last executing test programs: 15m43.827483309s ago: executing program 32 (id=26): syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000000000)='./file1\x00', 0x8, &(0x7f0000000300), 0x1, 0x55ae, &(0x7f000000ac40)="$eJzs3X9snHUdB/DnruvaFdeWMOuArGwDJFtEOjdNCCR2bNNpYTnphE3I+gNH0DmtY8NVCCtinIERijWMwQoLbn9MEYqucyiJBewqul8IJtNFBbPFNWOkOBExYTG9u+d299zaHhMpwuu1tM/zvc/z/d73njx/3PvW73MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABEHwx+N3TL/t3roJ26+ru++8a85e+2D3kuMX3rq1avND20v2dTz31aNVq1qPLF1w0/2JpkfW93d3BkEs2S+W7t9w2fwrr69vuKI0HLDxc6ltZeVQT5nq+mKqMTbnwcF+uT9NQRAURwYoSm/npXfiOQNkdlfkDzisayf1tE4dP69x28qujc8uu3xL/ktnUOloT2C0pK+rgyeupdrk73jkiEw769KL5Vyiqf7RC+4deREAwFtSk0huMm9H029xM+22aD3Sro202yPt8B1Ce3bjVKTGHTvUPCdH66M0z9pUVCgZcp6Revr8Z9qJaP9IOxI13sI8cw9NR5rSoebZEqmP1jwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3k0uuH5m/d49D7/8ldbf/u7h17/16sePrGq8ZaC7/qJ1ix/v2PG9vx2tWtV6ZOmCm+5PND2yvr+7Mwgqk/1iqe6xZ6ri8ZkDddseu6e3puFDC9cUpccNt2OyDg72hzsXVwRBc1blYDhsf3kQJHILyWawIb/wpeTOZ8ICAAAA7yVnJn/HM+1UHCzOaceSaTKW/BdKhcVrJ/W0Th0/r3Hbyq6Nzy67fMupj5cYYrzak46XaVee+IllBeMw/kbHO1EPD12RN87woiNG8/zpx/qnNdfdUHrl7gsWzphdv+XS4CfTD3csX3TfhBfHL9nXXpOX/yuHz//hmZP/AQAA+G/I/9FxhjdS/m+uqZh0cOp3ix67rur44fkP/Lyz7/kn4w8VD3Q//dLYcbf9cnVe/p+c85R5+T+ccZj/48Gp5X8AAAB4N/tf5//avHGGN1L+/8X+zZ//98pvTDk84187Xnj69xdvnVI+/7WyGTe8+cSCVxp2tf0pL//XFJb/x2RPO3xwVzjhZRVBUFP4SQUAAAByhP/vfuKjhTCvpz45iOb1y+4qe3LXG+tvjJ/V8o8zFvfPqv7i7tVf37ApNrChc92O5XNX5OX/2sLyf/E783IBAACAAvxm+y13V395ydYtew7N2XFnYvPYS+a+uuennVf1vXwsUfT8zX15+T9RWP4vGZ2XAwAAAJzEU+MmPnfo0UNfm7177YS9q9rmPD5t3+qFD/xz9t+veOnPxzddWJ6X/xsLy/9l6W165UOq087wrxA6KoKgdHCnJVXoC9o/mSkAAAAAb5Mwpzc1revduX7MrNfOPvzDNSuW/2rvpd++a2P1zQd+XXX7ucf2996Yl/9bhr//f3ing3D9f879//LW/2cVUnf9u8SNAQAAAHg/yl/PH94eP/XNBUN9/36h6/8/euaBko7m8ysnx7dVz3rig31Xra1+fVHHRZ/YfusbH46V//VTefm/rbD8X5S9fTu//w8AAABOwf/b9/8tzhtneCPd/79v3DPnrPnsPT+o/WbZU+e+eXfzd9oPTj9v87QzPlJ0fvecmX/4fl7+by8s/4fb07JfXk94fm6vCIKJgzvpuwluDae7LFLoKs4qpE58pEd92CNd6CrJKiS1RHp8rCIIpgzutEUKp4eF9khhoDxd2BQp7A0L6eshU3g0UugJr7R7y9PTjRZ+FhbSCyy6whUUp2WWRER6HBuqx2DhpD0OZJ4cAADgfSUMz+ksW5zbDKJRtis20gFlIx0QH+mAopEOGBM5IHrgUI8HjbmF8PEfz+1e+so1D9b1Xt1w9KzZe5bc0faBnkW9O7/wo55z/nL1Cws/nZf/NxWW/8NTMTa1GWr9fxCu/09/r2Fm/X9jWKiMFLrCQiJ6x4BE+BypsHtn+ByViXSPgYmZAgAAALynhZ8LFI3yPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sHfvcVJVd4LATzf9oJum6YgBY4ygRkR3aZomGEQcUXRXo4tNJKtjhtAIjXZoAwq4YsyKr3GV6GLUmBjZwY+jJg6r+CDqRIXoiElGJfE5Kz4HnciqS9BR45gs++m+dYqqW112IaC0+/3+0XWqfud569F17r11LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/P/hsiX3Nrw58H9965ffW/f697409TdTD9m8y19uqHt3yDlPbT5ocN0tbw1asPCNtklnXtsyffk1G1YuDaGlq1xZUrzsoUHl5aP/cMxdt13xcNO0wVPOrcrUm4mHfp1/yjN3Loytvto/hLvLQqhIB0bUJYHKzP26WN8edSF8LmwJZEu01SYl0g2Hh2tCWBa2BLJV3VsTQl1OYMoTD666rDNxVU0I+4YQqtNtvFCdtFGTDgyrSgK16cCciiTw/uZENnBPeRKArVHV3YPxzZB90a9oyc/Q0H1lRV5/lR+3czuZ9PD6xERD8XxvHbaDO5Wj4Lls2aanrduXBttdwdtjtXdbL3i3FWznJZ623C9SmW8om7eEqkP5zLZZ0xd0zI+PlIfGxj7FatpBz/O6TefM2Jp0r3kdxg40bJfX4QO1k+ove3viwStP/uPp+85fO3Vbu/lczibNTe9o1SHzmus1z2M04dP7PNm8LYW3r539aSv4ljTUl64QwvF/+nzZM3Ne2n3jB6+eOPH2Fy6+etrCa6ZMfHbQL8b+47W73D3t8oL5f8NHz//jyznelufljq1+WJ/MzeMjdTGxsT6ZmwMAAECv0Rv2mn519KsvnfrQ3YteXH5cxXfH/eqk3eorzv5+x/G7rhz/xUuvbH98l4L5/9DSjv/HQ/51uaNdHcKErsQFA0LYrevxJPCz2J2TB4SwV1eqJT9wWCqwOoQvdCX2z1aVKtE3lhiaCvy+PhOYkAqsiYGWVODGGFiSClwYAytSgRkxsDoVODwGQnv+OA6oz4yj5EBNDLQmG3FFPAvhnfrYWmpbrctWBQAAsJ1kZoeV+XdzznXY1gxxermipqcM8QzsohmqUzWkZ7DZaVXRGip6qqG8pxqy41700cMvqLmsp5oLTsMoy8/w4ZDvlA+YuPeP7rpxxE3NL0787rtjj//Kn998d/X+//Tf7zln/nUHFMz/mz56/l/dTUfKCo7/hzC562/MXZ6JdGTjrS15GQAAAIBtcNVjS5+84YCj/s99L99355euvaF89dVf/7+vbLxg71HHDS/r+3ffXlEw/59Q2vn/cZ9In5zM4dG4G2L2gBCa8gNJtQcXBpKj3v0yAQAAAOgNssfjs8fC2zO3ySna6fl0Yf6WrcwfD/xP6Db/5Zv++tkvX/vkiQuH7bPhiv925gdlnx/7u12OXTvy8bf2HPYPDX0Lz/9vKe38/9r826QTa2IvrhwQQt+cwCOxl52BLkNj4OVD8wOZ8a+JG2BxrCpzYkK2qsWxRGsMNKUCy4qV+G22xG75gcyTlW38guw42jMlcgIAAADwiYu7A+Jx+Xj+/z2TD/jS/oNeGvPinvcufG3C0hNOrf3hPrfs+vqAjkljDpxwyBHPFMz/W7fu/P+ueXDB6f0d/UIYWRFCn/QPAx6tTRYGjIG6skzi/tqkrj7pqs6rDWF858DSVb2SWf+/Ir3G4BM1SVUxsNveP900rDNxQ00II3MDz3zz+jGdifmpQLbxb9SEMKRztOnGV/ZNGq9MN35N3xD2zAlkqzq5bwidjVWlq3qwOnMdg3RVt1WHMDAnkK3qwOoQFgYAeqn4r3Rm7oPzFp49e3pHR9sZOzAR9+HXhFntHW2NM+Z0zKwu0qeZqT7nLWN0XuGYSr3yzfOZJYqmDrl9eCnp7O8Em3LbyuzHLzhxMHM/fheq7Bpnc2Xe3dHpIQ/fp7CJkPNNqtiQy3fwkGtzK9nyJBbUH/NXhX6h74J5bWc0njV9/vwzRiV/S83enPyNh5mSbTUqva1qu+tbCS+PoqtlpXzcbbVfbiUj5582d+S8hWePaD9t+iltp7R9p3nsqObmMV8dO6Z5ZOeompK/PQx1v+6qTg118/Uljms7DnX3ipxKPolPDQkJid6WmL6k7PwJ0359/7f2WHPaWSft8fd7zBxx0l9d/pu5JzYeMvlX1//l2oL5/9yPnv/HT534yZ9Zn6HY8f+GeJg/eXzLYf7WGFhW6vH/hmJH87MnBgxNBRbFwCKH+QEAAPhsiLsj497MuFf6urp/uvvImTMOef+XJ0y5+m/Hjjv1rPX7Nlx89bFL/sP6d5asOuLtgvn/otJ+/7+d1v/PLl3/tWLL/O8fSzQVW/8/vcx/dv3/RcXW/08v859d/3/Zp7D+/4JsILVJ3rH+PwAA8Fnwya3/3+Py/ukLBBRk6HF5//QFAgoy9LiMf6kXCNjq9f/ndPxF7aDL54w7dMTcHz+yau8lA2/70vMTf73P0oNG3LvylvdG3Vow/19S2vzfwv0AAACw83jol32/ffG7w+5/6pH3jyy79Lcbbzr+r9oOOOQPA5tPmXx0zfdv+reC+f+y0ub/n/z6f6HY+f9DiwVaii0MaP0/AAAAeqli6//dPPDloavnj7jxsZ+/ectLrb+YOf61f7fkB1+ZPqzp5jXrftMwY33B/H9FafP/eNpFeV7u2JsP65M17UJ6TbuN9dmfDAAAAEDvUB4aGytLzJu3MuphH7/NdZmlQD8qnevp+watWlD+0FVl1Rt/cMm0QxrPPfbMOUdetP77tU/+pHZqY/UZBfP/1aXN//N+l/FA7aT6y96eePCHK0/+4+n7zl87dcvxfwAAAGDHKXW/BAAAAAAAAAAAAAAA8Ol7qnXpQR+MOvqNmXuN+tM3jn3hB4u/+M1H/ubaP5/588Pv26t987ApBb//D5O7yhX7/X+87l/8fcGuebljqz2v/5e5P+WYWxd2LVn4aH0I++QGZp8/+3Mhc23+/XIDq6buP7gzcX66xH0vHv5aZ2JaOnDUiF3e60yMTwVa4yKJX0gH4lUV3+ufCsTlFZ9MB+L2WJEOVGUCl/RPxlGW3lYb6pJtVZbeVs/VhTAgJ5DdVnfXJW2UpQd4VSqQHeDp6UAc4KRMoDzdq1v7Jb2KgbpY9G/6Jb0CAGCnFb8FVoZZ7R1tTfErfLzdvSL/Nspbsuy8wmrLSmz++czSZFOH3D68lHSf9HfRLdcarwzVnUMYVfB1NTdLWdcot08tPWy6XYsMuafV3sqLlEvb2k1XVXxENcmIGmfM6ZhZ2ePAR/ecpbmixyyjCiY7uVnKuzZpCbWU0JcSRlTitimhy/F+eWhs7JPKNS4GG0Kenl4Rpf5eP3edv2Kvgtw8f1tz7aV9Bvd5/9/GX/TQgwMqO06d3HbR7o/988BRM3/8wwdbr/l9wfy/obT5f3XuuN7LXAxgUbyy3sEDQmgtcUQAAADw2fc/z11+x4lz1myYtbri2d/9bnb5cSdWbj7nrnPOvui5+xcfdcm/v3lb4yvKntp04hubzvrrN37ylesePuulw2ecddekdYesb6u+8bt/sfzUIQXz/6Glzf/jHqzMoeBkb8fqeP3/CwaE0HVp/YYk8LM43JMHhLBXV6ollkguqP+1WKIpCfws7jDZP5Zobcmvqm8MrEgFfl+fCaxOBdbEQGYvxU9DZlfOFfUhjOlKTc4vMTeWaEgFjouBoalAYww0pQL9Y2BCKvBm/0ygJRX4xxgI7fnb6s7+mW0FAACwNTLzrMr8uyE9z1tR0VOGsp4y1PaUobynDNU9ZSg2inj/jpihMnXySllOpsp0rTWpWgoyxIvhb3W/CjKE3+bnTBcsaDqef5A936AsP8O4H97RetDX5v1408U/evzIAy88csmVb196dL/BVz77v9vP7dd/U23B/L+ptPl/bf5t0vqaOP/fcv2/JPBI7N6V8dTxoTHw8qH5gcyOgTVxsrs4W1VLpkRm0r44lpgQA0NTgbkxMCEVaJ2cCSwbnB/IzLSzjV+Qbbw9UyInAAAAAJ+4uIMg7qaJ8/+V48I7exz5fvPuVw6cO+7xR847YnrNrtU1/zx+7dLxl1Y/tF/fgvn/hNLm/7G9frmNXRh782r/EO4u29KbbGBEXRKI+zHq4s/j96gL4XM5OziyJdpqkxJVqYbDwzXJL9Sr0lXdW5OsMRDvT3niwVWXdSauqglh35y9L9k2XqhO2qhJB4ZVJYHadGBORRKIe36ygXvKkwBss+xewfiCypzqktXQfbkir7/PyjVB08Mr2AfaTb7ufnO1o1SnH8jsU83auqetoDp2iIK3x2rvtt74bmvwbsv9IpX5hrJ5S6g6lM9smzV9Qcf8+EjuL1kL7KDnOfdXqqWkt8PrcNHH723PqtMdaEp9fDR1X67712FZrO6B2kn1l7098eCVJ//x9H3nr51acjeKiD8UPvjWuQc8l7N5d7TqkHnN9brPkxafJ73x38BQT1sIYfkFs5584l/ef75iffN/OXDs8tvefGz5Tw56YNaIL2y45Msb33r3qIL5f0tp8/+K1G2XD+LGnDcghOE5G/fRuPknDkg+B3MCyafkwMJAcsh9fX3RT04AAADY3rK7O7L7C9ozt8kJ4el5cmH+lq3MH/dXTOg2f6n9HjjmH7536FWvf+Pr63e//NGlT637T2++csS0Qx/Y9PSKla83H/v5pwvm/60fPf/vm+qm4/+O/7ODOP7frZ19V3Tf9AOLtmlXdEF17BCO/3drZ3+3Of7fLcf/Hf/vjuP/PXD8v1s7+9NW8C1pri9dIYTWATfc/ova6cP7XXHOt2as/fnT7zSNe6Hu3KPv/B+HLw7XnLfqzwXz/7mlzf+t/9f9on3Z9f9ai63/N7fY+n+LrP8HAADsUEUWmkvP8wpW7yvIkF69ryBDjwsE9rjEoPX/tnr9v9qTzj7plfq39rpm4u3/+c7pFz5/0onP7tvn+RNuP+GmkVcPf+nLGwrm/4tKm//Hl0O/3NZ7y/p/QycXqWpJDMy1MCAAAAA7o2I7CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPh0rXhw8Rc3L97noJue/fxNh//rsjWz9v7VAZtHjzm5cfjigWVX/t2/vDVowcI32iadeW3L9OXXbFi5NIT2rnJlSfGyhwaVl4/+wzF33XbFw03TBk85tzpTb2Xm9ot5uWOrH9aHsCznkbqY2FjfeWdLYMoxty6s6Ew8Wh/CPrmB2efP/lxn4sb6EPbLDayauv/gzsT56RL3vXj4a52JaenAUSN2ea8zMT4TKEt397r+SXfL0t29rH8IA3IC2e5+u39+Vdk2/mMmUJ5u4+a6pI0YqItFf1SXtBEDHbFEe98QRlaE0Cdd1a+rk6r6pKv6++qkqj7pqv5rdQjjQwgV6aperEqqqkiPfG1VUlUM7Lb3TzcN60wsqwphZG7gmW9eP6YzcXoqkG3861UhDOl8yaQbv6Myabwy3fhVlSHsGUKoSpf414qkRFW6xCsVIQzMCWQbP7UihIWBz4T44TMz98F5C8+ePb2jo+2MHZioyrRVE2a1d7Q1zpjTMbM61adiynLSm8/7+GN/ftM5Mzpvpw65fXgp6YpMucquLjdX5t0dvbP3PvarNreSLc9HQf0xf1XoF/oumNd2RuNZ0+fPP2NU8rfU7M3J3z6ZaLKtRvWWbbVfbiUj5582d+S8hWePaD9t+iltp7R9p3nsqObmMV8dO6Z5ZOeompK/22Oo13/yQ929IqeST+IDQEJCorclyvM+3Zp29g/ygi/6WzpaGaq7PqALphW5Wcq6Rrk9Bn3Yxxzxx/me0uOIRhVMHAqyNPecZXTBZGJLlpokS9f3uoLJYW5N5V2bNN4vD42NfYpth4b8u7mb961t2LzrMpuu1DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPD/2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAgAAAAAAPm/NkJVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVUVduBYAAAAAECYv3UYPRsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlwIAAP//WKHPZA==") r0 = syz_open_dev$loop(&(0x7f0000000b40), 0x0, 0x0) ioctl$LOOP_SET_STATUS(r0, 0x4c02, &(0x7f00000000c0)={0x0, {}, 0x0, {}, 0x40010001, 0x2, 0x15, 0x17, "9e959f16b6787b08aa26e66c4056a51695284854c382ec6bcfeef4fb0efcc1d8a6078ed98e203fd5f0643902dd8f6fac274de9d940bba5e51e92bbd4ce85450d", "f625c1076e4c36c800def96015e0fb7e904d865c2fdc458ee68d347f41be5a08", [0x3, 0x7]}) r1 = creat(&(0x7f0000000240)='./file1\x00', 0xd) lsetxattr$security_ima(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f00000004c0)=@v2={0x5, 0x0, 0xfd, 0x207, 0xaf5, "e60613bde37e96768714eb175f35f56f08092b0a054d99338622233bc8effb074f6ece20eb2d1088b94a522128846746037a8b219617d302b3cd8f71666bd9faeea70978b94d825a38fc65e7e1f80388a0fd9db728b95b41bff608c5221e144d2aeca49ca440dae77ba82caf1625833efb6d97fa49aa179c9468519d3dcb9bb8938046c6c2be11d3a87ec00488e889213f7a3dc966cb36acdbca18cf7c2087897dcff22cc0944ea4436fcd4cc8a0588abe5301ffb44afe8e61eeb295d26c3a1f89a3dda1c1cb6c7bffb8c57012d59fe98567701878f8fafe0ba5cb33dbc5e4be37a984551123cbd01048ce7dfff356fe16d644ec05f8d2c0f2b4b7d146e18a2625ee1cd54f674f132ab48e1a79aea42e54128470083aa50c5258fd39058d91fa9a697a7988c6e99661efca5036b79639c744f13ac58f9ec6a739356109a19e4e9a41645d79987026317e7a50e536e9fe80d1699e7d33a3da1f2276dab759cd691edef3f018aecd5ff94fd87cd1ac4b6989024ce1c27b6ed786848d205bf2e59e33278474b337285161c98cf19c452107cd3a9920d543fd4ed562b945bf177f9e0f5f91872a6b44f952731650c128f0ad2cf1ba2154d4e55ea3cc109423f126d5f8aa1599d25732ddf61353f1b1542d421bb08c22db5cf2194724b59c586f5f2842d31ec8f5e4a114de9f5fda19256e0c001f7638895709d7300e5d8a73e8e47bc96dfc8590b155202ae9fc891d779303c1670a8c3b1b22a8f197172c5d1cc7661b2acbffa5d0f10c5578a8a84a791cd2f85b6b851914f250e854649a0ef2d4b9f25049a71ae6696bd3f68b009163974d0336d23479cc13ecc5632b53f218eed005938e4c1d14aa2aef0b39d510adc8d5734ae9f83eb2e154821d8ba06bcdb39ad85722370ed2032822d8a6b6a5c238e819bf481a8c8739dc1ff13bf35c76400faed7b2536d579e364a3a499a3dc29f209cad17ba4085ad04ef5b38386fd5761a9ad08d5e612ebc6006cf7b26b9a72f214290a55f44eaf4c74648b091bd4c0cc1c361764ee1ed2f9a9808293e85e1919fa37f9c85932b917ddef66fdcfba1aeebdcf24b37cdd7fb4d46fd5b252acb72a2cfca6db1d08f3fb60edd7fcff557971ca69f08cb57a8972160b7082a02fc054ccd8b4344f7a0cffcb120ac846d2f38537c7db17ca9e5e50398b7d2638d64f0eb8f363c4ea0eca65c208ac8d2e11b8abd3c1f0b219cc9e03da1547da502964742e28a049787c320fd83ed453e62a2a8633eeec371be274843434c6dc15701077bdfc992e7c6ac99ab61573aaf574411d3297e1cc2b2fcae6b5a994120294574c0e1187630871032bd58c01501f40a2cbefe8f9e2f680ee5a653c8d70ae5ba3fff1de6b14fd9d00642e594f0d6189e456249c60459966c3c5690d2394dd7de53dafb5c814b92df3b04fd514de9550480a1fe3506c7f1d825e3f0f5473104eb4edadc9613a00cb2359f1a56917f1650a06b4de5644008026d36ca62cf30232299b2cd33c1e4284ac1df46165360996124481fec53382999b4ad9c11fbc5a9db3c3872f2b53ad4b3bc1511f541454c72e0b9598cbccc00f50dd1461d13e549751e4b2446ab473dbe71d1d5b980dac1c9fc626dae89a96879d075762c9590b87e74a1bfa974dd86b0773198a7e67cb42cbbf9cb2871acce30186ca1ed58cb13ee911409fcb3968fc5e973ce86ec343918157a5470659344323a21c9919525afbddfa009e787dce24a6267c3df6842d7995417573f1ec022ddf8291b8b4a969951865f2192e090e1d0485b47cbc695c317ee02b2aeb0eea33015853f47ec8bacf5241c4e15ef474d9edc153e292eb6077b06e8ab6af575cec8123c6f957c4a264672e3fbf244a82bfdc9b37f7bf38c7d30e35c134482a3d157e55ae77054d8422a00c7c7bc72e764ba1693a40cedf66658c7182abe2a8312cf0002136d1a6c11bf14b084c73d8c5c40ab1caec5ec083ce192c5ea2d1203efd4e0d288dde383d6c715caeeb1f381493875819623b003c0f0d2f11e71261dc26cb310e96a0b74e1a4174a2f08761199758d38f76abf3ae79dabcd34151e4f606f038ac74c2befca805bf8045808ec576430bd0f0fd0f8c857201e8ecd5945042b8ea5b431a0c044de1433e1e927e46dbc885a80553aa1daaa24b0dd3e55938d8f3ba3f489ecf0db38d8cf1a28de37ffd5ee6e455448e095d8b323abec455856324430dd16331370467a23cf5dbacf45d50af7d1606c95e96ca8bca9004bda1567535a86b8c8ca6bd10adfb9958f14820c5ce2ac3559aaddc2cbfffdcd8463bf8a9e0788eb3df2e2b533a4ae3d5e3635486e1a58a5ec31bdb22b6295e907468fc976767e7ef50f2bd6935ff8ac113a4eb1b327e9dc3e7de5fb0f35b742ea1c1afee6129391e85adffc2844e4d4acfad07e82c5052ab057e6c25e70d7ebd57606a646d3550a4f09af06e8cf14e05c5b0ed241d8444827edb8c7e3c8a68e02706627daa6e9a59f89763df8e0c703aae0f57c5c264d9bae54ecffd7e05c5296f51586282a47d9204e8f6bbf2eac90d4e45976020a29e1bd2508f1b22d3f7fbc226939f7b700db7af79e7579bd0b32c927a3b899080f46590aadc45ed263ed1ddcac3efe25831bf606e66fcbca4e8a912cab5dc29b264c4d8ce259d3bd8d6983334498929b2998c0059f02df1a14ec15d1019b9fdd30b6a1446de89ede0ea3b32cff4884deb0d5f0137730952654d9923343587cf5f1720a733f0f33a7a37b4fe392330b9b973eb581a8e6c3d7f229294ed731918a1e80884fb2a61553030e57becad18095321f97c117fb72e338147831b6b2c2f59942138cea41cbd3fc27e34b30efa4cab628ccfdb4ce91d17999104ca9dba970c99aa95f79482e1751ee206c4da98c4591580f8ff9044a07e8d2632f6aa2be1f94071308eb3a39f343cae034545c01ca5654d088a663e9b786476c138799f706c7d1d4424fbf93078a6578ce52315e4e3ab0069de9c2f83fbc8ad18b9835997f7bbebdd0b10b20a908a31d1ebbe700b725123d29c4bb28eee56ca182083307d8ef727956de52268b0759446b0346cb7cf363ca118be80c6d3bc872f8020a40553e1d6bd97f1fec3e279fb4a79a97b303aeba3d76444aefed3c338fd2f0ee16b7d0f0e8934374e5c0a4768ce8d9753819765c726a04e64bc39061458d0639ecd93b1f505473425d07cc3f5b07fa2d2841738f513f637da1c47f0e6132fde4168ea7f4a5b1f9c404481463b52b4a8fee3c02b2f4885ca28d12ebfee8f1ebcf6f917041b0f652587521f3bd486ad5b176142ae410c30ed30a4ed39f26ee07953545127d41894f892c8f4688b8d23b6240e1ac665a4a80479f5b0b35466e4baf58abe9e805f39dc1a25592527fe711c160e0589c0c4c3c7039cd3adc887795bef12a98e237461a76e8686ea28e0abc00eb07b36a6a17cb571031bed081e7249d4fdac34c6e78d6e9bb6f5a59a51f37002fc371342352494be93bc9b8cc5f055d33d950fc4620cf18077c57c066d46b82893f5091f58795238efaacba488e84785369d017a1df53a2c45967438e45d58b179caf2b32c8850969b2e15f739f6077231ab47e02914e9625443fcff2f4650880adcd5c754d97bc9bf7723db28c5cdb1a0cbc8a02a72f71f5912143bcb3c26c64a1b10702c7f2c43bad366beeff1c98a70f563e71fa05d9a70775b7ea57ddab5feb6dde7bf658e15ba62856d561aee4d20a7b55c6d493ae5ef1492ba19317d7f4e904f878fef7e7c98b27f681ea89d0e1f4e86ca4f78776637c971a11dcd39688487e686bddaa032e6eafdab516a4b407b2d887acb9d75f5f9a97369fd31982eb898ac9ea583acf2977f92ce43e54d07fab812e05d55d69f4f2dfe7d78847051458ec8d250bdbf807ede8f8436f07725b79b2cae7d4dabbae9554f1254bd54ff546cd9a292cc75f100022da3c904f"}, 0xafe, 0x1) ioctl$BTRFS_IOC_QUOTA_CTL(r1, 0xc0109428, &(0x7f0000000180)={0x1, 0xffffffffffffffff}) unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x0) rename(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00') syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000840)='./bus\x00', 0x210052, &(0x7f0000000b40)={[{@fat=@debug}, {@fat=@gid}, {@dots}, {@dots}, {}, {@dots}, {@nodots}, {@fat=@errors_continue}, {@fat=@showexec}, {@dots}, {@dots}, {@fat=@codepage={'codepage', 0x3d, '860'}}, {@dots}, {@fat=@nocase}, {@fat=@codepage={'codepage', 0x3d, '936'}}, {}, {@nodots}, {@fat=@fmask={'fmask', 0x3d, 0x2}}, {@fat=@umask={'umask', 0x3d, 0x5}}, {@fat=@uid}, {@dots}, {@dots}], [{@fsmagic={'fsmagic', 0x3d, 0xfb}}, {@pcr={'pcr', 0x3d, 0x15}}, {@uid_gt}, {@context={'context', 0x3d, 'system_u'}}, {@flag='ro'}, {@audit}, {@subj_role}, {@hash}]}, 0x5, 0x1c7, &(0x7f0000000500)="$eJzs3TFrE2EYB/DnYu1FF7sJ4nDg4hTUL2BFKog3VTLopNC69ERIltPF+hWc/IB+AOlUBzkxlzY2JFKKvbukv9+Sh/vf8T5vAm+mPHlz9/3B3ofxu++3v0W/n0RvO7bjOImt6MWJwwAA1slxVcWPqtZ2LwBAM87x/f+r4ZYAgEv28tXrF0/yfGc3y/oRR4flsBzWr3X+7Hm+8yCb2Jo9dVSWw2un+cM6z87m1+PmNH+0MN+M+/cm+Zc/2dOf+Vyext6ihr/u/vf3AAAAAAAAAAAAAAAAAAAAAAAAmjbITi2c7zMYLMvr6q/5QHPzezbizkZj2wAAAAAAAAAAAAAAAAAAAICVNv746eBtUeyPZkUaEWevXKyobi1dojtFLzrRxooWaUc/3KwbbRQxdyWKk5EY/3x8MyImxeNl99yIiEtufnZGpK2cTAAAAAAAAAAAAAAAAAAAcPVMf+ubjMZtdwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7an//7/YH12k+BwR57h5ulTS8lYBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABYY78DAAD//6d2Kn0=") r2 = open(&(0x7f00000000c0)='.