ? lockdep_hardirqs_on+0x9c/0x150 [ 401.061049][ T13] ? __pfx_kthread+0x10/0x10 [ 401.061081][ T13] ret_from_fork+0x3fc/0x770 [ 401.061105][ T13] ? __pfx_ret_from_fork+0x10/0x10 [ 401.061133][ T13] ? __switch_to_asm+0x39/0x70 [ 401.061154][ T13] ? __switch_to_asm+0x33/0x70 [ 401.061177][ T13] ? __pfx_kthread+0x10/0x10 [ 401.061203][ T13] ret_from_fork_asm+0x1a/0x30 [ 401.061250][ T13] [ 401.061257][ T13] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 401.587989][ T13] CPU: 1 UID: 0 PID: 13 Comm: kworker/u8:1 Not tainted 6.16.0-rc4-next-20250704-syzkaller #0 PREEMPT(full) [ 401.588018][ T13] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 401.588031][ T13] Workqueue: writeback wb_workfn (flush-7:3) [ 401.588066][ T13] Call Trace: [ 401.588074][ T13] [ 401.588082][ T13] dump_stack_lvl+0x189/0x250 [ 401.588111][ T13] ? __pfx_dump_stack_lvl+0x10/0x10 [ 401.588131][ T13] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 401.588155][ T13] ? __pfx_queue_work_on+0x10/0x10 [ 401.588178][ T13] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 401.588201][ T13] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 401.588231][ T13] ? f2fs_hw_is_readonly+0x39b/0x470 [ 401.588264][ T13] f2fs_handle_critical_error+0x37c/0x540 [ 401.588301][ T13] f2fs_write_end_io+0x495/0x810 [ 401.588320][ T13] ? blkg_put+0x22/0x240 [ 401.588354][ T13] __submit_merged_bio+0x27a/0x6a0 [ 401.588388][ T13] __submit_merged_write_cond+0x255/0x530 [ 401.588423][ T13] f2fs_write_data_pages+0x261d/0x3000 [ 401.588481][ T13] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 401.588588][ T13] ? f2fs_write_meta_pages+0x357/0x450 [ 401.588620][ T13] ? __lock_acquire+0xab9/0xd20 [ 401.588653][ T13] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 401.588676][ T13] do_writepages+0x32e/0x550 [ 401.588704][ T13] ? reacquire_held_locks+0x127/0x1d0 [ 401.588724][ T13] ? writeback_sb_inodes+0x384/0x1010 [ 401.588756][ T13] __writeback_single_inode+0x145/0xff0 [ 401.588778][ T13] ? do_raw_spin_unlock+0x122/0x240 [ 401.588808][ T13] writeback_sb_inodes+0x6c7/0x1010 [ 401.588858][ T13] ? __pfx_writeback_sb_inodes+0x10/0x10 [ 401.588945][ T13] ? rcu_is_watching+0x15/0xb0 [ 401.588975][ T13] wb_writeback+0x43b/0xaf0 [ 401.589006][ T13] ? queue_io+0x3d1/0x590 [ 401.589028][ T13] ? __pfx_wb_writeback+0x10/0x10 [ 401.589057][ T13] ? _raw_spin_unlock_irq+0x23/0x50 [ 401.589086][ T13] wb_workfn+0x409/0xef0 [ 401.589129][ T13] ? __pfx_wb_workfn+0x10/0x10 [ 401.589162][ T13] ? __lock_acquire+0xab9/0xd20 [ 401.589201][ T13] ? process_scheduled_works+0x9ef/0x17b0 [ 401.589233][ T13] ? _raw_spin_unlock_irq+0x23/0x50 [ 401.589252][ T13] ? process_scheduled_works+0x9ef/0x17b0 [ 401.589268][ T13] ? process_scheduled_works+0x9ef/0x17b0 [ 401.589288][ T13] process_scheduled_works+0xae1/0x17b0 [ 401.589337][ T13] ? __pfx_process_scheduled_works+0x10/0x10 [ 401.589374][ T13] worker_thread+0x8a0/0xda0 [ 401.589418][ T13] kthread+0x70e/0x8a0 [ 401.589443][ T13] ? __pfx_worker_thread+0x10/0x10 [ 401.589461][ T13] ? __pfx_kthread+0x10/0x10 [ 401.589486][ T13] ? _raw_spin_unlock_irq+0x23/0x50 [ 401.589507][ T13] ? lockdep_hardirqs_on+0x9c/0x150 [ 401.589527][ T13] ? __pfx_kthread+0x10/0x10 [ 401.589550][ T13] ret_from_fork+0x3fc/0x770 [ 401.589572][ T13] ? __pfx_ret_from_fork+0x10/0x10 [ 401.589595][ T13] ? __switch_to_asm+0x39/0x70 [ 401.589618][ T13] ? __switch_to_asm+0x33/0x70 [ 401.589640][ T13] ? __pfx_kthread+0x10/0x10 [ 401.589663][ T13] ret_from_fork_asm+0x1a/0x30 [ 401.589701][ T13] [ 401.589935][ T13] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 401.657330][ T30] audit: type=1804 audit(1751636669.128:64): pid=11946 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.1824" name="/newroot/18/file0" dev="tmpfs" ino=112 res=1 errno=0 [ 402.887074][T11960] gfs2: gfs2 mount does not exist [ 403.354606][T11971] loop3: detected capacity change from 0 to 1024 [ 403.374522][T11971] hfsplus: Bad value for 'umask' [ 404.511117][T11979] loop3: detected capacity change from 0 to 256 [ 404.545763][ T30] audit: type=1326 audit(1751636672.008:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11950 comm="syz.8.1826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f189358e929 code=0x7ffc0000 [ 404.625667][T11979] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 404.662884][ T30] audit: type=1326 audit(1751636672.088:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11950 comm="syz.8.1826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f189358e929 code=0x7ffc0000 [ 404.792191][ T30] audit: type=1326 audit(1751636672.088:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11950 comm="syz.8.1826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f189358e929 code=0x7ffc0000 [ 404.919305][ T30] audit: type=1326 audit(1751636672.088:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11950 comm="syz.8.1826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f189358e929 code=0x7ffc0000 [ 405.040280][ T30] audit: type=1326 audit(1751636672.088:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11950 comm="syz.8.1826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f189358e929 code=0x7ffc0000 [ 405.151210][ T30] audit: type=1326 audit(1751636672.088:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11950 comm="syz.8.1826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f189358e929 code=0x7ffc0000 [ 405.239349][ T30] audit: type=1326 audit(1751636672.088:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11950 comm="syz.8.1826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=128 compat=0 ip=0x7f189358e929 code=0x7ffc0000 [ 405.256780][ T9] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 405.261797][ T30] audit: type=1326 audit(1751636672.138:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11950 comm="syz.8.1826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f189358e929 code=0x7ffc0000 [ 405.311808][ T30] audit: type=1326 audit(1751636672.138:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11950 comm="syz.8.1826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f189358e929 code=0x7ffc0000 [ 405.462012][ T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 405.478296][ T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 405.488662][ T9] usb 6-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00 [ 405.502537][ T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 405.520129][ T9] usb 6-1: config 0 descriptor?? [ 405.937942][ T9] hid-thrustmaster 0003:044F:B65D.0008: unknown main item tag 0x0 [ 406.055093][ T9] hid-thrustmaster 0003:044F:B65D.0008: hidraw0: USB HID v0.00 Device [HID 044f:b65d] on usb-dummy_hcd.5-1/input0 [ 406.078520][ T9] hid-thrustmaster 0003:044F:B65D.0008: Wrong number of endpoints? [ 406.378642][ C0] hid-thrustmaster 0003:044F:B65D.0008: URB to get model id failed with error -71 [ 406.388452][ T9] usb 6-1: USB disconnect, device number 5 [ 407.072425][T12030] overlayfs: metacopy with no lower data found - abort lookup (/bus) [ 410.773234][ T24] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 410.952786][ T24] usb 6-1: Using ep0 maxpacket: 16 [ 410.980951][ T24] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 411.012126][ T24] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 411.036874][ T24] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 411.065391][ T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 411.092137][ T24] usb 6-1: Product: syz [ 411.104274][ T24] usb 6-1: Manufacturer: syz [ 411.118684][ T24] usb 6-1: SerialNumber: syz [ 411.357033][ T24] usb 6-1: 0:2 : does not exist [ 411.367351][ T24] usb 6-1: 5:0: failed to get current value for ch 0 (-22) [ 411.407795][ T24] usb 6-1: USB disconnect, device number 6 [ 412.184252][T12098] syzkaller0: entered promiscuous mode [ 412.216311][T12098] syzkaller0: entered allmulticast mode [ 414.600226][T12153] netlink: 40 bytes leftover after parsing attributes in process `syz.8.1897'. [ 414.610903][T12153] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1897'. [ 414.652870][ T9] usb 3-1: new low-speed USB device number 9 using dummy_hcd [ 414.846953][ T9] usb 3-1: config 0 has an invalid interface number: 1 but max is 0 [ 414.862745][ T9] usb 3-1: config 0 has no interface number 0 [ 414.892164][ T9] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 59471, setting to 8 [ 414.932780][ T9] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 414.956558][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 414.969251][ T9] usb 3-1: config 0 descriptor?? [ 414.975542][T12146] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 414.998376][ T9] iowarrior 3-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 415.794714][ T43] usb 3-1: USB disconnect, device number 9 [ 416.518503][T12178] syz_tun: entered allmulticast mode [ 416.540051][T12178] dvmrp1: entered allmulticast mode [ 416.633073][T12177] syz_tun: left allmulticast mode [ 416.808667][T12190] batman_adv: batadv0: Local translation table size (128) exceeds maximum packet size (-320); Ignoring new local tt entry: 00:00:00:00:00:00 [ 418.393142][ T847] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 418.575803][ T847] usb 4-1: Using ep0 maxpacket: 16 [ 418.589822][ T847] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 418.603883][ T847] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 418.650476][ T847] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 418.667917][ T847] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 418.692762][ T847] usb 4-1: Product: syz [ 418.697895][T12226] overlayfs: failed to clone upperpath [ 418.706960][ T847] usb 4-1: Manufacturer: syz [ 418.728881][ T847] usb 4-1: SerialNumber: syz [ 418.993197][ T847] usb 4-1: 0:2 : does not exist [ 419.021064][ T847] usb 4-1: 5:0: failed to get current value for ch 0 (-22) [ 419.129440][ T847] usb 4-1: USB disconnect, device number 5 [ 419.279662][T12240] netlink: 24 bytes leftover after parsing attributes in process `syz.8.1928'. [ 419.289528][T12240] netlink: 24 bytes leftover after parsing attributes in process `syz.8.1928'. [ 419.363775][T12246] Bluetooth: MGMT ver 1.23 [ 419.431339][T12244] netlink: 'syz.7.1930': attribute type 5 has an invalid length. [ 419.773134][T12258] 9pnet_fd: Insufficient options for proto=fd [ 419.874326][ T847] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 420.060055][ T847] usb 4-1: Using ep0 maxpacket: 32 [ 420.074279][ T847] usb 4-1: config 0 interface 0 altsetting 4 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 420.098333][ T847] usb 4-1: config 0 interface 0 has no altsetting 0 [ 420.119128][ T847] usb 4-1: New USB device found, idVendor=5543, idProduct=0781, bcdDevice= 0.00 [ 420.149174][ T847] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 420.174690][ T847] usb 4-1: config 0 descriptor?? [ 420.702939][T12287] ------------[ cut here ]------------ [ 420.708474][T12287] verifier bug: REG INVARIANTS VIOLATION (true_reg1): range bounds violation u64=[0x1f, 0x1f] s64=[0x1f, 0x1f] u32=[0x1f, 0x17] s32=[0x1f, 0x1f] var_off=(0x1f, 0x0)(1) [ 420.725565][T12287] WARNING: kernel/bpf/verifier.c:2689 at reg_bounds_sanity_check+0x6e6/0xc20, CPU#0: syz.8.1945/12287 [ 420.736623][T12287] Modules linked in: [ 420.740594][T12287] CPU: 0 UID: 0 PID: 12287 Comm: syz.8.1945 Not tainted 6.16.0-rc4-next-20250704-syzkaller #0 PREEMPT(full) [ 420.752270][T12287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 420.762518][T12287] RIP: 0010:reg_bounds_sanity_check+0x6e6/0xc20 [ 420.768929][T12287] Code: 24 20 4c 8b 44 24 60 4c 8b 4c 24 58 41 ff 75 00 53 41 57 55 ff 74 24 38 ff 74 24 70 ff 74 24 40 e8 8f 6d aa ff 48 83 c4 38 90 <0f> 0b 90 90 48 bb 00 00 00 00 00 fc ff df 4d 89 f7 4c 8b 74 24 08 [ 420.788617][T12287] RSP: 0018:ffffc9000cbf6f28 EFLAGS: 00010286 [ 420.794905][T12287] RAX: 9e36352a9e19a400 RBX: 000000000000001f RCX: 0000000000080000 [ 420.803957][T12287] RDX: ffffc9001538d000 RSI: 00000000000604c7 RDI: 00000000000604c8 [ 420.811947][T12287] RBP: 000000000000001f R08: 0000000000000003 R09: 0000000000000004 [ 420.820740][T12287] R10: dffffc0000000000 R11: fffffbfff1bfa430 R12: ffff88804da4a168 [ 420.828780][T12287] R13: ffff88804da4a188 R14: ffff88804da4a1a0 R15: 000000000000001f [ 420.836887][T12287] FS: 00007f18944546c0(0000) GS:ffff888125be7000(0000) knlGS:0000000000000000 [ 420.845880][T12287] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 420.852489][T12287] CR2: 00007f1894453f98 CR3: 0000000079e3c000 CR4: 00000000003526f0 [ 420.860525][T12287] DR0: 0000000000000007 DR1: 0000000000000002 DR2: 0000000000000008 [ 420.868586][T12287] DR3: 1000000100000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400 [ 420.876610][T12287] Call Trace: [ 420.879911][T12287] [ 420.882914][T12287] reg_set_min_max+0x214/0x300 [ 420.887717][T12287] check_cond_jmp_op+0x1625/0x2910 [ 420.892921][T12287] ? kfree+0x4d/0x440 [ 420.896936][T12287] ? __pfx_check_cond_jmp_op+0x10/0x10 [ 420.902428][T12287] ? push_jmp_history+0x1dd/0x6f0 [ 420.908524][T12287] do_check+0x672a/0xe300 [ 420.913701][T12287] ? __pfx_do_check+0x10/0x10 [ 420.918456][T12287] ? init_func_state+0x1ddf/0x2d20 [ 420.923670][T12287] do_check_common+0x188f/0x23f0 [ 420.928679][T12287] bpf_check+0x1746a/0x1d2e0 [ 420.933327][T12287] ? lockdep_hardirqs_on+0x9c/0x150 [ 420.938583][T12287] ? __schedule+0x1713/0x4d00 [ 420.943356][T12287] ? preempt_schedule_irq+0xb5/0x150 [ 420.948698][T12287] ? __pfx___schedule+0x10/0x10 [ 420.953658][T12287] ? rcu_is_watching+0x15/0xb0 [ 420.958470][T12287] ? trace_irq_disable+0x37/0x110 [ 420.963583][T12287] ? preempt_schedule_irq+0xde/0x150 [ 420.968933][T12287] ? __lock_acquire+0xab9/0xd20 [ 420.973892][T12287] ? __pfx_bpf_check+0x10/0x10 [ 420.978712][T12287] ? ktime_get_with_offset+0x8c/0x2a0 [ 420.984226][T12287] ? seqcount_lockdep_reader_access+0x123/0x1c0 [ 420.990532][T12287] ? lockdep_hardirqs_on+0x9c/0x150 [ 420.995946][T12287] ? ktime_get_with_offset+0x8c/0x2a0 [ 421.001379][T12287] ? seqcount_lockdep_reader_access+0x175/0x1c0 [ 421.008618][T12287] ? __pfx_seqcount_lockdep_reader_access+0x10/0x10 [ 421.016114][T12287] ? __asan_memset+0x22/0x50 [ 421.020781][T12287] ? bpf_obj_name_cpy+0x194/0x1e0 [ 421.025906][T12287] ? bpf_lsm_bpf_prog_load+0x9/0x20 [ 421.031148][T12287] ? security_bpf_prog_load+0x7f/0x310 [ 421.036716][T12287] bpf_prog_load+0x1318/0x1930 [ 421.041556][T12287] ? __pfx_bpf_prog_load+0x10/0x10 [ 421.046802][T12287] ? irqentry_exit+0x74/0x90 [ 421.051468][T12287] ? rep_movs_alternative+0x4a/0x90 [ 421.056788][T12287] ? bpf_lsm_bpf+0x9/0x20 [ 421.061170][T12287] ? security_bpf+0x7e/0x300 [ 421.065867][T12287] __sys_bpf+0x528/0x870 [ 421.070171][T12287] ? __pfx___sys_bpf+0x10/0x10 [ 421.075246][T12287] ? exc_page_fault+0x76/0xf0 [ 421.080066][T12287] __x64_sys_bpf+0x7c/0x90 [ 421.084572][T12287] do_syscall_64+0xfa/0x3b0 [ 421.089098][T12287] ? lockdep_hardirqs_on+0x9c/0x150 [ 421.094393][T12287] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 421.100480][T12287] ? clear_bhb_loop+0x60/0xb0 [ 421.105281][T12287] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 421.112124][T12287] RIP: 0033:0x7f189358e929 [ 421.117503][T12287] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 421.137195][T12287] RSP: 002b:00007f1894454038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 421.145693][T12287] RAX: ffffffffffffffda RBX: 00007f18937b6160 RCX: 00007f189358e929 [ 421.153944][T12287] RDX: 0000000000000048 RSI: 00002000000017c0 RDI: 0000000000000005 [ 421.161939][T12287] RBP: 00007f1893610b39 R08: 0000000000000000 R09: 0000000000000000 [ 421.170007][T12287] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 421.178029][T12287] R13: 0000000000000001 R14: 00007f18937b6160 R15: 00007ffd0123b168 [ 421.186094][T12287] [ 421.189138][T12287] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 421.196429][T12287] CPU: 0 UID: 0 PID: 12287 Comm: syz.8.1945 Not tainted 6.16.0-rc4-next-20250704-syzkaller #0 PREEMPT(full) [ 421.207988][T12287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 421.218061][T12287] Call Trace: [ 421.221376][T12287] [ 421.224318][T12287] dump_stack_lvl+0x99/0x250 [ 421.228929][T12287] ? __asan_memcpy+0x40/0x70 [ 421.233538][T12287] ? __pfx_dump_stack_lvl+0x10/0x10 [ 421.238757][T12287] ? __pfx__printk+0x10/0x10 [ 421.243415][T12287] panic+0x2db/0x790 [ 421.247332][T12287] ? __pfx_panic+0x10/0x10 [ 421.251784][T12287] __warn+0x334/0x4c0 [ 421.255786][T12287] ? reg_bounds_sanity_check+0x6e6/0xc20 [ 421.261435][T12287] ? reg_bounds_sanity_check+0x6e6/0xc20 [ 421.267086][T12287] report_bug+0x2be/0x4f0 [ 421.271434][T12287] ? reg_bounds_sanity_check+0x6e6/0xc20 [ 421.277080][T12287] ? reg_bounds_sanity_check+0x6e6/0xc20 [ 421.282723][T12287] ? reg_bounds_sanity_check+0x6e8/0xc20 [ 421.288357][T12287] handle_bug+0x84/0x160 [ 421.292600][T12287] exc_invalid_op+0x1a/0x50 [ 421.297100][T12287] asm_exc_invalid_op+0x1a/0x20 [ 421.301952][T12287] RIP: 0010:reg_bounds_sanity_check+0x6e6/0xc20 [ 421.308190][T12287] Code: 24 20 4c 8b 44 24 60 4c 8b 4c 24 58 41 ff 75 00 53 41 57 55 ff 74 24 38 ff 74 24 70 ff 74 24 40 e8 8f 6d aa ff 48 83 c4 38 90 <0f> 0b 90 90 48 bb 00 00 00 00 00 fc ff df 4d 89 f7 4c 8b 74 24 08 [ 421.327796][T12287] RSP: 0018:ffffc9000cbf6f28 EFLAGS: 00010286 [ 421.333860][T12287] RAX: 9e36352a9e19a400 RBX: 000000000000001f RCX: 0000000000080000 [ 