\x00', 0x101400, 0x184) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x3, 0x6, &(0x7f0000000200)=ANY=[], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) getdents(r2, &(0x7f0000001fc0)=""/184, 0xb8) 15m21.29150715s ago: executing program 33 (id=105): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$inet(0x2b, 0x801, 0x0) setsockopt$inet_int(r3, 0x0, 0x17, &(0x7f0000000040), 0x4) 13m49.131929157s ago: executing program 34 (id=366): syz_mount_image$exfat(&(0x7f0000000280), &(0x7f00000000c0)='./file2\x00', 0x0, &(0x7f00000018c0)=ANY=[], 0xfd, 0x1501, &(0x7f00000002c0)="$eJzs3Am4T1X3OPC19t6H62b4JpnP2uvwTYZNkoSSZEiSJCRzQpIkSZK4ZEpCEjLeJHPInG665nnInHTzSpIkJCTZ/+c2/P16h5/3fX/9/vq/d32e5zz2cs7aZ+27nu89w/Pc79ddh1VvVKNKfWaGf4f+bYC//JMEAAkAMBAAcgBAAABlc5bNmb4/i8akf+sk4n9JgxlXugJxJUn/Mzbpf8Ym/c/YpP8Zm/Q/Y5P+Z2zS/4xN+i9EhjYr39WyZdxN3v//f079T5Ll+p8h4D/aIf3/T6P/paOl/xmb9D9jk/5nbNL/jCy40gWIK0w+/xmb9F+IDO0Pf6e84dyVfqct27+wCSGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQ/w+c85cYAPhtfKXrEkIIIYQQQgghxB/Hv3ulKxBCCCGEEEIIIcT/PgQFGgwEkAkyQwJkgUS4CrJCNsgOOSAGV0NOuAZywbWQG/JAXsgH+aEAFIQQCCwwRFAICkMcroMicD0UhWJQHEqAg5JQCm6A0nAjlIGboCzcDOXgFigPFX4+Z7rboTLcAVXgTqgK1aA61IC7oCbcDbXgHqgN90IduA/qwv1QDx6A+tAAGsKD0AgegsbQBJpCM2gOLaDlZfKTc/y9/OehB7wAPaEXJEFv6AMvQl/oB/1hAAyEl2AQvAyD4RUYAkNhGLwKw+E1GAGvw0gYBaPhDRgDY2EcjIcJMBGS4U2YBG/BZHj7oWwwFabBdJgBM2EWvAOzYQ7MhXdhHsyHBZCcZREshiXwHiyF9yEFPoBl8CGkwnJYASthFayGNbAW1sF62AAbYRNshi2wFbbBR7AddsBO2AW7YQ/shY9hH3wC++FTSMPP/sX8s7/Ph24ICKhQoUGDmTATJmACJmIiZsWsmB2zYwxjmBNzYi7MhbkxN+bFvJiE+bEgFkRCQkbGQlgI4xjHIlgEi2JRLI7F0aHDUlgKS+ONWAbLYFksi+WwHJbHClgBb8VbsRJWwspYGatgFayKVbE6Vse78C68G2thLayNtbEO1sG6WBfrYT2sj/WxITbERtgIG2NjbIpNsTk2x5bYElthK2yNrbEttsV22A7bY3vsgB2wI3bETtgJO2Nn7IJdsCt2xW74HD6Hz+Pz+AK+gL2wquqNfbAP9sW+2B8H4AB8CQfhy/gyvoJDcCgOw1fxVXwNR+AZHImjcDSOxkpqLI7D8chqIiZjMmaGSTgZJ+MUnIpTcTrOwJk4C2fhbJyDc/BdnIfzcT4uxIW4GJfgElyK72MKpuAyPIupuBxX4EpchatxFa7FdbgWN+BG3ICbcTNuxa34EX6EO3AH7sJduAf34Mf4MX6Cn+AQTMM0PIAH8CAexEN4CA/jYTyCR/AoHsVjeAyP43E8gSfxFJ7E03gaz+BZPAcA5/E8XsALeBEvpn/4VTqjjMqkMqkElaASVaLKqrKq7Cq7iqmYyqlyqlwql8qtcqu8Kq/Kr/KrgqqgIkWKVaQKqUIqruKqiCqiiqqiqrgqrpxyqpQqpUqr0qqMKqPKqptVOXWLKq8qqDbuVnWrqqTausrqDlVFVVFVVTVVXdVQNVRNVVPVUrVUbVVb1VF1VF11v6qnemN/bKDSO9NIDcXGahg2Vc1Uc9VCvYYPq1ZqBLZWbVRb9agahSOxvWrlOqgnVEc1Djupp9R4fFp1UROxq3pWdVPPqe7qedVDtXY9VS81BXurPmo69lX9VH81QM3Gaiq9Y9XVK+r5zEPVMPWqWoyvqRHqdTVSjVKj1RtqjBqrxqnxaoKaqJLVm2qSektNVm+rKWqqmqamqxlqppql3lGz1Rw1V72r5qn5aoFaqBapxWqJek8tVe+rFPWBWqY+VKlquVqhVqpVarVao9aqdWq92qA2qk1qs9qitqpt6iO1Xe1QO9UutVvtUXvVx2qf+kTtV5+qNPWZOqD+og6qz9Uh9YU6rL5UR9RX6qj6Wh1T36jj6lt1Qp1Up9R36rT6Xp1RZ9U59YM6r35UF9RP6qLyCjRqpbU2OtCZdGadoLPoRH2Vzqqz6ew6h47pq3VOfY3Opa/VuXUendfk0/l1AV1Qh5q01awjXUgX1nF9nS6ir9dFdTFdXJfQTpfUpfQNurS+UZfRN+my+mZdTt+iy+sKuqIHfZuupG/XlfUduoq+U1fV1XR1XUPfpWvqu3UtfY+ure/VdfR9uq6+X9fTD+j6uoFuqB/UjfRDurFuopvqZrq5bqFb6od1K/2Ibq3b6Lb6Ud1OP6bb68d1B/2E7qif1J30U7qzflp30c/orvpZ3U0/p7vrn/RF7XVP3Usn6d66j35R99X9dH89QA/UL+lB+mU9WL+ih+iheph+VQ/Xr+kR+nU9Uo/So/Ubeoweq8fp8XqCnqiT9Zt6kn5LT9Zv6yl6qp6mp+sZeqbu/+tMc/+J/Lf+Tv7gn8++VW/TH+nteofeqXfp3XqP3qv36n16n96v9+s0naYP6AP6oD6oD+lD+rA+rI/oI/qoPqqP6WP6uD6uT+iT+gf9nT6tv9dn9Fl9Vv+gz+vz+sKvPwMwaJTRxpjAZDKZTYLJYhLNVSaryWaymxwmZq42Oc01Jpe51uQ2eUxek8/kNwVMQRMaMtawiUwhU9jEzXWmiLneFDXFTHFTwjhT0pQyN/yP8y9XX0vT0rQyrUxr09q0NW1NO9POtDftTQfTwXQ0HU0n08l0Np1NF9PFdDVdTTfTzXQ33U0P08P0ND1NkkkyfcyLpq/pZ/qbAWageckMMoPMYDPYDDFDzDAzzAw3w80IM8KMNCPNaDPajDFjzDgzzkwwE0yyz2EmmUlmsplsppgpZtrAHGaGmWFmmVlmtplt5pq5Zp6ZZxaYBWaRWWSWmCVmqVlqUkyKWWaWmVSz3Cw3K81Ks9qsNmvNWrPerDcbzUaz2Ww2qWab2Wa2m+1mp9lpdpvdZq/Za/aZfWa/2W/STJo5YA6Yg+agOWQOmcPmsDlijpij5qg5Zo6Z4+a4OWFOmFPmlDltTpsz5ow5Z86Z8+a8uWAumIvmYvptX6ACFZjABJmCTEFCkBAkBolB1iBrkD3IHsSCWJAzyBnkCq4Ncgd5grxBviB/UCAoGIQBBTbgIAoKBYWDeHBdUCS4PigaFAuKByUCF5QMSgU3BKWDG4MywU1B2eDmoFxwS1A+qBBUDG4NbgsqBbcHlYM7girBnUHVoFpQPagR3BXUDO4OagX3BLWDe4M6wX1B3eD+oF7wQFA/aBA0DB4MGgUPBY2DJkHToFnQPGgRtPxD5/f+TJ5HXM+wV5gU9g77hC+GfcN+Yf9wQDgwfCkcFL4cDg5fCYeEQ8Nh4avh8PC1cET4ejgyHBWODt8Ix4Rjw3Hh+HBCODFMDt8MJ4VvhZPDt8Mp4dRwWjA9nBHODGeF74Szwznh3PDdcF44P1wQLgwXhYtD/OWWGFLCD8Jl4Ydharg8XBGuDFeFq8M14dpwXbg+3BBuDDeFm8sO+uXQcHu4I9wZ7gp3h3vCveHH4b7wk3B/+GmYFn4WHgj/Eh4MPw8PhV+Eh8MvwyPhV+HR8OvwWPhNeDz8NjwRngxPhd+Fp8PvwzPh2fBc+EN4PvwxvBD+FF4MffrNffrlnQwZykSZKIESKJESKStlpeyUnWIUo5yUk3JRLspNuSkv5aX8lJ8KUkFKx8RUiApRnOJUhIpQUSpKxak4OXJUikpRaSpNZagMlaWyVI7KUXkqTxWpIt1Gt9HtdDvdQXfQnXQnVaNqVINqUE2qSbWoFtWm2lSH6lBdqkv1qB7Vp/rUkBpSI2pEjakxNaWm1JyaU0tqSa2oFbWm1tSW2lI7akftqT11oA7UkTpSJ+pEnakzdaEu1JW6UjfqRt2pO/WgHtSTelISJVEf6kN9qS/1p/40kAbSIBpEg2kwDaEhNIyG0XAaTiNoBI2kUTSa3qAxNJbG0XiaQBMpmZJpEk2iyTSZptAUmkbTaAbNoFk0i2bTbJpLc2kezaMFtIAW0SJaQktoKS2lFEqhZbSMUimVVtAKWkWraA2toXW0jjbQBtpEm2gLbaFttI2203baSTtpN+2mvbSX9tE+2k/7KY3S6AAdoIN0kA7RITpMh+kIHaGjdJSO0TE6TsfpBJ2gU3SKTtNpOkNn6Bydo/P0I12gn+gieUqwWWyivcpmtdlsdpvD/nWc1+az+W0BW9CGNrfN87uYrLVFbTFb3Jawzpa0pewNfxOXtxVsRXurvc1Wsrfbyra8zQL/Na5p77a17D22tr3X1rB3/S6uY++zde1Dtp5tYuvbZrahbWEb2YdsY9vENrXNbHPbwrazj9n29nHbwT5hO9on/yZeat+36+x6u8FutPvsJ/ac/cEetV/b8/ZH29P2sgPtS3aQfdkOtq/YIXbo72MAO9q+YcfYsXacHW8n2Il/E0+z0+0MO9POsu/Y2XbO38RL7Ht2nk2xC+xCu8gu/jlOrynFfmCX2Q9tql1uV9iVdpVdbdfYtf+31pV2s91it9q99mO73e6wO+0uu9vu+TlOX8d++6lNs5/ZI/Yre9B+bg/ZY/aw/fLnOH19x+w39rj91p6wJ+0p+509bb+3Z+zZn9efvvbv7E/2ovUWGFmxZsMBZ+LMnMBZOJGv4qycjbNzDo7x1ZyTr+FcfC3n5jycl/Nxfi7ABTlkYsvMERfiwhzn67gIX89FuRgX5xLsuCSX4hu4NN/IZfgmLss3czm+hctzBa7It/JtXIlv58p8B1fhO7kqV+PqXIPv4pp8N9fie7g238t1+D6uy/dzPX6A63MDbsgPciN+iBtzE27Kzbg5t+CW/DC34ke4Nbfhtvwot+PHuD0/zh34Ce7IT3Infoo789PchZ/hrvwsd+PnuDs/zz34Be7JvTiJe3MffpH7cj/uzwN4IL/Eg/hlHsyv8BAeysP4VR7Or/EIfp1H8igezW/wGB7L43g8T+CJnMxv8iR+iyfz2zyFp/I0ns4zeCbP4nd4Ns/hufwuz+P5vIAX8iJezEv4PV7K73MKf8DL+ENO5eW8glfyKl7Na3gtr+P1vIE38ibezFt4K2/jj3g77+CdvIt38x7eyx/zPv6E9/OnnMaf8QH+Cx/kz/kQf8GH+Us+wl/xUf6aj/E3fJy/5RN8kk/xd3yav+czfJbP8Q98nn/kC/wTX2TPEGGkIh2ZKIgyRZmjhChLlBhdFWWNskXZoxxRLLo6yhldE+WKro1yR3mivFG+KH9UICoYhRFFNuIoigpFhaN4dF1UJLo+KhoVi4pHJSIXlYxKRTdEpaMbozLRTVHZ6OaoXHRLVD6qEFWMbo1uiypFt0eVozuiKtGdUdWoWlQ9qhHdFdWM7o5qRfdEtaN7ozLRfVHd6P6oXvRAVD9qEDWMHowaRQ9FjaMmUdOoWdQ8ahG1jB6OWkWPRK2jNlHb6NGoXfRY1D56POoQPRF1jJ68tL9Y8MvV9K/2J0W9I/3rG7J79KL44viS+HvxpfH34ynxD+LL4h/GU+PL4yviK+Or4qvja+Jr4+vi6+Mb4hvjm+Kb41viW+Pe18gMDtMfhMG4wGVymV2Cy+IS3VUuq8vmsrscLuaudjndNS6Xu9bldnlcXpfP5XcFXEEXOnLWsYtcIVfYxd11roi73hV1xVxxV8I5V9KVci1cS9fStXKPuNaujWvrHnWPusfcY+7xhF8Ld53cU66ze9p1cc+4Z9yzrpt7znV3z7se7gXX0/VySS7J9XF9XF/X1/V3/d1AN9ANcoPcYDfYDXFD3DA3zA13w90IN8KNdCPdaDfajXFj3Dg3zk1wE1yyS3aT3CQ32U12U9wUN81NczPcDDfLzXKz3Ww3181189w8t8AtcIvcIrfELXFL3VKX4lLcMrfMpbpUt8KtcKvcKrfGrXHr3Dq3wW1wm9wmt8VtcdvcNrfdbXc73U632+12e91et8/tc/vdfpfm0twBd8AddAfdIfeFO+y+dEfcV+6o+9odc9+44+5bd8KddKec16fd9+6MO+vOuR/cefeju+B+chedd8mxN2OTYm/FJsfejk2JTY1Ni02PzYjNjM2KvRObHZsTmxt7NzYvNj+2ILYwtii2OLYk9l5saez9WErsg9iy2Iex1Njy2IrYytiq2OqY9wW2R76QL+zj/jpfxF/vi/pivrgv4Z0v6Uv5G3xpf6Mv42/yZf3Nvpy/xZf3FXxF38Q39c18c9/Ct/QP+1b+Ed/at/Ft/aO+nX/Mt/eP+w7+Cd/RP+k7+ad8Z/+07+Kf8V39s/N/7bLv4V/wPX0vn+R7+z7+Rd/X9/P9/QA/0L/kB/mX/WD/ih/ih/ph/lU/3L/mR/jX/Ug/yo/2b/gxfqwf58f7CX6iT/Zv+kn+LT/Zv+2n+Kl+mp/uZ/iZfpZ/x8/2c/xc/66f5+f7BX6hX+QX+yX+Pb/Uv+9T/Ad+mf/Qp/rlfoVf6Vf51X6NX+vX+fV+g9/oN/nNfovf6rf5j/x2v8Pv9Lv8br/H7/Uf+33+E7/ff+rT/Gf+gP+LP+g/94f8F/6w/9If8V/5o/5rf8x/44/7b/0Jf9Kf8t/50/57f8af9ef8D/68/9Ff8D/5i/I3a0IIIYQQ/xR9mf29/87/qV+3dH0AINuOfIf/es5NuX8Z91P7OsYA4IleXRv8tjVokJSU9OuxqRqCwgsBIHYp/+fvH/g1Xg5t4THoAG2g9N+tr5+q+PN93383f/xmgESALL/lpD8eJcJfz3/jP5i/yXt8ufkXAhQtfCkn/US/xZfmL/MP5t/T7jLzZ/k8GaD1f8nJCpfiS/OXgkfgSejwuyOFEEIIIYQQQohf9FPnu13u+Tb9+Ty/uZSTGS7Fl3s+v4zKf8QahBBCCCGEEEII8d97+rnujz/coUObzv/Jg8x/jjL+BAMEgD9BGTL48w+u9G8mIYQQQgghxB/t0k3/la5ECCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYTIuP79bwhT//TBV3qNQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghxJX2fwIAAP//5g1V0w==") creat(&(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x10) creat(&(0x7f0000000080)='./bus\x00', 0x0) mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000001800)='cpuacct.usage_all\x00', 0x275a, 0x0) creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xec) creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000005c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.throttle.io_service_bytes\x00', 0x275a, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000001840)='hugetlb.1GB.rsvd.usage_in_bytes\x00', 0x26e1, 0x0) r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) openat$cgroup_ro(r0, &(0x7f0000004e80)='io.stat\x00', 0x275a, 0x0) mount$9p_fd(0x0, 0x0, 0x0, 0x0, 0x0) 13m10.15709386s ago: executing program 7 (id=470): socket$nl_netfilter(0x10, 0x3, 0xc) syz_mount_image$nilfs2(&(0x7f00000000c0), &(0x7f0000000300)='./file1\x00', 0x1014800, &(0x7f0000001880)=ANY=[@ANYRES16=0x0, @ANYBLOB="f9cba1923b054572145c2e67b885838cb353bc831573228abfb498e7f1fd8103aceb50858482ddb69dd9112c10e3d66c32cab6609b02bf9f07615fb29a27d49a24de56c84013a0c47945492852bdc34e69ddc25ffb9f4d1dd1af98558daa9974edd7d1abd46ee9d69da503b22758321d5031603da076b28cfc7d9477af38586cb482ad3a187ab4c7b916fad188280cee", @ANYRESOCT=0x0, @ANYRES8, @ANYRES8=0x0, @ANYRES64, @ANYRES64=0x0, @ANYRES64, @ANYBLOB="7540c430e8d8cb55e0610f65aa69c7eb0e142a7517e581064ff06e9ce239e0442bbf8cf256a108d756ee68844798521e40cb7b7963cd4041f65dc013adbd4ccf55477d30e5c56ff7db509a5cef7b7db994b9626f3e1e66ff309fa925885a36b49f6a215f7990ea209bdf87f38e08ed924527c0e45f594c78d32118cd03202a8875"], 0x1, 0xda6, &(0x7f0000003c80)="$eJzs3ctvXFf9APBzx544r/7iNO4vJoTEJJSGR+wmtSg7XCksKqQKKX9BFdKS4pZHwqJVKiVZsCVS1T+AqmtY8MyiUtRVUDcg/oGqKzahqlQgQmqNbJ8zHn8zw51xbI/H8/lId87c+z33nnPmcefOfZ0EjKzGyuP8/HSV0tt33rrw4OT4v5ennGzlmFl5HM9jCymlZmu+lCbD8hYmVtPPPrl+qT39PKdVOp+qVLWmpxfut+Y9kFK6kWbS3TSZLn589PYrHzy/+N6Rm0cuvHnm3ta0HgAARsuD77370z8/9d3rh//zmxMLaaI1vWyfL+Txg3m7f6FaHc9J639A1ZZWbePFnpBvPA+NkG+sQ772cpoh33iX8veE5Ta75JuoKX+sbVqndsMwW/sfXzVm1403GrOzq//Jl304tqeafe3K4ktXB1RRYNN9ejLv4jMYDCM3LB0a9BoIYFU8bviQG3HPwqNpLW28t/LvP9foPD9sgu3+/Ct/uMp/96Y1Dptnt36aSrvK9+hgHo/HEcbDfP1+/8vy4vGIZo/17HYcYViOL3Sr59g212OjutU/fi52qy/ltLwOJ0K8/fsT39NheY+Bzh7Y/28wjOywNOgVELBjxfPmlrISj+f1xfhETXxvTXxfTXx/TfxATRxG2W+v/TLdrtb+58f/9P3uDyv72R7L6f/1WZ+4P7Lf8uN5v/161PLj+cSwo5351/FPf373L/H8/8/D+f+n82/pZF5BlP2Fcb9669z/cGFwo0u+x0N1HuuQf+X51Pp81dTaclLbeuahekyvn+9Qt3zH1+ebDPn2522RvaG+cftkf5ivbH+U9Wp5vcZDe5uhHXtCPco7czine0N7DndrV9iRvSfka+bhSGjXVGjXE2G+/w/tqqbXtyvuPy/1ORqmx+MkJV942x76XYrvRbwu41ROb+X0nZy+n9OPOpQ7isrnsdv5/+XzOZ2a1UtXFi8/ncfL5/TeWHNiefq5ba438Oh6vf5nOq2//udga3qz0b5eOLQ2vWpfL0yG6ee7TH8mj5ffsx+O7VuZPnvpx4s/2OzGw4i7+vobP3pxcfHyzzzxxBNPWk/+x0rj1zMXr23jOgrYGnPXXv3J3NXX3zh75dUXX7788uXXzj397W898+yz83MrW/Vz7dv2wO6y9qM/6JoAAAAAAAAAAAAAPav2dZ6c07r725brycv16fH6eIZDed/Kp6Hcx6Bc/9ntvi7l+s3D21BHNt92XE406DYCnf3D/X8NhpEdlpbcxR/YGQbd/1+572FJD5792+HloWS7/9z69WW8fyE8ip3e/5zyd1f/f63+r3pe/4UesyY3Vu7vHuz7a1ux6Viv5cf2l/vATvVX/u9z+aU1T6beyl/6VSg/3qi0R38I5e/vsfyH2n98Y+X/MZdfXrYzp3stf7XGVWN9PeJ+43IfwLjfuPhTaH+5t18/7T91a+Mdtd3J5cMoG5Z+Jvs1LP1/dlOWW9aDefXcOk5X7r8d+zvot/7lvt/ld+CJsPyq5vdN/5/Dra7/z/L5m9P/J+w6Hzr+ZzCM7LC0tDTQrk9Gtd+VnWLQr/+gtyEHXf6gX/86sf/P+H8p9v8Z47H/zxiP/X/GeOxfK8Zj/5/x9Yz9f8b40bDc2D/odE38CzXxYzXxL9bEj9fE4/+3GJ+piZ+oiZ+siT9eEz9VEz9dE/9KTfzJmvhTNfEzNfHd7ss5HdX2wyiL/Ub6/sPoKMd/un3/p2riwPCK/TrH7/dXa+LA8Crnefh+wwiqOt+xI+5vL/txb+X0nZy+n9OPtqyCbIev5fTrOf1GTr+Z07M5nc3pXE71DTncfvH3YyduV2vn+R0K8V7PJ43XA8T7xJzrsT7x+Fy/57Me7bGcrSp/g5eDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyNxsrj/Px0ldLbd9668M+p73x/ecrJVo6ZlcfxPLaQUmqmlKo8Ph6Wd2NiNf3sk+uXOqVVOr/yWMbTC/db8x5Ynj/NpLtpMl38+OjtVz54fvG9IzePXHjzzL2taT0AAACMhv8GAAD//5Cp5/o=") syz_io_uring_setup(0x110, &(0x7f0000000340)={0x0, 0x6d89, 0x8, 0x40000, 0x100000f0}, 0x0, &(0x7f0000000040)) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x7, 0xf, &(0x7f00000009c0)=ANY=[@ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bca900000000000055090200000300006e00000000000000bf"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) setsockopt$TIPC_IMPORTANCE(0xffffffffffffffff, 0x10f, 0x7f, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x30) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x147042, 0x32) 13m7.193145533s ago: executing program 7 (id=479): sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x64}}, 0x0) openat$vsock(0xffffff9c, &(0x7f00000001c0), 0x40101, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0xfffffffffffffffe]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x400000000000002, 0x5, 0xfffffffffffffffe, 0x4, 0x2, 0x0, 0xefffffffffffffff, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x6], 0x0, 0x41901}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 13m7.085237371s ago: executing program 35 (id=479): sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x64}}, 0x0) openat$vsock(0xffffff9c, &(0x7f00000001c0), 0x40101, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0xfffffffffffffffe]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x400000000000002, 0x5, 0xfffffffffffffffe, 0x4, 0x2, 0x0, 0xefffffffffffffff, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x6], 0x0, 0x41901}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12m34.354694052s ago: executing program 36 (id=547): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$tipc2(0x0, r0) socket$kcm(0x10, 0x2, 0x4) ioctl$IOCTL_VMCI_VERSION2(0xffffffffffffffff, 0x7a7, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e22, 0x4, @rand_addr, 0x2}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000000c0), 0x4) r2 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r1, 0x0, r3, 0x0, 0xaf4, 0x0) setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x2, &(0x7f0000000500)=@gcm_256={{0x303}, "1f891d5b00", "11682d84dd05bb63ae661f051e1e79ceafeaa60a5bd1dc83db142ade2bd907fd", "dd6ed25e", "d4e9e1c90d89691c"}, 0x38) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4) 11m50.615557334s ago: executing program 6 (id=640): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sendmmsg$inet(0xffffffffffffffff, &(0x7f0000002dc0)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000180)="e1cdf1c9d746bcaa9854b30731a00f236b0aa22e760f29fc5e15ebe36fbe2e1698", 0x21}], 0x1}}], 0x1, 0x20000050) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a"], 0x64}}, 0x0) openat$vsock(0xffffff9c, &(0x7f00000001c0), 0x40101, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x1c}}, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0xfffffffffffffffe]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 11m49.147925795s ago: executing program 6 (id=644): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x0, 0x0) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = syz_io_uring_setup(0x110, &(0x7f00000000c0)={0x0, 0x10, 0x0, 0x3}, &(0x7f0000000180)=0x0, &(0x7f0000000280)=0x0) io_uring_register$IORING_REGISTER_FILES(r3, 0x2, &(0x7f0000000300)=[0xffffffffffffffff], 0x1) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, 0x0, 0x0, 0x4) syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_FILES_UPDATE={0x14, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=[0xffffffffffffffff], 0x1, 0x0, 0x1}) io_uring_enter(r3, 0x47f6, 0x0, 0x0, 0x0, 0x0) 11m47.724970892s ago: executing program 6 (id=647): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r0, 0x0, 0x8}, 0x18) syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x1a3c82) syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB], 0x6) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x180300, 0x0) socket$xdp(0x2c, 0x3, 0x0) ioctl$FBIOPUT_VSCREENINFO(r4, 0x4601, &(0x7f0000000040)={0x191, 0x258, 0x1e0, 0x0, 0x32, 0x1, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}) 11m45.916368719s ago: executing program 6 (id=649): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x4500, &(0x7f0000000840), 0x10, 0x4d3, &(0x7f0000000ec0)="$eJzs3c9rHG8ZAPBnNtlvf6UmVQ+1YFtsJS3a3aSxbfBQK4g9SEGt9xqTTQjZZEN20zahSIp3BREVPHnyIvgHCNI/QYSC3qWKItrqwYO6srOzmqa73XzpZqcknw9M531ndvZ53rb77rwzLzsBHFkXI+JORIxExNWIGM+2F7Llbquy037dq5dP5ltLEs3m/b8mkWTbOu+VZOtT7UPieER8/W7Et5I349a3tlfmqtXKRlYvN1bXy/Wt7WvLq3NLlaXK2szM9M3ZW7M3ZqcG0s6JiLj9pT/+8Hs/+/LtX3320e8f/PnKt1tpjWX7d7djkNpNL6Z/Fx2jEbFxEMFyMJKtiz32f3dkiMkAANBX6xz/oxHxqfT8fzxG0rNTAAAA4DBpfmEs/pVENAEAAIBDq5DOgU0KpWwuwFgUCqVSew7vx+NkoVqrNz6zWNtcW2jPlZ2IYmFxuVqZyuYKT0QxadWnszm2nfr1PfWZiDgTET8YP5HWS/O16kLeFz8AAADgiDi1Z/z/j/F0/H8s77wAAACAAZvIOwEAAADgwBn/AwAAwOFn/A8AAACH2lfv3Wstzc7zrxcebm2u1B5eW6jUV0qrm/Ol+drGemmpVltKf7Nvtd/7VWu19c/F2ubjcqNSb5TrW9sPVmuba40Hy689AhsAAAAYojMXnv0uiYidz59Il5YP8k4KGIqkz/70ISEvssofhpAQMDQjeScA5GY07wSA3BTzTgDIXb/rAD0n7/x68LkAAAAHY/ITve//uzYAh1sh7wQAgKFz/x+OrqIZgHDkfaTP/ne//99sfqiEAACAgRtLl6RQyu4FjkWhUCpFnE4fC1BMFperlalsfPDb8eKxVn06PTLpO2cYAAAAAAAAAAAAAAAAAAAAAAAAAGhrNpNoAgAAAIdaROFPSfpr/hGT45fH9l4f+CD553i6johHP7n/o8dzjcbGdGv73/63vfHjbPv1PK5gAAAAAHt1xumdcTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADNKrl0/mO8sw4/7lixEx0TX+hePp6ngUI+Lk35MY3XVcEhEjA4i/8zQiznaLn7TSioloZ9Et/okc4xci4tQA4sNR9qzV/9zp9vkrxMV03f3zN5ot76p3/1eITv83sit+MTuu1f+c3meMc89/Ue4Z/2nEudHu/U8nftKj/7u0z/jf/Mb2dq99zZ9GTHb9/klei1VurK6X61vb15ZX55YqS5W1mZnpm7O3Zm/MTpUXl6uV7M+uMb7/yV/+523tP9kj/kSf9l/eZ/v//fzxy4+1i8Vu8a9c6v79e/bN+F95lPX9rf8Tn87Krf2TnfJOu7zb+Z//5vzb2r/Qo/39/v2v7LP9V7/2nRf7fCkAMAT1re2VuWq1svHeF2In4j1IQ+GgCsfejzQU2oW8eyYAAGDQ/n/Sn3cmAAAAAAAAAAAAAAAAAAAAcHQN4+fE9sbcyaepAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABv9d8AAAD//9u92ow=") open(&(0x7f0000000180)='./bus\x00', 0x14d27e, 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0) r0 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000400)='./bus\x00', 0x0, &(0x7f0000000840)=ANY=[], 0x1, 0x37f, &(0x7f0000000440)="$eJzs3c9rI2UYwPFn0jQ/umyTgygK0ge96GVoq2e1SBeEgkt3I+4Kwux2oiFjUmZCJCK2nryKN/8BwWUPHhY8LKj/QC/e1osXT9vLgqCLiCPzK8l0p0mTZmm6+/3Abt7kfZ/M+04m5XkCeXP4/tefNOueWbc6kivdF0NE5KFIVXKSMKKbgmTYl1cv/HnvxSvXrhdFZHNb9dLG1dfWVXV55adPPy/Hw+4W5aD64eGD9T8Onj14/vC/qx83PG142mp31NIb7d871g3H1p2G1zRVLzu25dnaaHm2G/W3o/66097d7anV2rm4tOvanqdWq6dNu6edtnbcnlofWY2WmqapF5eyphsrjug7r0pTxNRubW9bG1Me8OaUcZi1f3zfH9HtuhvWgohZDt+vw2q3HvvcAADA3Enn//ptkrBXJddPKI24FiiE7XQZEOT/SXtra3Nbg2JhkP/ffumXzoX37izH+f/dQlb+//pvUXwq/w+OPvP8//sj98uzO5HzYm+SwafK/zEfVtLvyPuDij0W5P/Bu6Ff0X/5we3VsEH+DwAAAAAAAAAAAAAAAAAAAADAefDQ9yu+71eS2+Tf4CsE8f2QsT/yi8Y4d3KS/foX4x0F+tcDnkhXrl2XUvjFvfyyiPNVt9atRbdxfzJwVSryb3g9xKINJ6L9BDRQlZ+dvW5tMQ5YCP/fKIiKI7asSUWqqfiwfemdrc01jUTx4fH3ujUjvxTE16URxq9LRZ7Jjl/PjC/IKy8PxZtSkV9vSlsc2Qmv60H8F2uqb7+7dSS+HI7L8ubjfUkAAAAAAJg5U7UUl8/VdP0b1e+mqZrVH9TyMlyfP/r5QL++Xs2sz/OVF/Jnu3YAAAAAAJ4WXuGzpuU4tuv1jm2UZdyY5Pc0Rj9PdiM/yeCgcS9sLI4aszC0wpM+cyH+BY0JJi+TrdRynL+Kknkyky1cU12lU5xVy0nWf4LBpUlfAtfLTb522/VWgvnoVMsZaiQfG0WPLDxy6uTyceE/GEnUZAdNds4dN/i5b777e7p1GfGuvcNdb9wppVZ6TLhx5JH9MRftA98fO5/F7L8WP07zIzMAAAAA5kSS9Je95JG3znZCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8hU63E9vJGme9RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGBe/B8AAP//Tuzx8g==") mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0) mount$bind(&(0x7f0000000880)='./file0/../file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc11, 0x0) mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x887008, 0x0) syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000300)={[{@errors_remount}, {@bsdgroups}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5e}}, {@noauto_da_alloc}, {@bsdgroups}, {@init_itable_val={'init_itable', 0x3d, 0x5}}, {@stripe={'stripe', 0x3d, 0x2}}]}, 0x2, 0x44a, &(0x7f0000000400)="$eJzs281vFOUfAPDvzLbl9+OtFfEFRK0SY+NLSwsqBy8aTTxgNNEDHuu2EMJCDa2JECLVGLyYGBI9G48m/gXevBj1ZOJV74aEKBfQU83MzsDuslsobHcr+/kkA8+z82yf57vPPDPPzLMbwMAaz/5JIrZGxG8RMVrPNhcYr/939fLZ6t+Xz1aTWFl5688kL3fl8tlqWbR835YiM5FGpJ8kRSXNFk+fOT5bq82fKvJTSyfem1o8febZYydmj84fnT85c/Dggf3TLzw/81xX4sziurL7w4U9u15758Lr1cMX3v3p26y9W4v9jXF0y3gW+F8rudZ9T3S7sj7b1pBOhvrYENakEhFZdw3n4380KnG980bj1Y/72jhgXWXXpk2ddy+vAHexJPrdAqA/ygt9dv9bbj2aemwIl16q3wBlcV8ttvqeoUiLMsMt97fdNB4Rh5f/+SrbYp2eQwAANPqs+uWheKbd/C+N+xvKbS/WUMYi4p6I2BER90bEzoi4LyIv+0BEPLjG+luXhm6c/6QXbyuwW5TN/14s1raa53/l7C/GKkVuWx7/cHLkWG1+X/GZTMTwpiw/vUod37/y6+ed9jXO/7Itq7+cCxbtuDjU8oBubnZpNp+UdsGljyJ2D7WLP7m2EpBExK6I2L22P729TBx76ps9nQrdPP5VdGGdaeXriCfr/b8cLfGXktXXJ6f+F7X5fVPlUXGjn385/2an+u8o/i7I+n9z8/HfWmQsaVyvXVx7Hed//7TjPc3tHv8jydv5+WikeO2D2aWlU9MRI8mhPN/0+sz195b5snwW/8Te9uN/R/GeLP6HIiI7iB+OiEci4tGi7Y9FxOMRsXeV+H98ufO+jdD/c23Pf9eO/5b+X3uicvyH7zrVf2v9fyBPTRSv5Oe/m7jVBt7JZwcAAAD/FWn+HfgknbyWTtPJyfp3+HfG5rS2sLj09JGF90/O1b8rPxbDafmka7Theeh0slz8xXp+pnhWXO7fXzw3/qLy/zw/WV2ozfU5dhh0WzqM/8wflX63Dlh37dbRZkb60BCg51rHf9qcPfdGLxsD9JTfa8Pgusn4T3vVDqD3XP9hcLUb/+da8tYC4O7k+g+Dy/iHwWX8w+Ay/mEg3cnv+iUGORHphmiGxDol+n1mAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6I5/AwAA///K8u7c") r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00') read$FUSE(r1, &(0x7f00000020c0)={0x2020}, 0x2020) 11m44.435119491s ago: executing program 6 (id=654): socket$inet6_dccp(0xa, 0x6, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)) socket$netlink(0x10, 0x3, 0x0) openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0) syz_open_dev$vim2m(0x0, 0x7, 0x2) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000444ff8)={0x0, 0x3}, 0x8) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f0000000380)={0x0, 0x8c}, 0x8) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000280)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) sendmmsg$inet6(r1, &(0x7f0000000480)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c, &(0x7f0000000500)=[{&(0x7f0000000140)="03", 0x1}], 0x1}}], 0x1, 0x34000811) setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f0000000040)=ANY=[@ANYRES32=0x0, @ANYRES16=r2], 0x1000f) 11m43.163697487s ago: executing program 6 (id=658): getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f0000000100)={0xfffe, 0x0, 0x820d, 0x625, 0x1, 0x8, 0xb4, 0x1000}, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x3}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000040)={[{0x10, 0x3, 0x4, 0xc, 0x7, 0xfa, 0xfe, 0x3, 0xfe, 0x5, 0x10, 0xf8, 0x5}, {0x6, 0x9, 0x3, 0xd, 0xb1, 0x5, 0x2, 0xc, 0xfe, 0x40, 0x6, 0x18, 0x7}, {0xa20000, 0x0, 0x3, 0x7, 0x2, 0x77, 0x1, 0x9, 0x2, 0x5, 0x8, 0x54, 0x18bb}], 0xd9}) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x4, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x9}]}, 0x0) getsockopt$inet_sctp6_SCTP_MAX_BURST(r3, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f00000004c0)=0x27) setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(0xffffffffffffffff, 0x84, 0x19, &(0x7f00000001c0)={r4, 0x10}, 0x8) bind$bt_hci(0xffffffffffffffff, &(0x7f0000000100)={0x1f, 0x0, 0x3}, 0x6) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text16={0x10, &(0x7f0000000b40)="f30f09ba6100b8c400ef66b9eb0a00000f3266b9830000c066b84700000066ba000000000f30f2a60fc75add650fdabc755ac09af67f0066b98004000066b8532ebe1866ba0bffd3710f3066b9830500000f32", 0x53}], 0x1, 0x21, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 11m43.050935005s ago: executing program 37 (id=658): getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f0000000100)={0xfffe, 0x0, 0x820d, 0x625, 0x1, 0x8, 0xb4, 0x1000}, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x3}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000040)={[{0x10, 0x3, 0x4, 0xc, 0x7, 0xfa, 0xfe, 0x3, 0xfe, 0x5, 0x10, 0xf8, 0x5}, {0x6, 0x9, 0x3, 0xd, 0xb1, 0x5, 0x2, 0xc, 0xfe, 0x40, 0x6, 0x18, 0x7}, {0xa20000, 0x0, 0x3, 0x7, 0x2, 0x77, 0x1, 0x9, 0x2, 0x5, 0x8, 0x54, 0x18bb}], 0xd9}) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x4, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x9}]}, 0x0) getsockopt$inet_sctp6_SCTP_MAX_BURST(r3, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f00000004c0)=0x27) setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(0xffffffffffffffff, 0x84, 0x19, &(0x7f00000001c0)={r4, 0x10}, 0x8) bind$bt_hci(0xffffffffffffffff, &(0x7f0000000100)={0x1f, 0x0, 0x3}, 0x6) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text16={0x10, &(0x7f0000000b40)="f30f09ba6100b8c400ef66b9eb0a00000f3266b9830000c066b84700000066ba000000000f30f2a60fc75add650fdabc755ac09af67f0066b98004000066b8532ebe1866ba0bffd3710f3066b9830500000f32", 0x53}], 0x1, 0x21, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10m15.521331493s ago: executing program 0 (id=847): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) socketpair(0x1, 0x80001, 0x0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) io_uring_setup(0x17ba, &(0x7f0000000340)={0x0, 0x0, 0xc, 0x2, 0x354}) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)) syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x0) socket(0x10, 0x2, 0x0) setresuid(0x0, 0x0, 0x0) add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000280)={'syz', 0x1}, &(0x7f00000002c0)="1d", 0xfe3a, 0xfffffffffffffffe) add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000280)={'syz', 0x1}, &(0x7f00000002c0)="1d", 0xfe3a, 0xfffffffffffffffe) 10m14.251036709s ago: executing program 0 (id=849): bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=@ipv4_newroute={0x24, 0x1a, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x3800}, [@RTA_DST={0x8, 0x1, @remote}]}, 0x24}}, 0x0) 10m12.687430297s ago: executing program 0 (id=853): pipe2$watch_queue(&(0x7f0000000080), 0x80) socket$inet6_tcp(0xa, 0x1, 0x0) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) socket$rds(0x15, 0x5, 0x0) socket(0x10, 0x3, 0x0) socket$packet(0x11, 0x2, 0x300) epoll_create1(0x0) socket$tipc(0x1e, 0x5, 0x0) setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, &(0x7f0000000080)={'filter\x00', 0x5, 0x4, 0x3f0, 0x220, 0x110, 0x0, 0x308, 0x308, 0x308, 0x4, 0x0, {[{{@arp={@broadcast, @dev, 0x0, 0x0, 0x0, 0x0, {@mac=@link_local}, {@mac=@link_local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth1_to_bridge\x00', 'veth0_to_bridge\x00'}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @remote, @multicast2}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x440) r0 = syz_io_uring_setup(0x6438, &(0x7f0000000340), &(0x7f0000000100)=0x0, &(0x7f0000000180)=0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.swap.current\x00', 0x275a, 0x0) r4 = socket$xdp(0x2c, 0x3, 0x0) write$FUSE_NOTIFY_INVAL_ENTRY(r3, &(0x7f0000000080)=ANY=[@ANYRES64=r4], 0x29) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r3, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@use_registered_buffer) io_uring_enter(r0, 0x2, 0x0, 0x0, 0x0, 0x0) 10m7.029420664s ago: executing program 0 (id=862): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$nl_sock_diag(0x10, 0x3, 0x4) recvmmsg(0xffffffffffffffff, &(0x7f0000000080)=[{{0x0, 0x0, &(0x7f0000003e00)=[{&(0x7f0000000280)=""/4096, 0x1000}], 0x1}}], 0x1, 0x0, 0x0) r3 = socket$inet6(0xa, 0x80002, 0x0) connect$inet6(r3, &(0x7f0000000240)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x0) 10m4.532736753s ago: executing program 0 (id=867): r0 = socket$key(0xf, 0x3, 0x2) fcntl$lock(r0, 0x7, &(0x7f0000000000)={0x0, 0x0, 0x3, 0x7fffffffffffffff}) ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000040)={'syztnl0\x00', &(0x7f0000000400)}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000000)=@framed, &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x90) socket$netlink(0x10, 0x3, 0xa) r1 = epoll_create(0x10000e9) r2 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2) r3 = memfd_create(&(0x7f0000000340)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00', 0x3) ftruncate(r3, 0xffff) fcntl$addseals(r3, 0x409, 0x7) r4 = ioctl$UDMABUF_CREATE(r2, 0x40187542, &(0x7f0000000100)={r3, 0x0, 0x0, 0x1000}) r5 = fcntl$dupfd(r4, 0x0, r1) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r5, &(0x7f0000000200)) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r5, &(0x7f00000000c0)={0xa0002015}) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r5, &(0x7f0000000080)) ppoll(&(0x7f0000000000)=[{r5, 0x11}, {r1}], 0x2, 0x0, 0x0, 0x0) r6 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000740)=ANY=[@ANYBLOB="540100001a0013070000000000000000ac141400"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ffffffff0000000000000000000000000000000032000000ac141417000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001c"], 0x154}}, 0x0) 10m1.913776431s ago: executing program 0 (id=871): mlock2(&(0x7f0000004000/0x4000)=nil, 0x4000, 0x1) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) madvise(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x13) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000300)={0x44, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_FRAME={0x28, 0x33, @reassoc_resp={{{0x0, 0x0, 0x8}, {}, @broadcast, @device_a, @random="f7ab87594b3f"}, 0x0, 0x0, @random, @val={0x1, 0x4, [{}, {}, {}, {}]}, @void}}]}, 0x44}}, 0x0) dup(0xffffffffffffffff) syz_usb_connect(0x0, 0x24, &(0x7f0000000800)=ANY=[@ANYBLOB="1201000012c35b400304106098c610000001"], 0x0) socket$netlink(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) 9m46.664508622s ago: executing program 38 (id=871): mlock2(&(0x7f0000004000/0x4000)=nil, 0x4000, 0x1) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) madvise(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x13) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000300)={0x44, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_FRAME={0x28, 0x33, @reassoc_resp={{{0x0, 0x0, 0x8}, {}, @broadcast, @device_a, @random="f7ab87594b3f"}, 0x0, 0x0, @random, @val={0x1, 0x4, [{}, {}, {}, {}]}, @void}}]}, 0x44}}, 0x0) dup(0xffffffffffffffff) syz_usb_connect(0x0, 0x24, &(0x7f0000000800)=ANY=[@ANYBLOB="1201000012c35b400304106098c610000001"], 0x0) socket$netlink(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) 6m3.157433925s ago: executing program 4 (id=1321): r0 = socket$inet_tcp(0x2, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = io_uring_setup(0x17b9, &(0x7f00000004c0)) io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r4, 