421.341827][T12287] RDX: ffffc9001538d000 RSI: 00000000000604c7 RDI: 00000000000604c8 [ 421.349789][T12287] RBP: 000000000000001f R08: 0000000000000003 R09: 0000000000000004 [ 421.357755][T12287] R10: dffffc0000000000 R11: fffffbfff1bfa430 R12: ffff88804da4a168 [ 421.365720][T12287] R13: ffff88804da4a188 R14: ffff88804da4a1a0 R15: 000000000000001f [ 421.373716][T12287] reg_set_min_max+0x214/0x300 [ 421.378480][T12287] check_cond_jmp_op+0x1625/0x2910 [ 421.383623][T12287] ? kfree+0x4d/0x440 [ 421.387601][T12287] ? __pfx_check_cond_jmp_op+0x10/0x10 [ 421.393060][T12287] ? push_jmp_history+0x1dd/0x6f0 [ 421.398088][T12287] do_check+0x672a/0xe300 [ 421.402464][T12287] ? __pfx_do_check+0x10/0x10 [ 421.407137][T12287] ? init_func_state+0x1ddf/0x2d20 [ 421.412252][T12287] do_check_common+0x188f/0x23f0 [ 421.417200][T12287] bpf_check+0x1746a/0x1d2e0 [ 421.421783][T12287] ? lockdep_hardirqs_on+0x9c/0x150 [ 421.426993][T12287] ? __schedule+0x1713/0x4d00 [ 421.431678][T12287] ? preempt_schedule_irq+0xb5/0x150 [ 421.436964][T12287] ? __pfx___schedule+0x10/0x10 [ 421.441821][T12287] ? rcu_is_watching+0x15/0xb0 [ 421.446582][T12287] ? trace_irq_disable+0x37/0x110 [ 421.451609][T12287] ? preempt_schedule_irq+0xde/0x150 [ 421.456895][T12287] ? __lock_acquire+0xab9/0xd20 [ 421.461750][T12287] ? __pfx_bpf_check+0x10/0x10 [ 421.466514][T12287] ? ktime_get_with_offset+0x8c/0x2a0 [ 421.471884][T12287] ? seqcount_lockdep_reader_access+0x123/0x1c0 [ 421.478117][T12287] ? lockdep_hardirqs_on+0x9c/0x150 [ 421.483311][T12287] ? ktime_get_with_offset+0x8c/0x2a0 [ 421.488676][T12287] ? seqcount_lockdep_reader_access+0x175/0x1c0 [ 421.494914][T12287] ? __pfx_seqcount_lockdep_reader_access+0x10/0x10 [ 421.501510][T12287] ? __asan_memset+0x22/0x50 [ 421.506091][T12287] ? bpf_obj_name_cpy+0x194/0x1e0 [ 421.511106][T12287] ? bpf_lsm_bpf_prog_load+0x9/0x20 [ 421.516297][T12287] ? security_bpf_prog_load+0x7f/0x310 [ 421.521763][T12287] bpf_prog_load+0x1318/0x1930 [ 421.526537][T12287] ? __pfx_bpf_prog_load+0x10/0x10 [ 421.531648][T12287] ? irqentry_exit+0x74/0x90 [ 421.536248][T12287] ? rep_movs_alternative+0x4a/0x90 [ 421.541437][T12287] ? bpf_lsm_bpf+0x9/0x20 [ 421.545755][T12287] ? security_bpf+0x7e/0x300 [ 421.550347][T12287] __sys_bpf+0x528/0x870 [ 421.554590][T12287] ? __pfx___sys_bpf+0x10/0x10 [ 421.559362][T12287] ? exc_page_fault+0x76/0xf0 [ 421.564046][T12287] __x64_sys_bpf+0x7c/0x90 [ 421.568457][T12287] do_syscall_64+0xfa/0x3b0 [ 421.572960][T12287] ? lockdep_hardirqs_on+0x9c/0x150 [ 421.578154][T12287] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 421.584209][T12287] ? clear_bhb_loop+0x60/0xb0 [ 421.588881][T12287] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 421.594766][T12287] RIP: 0033:0x7f189358e929 [ 421.599171][T12287] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 421.618768][T12287] RSP: 002b:00007f1894454038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 421.627175][T12287] RAX: ffffffffffffffda RBX: 00007f18937b6160 RCX: 00007f189358e929 [ 421.635142][T12287] RDX: 0000000000000048 RSI: 00002000000017c0 RDI: 0000000000000005 [ 421.643112][T12287] RBP: 00007f1893610b39 R08: 0000000000000000 R09: 0000000000000000 [ 421.651073][T12287] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 421.659035][T12287] R13: 0000000000000001 R14: 00007f18937b6160 R15: 00007ffd0123b168 [ 421.667015][T12287] [ 421.670261][T12287] Kernel Offset: disabled [ 421.674576][T12287] Rebooting in 86400 seconds..