0x11, 0x0, 0x2) setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, 0x0, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000240)=[@mss, @sack_perm, @mss={0x2, 0x1}, @timestamp], 0x4) r5 = openat$drirender128(0xffffffffffffff9c, &(0x7f00000000c0), 0x101, 0x0) r6 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r6, 0xc04064a0, 0x0) ioctl$DRM_IOCTL_MODE_GETCRTC(r6, 0xc06864a1, 0x0) ioctl$DRM_IOCTL_MODE_GETFB2(r6, 0xc06864ce, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, [0x0], [], [0x0, 0x0, 0x3]}) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r6, 0xc00c642d, &(0x7f0000000080)={r7}) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r5, 0xc00c642d, &(0x7f0000000100)={r7}) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='nv\x00', 0x3) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0xc7) sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0) recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x700, 0x0, 0xfffffffffffffd25) 6m0.614819807s ago: executing program 4 (id=1324): openat$binderfs(0xffffffffffffff9c, 0x0, 0x802, 0x0) mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000780)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002) r2 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0) r3 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r3, 0x4010640d, 0x0) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r3, 0xc01064b5, &(0x7f0000000140)={0x0}) ioctl$DRM_IOCTL_MODE_GETPLANE(r3, 0xc02064b6, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$DRM_IOCTL_MODE_GETPLANE(r2, 0xc02064b6, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000400)={0x0, 0x0, r5, r4, 0x3, 0x0, 0x0, 0x800, {0x4, 0xffff, 0x3, 0x69, 0x200, 0x0, 0x5, 0x5, 0x4cab, 0xe154, 0x1000, 0x0, 0x10, 0xf9, "fe1d00007413000000000000000caa000000090000000000000004b427180010"}}) r6 = syz_open_dev$radio(&(0x7f00000003c0), 0x2, 0x2) read(r6, &(0x7f0000001e80)=""/96, 0x60) r7 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0) r8 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0) sendfile(r8, r7, &(0x7f0000002080)=0x64, 0x23b) 5m58.863069449s ago: executing program 4 (id=1326): r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f00000001c0)=0x0) prlimit64(r1, 0x4, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x35d, &(0x7f0000000f00)="$eJzs3c1rO0UYwPEnaZImKW1yEEVBOtiLXpY2ehaDtCAELG0jtoKwbTcasiYlG6oRse3Jq3j3JHgovVnwUND+A71404sI3noRPNiDurJvyeatLzFpfr/2+4GSycw8u7OZSXk27WYv3/3yo0rJ0kp6Q6JJJRERkSuRrEQlEPEfo245IWGH8srMnz+/uL5ZTHoVaiW/8WpOKTU3/8PHn6X8bmfTcpF9//KP3O8Xz148f/nvxodlS5UtVa01lK62a7829G3TULtlq6IptWoaumWoctUy6l77d/52zNreXlPp1d3Z9F7dsCylV5uqYjRVo6Ya9abSP9DLVaVpmppNC25SPF5b0/NDBu+MeDAYk3o9r0+JSKqnpXg8kQEBAICJ6s7/o05KP0z+vyVzhcLymnI6t/P/k5fOGzPvnM75+f9Zol/+/9ov3rY68n/ndKKd/9e884PSzfn/13KH/L83I3pchs7/s2MYDIYzn+ipinQ8c/L/tP/+dR29d7LoFsj/AQAAAAAAAAAAAAAAAAAAAAB4GlzZdsa27UzwGPy0LyHwn+NBGjT/0yKSdGbfZv4fsvXNLUm6F+45c2x+sV/cL3qPfodzETHF+Mfu5qyN4Moj5cjKj+aBH3+wX5xyW/IlKTvxsiQZybrrKRRv2ytvFZaXlMePb12mlA7H5yQjz4Tjv3dXpxOf64z395+QlxdC8Zpk5KcdqYkpu25ke/+fLyn15tuFrviU209Efrv3SQEAAAAAYMQ01dL3/F3TBrV73zKSL7kfExmyKBn5u//5/WLf8/NY5oXYpI8eAAAAAIDHwWp+WtElatTdgmn2K6RkYNMICrGOmriI9O2c6KqJX7flqdAR3nY8CfHuYPJ/j+ub4FW9S1TwjxTOwFtN/h1VZLjxBMfv1kRiw09T5FDcBXAYborKLcJj3YOfdypU384LA7dz5B9Iqyb42Cgx4HWW1d7tRK9ZCfGeGjsy3AJ47qtv/xrdG+T1U38FfHJz5yPTsA/kNpPSVXB20dsUH/svHgAAAAD3rp30BzVvhJvDNxIJ3yyHv9wDAAAAAAAAAAAAAAAAAAAAAAAAAAAAADBCY/lKv67CpI8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFL8FwAA//8GuPOT") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(r1, 0x8, &(0x7f00000002c0)=0x2) setpgid(r2, r2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002) r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x81000) unlinkat(r4, &(0x7f0000000540)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB='(\x00\x00\x00!'], 0x28}}, 0x0) r6 = syz_open_procfs(0x0, &(0x7f0000000300)='net/fib_triestat\x00') read$FUSE(r6, &(0x7f00000020c0)={0x2020}, 0x2020) bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="0f00000004000000010100000000000040080000a30dea1b958ecb31f83ec8fc6c1a7c33c80c176e2bb967267139f7f94497c67ddba048b52b7a7471b11623e9b0575bea4d5d69a03a65da8053fdd4ac107d630400000000000000782111d7552ff30aeac6946d4604edce32777812b013d1727ecb747b7d22f20300000000000000c74c0e61c4bdb2a1e036c5435a070000000000001b81247dab02ab68f7e199bc36269ca4701bfddf996cd1693bf0ea1031f565004bed11e628789f53f21348dac640759c8c0884e36ff3be6c2bbe84b77800fe570c3f79e0cffa6db8b4", @ANYRES32, @ANYBLOB, @ANYBLOB], 0x50) r7 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_PROG_DETACH(0x8, &(0x7f00000004c0)=ANY=[@ANYRES32=r4, @ANYRES32=r7, @ANYBLOB="3700000000000000008000009d08033c49868044873d3300000000000000a5241d49d926230c5f85d950780e44d3f1b517077ca29649", @ANYRES32, @ANYBLOB, @ANYRES64=0x0], 0x20) ppoll(&(0x7f0000000080)=[{r7, 0x2052}, {r0, 0x100}], 0x2, &(0x7f00000000c0), &(0x7f0000000140)={[0x5750]}, 0x8) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, 0x0) ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f0000000000)=0x2) 5m56.099717238s ago: executing program 4 (id=1329): syz_mount_image$hfs(&(0x7f0000000180), &(0x7f0000000000)='./file2\x00', 0x3000812, &(0x7f00000001c0)=ANY=[@ANYBLOB="71756965742c636f6465706167653d63703836302c696f636861727365743d63703836312c00808fead042bd35dc78f7f06333a5e7165b8271e41aee85e59cbb6c2df3d4e5c16b06c73f2e3b348a7fba46e286378a15ee516bac8d4813c9c3d9cee1ddb95d1bbcf504e065b3749a1cbd841e685a558598cf0db10b55885946e678d0a71877037a090000000700848879ef1604cadc1fada3aa22a576750d559c4e124d4cb7293e7393b77286fa8c6dc449eda0a03d342382e84d6d3c29ab95cc923fbe25e134d1c421320a3bffaa17fcd6b5178e322cc47133b3811e3d3bc34998dc7ed029834ad591d9d56c41063d8de2d50a2398e73ff2913a9fe8e954a4e4ca99ceb5737e57193c5f47fd63b16c8b34f256dbac0e5ebd009078df2cb1ca1051ad091adbfee5126d8a59fa5438734bc3e8cc7b7edc10716a0a9b711952cdf96586e06fbace21dc04bdb4a1a2072ce5f72cf0", @ANYRES16, @ANYRESDEC, @ANYRES64, @ANYRES8, @ANYRESOCT=0x0], 0x11, 0x2f0, &(0x7f00000019c0)="$eJzs3c1qE18Yx/HfmaRN+m/+NX0RwWW1oBvRuhE3EcktCOJCtG2EYqioFdSNqbgS0b17b8GLcKN4A7pyIV5Auxo5Z16SSSYzaWkyDX4/oE5m5pnznMzbcwJyBOCfdbP549PVX/aPkUoqSW+vS56kqlSWdFpnqs92drd3262trAOVXIQOfBkFkWZgn82dlvt3L7naxrmIUN1+KqvWuw7j4fv+jZ996357BSWDwri7P4UnVcK7022vTjyzbHtHjOsccx7TxuxrX8+1UHQeAIBi2ff/XlD42/d8LazfPU9aC1/7J/L9f1T7RScwdn7m1p73vxtl+cae31NuU3e854ZwdrsXjRJHaXmm7/OsgkIyUWCavFGly8Wbe7Ddbl3afNTe8vRajVDPbitxCyF7heZku5oyNs0wQt9NakUZpOXN2D6sD8l/+YgtZhgYviVOiPlivpm7pq6P2orrv7JvbLYu4XrfmQryvzy8vXkXZfdS+NhoNBqeO1Bk0TVyNnmmcnpZTR+RKPpiF5X8gaCel6eLWuqLCnp3JTWgEkctp0atR5+GtLWSiLK9ia/m4VmOm3lvbptV/dFnNXvqf8/mt6bMO7N715i14EZz33jQn9n05srumPWBN0dHd2rJNfG3WBmW+kH2Mw0jiM7hO23omhaevnj5sNRut57YhfspC49r8ZqZN1LqPgUvqNNdU5HvDOwcPQMnmdjFYz2gfX7k7mzvsol0cKxXgrwTcmkNWWh+HdeF5FdOQgf/L/ABhUnqnvSiM0FBbN1lgvGfq+TDet8VCvavW5XhdXpUkKWVbK56D4/o2xo7HgFVE/FLbum/ZBmdMzaYD+uYlHFcR6ONuc5dkM6P3mI9zHM6+K9ydjBNfdc9fv8HAAAAAAAAAAAAAAAAAACYNof/HwJzh44quo8AAAAAAAAAAAAAAAAAAAAAAEy7eP5fRfP/arT5f/unYgnn/60qZ/7fjcEcBub//bAj05GY/xcYr78BAAD//xzCgK4=") r0 = open(0x0, 0x143142, 0xa2) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000380), 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002) r3 = syz_open_procfs(0x0, 0x0) read$FUSE(r3, &(0x7f0000002500)={0x2020}, 0x2020) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x150}) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, 0x0) ioctl$UFFDIO_WRITEPROTECT(0xffffffffffffffff, 0xc018aa06, &(0x7f00000000c0)={{&(0x7f000040a000/0x800000)=nil, 0x800000}, 0x1}) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x4e23, 0x2007, @loopback={0x0, 0xffffffffffffffc0}}, 0x1c) open(&(0x7f0000000080)='./file1\x00', 0x1cf542, 0x60) munmap(&(0x7f0000001000/0x4000)=nil, 0x4000) r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x4000, 0x0) preadv2(r4, &(0x7f0000000240)=[{&(0x7f0000001200)=""/4096, 0x1000}], 0x1, 0x0, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000d40)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x800008, 0x0, 0xfc, 0x0, &(0x7f00000000c0)) 5m55.552886429s ago: executing program 4 (id=1335): r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000000)={0x6, @local, 0x0, 0x0, 'lblcr\x00'}, 0x2c) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xb3, &(0x7f0000000140)=""/179, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x275a, 0x0) ioctl$FUSE_DEV_IOC_CLONE(0xffffffffffffffff, 0x8004e500, &(0x7f0000000080)=r1) ioctl$vim2m_VIDIOC_S_FMT(r1, 0xc0cc5605, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r3, &(0x7f0000002540)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) r5 = shmget$private(0x0, 0x9000, 0x0, &(0x7f0000ff7000/0x9000)=nil) shmat(r5, &(0x7f0000ffc000/0x2000)=nil, 0x4000) r6 = syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SG_IO(r6, 0x2285, &(0x7f0000000440)={0x53, 0x0, 0x10f, 0x1, @scatter={0x0, 0x0, 0x0}, &(0x7f00000004c0)="851666ce20db96ab0c7d83e114e7ce1762249711e34f4ce12c6afeb7e6d77bd3b97644edd8e3a3b71fcd006b6237766e151f344afb2306455034ea7a31b1a48724e372a5a8a9ca040f5831f2eb11842a4b8ec9064fa439440f374355d9af754314ce445ac9bea7fac19c3ac58a131895c378ec497ffdf9a82032d9fa225397b92d2e2193de6fe2f6b6c0bd0f80de3dc72890b6900c5b86752639bf37ab325c16dc2f3d4d01b4c3b71ebbfd6fc9b316f76a07144538506a68ae00df22f2fa9cbb0c9fa73c1dcf3eb2eb4fe3534fcee01e9ca0c66f27b8e05e7545cbc3511b3d086f51d58f9acd52eab032468cc8075451bcd5c081a8db84ff509a2f874daf6b3ddff977834d87fc0de3220a4041526a", 0x0, 0x10, 0x5bb727690d5f0ff6, 0x0, 0x0}) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0xf00, 0x3, &(0x7f0000fff000/0x1000)=nil) r7 = socket$can_bcm(0x1d, 0x2, 0x2) sendmsg$can_bcm(r7, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000400)=ANY=[@ANYBLOB="050000"], 0x48}}, 0x0) sendmsg$can_bcm(r7, &(0x7f00000001c0)={&(0x7f0000000040), 0x10, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="05000000070000000088102b", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB], 0x48}}, 0x0) sendfile(r4, r4, &(0x7f0000000580)=0xca3e, 0x5) socketpair$unix(0x1, 0x3, 0x0, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0x541b, &(0x7f0000000240)) 5m52.022462185s ago: executing program 4 (id=1338): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$TOKEN_CREATE(0x24, 0x0, 0x0) r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000100)=0x2) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0x11) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_open_dev$loop(&(0x7f00000001c0), 0x75f, 0x103382) syz_emit_ethernet(0x82, &(0x7f00000003c0)=ANY=[@ANYBLOB], 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="7000000002060500000000000000000000000000120003006269746d61703a69702c6d6163000000050004000000000009000200f3797a3000000000240007800c0002800800014000008e020c0001800800014000000000080008400000001005000500020000000500010006"], 0x70}}, 0x0) sendmsg$IPSET_CMD_DESTROY(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, 0x3, 0x6, 0x301, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0) syz_io_uring_setup(0x4d88, &(0x7f0000000300)={0x0, 0xb0f3, 0x1000, 0x1, 0x18f}, &(0x7f0000000280), &(0x7f0000000380)) 5m36.555399023s ago: executing program 39 (id=1338): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$TOKEN_CREATE(0x24, 0x0, 0x0) r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000100)=0x2) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0x11) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_open_dev$loop(&(0x7f00000001c0), 0x75f, 0x103382) syz_emit_ethernet(0x82, &(0x7f00000003c0)=ANY=[@ANYBLOB], 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="7000000002060500000000000000000000000000120003006269746d61703a69702c6d6163000000050004000000000009000200f3797a3000000000240007800c0002800800014000008e020c0001800800014000000000080008400000001005000500020000000500010006"], 0x70}}, 0x0) sendmsg$IPSET_CMD_DESTROY(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, 0x3, 0x6, 0x301, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0) syz_io_uring_setup(0x4d88, &(0x7f0000000300)={0x0, 0xb0f3, 0x1000, 0x1, 0x18f}, &(0x7f0000000280), &(0x7f0000000380)) 1m47.327911908s ago: executing program 5 (id=2254): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000009d00)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_QOS_MAP(r0, &(0x7f0000009e00)={0x0, 0x0, &(0x7f0000009dc0)={&(0x7f0000009d40)={0x34, r1, 0x1, 0x70bd27, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_QOS_MAP={0x17, 0xc7, {[{0xfa, 0x4}, {0x7, 0x1}, {0xb7, 0x6}, {0xd, 0x7}, {0x8, 0x7}, {0x5, 0x1}], "0e783f35ebd82d55"}}]}, 0x34}, 0x1, 0x0, 0x0, 0x40c0}, 0x0) 1m47.160949421s ago: executing program 5 (id=2257): syz_mount_image$vfat(&(0x7f0000003880), &(0x7f0000000e80)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000040)={[{@utf8}, {@iocharset={'iocharset', 0x3d, 'cp932'}}, {@rodir}, {@uni_xlate}, {@shortname_mixed}, {@shortname_win95}, {@utf8no}, {@uni_xlate}, {@utf8}, {@shortname_mixed}, {@utf8}, {@uni_xlateno}, {@shortname_win95}, {@fat=@codepage={'codepage', 0x3d, '936'}}, {@utf8}, {@uni_xlate}]}, 0x1, 0x2a7, &(0x7f0000000580)="$eJzs3c9qK1UcB/DfpGkSdZEsXInigC5cXW7vE6RIhYtZKVmoCxXvLUgThBYK/sHYleDKjUufQBC68yXc+AY+gODOLgpHJplpkpqmHWha9X4+m56ec75zfmcybekiJx+9PD54ksf+yVe/R6eTRaMf/TjLoheNqHwTS/rfBwDwX3aWUvyZZurksojobK4sAGCDav/9P914SQDAhr373vtv7w4Ge+/keSdi/O3xsPjPvvg6G9/dj09jFE/jYXTjPCJdmLXfSilNmnmhF6+PJ8fDIjn+8Nfy+rt/REzzO9GN3rRrOf94sLeTzyzkJ0Udz5fr94v8o+jGiyvWfzzYe7QiH8NWvPHaQv0Pohu/fRKfxSieTIuY57/eyfM30w9/fflBUV6RzybHw/Z03lzauuOXBgAAAAAAAAAAAAAAAAAAAACA/7EH5dk57Zie31N0lefvbJ0X32xHXuktn88zy2fVhS6dDzRJ8WN1vs7DPM9TOXGeb8ZLzWjez64BAAAAAAAAAAAAAAAAAADg3+Xo8y8OPh6Nnh7eSqM6DaB6W3/965xOU/2Fnldjfao9X6tRNtcsEVvVnCxibT3FJm7ptlzXeO6qmn/6ue4FO9fP2S7W6tziLqqXe6Enqp5s9T1sX0zuVA/JL1VPSim14oart64aSrUev9bKoW7tu9F6YdqYrJkT2VWFfffK/OeyHMou76K1dJ+XGttlYyF+6dmo9Tz/83dF5rQOAAAAAAAAAAAAAAAAAADYqPmbflcMnqyNNlJ7Y2UBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ2af/5/jcakDN9gcisOj+55iwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwD/g4AAP//bmxcuQ==") r0 = socket$netlink(0x10, 0x3, 0x0) mkdir(0x0, 0x0) mkdir(0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = syz_pidfd_open(0x0, 0x0) r5 = epoll_create(0x1) epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r4, &(0x7f00000000c0)) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, r4, &(0x7f0000000040)={r5, r4}) sendmsg$netlink(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001d80)=[{&(0x7f00000005c0)={0x30, 0x2e, 0x503, 0x0, 0x0, "", [@nested={0x20, 0x0, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @u32}, @typed={0x8, 0x0, 0x0, 0x0, @fd}, @typed={0xc, 0xf, 0x0, 0x0, @u64}, @generic]}]}, 0x30}], 0x1}, 0x0) r6 = open(&(0x7f0000000040)='./bus\x00', 0x44842, 0x0) open(0x0, 0x400141042, 0x0) ioctl$USBDEVFS_IOCTL(r6, 0xc0105512, &(0x7f0000000180)=@usbdevfs_driver={0x5, 0x2, &(0x7f0000000100)="9bd975c40e22a6cce292d3169e2cd29115c6b1c9045b5e01f178715a7d030a2b89e76dd1321875d0fcbac8c24c4df05f55b395b5cdd5cb9ba3f7d66a5beb0964f42ea5acb3cf13cc0d04978a3ea8"}) pwritev2(r6, &(0x7f0000000240)=[{&(0x7f0000000000)='$', 0x100000}], 0x2, 0x1400, 0x0, 0x3) 1m46.482504182s ago: executing program 5 (id=2261): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) rt_tgsigqueueinfo(0x0, 0x0, 0x36, &(0x7f0000000240)={0x21, 0xfffffff7, 0xe}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sendmmsg$inet(0xffffffffffffffff, &(0x7f0000002dc0)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000180)="e1cdf1c9d746bcaa9854b30731a00f236b0aa22e760f29fc5e15ebe36fbe2e1698", 0x21}], 0x1}}], 0x1, 0x20000050) openat$vsock(0xffffff9c, &(0x7f00000001c0), 0x40101, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0xfffffffffffffffe]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 1m45.750938017s ago: executing program 5 (id=2266): syz_mount_image$vfat(&(0x7f0000003880), &(0x7f0000000e80)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000040)={[{@utf8}, {@iocharset={'iocharset', 0x3d, 'cp932'}}, {@rodir}, {@uni_xlate}, {@shortname_mixed}, {@shortname_win95}, {@utf8no}, {@uni_xlate}, {@utf8}, {@shortname_mixed}, {@utf8}, {@uni_xlateno}, {@shortname_win95}, {@fat=@codepage={'codepage', 0x3d, '936'}}, {@utf8}, {@uni_xlate}]}, 0x1, 0x2a7, &(0x7f0000000580)="$eJzs3c9qK1UcB/DfpGkSdZEsXInigC5cXW7vE6RIhYtZKVmoCxXvLUgThBYK/sHYleDKjUufQBC68yXc+AY+gODOLgpHJplpkpqmHWha9X4+m56ec75zfmcybekiJx+9PD54ksf+yVe/R6eTRaMf/TjLoheNqHwTS/rfBwDwX3aWUvyZZurksojobK4sAGCDav/9P914SQDAhr373vtv7w4Ge+/keSdi/O3xsPjPvvg6G9/dj09jFE/jYXTjPCJdmLXfSilNmnmhF6+PJ8fDIjn+8Nfy+rt/REzzO9GN3rRrOf94sLeTzyzkJ0Udz5fr94v8o+jGiyvWfzzYe7QiH8NWvPHaQv0Pohu/fRKfxSieTIuY57/eyfM30w9/fflBUV6RzybHw/Z03lzauuOXBgAAAAAAAAAAAAAAAAAAAACA/7EH5dk57Zie31N0lefvbJ0X32xHXuktn88zy2fVhS6dDzRJ8WN1vs7DPM9TOXGeb8ZLzWjez64BAAAAAAAAAAAAAAAAAADg3+Xo8y8OPh6Nnh7eSqM6DaB6W3/965xOU/2Fnldjfao9X6tRNtcsEVvVnCxibT3FJm7ptlzXeO6qmn/6ue4FO9fP2S7W6tziLqqXe6Enqp5s9T1sX0zuVA/JL1VPSim14oart64aSrUev9bKoW7tu9F6YdqYrJkT2VWFfffK/OeyHMou76K1dJ+XGttlYyF+6dmo9Tz/83dF5rQOAAAAAAAAAAAAAAAAAADYqPmbflcMnqyNNlJ7Y2UBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ2af/5/jcakDN9gcisOj+55iwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwD/g4AAP//bmxcuQ==") r0 = socket$netlink(0x10, 0x3, 0x0) mkdir(0x0, 0x0) mkdir(0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = getpgrp(0x0) r3 = syz_pidfd_open(r2, 0x0) r4 = epoll_create(0x1) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f00000000c0)) r5 = syz_clone(0x20002000, 0x0, 0x0, 0x0, 0x0, 0x0) kcmp$KCMP_EPOLL_TFD(r2, r5, 0x7, r3, &(0x7f0000000040)={r4, r3}) sendmsg$netlink(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001d80)=[{&(0x7f00000005c0)={0x30, 0x2e, 0x503, 0x0, 0x0, "", [@nested={0x20, 0x0, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @u32}, @typed={0x8, 0x0, 0x0, 0x0, @fd}, @typed={0xc, 0xf, 0x0, 0x0, @u64}, @generic]}]}, 0x30}], 0x1}, 0x0) r6 = open(&(0x7f0000000040)='./bus\x00', 0x44842, 0x0) r7 = open(0x0, 0x400141042, 0x0) ioctl$USBDEVFS_IOCTL(r6, 0xc0105512, &(0x7f0000000180)=@usbdevfs_driver={0x5, 0x2, &(0x7f0000000100)="9bd975c40e22a6cce292d3169e2cd29115c6b1c9045b5e01f178715a7d030a2b89e76dd1321875d0fcbac8c24c4df05f55b395b5cdd5cb9ba3f7d66a5beb0964f42ea5acb3cf13cc0d04978a3ea8"}) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x580000a, 0x13, r7, 0x0) pwritev2(r6, &(0x7f0000000240)=[{&(0x7f0000000000)='$', 0x100000}], 0x2, 0x1400, 0x0, 0x3) 1m45.270538693s ago: executing program 5 (id=2268): r0 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000090024206d041cc340000000000109022400010000a00009040000010301010009210008000122010009058103"], 0x0) syz_usb_control_io$hid(r0, &(0x7f00000000c0)={0x24, &(0x7f0000000000)=ANY=[@ANYBLOB='\x00\x00\f'], 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f00000002c0)={0x24, 0x0, 0x0, &(0x7f0000000240)={0x0, 0x22, 0x2, {[@local=@item_012={0x1, 0x2, 0x1, "dd"}]}}, 0x0}, 0x0) 1m44.692867577s ago: executing program 5 (id=2273): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = dup(r0) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0, r2}, 0x18) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r3 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r6 = socket$tipc(0x1e, 0x2, 0x0) r7 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r7, &(0x7f00000006c0)=@name={0x1e, 0x2, 0x0, {{0x42, 0x10000001}}}, 0x10) setsockopt$TIPC_GROUP_JOIN(r7, 0x10f, 0x87, &(0x7f00000001c0)={0x42, 0x4}, 0x10) sendmsg$tipc(r6, &(0x7f0000000380)={&(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x0, {0x41, 0x10000001, 0x10000003}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x20000044}, 0x10) write$UHID_INPUT(r1, &(0x7f0000001040)={0xe, {"a2e3ad21ed0d52f90b9b39094bf70e06d038e7ff7fc6e5539b324b298b089b0708376d090890e0878f0e1ac6e7049b334a959bfc9a240d2567f3988f7ef319520100ffe8d1780700523c921b1b9b31070d075d0936cd3b78130daa61f94b61404d64aec1b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb056d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498be0800000000000000f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c088215ec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6f44ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d208001349b41db6efcffac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ec126c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b8247068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2a15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee53259289d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c1980778efa5ea567b7b7430acc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a0700d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8440daaa69bf5c8f4350aeae9ca1207e76061b28f27da19acc7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211c7847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7beddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c5409711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e781171e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e24919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b906ce2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf3f2aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7ae288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f00000000000000000000b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289d8523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c78e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d53588a0f9455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d664130bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7899484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e7c7b2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df06720ba2b26bbfcc807c8aabb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db38b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ea4cd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f031755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb24ee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1040}}, 0x1006) 1m44.566825287s ago: executing program 40 (id=2273): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = dup(r0) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0, r2}, 0x18) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r3 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r6 = socket$tipc(0x1e, 0x2, 0x0) r7 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r7, &(0x7f00000006c0)=@name={0x1e, 0x2, 0x0, {{0x42, 0x10000001}}}, 0x10) setsockopt$TIPC_GROUP_JOIN(r7, 0x10f, 0x87, &(0x7f00000001c0)={0x42, 0x4}, 0x10) sendmsg$tipc(r6, &(0x7f0000000380)={&(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x0, {0x41, 0x10000001, 0x10000003}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x20000044}, 0x10) write$UHID_INPUT(r1, &(0x7f0000001040)={0xe, {"a2e3ad21ed0d52f90b9b39094bf70e06d038e7ff7fc6e5539b324b298b089b0708376d090890e0878f0e1ac6e7049b334a959bfc9a240d2567f3988f7ef319520100ffe8d1780700523c921b1b9b31070d075d0936cd3b78130daa61f94b61404d64aec1b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb056d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498be0800000000000000f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c088215ec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6f44ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d208001349b41db6efcffac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ec126c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b8247068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2a15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee53259289d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c1980778efa5ea567b7b7430acc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a0700d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8440daaa69bf5c8f4350aeae9ca1207e76061b28f27da19acc7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211c7847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7beddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c5409711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e781171e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e24919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b906ce2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf3f2aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7ae288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f00000000000000000000b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289d8523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c78e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d53588a0f9455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d664130bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7899484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e7c7b2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df06720ba2b26bbfcc807c8aabb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db38b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ea4cd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f031755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb24ee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1040}}, 0x1006) 1m28.62430728s ago: executing program 7 (id=2275): r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{0x0}], 0x1}, 0x0) gettid() eventfd(0x0) r1 = geteuid() setsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, 0x0, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000180)={@loopback={0xfec0ffff00000000}, 0x8000000, 0x0, 0x3, 0x0, 0x0, 0x9}, 0x20) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) setfsuid(r1) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) r4 = socket$inet6(0xa, 0x80002, 0x0) connect$inet6(r4, &(0x7f0000000240)={0xa, 0x4e20, 0xfffffffd, @local, 0x1}, 0x1c) sendmmsg$inet6(r4, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00) openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) 1m25.17812157s ago: executing program 7 (id=2377): syz_mount_image$vfat(&(0x7f0000003880), &(0x7f0000000e80)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000040)={[{@utf8}, {@iocharset={'iocharset', 0x3d, 'cp932'}}, {@rodir}, {@uni_xlate}, {@shortname_mixed}, {@shortname_win95}, {@utf8no}, {@uni_xlate}, {@utf8}, {@shortname_mixed}, {@utf8}, {@uni_xlateno}, {@shortname_win95}, {@fat=@codepage={'codepage', 0x3d, '936'}}, {@utf8}, {@uni_xlate}]}, 0x1, 0x2a7, &(0x7f0000000580)="$eJzs3c9qK1UcB/DfpGkSdZEsXInigC5cXW7vE6RIhYtZKVmoCxXvLUgThBYK/sHYleDKjUufQBC68yXc+AY+gODOLgpHJplpkpqmHWha9X4+m56ec75zfmcybekiJx+9PD54ksf+yVe/R6eTRaMf/TjLoheNqHwTS/rfBwDwX3aWUvyZZurksojobK4sAGCDav/9P914SQDAhr373vtv7w4Ge+/keSdi/O3xsPjPvvg6G9/dj09jFE/jYXTjPCJdmLXfSilNmnmhF6+PJ8fDIjn+8Nfy+rt/REzzO9GN3rRrOf94sLeTzyzkJ0Udz5fr94v8o+jGiyvWfzzYe7QiH8NWvPHaQv0Pohu/fRKfxSieTIuY57/eyfM30w9/fflBUV6RzybHw/Z03lzauuOXBgAAAAAAAAAAAAAAAAAAAACA/7EH5dk57Zie31N0lefvbJ0X32xHXuktn88zy2fVhS6dDzRJ8WN1vs7DPM9TOXGeb8ZLzWjez64BAAAAAAAAAAAAAAAAAADg3+Xo8y8OPh6Nnh7eSqM6DaB6W3/965xOU/2Fnldjfao9X6tRNtcsEVvVnCxibT3FJm7ptlzXeO6qmn/6ue4FO9fP2S7W6tziLqqXe6Enqp5s9T1sX0zuVA/JL1VPSim14oart64aSrUev9bKoW7tu9F6YdqYrJkT2VWFfffK/OeyHMou76K1dJ+XGttlYyF+6dmo9Tz/83dF5rQOAAAAAAAAAAAAAAAAAADYqPmbflcMnqyNNlJ7Y2UBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ2af/5/jcakDN9gcisOj+55iwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwD/g4AAP//bmxcuQ==") r0 = socket$netlink(0x10, 0x3, 0x0) mkdir(0x0, 0x0) mkdir(0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = getpgrp(0x0) r5 = syz_pidfd_open(r4, 0x0) r6 = epoll_create(0x1) epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r5, &(0x7f00000000c0)) r7 = syz_clone(0x20002000, 0x0, 0x0, 0x0, 0x0, 0x0) kcmp$KCMP_EPOLL_TFD(r4, r7, 0x7, r5, &(0x7f0000000040)={r6, r5}) sendmsg$netlink(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001d80)=[{&(0x7f00000005c0)={0x30, 0x2e, 0x503, 0x0, 0x0, "", [@nested={0x20, 0x0, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @u32}, @typed={0x8, 0x0, 0x0, 0x0, @fd}, @typed={0xc, 0xf, 0x0, 0x0, @u64}, @generic]}]}, 0x30}], 0x1}, 0x0) r8 = open(&(0x7f0000000040)='./bus\x00', 0x44842, 0x0) r9 = open(0x0, 0x400141042, 0x0) ioctl$USBDEVFS_IOCTL(r8, 0xc0105512, &(0x7f0000000180)=@usbdevfs_driver={0x5, 0x2, &(0x7f0000000100)="9bd975c40e22a6cce292d3169e2cd29115c6b1c9045b5e01f178715a7d030a2b89e76dd1321875d0fcbac8c24c4df05f55b395b5cdd5cb9ba3f7d66a5beb0964f42ea5acb3cf13cc0d04978a3ea8"}) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x580000a, 0x13, r9, 0x0) pwritev2(r8, &(0x7f0000000240)=[{&(0x7f0000000000)='$', 0x100000}], 0x2, 0x1400, 0x0, 0x3) 1m24.928543949s ago: executing program 7 (id=2382): syz_mount_image$vfat(&(0x7f0000003880), &(0x7f0000000e80)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000040)={[{@utf8}, {@iocharset={'iocharset', 0x3d, 'cp932'}}, {@rodir}, {@uni_xlate}, {@shortname_mixed}, {@shortname_win95}, {@utf8no}, {@uni_xlate}, {@utf8}, {@shortname_mixed}, {@utf8}, {@uni_xlateno}, {@shortname_win95}, {@fat=@codepage={'codepage', 0x3d, '936'}}, {@utf8}, {@uni_xlate}]}, 0x1, 0x2a7, &(0x7f0000000580)="$eJzs3c9qK1UcB/DfpGkSdZEsXInigC5cXW7vE6RIhYtZKVmoCxXvLUgThBYK/sHYleDKjUufQBC68yXc+AY+gODOLgpHJplpkpqmHWha9X4+m56ec75zfmcybekiJx+9PD54ksf+yVe/R6eTRaMf/TjLoheNqHwTS/rfBwDwX3aWUvyZZurksojobK4sAGCDav/9P914SQDAhr373vtv7w4Ge+/keSdi/O3xsPjPvvg6G9/dj09jFE/jYXTjPCJdmLXfSilNmnmhF6+PJ8fDIjn+8Nfy+rt/REzzO9GN3rRrOf94sLeTzyzkJ0Udz5fr94v8o+jGiyvWfzzYe7QiH8NWvPHaQv0Pohu/fRKfxSieTIuY57/eyfM30w9/fflBUV6RzybHw/Z03lzauuOXBgAAAAAAAAAAAAAAAAAAAACA/7EH5dk57Zie31N0lefvbJ0X32xHXuktn88zy2fVhS6dDzRJ8WN1vs7DPM9TOXGeb8ZLzWjez64BAAAAAAAAAAAAAAAAAADg3+Xo8y8OPh6Nnh7eSqM6DaB6W3/965xOU/2Fnldjfao9X6tRNtcsEVvVnCxibT3FJm7ptlzXeO6qmn/6ue4FO9fP2S7W6tziLqqXe6Enqp5s9T1sX0zuVA/JL1VPSim14oart64aSrUev9bKoW7tu9F6YdqYrJkT2VWFfffK/OeyHMou76K1dJ+XGttlYyF+6dmo9Tz/83dF5rQOAAAAAAAAAAAAAAAAAADYqPmbflcMnqyNNlJ7Y2UBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ2af/5/jcakDN9gcisOj+55iwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwD/g4AAP//bmxcuQ==") r0 = socket$netlink(0x10, 0x3, 0x0) mkdir(0x0, 0x0) mkdir(0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = getpgrp(0x0) r4 = syz_pidfd_open(r3, 0x0) r5 = epoll_create(0x1) epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r4, &(0x7f00000000c0)) r6 = syz_clone(0x20002000, 0x0, 0x0, 0x0, 0x0, 0x0) kcmp$KCMP_EPOLL_TFD(r3, r6, 0x7, r4, &(0x7f0000000040)={r5, r4}) sendmsg$netlink(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001d80)=[{&(0x7f00000005c0)={0x30, 0x2e, 0x503, 0x0, 0x0, "", [@nested={0x20, 0x0, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @u32}, @typed={0x8, 0x0, 0x0, 0x0, @fd}, @typed={0xc, 0xf, 0x0, 0x0, @u64}, @generic]}]}, 0x30}], 0x1}, 0x0) r7 = open(&(0x7f0000000040)='./bus\x00', 0x44842, 0x0) r8 = open(0x0, 0x400141042, 0x0) ioctl$USBDEVFS_IOCTL(r7, 0xc0105512, &(0x7f0000000180)=@usbdevfs_driver={0x5, 0x2, &(0x7f0000000100)="9bd975c40e22a6cce292d3169e2cd29115c6b1c9045b5e01f178715a7d030a2b89e76dd1321875d0fcbac8c24c4df05f55b395b5cdd5cb9ba3f7d66a5beb0964f42ea5acb3cf13cc0d04978a3ea8"}) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x580000a, 0x13, r8, 0x0) pwritev2(r7, &(0x7f0000000240)=[{&(0x7f0000000000)='$', 0x100000}], 0x2, 0x1400, 0x0, 0x3) 1m24.315487806s ago: executing program 7 (id=2385): r0 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) fchdir(r0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]}) add_key(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff) mkdirat$binderfs(0xffffffffffffff9c, &(0x7f00000019c0)='./binderfs2\x00', 0x1ff) 1m24.131013849s ago: executing program 41 (id=2385): r0 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) fchdir(r0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]}) add_key(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff) mkdirat$binderfs(0xffffffffffffff9c, &(0x7f00000019c0)='./binderfs2\x00', 0x1ff) 8.164904324s ago: executing program 3 (id=2688): syz_mount_image$vfat(&(0x7f0000003880), &(0x7f0000000e80)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000040)={[{@utf8}, {@iocharset={'iocharset', 0x3d, 'cp932'}}, {@rodir}, {@uni_xlate}, {@shortname_mixed}, {@shortname_win95}, {@utf8no}, {@uni_xlate}, {@utf8}, {@shortname_mixed}, {@utf8}, {@uni_xlateno}, {@shortname_win95}, {@fat=@codepage={'codepage', 0x3d, '936'}}, {@utf8}, {@uni_xlate}]}, 0x1, 0x2a7, &(0x7f0000000580)="$eJzs3c9qK1UcB/DfpGkSdZEsXInigC5cXW7vE6RIhYtZKVmoCxXvLUgThBYK/sHYleDKjUufQBC68yXc+AY+gODOLgpHJplpkpqmHWha9X4+m56ec75zfmcybekiJx+9PD54ksf+yVe/R6eTRaMf/TjLoheNqHwTS/rfBwDwX3aWUvyZZurksojobK4sAGCDav/9P914SQDAhr373vtv7w4Ge+/keSdi/O3xsPjPvvg6G9/dj09jFE/jYXTjPCJdmLXfSilNmnmhF6+PJ8fDIjn+8Nfy+rt/REzzO9GN3rRrOf94sLeTzyzkJ0Udz5fr94v8o+jGiyvWfzzYe7QiH8NWvPHaQv0Pohu/fRKfxSieTIuY57/eyfM30w9/fflBUV6RzybHw/Z03lzauuOXBgAAAAAAAAAAAAAAAAAAAACA/7EH5dk57Zie31N0lefvbJ0X32xHXuktn88zy2fVhS6dDzRJ8WN1vs7DPM9TOXGeb8ZLzWjez64BAAAAAAAAAAAAAAAAAADg3+Xo8y8OPh6Nnh7eSqM6DaB6W3/965xOU/2Fnldjfao9X6tRNtcsEVvVnCxibT3FJm7ptlzXeO6qmn/6ue4FO9fP2S7W6tziLqqXe6Enqp5s9T1sX0zuVA/JL1VPSim14oart64aSrUev9bKoW7tu9F6YdqYrJkT2VWFfffK/OeyHMou76K1dJ+XGttlYyF+6dmo9Tz/83dF5rQOAAAAAAAAAAAAAAAAAADYqPmbflcMnqyNNlJ7Y2UBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ2af/5/jcakDN9gcisOj+55iwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwD/g4AAP//bmxcuQ==") r0 = socket$netlink(0x10, 0x3, 0x0) mkdir(0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = getpgrp(0x0) r5 = syz_pidfd_open(r4, 0x0) r6 = epoll_create(0x1) epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r5, &(0x7f00000000c0)) r7 = syz_clone(0x20002000, 0x0, 0x0, 0x0, 0x0, 0x0) kcmp$KCMP_EPOLL_TFD(r4, r7, 0x7, r5, &(0x7f0000000040)={r6, r5}) sendmsg$netlink(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001d80)=[{&(0x7f00000005c0)={0x30, 0x2e, 0x503, 0x0, 0x0, "", [@nested={0x20, 0x0, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @u32}, @typed={0x8, 0x0, 0x0, 0x0, @fd}, @typed={0xc, 0xf, 0x0, 0x0, @u64}, @generic]}]}, 0x30}], 0x1}, 0x0) r8 = open(&(0x7f0000000040)='./bus\x00', 0x44842, 0x0) r9 = open(0x0, 0x400141042, 0x0) ioctl$USBDEVFS_IOCTL(r8, 0xc0105512, &(0x7f0000000180)=@usbdevfs_driver={0x5, 0x2, &(0x7f0000000100)="9bd975c40e22a6cce292d3169e2cd29115c6b1c9045b5e01f178715a7d030a2b89e76dd1321875d0fcbac8c24c4df05f55b395b5cdd5cb9ba3f7d66a5beb0964f42ea5acb3cf13cc0d04978a3ea8"}) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x580000a, 0x13, r9, 0x0) pwritev2(r8, &(0x7f0000000240)=[{&(0x7f0000000000)='$', 0x100000}], 0x2, 0x1400, 0x0, 0x3) 7.889130745s ago: executing program 2 (id=2689): recvmmsg(0xffffffffffffffff, &(0x7f0000003340)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=""/221, 0xdd}, 0x25}], 0x1, 0x2000, 0x0) r0 = socket$inet(0x2, 0x3, 0x4) setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000000c0)='bond0\x00', 0x10) connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @private=0xa010100}, 0x10) sendmmsg$inet(r0, &(0x7f0000000f40)=[{{&(0x7f0000000040)={0x2, 0x0, @broadcast}, 0x10, 0x0}}], 0x68000, 0x0) 7.020328751s ago: executing program 3 (id=2692): pipe2$9p(&(0x7f0000000000), 0x0) openat(0xffffffffffffff9c, 0x0, 0x101042, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) connect$vsock_stream(0xffffffffffffffff, 0x0, 0x0) connect$vsock_stream(0xffffffffffffffff, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x20) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x400, 0x0, 0x32}, 0x9c) bind$inet6(r3, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r3, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) shutdown(r3, 0x2) timer_create(0xb, 0x0, &(0x7f00000000c0)=0x0) timer_gettime(r4, &(0x7f0000000380)) symlink(&(0x7f0000001640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/../file0\x00', &(0x7f0000000e40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 6.845032084s ago: executing program 2 (id=2693): r0 = syz_init_net_socket$llc(0x1a, 0x5, 0x0) r1 = syz_open_dev$audion(0x0, 0x1, 0x501000) getsockopt$netlink(r1, 0x10e, 0x5, &(0x7f0000000400)=""/80, &(0x7f0000000240)=0x50) r2 = syz_io_uring_setup(0x237, &(0x7f0000000480)={0x0, 0x80fe, 0x0, 0x0, 0x2cf, 0x0, r1}, &(0x7f0000000040)=0x0, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xffffffff, 0x0, 0x4) r4 = socket$inet_smc(0x2b, 0x1, 0x0) syz_io_uring_submit(r3, 0x0, &(0x7f0000000200)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r4, 0x80, &(0x7f0000000100)=@l2tp={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x1b}, 0x3}, 0x0, 0x0, 0x1}) io_uring_enter(r2, 0x47ba, 0x0, 0x0, 0x0, 0x0) listen(r4, 0x6) r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000004c0), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r5, 0x40605346, &(0x7f0000000280)={0x0, 0x0, {0x1, 0x0, 0x0, 0x64}}) r6 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_inet_SIOCDARP(r6, 0x8955, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sendmsg$ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, 0x0, 0x800) socket$nl_route(0x10, 0x3, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1) sched_setscheduler(0x0, 0x2, 0x0) ioctl$sock_inet_SIOCSARP(r4, 0x8955, &(0x7f0000000100)={{0x2, 0x4e20, @rand_addr=0x64010104}, {0x306, @remote}, 0xde9e193c92a470a8, {0x2, 0x4e22, @multicast1}, 'xfrm0\x00'}) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='blkio.bfq.io_queued\x00', 0x275a, 0x0) write$cgroup_int(r7, &(0x7f0000000000), 0xffffff6a) sendfile(r0, r7, 0x0, 0x5) 6.700063785s ago: executing program 1 (id=2694): syz_mount_image$erofs(&(0x7f00000003c0), &(0x7f0000000880)='./file0\x00', 0x8000c6, &(0x7f0000000240)=ANY=[], 0x0, 0x17d, &(0x7f0000001ac0)="$eJzsmLFP+kAUx7/vyg/yMy6uLg4SxcHSFjUuxLA5mogaNwlUghYx0EGYdPH/cHZwdvOPMM7qYFwY3Uxqej3oQQR10MT4PsPj+7h313evyXcoGIb5szw+vNyvFe+EAWASaaTU/89GXCO0+tfb83Jraj1/OfeUv041robPIwBB8PnnJwDcFAz4Kg+Cwd1p9VuE6OstCCwovQOCqfQeBLaVdkHYVfpA042w3jT3a55rlhteJRRWGOwwOGHIDffXPSNUtP5IW2+1O4clz3Ob3yg+ml+3IJDX+tPfV282ljY/GwK20jkQNpVeRao3m2gk2v2nE/H5xg/fnwULFr9NxP4UXBDmNX9KaP6R9evH2Va7s1irl6pu1T1ynNyKtWRZy05WGlEUx/jff+lPE9r5/0bUJimJk5LvN+0o9nMniu85rpD+J5CZjfLQ+5Mju4nWSe0jqTLGmHKGYRiGYRiGYRiGYRiGYZgvMAOSX0EldIo4GcDZkNVvAQAA///an3MA") mkdir(&(0x7f0000000080)='./bus\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000380), 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) chdir(&(0x7f0000000140)='./bus\x00') creat(&(0x7f0000000040)='./file2\x00', 0x8) 6.442779674s ago: executing program 2 (id=2697): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_HOPOPTS(r1, 0x29, 0x36, &(0x7f0000000040)={0x87}, 0x8) setsockopt$inet6_buf(r1, 0x29, 0x3e, &(0x7f0000000f80)="2a3c9062", 0x4) sendto$inet6(r1, &(0x7f0000000800)="51e251578851f74182a74b89b27df427aeef44966d202e4138b5a18e75a0424e7fe93b0d32c7abba87b65f97aba1c26a06b6d94c4aefd8fdca10e744391062c8e612721c20051608d9aa6dacf61e1eb331a4daad402b9885599d56130f7149fb1111fa116e94324d585a0569fbd311dad54cb4e32ff7f02216844ef42eeb66c3d526c878d5135ad1c9262239339c18885e2a0a95854d6cde3dd2feeaa50216af6c5760923413af81199a65a6332b02ec7bbf79d557c033cbe032fdc44f66a5c59cc4a3c5d218f5896b359d1efd60baf98df6396567478f7b817ce6e11d59a7def452a068e9607f57f626a5b8d476636ef1ee76307524009ae49be402000000000000001e80fed632155e14da1f7324d97bc61a3c1edc4431ee8a6caa2ed9f85cea5a2a9b263630c7d6fc35dda6002da571a2e51917e7c1019d8ce21a608147e408074c7c5f444fab931bda86d977d7c9ccefd881e5ef05b287f41eea526862885881c2cdc687dff02ba9b70a9b08734ac4d62c7f34465c34aa9e9f136c7f796d9eea41aa37f61830508338bb1f887089070567a1dd96cd700e7a098dabedb60f31acd17d487bc8be1a3101d2b5ac1715003793596c6daa93a27f4adb4d6fbea5669cabc206c944317ea18a2c762457f1bc945fec8f849641d44e7e2a24faeee28f3f266395fe18b0dce20c1f64e8896c8ff0e4a44a116fb32462471a0fcde143e551723d57339722765673b4163d66f473ac10f988cb252f106632f9884a47866d284b4efc6bb1aa74ed48d4a6535795f0873a99907ebc22be2337364cf9acc063e32f7d2e02fad64d04aa405d2dbdee1128ab1e4761d2dd30885ad37dd168478f10789d172feef4c817a5cd372caade57f23300e45f47e001e3ea09364ab42ee9802477368b9910f4e24037c871cb8251568c792287a6f49fa61b7c2600accaa0e7b40c59d88a29af5886c1f5dfc6837c58aaef12a9e100225c70441144ffa82927fa4802ed9ebb03eea8e945af5f4993f21a7f53baf7ec5bb6cc96b917dde82c18840c3500e9565f68f687b1c73d834c0d99d4acb002dc5682dbcdb1217a98f6c3ef8318b7fa93894e8a097b4511ba5c035e27c9fe8bfe7754741ac21bbc0303b81672e3117e5590fe2d92f912759b9937f64204ec5caa92e218daa5a3ef64617beb30cccb31016b13ed8d7bcabb03e176b1c9bda3bf1c1256ab74ab6f42ed9bafbbd0096263be1a7da1e1c88deec55a653d170e1e13c77dacaa60a37a6ba2383e661ebc9f13dbaade2dd884c9951819fb4608e19e70cd2496ccfb12f24c71f496cfe90400fe1bbea1e9a24b1d4664fb0776aca6269b396779680e52f86877d9209988d12ccb137be01ab7496d00547a7d4849d365a18dbb55c429cde87d33c4b74ad2273cdfee88b5418866ef327f25e9cbcd5a64d97184339f7e4cb5f8de171d2779c0f68884ae835e398f982d5749f085628d3608986656ea04b721f828202e9342bd7d19dfa091e772aebf9718030167a8c029df7c58b7f40029d7cfcaf26fd1900d8775ef373e8e2c5bf3525f907add3be426cd5a079c49abffe933e9ee213a3baf34f932d1299312691e1c53e6247ae0989ad66070d51fad22856a8b6b28954e7d41189b11c5321789eec8670de9e8db0b0473ba2e02731e60e7222697d61e052c18d4bcc6d1572fdf426f7b2fee6c1dee66c85c497b90facaf63b8ec5cde4a73400f9180bcfc0f81eca9580a7c81462a077f9034026bf72aa7c6de4b3c15d4a2dbd6fd7d87084aea9f25fb4bf5ec83eb56874a760533792dff2695407ccdd6a7375e0007230fd3f6501c152f1c1ff279b1d67cc95f2820762b7927659368e41657bdef2dd15b63498a93b787bdb26809d734aaf98b86fcf9fc643a34d03ebbe072820662d20d4774d66c5ae270adade5b8f6242a059b926221ee3d677487471c432b0d6d64dad030703475bb3ecac39b204a814f5ece5961621358e36f8a2cf7196c76959824bbb475a7cad8f57853fe05f59f341b5207cc9bb8d686982c2f158", 0x5a5, 0x0, &(0x7f00000004c0)={0xa, 0xde20, 0x0, @mcast2}, 0x1c) 6.243458539s ago: executing program 1 (id=2699): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f00000002c0)=ANY=[@ANYBLOB="0100"]) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000000000410101c0"]) ioctl$KVM_GET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)) 5.127246653s ago: executing program 2 (id=2702): r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{0x0}], 0x1}, 0x0) r1 = gettid() r2 = eventfd(0x0) r3 = geteuid() setsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, 0x0, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000180)={@loopback={0xfec0ffff00000000}, 0x8000000, 0x0, 0x3, 0x0, 0x0, 0x9}, 0x20) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r4 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) setfsuid(r3) sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4) r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8) r6 = socket$inet6(0xa, 0x80002, 0x0) connect$inet6(r6, &(0x7f0000000240)={0xa, 0x4e20, 0xfffffffd, @local, 0x1}, 0x1c) sendmmsg$inet6(r6, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00) r7 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r7, 0xae03, 0xf) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x7, r2, &(0x7f0000000080)={0xffffffffffffffff, r2, 0x500}) 4.981582924s ago: executing program 1 (id=2703): syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000080)='./file1\x00', 0x2004000, &(0x7f0000000040)={[{@usrjquota}, {@min_batch_time={'min_batch_time', 0x3d, 0x1}}, {@usrjquota}]}, 0xfe, 0x563, &(0x7f0000000240)="$eJzs3c9rHFUcAPDvbHbbpK02BSnoQQI9WKndtIk/KnioR9FiQe91SaahZNMt2U1pYsH2oBcvUgQRC+If4N1j8R/wryhooUgJevASmWQ22Ta7m1/bZHU/H5j2vZnZefPmzXv5vp1dNoCBNZb9U4h4OSK+SSKOt2wrRr5xbG2/5Se3p7IliZWVT/5MIsnXNfdP8v+PNjPFiF+/jDhT2FxufXFptlKtpvN5frwxd2O8vrh09tpcZSadSa9PTE5eeGty4t133u5ZXV+//Pf3Hz/44MLXp5a/+/nRiXtJXIxj+bbWeuzBndbMWIzl16QUF5/Z8XwPCusnyUGfALsylPfzUmRjwPEYyns98P/3RUSsAANpJBL9HwZUMw5ozu035sHDBxiV7J/H769NgDbXv7j23kgMr86NjiwnT82MsvnuaA/Kz8r45Y/797Ilevc+BMCW7tyNiHPF4ubxL8nHv907t419ni3D+Af750EW/7zRLv4prMc/0Sb+Odqm7+7G1v2/8KgHxXSUxX/vtY1/1x9ajQ7luRciRkajlFy9Vk2zse3FiDgdpcNZvtvznAvLD1c6bWuN/7IlK78ZC+bn8ah4+OnXTFcalb3UudXjuxGvtI1/k/X2T9q0f3Y9Lm+zjJPp/Vc7bdu6/s/Xyk8Rr7Vt/40nWkn355Pjq/fDePOu2Oyvr07+1qn8g65/1v5Hutd/NGl9XlvfeRk/Dv+Tdtq22/v/UPLpavpQvu5WpdGYPx9xKPlo8/qJjdc28839s/qfPtV9/Gt3/49ExGfbrH+3mXQ/tP/0jtp/54mHH37+Q6fy8/qXomv7v7maOp2v2c74t90T3Mu1AwAAAAAAgH5TiIhjkRTK6+lCoVxe+3zHS3GkUK3VG2eu1hauT8fqd2VHo1RoPuk+vpZPmp9/GG3JTzyTn4yIExHx7dDIar48VatOH3TlAQAAAAAAAAAAAAAAAAAAoE8c7fD9/8zvQwd9dsBz5ye/YXBt2f978UtPQF/a7d//+R6fB7D/xP8wuPR/GFz6Pwwu/R8Gl/4Pg0v/h8Gl/wMAAAAAAAAAAAAAAAAAAAAAAAAAAEBPXb50KVtWlp/cnsry0zcXF2ZrN89Op/XZ8tzCVHmqNn+jPFOrzVTT8lRtbqvjVWu1G+cnYuHWeCOtN8bri0tX5moL1xtXrs1VZtIraWlfagUAAAAAAAAAAAAAAAAAAAD/LfXFpdlKtZrOS/RzYvg5HfnO3o9T7IfrI7HjRBLd9znokQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANvwbAAD//+f9MzI=") r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'xfrm0\x00', 0x0}) sendto$packet(r0, &(0x7f00000002c0)="12040500ebfc03fc01004788031c09100628", 0xfd35, 0x4, &(0x7f0000000140)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @multicast}, 0x14) 4.150696287s ago: executing program 2 (id=2704): syz_mount_image$reiserfs(&(0x7f0000001100), &(0x7f0000000040)='./bus\x00', 0xc2, &(0x7f0000000900)={[{@acl}, {@usrjquota_file, 0x4}, {@acl}, {@balloc_hashed_reloc}, {@usrjquota, 0x3d}]}, 0x2, 0x1115, &(0x7f0000002280)="$eJzs2D9rFEEYB+Df7B0Yq5NNvwhaWEhIODurFBGutbaRkMpUuSoiiN/FjyOp7EM+gEXAUhjZTdYTCUS5CxJ4Hpjd4Z13/pXvBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAK687D/bTdKOkSZJSbrubHGRpBvjj75MmpS8PlosD07mr5ZJJkN66Vs/q5+Wdu/JVjtv5+1e+2J7/2m7PH3/7u3x8dHJ9TIlXc4vN3+Rcn2eG22VzW8IAAAA90Rd2+zPJadj528q7vX3BwAAAG6z8QcFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgH9UZ6t+m+RHrTVNkpJ03dniIkn3Pw8IAAAArK2kyZvZTfEMzwArz/N1Vob42L6XPmc3n4f5D1aph00e3v3RAQAA4B6Z3ppRfqvHn2WaWuvHcexxptnZuer3v37g234yOT3I7q+a/NPwPb/8cDi2Uid3dB8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Cc7cEACAAAAIOj/63YECgAAAAAAAAAAAAAAAAAAAAAAAHwUAAD//wAQ3aw=") mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) mkdirat(r0, &(0x7f0000000180)='./bus\x00', 0x0) syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a4243c, &(0x7f0000001b80)=ANY=[], 0x0, 0x0, &(0x7f0000000000)) renameat2(r0, &(0x7f0000000380)='./file0\x00', r0, &(0x7f0000000200)='./bus\x00', 0x0) 3.71716013s ago: executing program 1 (id=2709): syz_mount_image$ext4(&(0x7f0000000500)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f00000004c0)={[{}]}, 0x1, 0x453, &(0x7f0000001040)="$eJzs3U9sFFUcB/DvbrslAbRg/IP4r4JKEaW2NUESTCTKSS4GE88NLYRYqKE1EUKMJh68eTHx7EG5eeTgyXjAoyZ48aaejJEYIvGk1sx2ly5lt3RD26nu55PM7pud132/mdffzO7ryzRAzxoqHirJ1iTfJxlcWL25wtDC0/VrF47/ee3C8Urm54/9XqnX++PahePNqs2f21I8VJPhalL9oJKH2rQ7e+78mxPT01NnG+sjc6ffGpk9d/7ZU6cnTk6dnDozeuDgC+OjB8bGx1dtX1+9+O6xLa+9dOSjySu/zVz86csi3q2Nba37sVqGMnTzsWzx1Go3VrL7WsqV/hIDoSt9SYruqtXzfzB9Wey8wXzzY6nBAWtqvrCp4+b35oH/sUrKjgAoR/NCX3z/bS7r9dmD8l09vPAFsOj3641lYUt/qo06tSXf71fTUJJDl458USxZo3EYAAAAgF721eEkz7Qb/6vm/pZ6RfmBJDuSPJhkZ1Kf1/NwkkeSPJrkseZ8oi4srb90/KfSaQINq+Lq4eRQY27XzeN/zdG/bOtrrN1VrKRWOXFqeuq5JHcnGU5tU7E+ukwbl7/957tO21rH/4qlaL85FtiI49f+JX+fnpyYm7iTfWbR1feTnf3t+r9yYyZQkYKPJ9nVzRvXFos/79p7slO12/c/a2n+02RP2/xvnHivHKw/LTM/c6R+PhhpnhVu9eHo2Cud2tf/5Sryf/Ny/Z9sq7TO153tvo3LOy692Glb9+f/Hz4rzv8DldfrAQ40Xn1nYm7u7GgyUDl66+tj3cf839b5Q1PzeDSPV9H/w7vbX//vaXm33UmeSPJkY+7ynvq1P9mb5Okk+5aJ5u+XD7zRaZv8L1fR/5Nt8//G1IAl+d994dD2T452an9l+f98/Rd6uPGKz3+3t9IOKjtOAAAAAAAAAFZHtX4PvEp1/41ytbp//8I9/O7N5ur0zOzcvhMzb5+ZXLhX3rbUqs2ZXoMt80FH6+XF9bEl6+NJtif5uO+vxp0HZqYny9556HFbOuR/4Ze+sqMD1pz7tULvWkH+19YjDmD9uf5D75L/0LvkP/Qu+Q+9S/5D75L/0LtWnv8DaxoHsP5c/6En3cl9/TZaoT8bIoy2heb8qZLCaP5L/g1yNDZm4fOvk3Voqy/JRtnlZQplnpUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANo5/AwAA//9EA9s8") r0 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x0, 0x1b) fchdir(r0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x4001, 0x18) writev(r1, &(0x7f00000001c0)=[{&(0x7f0000000cc0)="e1", 0x1}], 0x1) open(&(0x7f0000000100)='./file0\x00', 0x400, 0x42) 3.689416452s ago: executing program 9 (id=2710): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000400)='kfree\x00', r0, 0x0, 0x800000000}, 0x18) syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000080)={[{@noblock_validity}, {@dioread_nolock}, {@noinit_itable}, {@acl}, {@jqfmt_vfsv0}, {@usrjquota, 0x2e}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x7}}], [], 0x2c}, 0xc4, 0x452, &(0x7f0000000480)="$eJzs20tvG1UUAOAz46bvklDKow/AUBARj6RJC3TBBgRSN0hIsCjLkKZVqdugJki0qmhAqCxRfwGwROIXsIINAlYgtrBHSBXqhsICDRp7nBrHDnbs1Gn9fdIk986Mfc/xzLXvzLUDGFrl/E8SsTMifomI0YgoNe9Qrv27cf3S7F/XL80mkWWv/5HkD4s/r1+are+aFP93FJXxNCL9KIn9LdpduHDxzEylMne+qE8unn1ncuHCxWdOn505NXdq7tz00aNHDk89/9z0s33Jc1ce67735w/sPfbm1Vdnj1996/sv83h3Ftsb86gZ67nNcpSXX5Nmj/f87BvLroZysmmAgdCVvK/nh2uk2v9HoxQ3D95ovPLhQIMD1lWWZdmWFWuXRwBLGXAHS2LQEQCDUf+gz69/68stHH4M3LUXaxdAed43iqW2ZVOkxT4jTde3/VSOiONLf3+aL9HyPgQAQH99nY9/nm41/kvjvob97irmhsYi4u6I2B0R90TEnoi4N6K67/0R8UCX7Zeb6ivHPz9tW1NiHcrHfy8Uc1v/Hf/VR38xVipqu6r5jyQnT1fmDhWvyXiMbMnrU6u08c3LP3/Sblvj+C9f8vbrY8Eijt83Nd2gOzGzONNLzo2ufVC9B3h5Zf7J8kxAEhF7I2LfGp5/a0ScfvKLA+22/3/+q+jDPFP2ecQTteO/FE351yWrz09Obo3K3KHJ+lmx0g8/XnmtXfs95d8H+fHf3vL8X85/LGmcr13ovo0rv37c9ppmref/5uSNanlzse69mcXF81MRm5Olleunbz62Xq/vn+c/frB1/98d8c9nxeP2R0R+Ej8YEQ9FxMNF7I9ExKMRcXCV/L976bG3157/+srzP9HV8e++UDrz7Vft2u/s+B+plsaLNZ28/3UaYC+vHQAAANwu0up34JN0YrmcphMTte/w74ntaWV+YfGpk/PvnjtR+678WIyk9Ttdow33Q6eKe8P1+nRT/XD1vnGWZdm2an1idr6yXnPqQGd2tOn/ud9Kg44OWHddzaO1+0UbcFvye00YXvo/DC/9H4aX/g/Dq1X/vxxxYwChALeYz38YXvo/DC/9H4aX/g9DqZff9a9W2H1svZ75TiuUNkYYXRci3RBhrK2QbowwaoUtEdHpzpfjVgU26HcmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/vg3AAD//zLQ7Dk=") chdir(&(0x7f0000000000)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000d40)={0x0, 0x2904c, 0xc, 0x10003, '\x00', [{}, {0xffffffff}]}) 3.529085134s ago: executing program 1 (id=2712): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r4 = socket$inet6(0xa, 0x3, 0x7) setsockopt$inet6_int(r4, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x7fff, 0x4) 2.461658565s ago: executing program 1 (id=2713): r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0xf2, 0x30, 0x39, 0x20, 0x2c42, 0x1202, 0x8540, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0xc, 0x2, 0x2, 0xc1, 0x7f, 0xc, 0x0, [], [{{0x9, 0x5, 0x2, 0x2, 0x200, 0x2}}, {{0x9, 0x5, 0x82, 0x2, 0x200}}]}}]}}]}}, 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000c80)={0x34, &(0x7f0000000980)={0x0, 0x15, 0x1, "e4"}, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000b80)={0x34, &(0x7f00000009c0)={0x40, 0x11, 0x1, '$'}, 0x0, 0x0, 0x0, 0x0, 0x0}) 2.278697268s ago: executing program 9 (id=2715): r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x1}) ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f00000001c0)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r0, 0xc02064b9, &(0x7f0000000040)={&(0x7f0000000300)=[0x0, 0x0, 0x0], &(0x7f0000000040), 0x3, r2}) ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000840)={0x100, 0x1, &(0x7f0000000680)=[r2], &(0x7f00000006c0)=[0xfffffffd], &(0x7f00000007c0)=[r3], &(0x7f0000000800)=[0xfb], 0x0, 0xffffffff}) 2.093090053s ago: executing program 9 (id=2717): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)={0x44, 0x2, 0x6, 0x201, 0x0, 0x0, {0x5}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x2}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x44}, 0x1, 0x0, 0x0, 0x20004000}, 0x0) sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[@ANYBLOB="8c0000000906010200000000000000000200ffff08000940000000390900020073797a310000000005000100070000005c0008801c00078018000180140002"], 0x8c}, 0x1, 0x0, 0x0, 0x10000082}, 0x4000080) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10000082}, 0x4000080) 1.98716837s ago: executing program 9 (id=2718): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10) socket$inet6_sctp(0xa, 0x801, 0x84) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e24, 0x80000001, @remote, 0x40}, 0x1c) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x4e20, 0x0, @loopback}]}, &(0x7f00000002c0)=0x10) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x85, &(0x7f00000000c0)={r1, @in6={{0xa, 0x4e20, 0x0, @loopback}}, 0x1, 0x3}, 0x90) 1.588574981s ago: executing program 2 (id=2719): syz_mount_image$jfs(&(0x7f0000000040), &(0x7f0000000200)='./control\x00', 0x41, &(0x7f00000002c0)=ANY=[@ANYBLOB='quota,iocharset=cp437,noquota,errors=continue,discard=0x00000\x00\x00000000004,errors=continue,quota,discard,grpquota,\x00', @ANYRES32, @ANYRES8, @ANYRESOCT], 0x1, 0x6138, &(0x7f000001c900)="$eJzs3UuPHFfZB/Cn+jaXvEmsLKK8FkKTxFxCiK/BGALEWcCCDQvkLbI1mUQWDiDbICey8ESzYcGHACGxRIglKz5AFmzZ8QGwZCOBskqhmjlnXNPpdo8zma6eOb+fNK56+lRNn/K/qy9TVX0CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIgf/uDH56qIuPqrdMOJiP+LfkQvYqWp1yJiZe1EXn4QES/EdnM8HxHDpYhm/e1/no14PSI+eibiwcO7683N5/fZj+//+R9/+MlTP/r7n4Zn/vuX2/03pi13585v//PXewfbZgAAAChNXdd1lT7mn0yf73tddwoAmIv8+l8n+Xb1wtWbC9YftVqtVh/Buq2e7F67iIjN9jrNewaH4wHgiNmMj7vuAh2Sf9EGEfFU150AFlrVdQc4FA8e3l2vUr5V+/Vgbac9nwuyJ//Navf6jmnTWcbPMZnX42sr+vHclP6szKkPiyTn3xvP/+pO+ygtd9j5z8u0/Ec7lz4VJ+ffH89/zPHJvzcx/1Ll/AdPlH9f/gAAAAAAsMDy3/9PdHz8d+ngm7Ivjzv+uzanPgAAAAAAAADA5+2g4//tMv4fAAAALKzms3rjd888um3ad7E1t1+pIp4eWx4oTLpYZrXrfgAAAAAAAAAAAABASQY75/BeqSKGEfH06mpd181P23j9pA66/lFX+vZDybp+kgcAgB0fPTN2LX8VsRwRV9J3/Q1XV1frenlltV6tV5by+9nR0nK90vpcm6fNbUujfbwhHozq5pctt9Zrm/V5eVb7+O9r7mtU9/fRsfnoMHAAiIidV6MHXpGOmbp+Nrp+l8PRYP8/fuz/7EfXj1MAAADg8NV1XVfp67xPpmP+va47BQDMRX79Hz8uoFar1Wq1+vjVbfVk99pFRGy212neMxiOHwCOmM34uOsu0CH5F20QES903QlgoVVdd4BD8eDh3fUq5Vu1Xw/S+O75XJA9+W9W2+vl9SdNZxk/x2Rej6+t6MdzU/rz/Jz6sEhy/r3x/K/utI/Scoed/7xMy7/ZzhMd9KdrOf/+eP5jjk/+vYn5lyrnP3ii/PvyBwAAAACABZb//n9ioY7/jj7r5sz0uOO/a4d2rwAAAAAAAABwuB48vLuer3vNx/+/MGE5138eTzn/Sv5Fyvn3xvL/6thy/db8/bce5f/vh3fX/3j7X/+fp/vNfynPVOmRVaVHRJXuqRqk6UG27tO2hv1Rc0/DqtcfpHN+6uE7cT1uxEac3bNsL/1/PGo/t6e96elwu73u77Sf39M+2G3P61/Y0z5MZzrVK7n9dKzHz+NGvL3d3rQtzdj+5Rnt9Yz2nH/f/l+knP+g9dPkv5raq7Fp4/6HvU/t9+3ppPu5fP2Lvzl7+Jsz01b0d7etrdm+lzroz/b/yVOj+OWtjZun71y7ffvmuUiTPbeejzT5nOX8h+ln9/n/5Z32/Lzf3l/vfzh64vwXxVYMpub/cmu+2d5X5ty3LuT8R+kn5/92ap+8/x/l/Kfv/6920B8AAAAAAAAAAAAAAAB4nLquty8RvRwRF9P1P11dmwkAzNfl9JUbdZJvn1fdn/P9qdVHvK4WrD9zrT+pF6s/avVRrNvqyd5sFxHxt/Y6FyPi15N+GQCwyD6JiH923Qk6I/+C5e/7a6anuu4MMFe33v/gp9du3Ni4eavrngAAAAAAAAAAn1Ue/3OtNf7zqbqu740tt2f817di7aDjfw7yzO4Ao1MGqu4/+TY9zlZv1O+1hht/MaaN/z3cnXvc+N+DGfc3nNE+mtG+NKN9eUb7xAs9WnL+L7bGOz8VESfHhl8vYfzX8THvS5Dzf6n1eG7y/8rYcu38698f5fx7e/I/c/u9X5y59f4Hr11/79q7G+9u/OzCuXNnL1y8eOnSpTPvXL+xcXbn3w57fLhy/nnsa+eBliXnnzOXf1ly/l9KtfzLkvP/cqrlX5acf36/J/+y5PzzZx/5lyXn/0qq5V+WnP/XUi3/suT8X021/MuS8/96quVflpz/a6mWf1ly/qdTLf+y5PzPpHqf+a8cdr+Yj5x/PsJl/y9Lzj+f2SD/suT8z6da/mXJ+V9ItfzLkvN/PdXyL0vO/xupln9Zcv4XUy3/suT8v5lq+Zcl538p1fIvS87/W6mWf1ly/t9OtfzLkvN/I9XyL0vO/zupln9Zcv7fTbX8y5Lz/16q5V+WnP+bqZZ/WR59/78ZM2bM5Jmun5kAAAAAAAAAAAAAgHHzOJ24620EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4HztwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwt69xsh11vcDP3v12rkZCPk7+RtYO8YYZ5NdX+ILrYsJ14ZbCSQlvcR2vWtnwbd47ZKkkewoUCJhVFTRNrxoCyhq86bCqvKCVgHlBWpVqRJpX9A3iAqVF1EVUECq1FYhW82Z53l2ZvbszK49tmfO+Xyk+OedOTPnzJkzZ/e7zncGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg0Yb3znxxIMuy2n/5H2uz7Pra31ePr80ve9e13kIAAADgcv0y//PVm9IF+5dxo4Zl/vGt339+fn5+Pvv00J+MfHV+Pl0xnmUjq7Isvy66+OMHBxqXCZ7KxgYGG74e7LD6oQ7XD3e4fqTD9aMdrl/V4fqxDtcv2gGLrK7/Pia/s035X9fWd2l2czaSX7ep4FZPDawaHIy/y8kN5LeZHzmSzWbHsplsqmn5+rID+fIvbKit60NZXNdgw7rW146Qnz9xOG7DQNjHm5rWtXCf0U/fk43/4udPHP6rM6/cWjQ77oam+6tv55aNte38fLikvq0D2aq0T+J2DjZs5/qC52SoaTsH8tvV/t66na8uczuHFjbzqmp9zseywfzvL+X7abjx13ppP60Pl/337VmWnV/Y7NZlFq0rG8zWNF0yuPD8jNWPyNp91A6lN2bDKzpONyzjOK3N6U3Nx2nrayI+/xvC7YaX2IbGp+mnT442PO+vzV/KcRrVHvVSr5XWY7Dbr5VeOQbjcfFS/qCfLjwGN4XH/8TmpY/BwmOn4BhMj7vhGNzY6RgcHB3Ktzk9CQP5bRaOwW1Nyw/laxrI58ub2x+Dk2eOn5qce+zxO2ePHzo6c3TmxI5t26Z27Nq1Z8+eySOzx2am6n9e4t7ufWuywfQa2Bj2XXwNvKNl2cZDdf4bo4vOv5f6Ohxr8zpc27Jst1+Hw60PbuDqvCAXH9P118anajt97MJgtsRrLH9+tl7+6zA97obX4XDD67Dwe0rB63B4Ga/D2jKnti7vZ5bhhv+KtmHp7wWXdwyubTgGW38eaT0Gu/3zSK8cg2PhuPjh1qW/F6wP2/v0xEp/HhladAymhxvOPbVL0s/7Y3vyUXRc3la74rrR7OzczOm7Hj105szpbVkYV8WbGo6V1uN1TcNjyhYdr4MrPl73z7716dsKLl8b9tXYnbU/xpZ8rmrL7Lyr/XOVf3cr3p9Nl27Pwuiyq70/i76b1/bnaJZ97XtP3vedJ7723iX3Zy1vfn7y8n8WT7m04fw7ssT5N+b+1+vrS3f11NDIcP31O5T2zkjT+bj5qRrOz10D+bpfnVze+Xgk/He1z8c3tzkfr2tZttvn45HWBxfPxwOdfttxeVqfz7FwnByban8+ri2zbvtKj8nhtufj28McCPv/nSEppFzUcOwsddymdQ0Pj4THNRzX0Hyc7mhafiRks9q6ntt+acfpltvr9zWUHt2Cq3Wcjrcs2+3jNP3ua6njdKDTb98uTevzORaOi5t3tD9Oa8u8uPPyz52r418bzp2jnY7BkaHR2jaPpIMwP99n86vjMXhXdjg7mR3LpvNrR/PjaSBf18TdyzsGR8N/V/tcua7NMbilZdluH4Pp+9hSx97A8OIH3wWtz+dYOC6eubv9MVhb5n27u/uz65ZwSVqm4WfX1t+vLfU7r9tadtOVOlaGw3Z+b3f7383Wljm2Z6U5s/1+uiNccl3Bfmp9/S71mprOrs5+Whe285U9S++n2vbUlvnq3mUeT/uzLDv3yD3573vDv6/87dkfPN/07y5F/6Zz7pF7fnbDkX9YyfYD0P9er4819e91Df8ytZx//wcAAAD6Qsz9g2Em8j8AAACURsz98f8KT+R/AAAAKI2Y+4fDTCqS/9e975XZ189lqZk/H8Tr0264t75c7LhOha/H5xfULr/n2Zn/+vtzy1v3YJZlr937B4XLr7s3blfdeNjOi+9vvnyR5+9c1roP3n8urbexv/71cP/x8Sz3MCiq4E5lWfbCTV/O1zP+4IV8vnjvwXzed/7pp2rLvLq3/nW8/ctvqi//56H8u//Ioabbvxz2w0/CnPpw8f6It/vWhXeu3/3Awvri7QY23pg/7Gceqt9vfJ+crzxVXz7u56W2/ztfeu5bteUffXvx9p8bLN7+58L9Phvm/7ylvnzjc1D7Ot7uC2H74/ri7e765ncLt//iF+vLn/pAfbmDYcb1bwlfb/rAK7ON++vRgUNNjyv7YH25uP6pH/xRfn28v3j/rds/duBC0/5oPT5e/Nf6/Uy2LB8vj+uJ/q5l/bX7aTw+4/qf+8ODTfu50/ov3vfyW2r327r+O1qWO/XI1nz9C/fX/I5Nf/GFLxeuL27P/r851fR49n8ivI7D+p95KByP4fr/vVi/v9Z3Vzj4iebzT1z+62vPNT2e6EO/qK//4ruP5nPV2Oo1111/w43n31bbd1n20qr6/XVa/9G/PNm0/d+4pb4/4vWxo9+6/qXE9Z/+3MSJk3NnZ6fTXn3ipvy9cz5S3564vTeFc2vr1wdOnnl45vT41PhUlo2X9y30Ltk3w/xZfZxvv/T8ojPo1vvD83nbn72wZvO/fCle/m+fql9+4cP171vvCMt9JVy+Njx/K1v/Ys9suCV/fQ+8GLZwfvH7BV+O9Zv+c8+yFgyPv/Xngni8n3rzw/l+qF2Xf9+Ir+vL3P4fTdfv59thv86Hd2beeMvC+hqXj++NcOGT9df7Ze+/cJqLz+tfh+f7oz+p33/crvh4fxR+jvnuuubzXTw+vn1usPX+83fxOB/OJ9n5+vVxqbi/L7x6S+Hmxfchyc7fmn/9x+l+bl3Rw1zK3GNzk8dmT5x9dPLMzNyZybnHHj9w/OTZE2cO5O/leeAznW6/cH5ak5+fpmd27czys9XJ+rjCrvX2n7r/8PTuqc3TM0cOnT1y5v5TM6ePHp6bOzwzPbf50JEjM5/rdPvZ6X3btu/dsXv7xNHZ6X179u7dsXdi9sTJ2mbUN6qDXVOfnThx+kB+k7l9O/duu/vunVMTx09Oz+zbPTU1cbbT7fPvTRO1W//+xOmZY4fOzB6fmZibfXxm37a9u3Zt7/hugMdPHZkbnzx99sTk2bmZ05P1xzJ+Jr+49r2v0+0pp7l/r/8822qg/kZ82cfv2JXen7Xm2SeXvKv6Ii1vIPpKeC+af3rDqT3L+Trm/pEwk4rkfwAAAKiCmPtHw0zkfwAAACiNmPtXhZnI/wAAAFAaMfePhZlUJP+Xrv+/7tyy1q//r//fuL/0/yvW//9kr/X/6+cL/f/uuNz+vf5/oP+v/6//r/+v/08X9Fr/P+b+1VlWyfwPAAAAVRBz/5owE/kfAAAASiPm/uvCTOR/AAAAKI2Y+68PM6lI/tf/1//X/9f/1/8vXr/+f3/S/29P/78D/f/JrFr9//Pd3H79f/1/Fuu1/n/M/TeEmVQk/wMAAEAVxNx/Y5iJ/A8AAAClEXP/TWEm8j8AAACURsz9a8NMKpL/9f/1//X/9f/1/4vXr//fn/T/29P/70D/3+f/6//r/9NVvdb/j7n/DWEmFcn/AAAAUAUx978xzET+BwAAgN4zfGk3i7n/TWEmi/L/Ja4AAAAAuOZi7r85aymCV+Tf//X/9f/1//X/9f+L17/8/v9Qpv/fO/T/29P/70D/X/9f/1//n67qtf5/nvuzsezNYSYVyf8AAABQBTH33xJmIv8DAABAacTc///CTOR/AAAAKI2Y+9eFmVQk/+v/6//r/+v/6/8Xr9/n//cn/f/29P870P/X/9f/1/+nq3qt/x9z/61hJhXJ/wAAAFAFMfffFmYi/wMAAEBpxNz//8NM5H8AAAAojZj714eZVCT/6//3eP8/Nkf1//X/9f/1//X/l0X/vz39/w70//X/9f/1/+mqXuv/x9z/ljCTiuR/AAAAqIKY+98aZiL/AwAAQGnE3P+2MBP5HwAAAEoj5v7xMJOK5H/9/x7v//v8f/1//X/9f/3/FdH/b0//vwP9f/1//X/9f7qq1/r/MfdvCDOpSP4HAACAKoi5f2OYifwPAAAApRFz/+1hJvI/AAAAlEbM/ZvCTCqS//X/9f/1//X/9f+L16//35/0/9vT/+9A/1//X/9f/5+u6rX+f8z9bw8zqUj+BwAAgCqIuX9zmIn8DwAAAKURc/87wkzkfwAAACiNmPu3hJlUJP/r/+v/6//r/+v/F69f/78/6f+3p//fgf6//r/+v/4/XdVr/f+Y+98ZZlKR/A8AAABVEHP/1jAT+R8AAABKI+b+O8JM5H8AAAAojZj7J8JMKpL/9f/1//X/9f/1/4vXr//fn/T/29P/70D/X/9f/1//n67qtf5/zP13hplUJP8DAABAFcTcf1eYifwPAAAApRFz/2SYifwPAAAApRFz/1SYSUXyv/6//r/+v/7/ivr/b1u4X/3/Ov3/3qL/357+fwf6//r/17z/P6L/T6n0Wv8/5v5tYSYVyf8AAABQBTH3bw8zkf8BAACgNGLu3xFmIv8DAABAacTcvzPMpCL5X/9f/1//X//f5/8Xr1//vz/p/7fX/f5/fIj6//r/+v8+/1//n8V6rf8fc//dYSYVyf8AAABQBTH37wozkf8BAACgNGLu3x1mIv8DAABAacTcvyfMpCL5X/9f/1//X/9f/794/fr//Un/vz2f/9+B/r/+fz/3/+cH9P/pOb3W/4+5f2+YSUXyPwAAAFRBzP3vCjOR/wEAAKA0Yu7/lTAT+R8AAABKI+b+Xw0zqUj+1//X/9f/1//X/y9ev/5/f9L/b0//v4O+6P+P6v/36PZf8/6/z/+nB/Va/z/m/n1hJhXJ/wAAAFAFMff/WpiJ/A8AAAClEXP/u8NM5H8AAAAojZj794eZVCT/6//r/+v/6//r/xevX/+/P+n/t6f/30Ff9P99/n+vbr/+v/4/i/Va/z/m/veEmVQk/wMAAEAVxNx/T5iJ/A8AAAClEXP/e8NM5H8AAAAojZj73xdmUpH8r/+v/6//r/+v/1+8fv3//qT/357+fwf6//r/+v/6/3RVr/X/Y+5/f5hJRfI/AAAA9K/RZS8Zc/8HwkzkfwAAACiNmPs/GGYi/wMAAEBpxNz/oTCTiuR//X/9f/1//X/9/+L16//3J/3/9vT/O9D/L1n/f/wG/X/9f66UogS02KX1/69/bckVXmb/P+b+Xw8zqUj+BwAAgCqIuf/eMBP5HwAAAEoj5v4Ph5nI/wAAAFAaMfd/JMykIvlf/1//X/9f/1//v3j9+v/9Sf+/vT7r///yxnC5/n+d/n9vb39P9v9/vFT/f35V6+31/7kSLq3/X6gr/f+Y+z8aZlKR/A8AAABVEHP/x8JM5H8AAAAojZj7Px5mIv8DAABAacTc/xthJhXJ//r/te1YaC/r/+v/5xfo/+v/6//3Lf3/9vqs/+/z/1vo//f29vdk/9/n/3ON9Vr/P+b+T4SZVCT/AwAAQBXE3H9fmIn8DwAAAKURc/8nw0zkfwAAACiNmPs/FWZSkfyv/+/z//X/9f/1/4vXr//fn/T/29P/70D/X/+/1/r//6H/T3/rtf5/zP33h5lUJP8DAABAFcTc/0CYifwPAAAApRFz/2+Gmcj/AAAAUBox9386zKQi+V//v1/6/+P6//r/+v8tj0f/X/+/iP5/e/r/Hej/6//3Wv/f5//T53qt/x9z/4NhJsvP/2PLXhIAAAC4JmLu/60wk4r8+z8AAAD0q9b/d7SdmPt/O8xE/gcAAIDSiLn/d8JMKpL/9f/7pf/v8/8z/X/9/5bHo/+v/1/k6vX/45lH/1//X/8/0v/X/9f/p1Wv9f9j7v/dMJOK5H8AAACogpj7Hwozkf8BAACgLxT9P9mtYu4/EGYi/wMAAEBpxNx/MMykIvlf/1//X/+/R/v/f7rxn3/4/Y8d3Kb/r/+v/78iV/Xz/2svfp//r/+v/5/o/+v/6//Tqtf6/zH3HwozqUj+BwAAgCqIuf/3wkzkfwAAACiNmPsPh5nI/wAAAFAaMfdPh5lUJP/3Qv8/0//X/2/Ydv3/hdv16+f/x/2h/9+sa/3/eNLV/y90Vfv/Dyz0xPX/V9r/Hy28VP9f//9Kbf9opv/f6fb6/1wJvdb/j7l/JsykIvkfAAAAqiDk/sEj9blwhfwPAAAApRFz/9EwE/kfAAAASiPm/ofDTCqS/3uh/+/z//X/9f/L1f/3+f/FfP7/ldLcr9b/b693+v/F9P/1//t5+/X/9f9ZrNf6/zH3z4aZVCT/AwAAQBXE3P+ZMBP5HwAAAEoj5v7PhpnI/wAAAFAaMfcfCzOpSP7X/9f/1//X/9f/L16//n9/0v9vT/+/A/1//X/9f/1/uqrX+v8x9x8PM6lI/gcAAIAqiLn/RJiJ/A8AAAClEXP/yTAT+R/4P/buo8nO+srj+NWMKKTiBcxiNuznJbCYWc+8gFnMZhYzVS4vnHBOCOeIcw44ZxzAxjjhnMAJG2fjnLCNA87YlFxI5xypu5++tyVuXz33fz6fzTGC5rYpCvln9K0/AAAwjNz9D4hbmux//b/+f9j+/9/1//t9vv5f/z8y/f9y+v8V9P/6f/2//p+1mlv/n7v/gXFLk/0PAAAAHeTuf1DcYv8DAADAMHL3Xx632P8AAAAwjNz9D45bmuz/Xf3/kUXP/j8zXv3/SP2/9//3/Xz9v/5/ZJvt/6+85598+n/9v/4/6P/1//p/dptb/5+7/yFxS5P9DwAAAB3k7n9o3GL/AwAAwDBy9z8sbrH/AQAAYBi5+x8etzTZ/97/9/6//l//r/+f/nz9/3by/v9ynfr/y2+95H53Xv+vN5zL5+v/9f/6f/0/6zW3/j93/yPilib7HwAAADrI3f/IuMX+BwAAgGHk7n9U3GL/AwAAwDBy9z86bmmy//X/+n/9v/5f/z/9+fr/7aT/X65T/38+n6//1//r//X/rNfc+v/c/Y+JW5rsfwAAAOggd/9j4xb7HwAAAIaRu/+KuMX+BwAAgGHk7j8RtzTZ//r/w+//79b/6//j6v/1//r/w6f/X07/v4L+X/+v/9f/s1Zz6/9z918ZtzTZ/wAAANBB7v7HxS32PwAAAAwjd//j4xb7HwAAAIaRu/8JcUuT/a//9/6//l//r/+f/nz9/3bS/y+3+f5/6mfI/en/t77/v0j/r//X/3O2c+z/71ryj+219P+5+58YtzTZ/wAAANBB7v4nxS32PwAAAAwjd/+T4xb7HwAAAIaRu/8pcUuT/a//1//r//X/+v/pz9f/byf9/3Kzef//yNHJH9b/b33/7/1//b/+nx3m9v5/7v6nxi1N9j8AAAB0kLv/aXGL/Q8AAADDyN3/9LjF/gcAAIBh5O5/RtzSZP/r//X/B+7/80+u/9f/hw33/7fPqf+/4azvT/8/L/r/5WbT/+9D/6//3+bvX/+v/2evufX/ufufGbc02f8AAADQQe7+q+IW+x8AAACGkbv/WXGL/Q8AAADDyN3/7Lilyf6f7v/P/H79/8G06P+9/z+b/j//jM36/3N9//8/vP/fk/5/Of3/Cvp//b/+f7/+//iqr9f/M2Vu/X/u/ufELU32PwAAAHSQu/+5cYv9DwAAAMPI3f+8uMX+BwAAgGHk7n9+3NJk/3v/X/+v/9++/r/p+//n2v8f6vv/i433/0f1/wek/19O/7+C/l//r//3/j9rNbf+P3f/C+KWJvsfAAAAOsjd/8K4xf4HAACA7XD2rx3Y/QtKQ+7+F8Ut9j8AAAAMI3f/i+OWJvtf/6//1//r/3v3/8e2pP/3/v9B6f+X0/+vcGH7/yOD9v9HB+v/r97v6+fQ/1+h/2dmdvT/N5758QvV/+fuf0nc0mT/AwAAQAe5+18at9j/AAAAMIzc/S+LW+x/AAAAGEbu/pfHLU32/6H3/8f3/2z9v/5f/6//v/D9/7a8/6//Pyj9/3L6/xW8/+/9f+//6/9Zqx39/1kuVP+fu/8VcUuT/Q8AAAAd5O5/Zdxi/wMAAMAwcvdfHbfY/wAAADCM3P2vilua7H/v/+v/9f/6f/3/9Ofr/7eT/n85/f8K+n/9v/5f/89aza3/z93/6rilyf4HAACADnL3vyZusf8BAABgGLn7Xxu32P8AAAAwjNz9r4tbmux//f/h9v/54/p//f9C/6//1/9vRNv+/8jUz0R77dP/33yfE/+180f0//p//b/+X//PGsyi/z955n9d5u5/fdzSZP8DAABAB7n73xC32P8AAAAwjNz9b4xb7H8AAAAYRu7+N8Utg+z/Yyt+v/7f+//6f/2//n/68/X/26lt/39A3v9fQf+v/9f/6/9Zq1n0/2f9du7+N8ctg+x/AAAAYFG7/y1xi/0PAAAAw8jd/9a4xf4HAACAYeTuf1vc0mT/6//1//p//b/+f/rzz6v/3/3Nn0X/vxn6/+X0/yvo//X/+n/9P2s1t/4/d/81cUuT/Q8AAAAd5O5/e9xi/wMAAMAwcve/I26x/wEAAGAYufvfGbc02f/6f/2//l//r/+f/nzv/28n/f9y+v/FYnHtkm9gqv8/ebH+X/+v/9f/c57m1v/n7n9X3NJk/wMAAEAHufuvjVvsfwAAABhG7v7r4hb7HwAAAIaRu//dcUuT/a//1//r//X/+v/pz9f/byf9/3L6/xW8/6//1//r/1mrufX/ufvfE7c02f8AAADQQe7+6+MW+x8AAACGkbv/vXGL/Q8AAADDyN1/Q9zSZP/r//X/+n/9v/5/+vP1/9vp8Pr/hf5f/6//X0H/r//X/7Pb3Pr/3P3vi1ua7H8AAADoIHf/++MW+x8AAACGkbv/A3GL/Q8AAADDyN3/wbilyf7X/+v/19z/n1zo//X/+v9J+v/N8P7/cvr/FfT/A/f/R/X/K+j/OQxz6/9z938obmmy/wEAAKCD3P03xi32PwAAAAwjd/+H4xb7HwAAAIaRu/8jcUuT/a//1//v7P8XC+//6//1/6dtoP8/ttD/r12L/n//NnIl/f8K+v8x+/9/Wgz0/v/xfb9e/88cza3/z93/0bilyf4HAACADnL3fyxusf8BAABgGLn7Px632P8AAAAwjNz9n4hbmux//b/+f83v/+v/9f/6/314/38zWvT/94L+fwX9/5j9/4a+f+//6//Za279f+7+T8YtTfY/AAAAdJC7/1Nxi/0PAAAAw8jd/+m4xf4HAACAYeTu/0zc0mT/6//1//p//b/+f/rz9f/bSf+/nP5/hS3o/0/R/8/y+9f/6//Za279f+7+z8YtTfY/AAAAdJC7/6a4xf4HAACAYeTuvzlusf8BAABgGLn7Pxe3NNn/+n/9v/5/O/v/Y/p//b/+f9Jc+v/LLvvPW/T/+n/v/+v/9f/6/+7m1v/n7v983NJk/wMAAEAHufu/ELfY/wAAADCM3P1fjFvsfwAAABhG7v4vxS1N9v/e/v+ixelC9bSp/j8atXt++6KF/v8U/f/O71//P/33h/f/9f/6/8M3l/7f+//n9/3r//X/2/z9n1P/f+ner9f/M6K59f+5+2+JW5rsfwAAAOggd/+X4xb7HwAAAIaRu/8rcYv9DwAAAMPI3X9r3NJk/3v/X/+v/9f/6/+nP1//v530/8vp/1fQ/+v/vf9////7Z/0/6zO3/j93/1fjlib7HwAAADrI3f+1uMX+BwAAgGHk7v963GL/AwAAwDBy938jbmmy//X/+n/9v/5f/z/9+fr/7aT/X07/v4L+X/+v//f+P2s1t/4/d/8345Ym+x8AAAA6yN3/rbjF/gcAAIBh5O7/dtxi/wMAAMAwcvd/J25psv/X3/9fqv8P+v+59P//q//f9fn6f/3/yPT/+TP6NP3/Cvp//b/+X//PWs2t/8/df1vc0mT/AwAAQAe5+78bt9j/AAAAMIzc/d+LW+x/AAAAGEbu/u/HLU32v/f/e/X/RxYd+3/v/+v/9f+d6P+X0/+voP/X/+v/9f+s1dz6/9z9P4hbmux/AAAA2Fb//W/3ve2gf2zu/h/GLfY/AAAADCN3/4/iFvsfAAAAhpG7/8dxS5P9r//v1f/3fP9f/6//33j/f/dUcqz/3wz9/3L6/xX0//p//b/+n7WaW/+fu/8ncctZw+/oOf+3BAAAAOYkd/9P45Ym//4fAAAAOsjd/7O4Zc/+P3nAX9UOAAAAzE3u/p/HLU3+/b/+f+b9/2L8/v+Ohf5f/3/aQP3/JP3/Zuj/l7uX/f/JI/p//f8S+n/9v/6f3ebW/+fuvz1uabL/AQAAYFA7/h+F3P2/iFvsfwAAABhG7v5fxi32PwAAAAwjd/+v4pYm+1//P9/+P/9an3v/f7z+0zb0/97/P8T+/6pjk5+v/9f/j0z/v5z3/1fQ/+v/9f/6f9Zqbv1/7v474pYm+x8AAAA6yN3/67jF/gcAAIBh5O7/Tdxi/wMAAMAwcvf/Nm5psv/1//Pt/xcT/fyI7//r/+f0/v/Jixdb1f//yyUnbvqf/7/uGv0/Z2yy/8+/F/T/+n/9/2n6f/2//p/d5tb/5+7/XdzSZP8DAABAB7n774xb7H8AAAAYRu7+38ct9j8AAAAMI3f/H+KWJvtf/6//n0v/n3+tL0D/f2L7+v9sitfd/+/84+bf/3v/X/+/l/f/l9P/r6D/1//r//X/rNXc+v/c/X+MW5rsfwAAAOggd/+f4hb7HwAAAIaRu//PcYv9DwAAAMPI3f+XuKXJ/tf/6//n0v8n7/+f+brNv/+/84/T/+v/t5H+/9RXTf20dIr+fwX9v/5f/6//Z63m1v/n7v9r3NJk/wMAAEAHufvvilvsfwAAABhG7v6/xS32PwAAAAwjd//f45Ym+1//r//X/+v/9f/Tn6//3076/+X0/yvo//X/+n/9P2s1t/4/d/8/AgAA//9WZHPJ") mount(0x0, &(0x7f0000000000)='.\x00', 0x0, 0x2012024, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0) pwrite64(r0, &(0x7f0000000140)='2', 0xfdef, 0xfecc) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0) pwrite64(r1, &(0x7f0000000080)='\x00', 0x1, 0xfecc) 967.414617ms ago: executing program 8 (id=2722): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xec, @void, @value}, 0x94) r0 = socket$inet_smc(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @empty}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200408c4, &(0x7f0000000200)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x20}}, 0x10) sendto$inet(r0, &(0x7f0000001780)='%U', 0xf78d0436d2f3deb3, 0x24000014, 0x0, 0x0) shutdown(r0, 0x1) 737.167085ms ago: executing program 8 (id=2723): r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0xffffffffffffffff, 0x0) ptrace(0x10, r0) landlock_create_ruleset(0x0, 0x0, 0x0) ptrace(0x10, 0x0) ptrace(0xffffffffffffffff, r0) 652.022691ms ago: executing program 8 (id=2724): syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x3800480, &(0x7f0000000280), 0x45, 0x786, &(0x7f00000007c0)="$eJzs3d9rW2UfAPDvSX93e9/2hRd0XhUELYyldtZNwYuJFyI4GOi1W0mzMps2o0nHWgpuiOCNoOKFoDe79se889Yft/pfeCEbU7vhxAupnDRZszXpkq1J5vb5wGme5zwnfZ5vnnOe8yTnkATwyJpI/2QiDkTEB0nEWHV9EhEDlVR/xLGt7W5urOfSJYnNzdd/Syrb3NhYz0Xdc1L7qpnHI+L7dyMOZnbWW1pdW5gtFPLL1fxUefHsVGl17dCZxdn5/Hx+6cj0zMzho88dPbJ3sf7x09r+qx++8vRXx/5657HL7/+QxLHYXy2rj2OvTMRE9TUZSF/C27y815X1WLJ7cYM9gAdB2jF9W0d5HIix6KukmhjpZssAgE55OyI2m+lrWgIA/Kslzc//AMBDqfY5wI2N9Vxt6e0nEt117aWIGN6Kv3Z9c6ukv3rNbrhyHXT0RnLblZEkIsb3oP6JiPjsmze/SJfo0HVIgEYuXIyIU+MTO8f/ZMc9C+16poVtJu7IG/+ge75N5z/PN5r/ZW7Nf6LB/GeowbF7L+5+/Geu7EE1TaXzvxfr7m27WRd/1XhfNfefypxvIDl9ppBPx7b/RsRkDAyl+eld6pi8/vf1ZmX187/fP3rr87T+9HF7i8yV/qHbnzM3W569n5jrXbsY8UR/o/iTW/2fNJn/nmixjldfeO/TZmVp/Gm8tWVn/J21eSniqYb9v31HW7Lr/YlTld1hqrZTNPD1z5+MNqu/vv/TJa2/9l6gG9L+H909/vGk/n7NUvt1/Hhp7LtmZXePv/H+P5i8UUkPVtedny2Xl6cjBpPXdq4/vP3cWr62fRr/5JONj//d9v/0PeGpFuPvv/rrl/cef2el8c+11f/tJy7fXOhrVn9r/T9TSU1W17Qy/rXawPt57QAAAAAAAAAAAAAAAAAAAAAAAACgVZmI2B9JJnsrnclks1u/4f3/GM0UiqXywdPFlaW5qPxW9ngMZGpfdTlW932o09Xvw6/lD9+RfzYi/hcRHw+NVPLZXLEw1+vgAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBqX5Pf/0/9MtTr1gEAHTPc1+sWAADdNtzf6xYAAN023NbWIx1rBwDQPe2d/wGAh4HzPwA8epz/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6LATx4+ny+afG+u5ND93bnVloXju0Fy+tJBdXMllc8Xls9n5YnG+kM/miotN/9GFrYdCsXh2JpZWzk+V86XyVGl17eRicWWpfPLM4ux8/mR+oGuRAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDrSqtrC7OFQn5ZQkKi7URc2DqOHpT27F0iBrdHiZGejU8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD7p/AgAA//+mAybn") mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0) open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0) r0 = open(&(0x7f00000005c0)='./bus\x00', 0x147842, 0x0) preadv2(r0, &(0x7f0000000040)=[{&(0x7f0000001200)=""/4096, 0xfffffdef}], 0x1, 0x0, 0x0, 0x7) 535.1709ms ago: executing program 3 (id=2725): r0 = socket$inet6(0xa, 0x400000000001, 0x0) bind$inet6(r0, &(0x7f0000fa0fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x20000008, &(0x7f00000001c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000180)=0x80000039f8, 0x4) sendto$inet6(r0, &(0x7f0000000000)="8d", 0x1, 0x0, 0x0, 0x0) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000080)={&(0x7f0000006000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, &(0x7f0000000140)=""/218, 0xda, 0x0, &(0x7f0000000300)=""/27, 0x1b}, &(0x7f00000000c0)=0x40) 401.09016ms ago: executing program 8 (id=2726): r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{0x0}], 0x1}, 0x0) r1 = gettid() r2 = eventfd(0x0) r3 = geteuid() setsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, 0x0, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000180)={@loopback={0xfec0ffff00000000}, 0x8000000, 0x0, 0x3, 0x0, 0x0, 0x9}, 0x20) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r4 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) setfsuid(r3) sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4) r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8) r6 = socket$inet6(0xa, 0x80002, 0x0) connect$inet6(r6, &(0x7f0000000240)={0xa, 0x4e20, 0xfffffffd, @local, 0x1}, 0x1c) sendmmsg$inet6(r6, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00) r7 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r7, 0xae03, 0xf) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x7, r2, &(0x7f0000000080)={0xffffffffffffffff, r2, 0x500}) 400.90502ms ago: executing program 3 (id=2727): r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r1) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) r2 = syz_open_procfs(r0, &(0x7f0000000040)='smaps\x00') preadv(r2, &(0x7f0000000440)=[{&(0x7f00000041c0)=""/4096, 0x1000}], 0x1, 0x1e, 0x20704513) 269.8839ms ago: executing program 9 (id=2728): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000005c0), 0x2, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f00000001c0)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r1, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000002c0)={0x1}) 267.54679ms ago: executing program 3 (id=2729): landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x3, 0x1}, 0x18, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = dup(r2) ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000ebffffb6000040"]) 254.766661ms ago: executing program 8 (id=2730): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000400)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000000)={0x2, 0x24e23, @loopback}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000040)=0x1b3a, 0x4) sendto$inet(r0, &(0x7f0000000440)="6dff3f13", 0x4, 0x0, 0x0, 0x0) recvmsg(r0, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)=""/79, 0x4f}, 0x2000) 136.98789ms ago: executing program 9 (id=2731): pipe2$9p(&(0x7f0000000000), 0x0) openat(0xffffffffffffff9c, 0x0, 0x101042, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) connect$vsock_stream(0xffffffffffffffff, 0x0, 0x0) connect$vsock_stream(0xffffffffffffffff, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x20) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x400, 0x0, 0x32}, 0x9c) bind$inet6(r3, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r3, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) shutdown(r3, 0x2) timer_create(0xb, 0x0, &(0x7f00000000c0)=0x0) timer_gettime(r4, &(0x7f0000000380)) symlink(&(0x7f0000001640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/../file0\x00', &(0x7f0000000e40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 108.724162ms ago: executing program 8 (id=2732): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x60b, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0xc8, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x4f8}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0x0, 0x0, 0x4}}}}}]}}]}}, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000400)={0x2c, &(0x7f0000000080)={0x0, 0x24, 0x18, {0x18, 0x1, "ad6667e44bb2cd263ca19db35b64ef7517ef18a5c7f8"}}, 0x0, 0x0, 0x0, 0x0}, 0x0) 0s ago: executing program 3 (id=2733): syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x9, 0xa1, 0xf2, 0x10, 0x1822, 0x3202, 0x90fa, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x2, 0x0, 0x30, 0x0, [{{0x9, 0x4, 0x7a, 0x0, 0x0, 0x81, 0x3a, 0x65}}]}}]}}, 0x0) syz_mount_image$exfat(&(0x7f0000000200), &(0x7f0000000a00)='./file0\x00', 0x8, &(0x7f0000000080)=ANY=[], 0x6, 0x1503, &(0x7f0000001540)="$eJzs3AnYjVXXOPC19t63HpJOkoS99ro5ybBJkgxJMiRJkrySKSEkSRISD5mSJMk8JZlDMoVknqfMSfJKkiQkJNn/S3Hp/Xq/r/f/Tt7ve9bvuu7r2eu5z9pn3Wfd59zD9Tznm7b9KtSqWLYGM8M/BH/9kQoAKQDQCwCuBoAIAIpmLpr5/Pr0GlP/sScR/1wPT7rcFYjLSfqftkn/0zbpf9om/U/bpP9pm/Q/bZP+p23SfyHSsk2Tb7hGlrS7/NH9/85/644k9///F5Ljf5o04OJA+p+2Sf//D0r/26CM/p8eKv1P26T/aZv0P22T/qdt0v+0TfovRFr2d9wzLv/If8B963/jogDgctfwL1su9/4nhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEECJtOB0uMQBwcXy56xJCCCGEEEIIIcQ/T7jiclcghBBCCCGEEEKIfz0EBRoMRJAOroAUSA8Z4ErICFdBJrgaEnANZIZrIQtcV+ZiRnbIATnBAoEDhhhyQW5Iwo2QB26CvJAP8kMB8FAQCsHNUBhugSJwKxSF26AY3A7FoQSUhFJwB5SGO6EM3AVl4W4oB+WhAlSEe6AS3AuV4T6oAvdDVXgAqsGDUB0eghrwMNSEP0EteARqw6NQB+pCPagPDf6u/BegI7wInaAzpEIX6AovQTfoDj2gJ/SCl6E3vAJ94FXoC69BP3gd+sMbMADehIEwCAbDEBgKw2A4jICRMApGw1swBt6GsfAOjIPxMAEmwiSYDFPgXZgK02A6vAcz4H2YCbNgNsyBufABzIP5sAA+hIXwESyCxbAElsIyWA4rYCWsgtWwBtbCOlgPG2AjbIKPYTNsga2wDbbDDtgJn8Au+BR2w2ewBz7//8w/9V/y2yEgoEKFBg2mw3SYgimYATNgRsyImTATJjCBmTEzZsEsmBWzYjbMhtkxO+bEnEhIyMiYC3NhEpOYB/NgXsyL+TE/evRYCAthYbwFi2ARLIpFsRgWw+JYAktgKSyFpbE0lsEyWBbLYjkshxWwAt6D9+C9WBkrYxWsglWxKlbDalgdq2MNrIE1sSbWwlpYG2tjHayD9bAeNsAG2BAbYiNshE2wCTbFptgcm2MLbIEtsSU2w1bYGltjG2yDbbEttsP22B5fwBfwRXwRO2M51QW7Ylfsht2wB/bEnvgy9sZX8BV8Ffvia9gPX8fX8Q0cgCdxIA7CwTgYS6thOBxHIKtROBpH4xgcg2NxLI7D8TgeJ+IknIxTcApOxWk4Dd/DGfg+vo+zcBbOwbk4F+fhfFyAC3AhnsJFuBiX4FJchstxGa7EVbgS1+BaXIPrcT1uxI34MX6MQ3ALbsNtuAN34Cf4CX6Kn2Jf3IN7cC/uxX24D/fjfjyAB/AgHsRDeAgP42E8gkfwKB7D43gMT+AJPImn8DSexjN4Bs/ic9m/qrkj3+q+oM4zyqh0Kp1KUSkqg8qgMqqMKpPKpBIqoTKrzCqLyqKyqqwqm8qmsqvsKqfKqUiRYhWrXCqXSqqkyqNSLnxC5FdeeVVIFVKFVWFVRBVRRdVtqpi6XRVXJVRjX0qVUqVVE19G3aXKqrKqnCqvKqiKCJCqKqnKqrKqoqqoqqqqqqYeVNVVF+yBD6vznamlXsPaqh/WUXVVPVVfvYGPqYZqADZSjVUT9YQahAOxuWroW6inVEs1HFupZ9QIfFa1UaOwrXpetVPtVQf1guqoGvlOqrMah11UVzURu6nuqofqqaZieXW+YxXUq6qvek31U6+rOfiGGqDeVAPVIDVYDVFD1TA1XI1QI9UoNVq9pcaot9VY9Y4ap8arCWqimqQmqynqXTVVTSszXb2nZqj31Uw1S81Wc9Rc9YGap+arBepDtVB9pBapxWqJWqqWqeVqhVqpVqnVao1aq9ap9WqD2qg2qY/VZrVFbVXb1Ha1Q+1Un6hd6lO1W32m9qjP1V71Z7VPfaH2qy/VAfWVOqi+VofUN+qw+lYdUd+po+qYOq6+VyfUD+qkOqVOqx/VGfWTOqt+VudUUKBRK6210ZFOp6/QKTq9zqCv1Bn1VTqTvlon9DU6s75WZ9HX6az6ep1N36Cz6xwa1K+dZh3rXDq3TuobdR59k86r8+n8uoD2uqAupG/WhfUtuoi+VRfVt+li+nZdXJfQJXUpfYcure/UZfRduqy+W5fT5XUFXVHfoyvpe3VlfZ+uou/XVfUDupp+UFfXD+ka+mFdU9dPAjyia+tHdR1dV9fT9XUD/ZhuqB/XjXRj3UQ/oZvqZrq5flK30E/plvpp3Uo/o1vrZ3Ub/Zxuq5/X7XR73UH/rM/poDvpzjpVd9Fd9Uu6m+6ue+ieupd+WffWr+g++lXdV7+m++nXdX/9hh6g39QD9SA9WA/RQ/UwPVyP0CP1KD1av6XH6Lf1WP2OHqfH6wl6op6kJ+seF2aa/jfkv/1X8vv88uwb9Sb9sd6st+itepvernfonXqn3qV36d16t96j9+i9eq/ep/fp/Xq/PqAP6IP6oD6kD+nD+rA+oo/oo/qY/lF/r0/oH/RJfUqf0j/qM/qMPnvhNQCDRhltjIlMOnOFSTHpTQZzpclorjKZzNUmYa4xmc21Jou5zmQ115ts5gaT3eQwOY01ZJxhE5tcJrdJmhtNHnOTyWvymfymgPGmoClkbv6H8/+ovgamgWloGppGppFpYpqYpqapaW6amxamhWlpWppWppVpbVqbNqaNaWvamnamnelgOpiOpqPpZDqZVJNqupqXTDfT3fQwPU0v87LpbXqbPqaP6Wv6mn6mn+lv+psBZoAZaAaawWawGWqGmuFmuBlpRprRZrQZY8aYsWasGWfGmQlmgplkJpkpZoqZaqaa6Wa6mWFmmJnn3yxmtplr5pp5Zp5ZYBaYhWahWWQWm8VmqVlqlpvlZqVZaVab1WatWWvWm/VmkdlkNpnNZrPZaraa7Wa72Wl2ml1ml9ltdps9Zo/Za/aafWaf2W/2mwPnP37NQXPIHDKHzWFzxBwxR81Rc9wcNyfMCXPSnDSnzWlzxpwxZ81Zc86cO3/aF6lIRSYyUbooXZQSpUQZogxRxihjlCnKFCWiRJQ5yhxlia6LskbXR9miG6LsUY4oZ2QjilzEURzlinJHyejGKE90U5Q3yhfljwpEPioYFYpujgpHt0RFolujotFtUbHo9qh4VCIqGZWK7ohKR3dGZaK7orLR3VG5qHxUIaoY3RNViu6NKkf3RVWi+6Oq0QNRtejBqHr0UFQjejiqGZkLx5dHozpR3aheVD9q8E+dP4ST1z/uO9nONtV2sV3tS7ab7W572J62l33Z9rav2D72VdvXvmb72ddtf/uGHWDftAPtIDvYDrFD7TA73I6wI+0oO9q+ZcfYt+1Y+44dZ8fbCXainWQn2yn2XTvVTrPT7Xt2hn3fzrSz7Gw7x6YDgHl2vl1gP7QL7Ud2kV1sl9ildpldblfYlXaVXW3X2LV2nV1vN9iNdpP92G62W+xWu81utzvsTvuJ3WU/tbvtZ3aP/dzutX+2++wXdr/90h6wX9mD9mt7yH5jD9tv7RH7nT1qj9nj9nt7wv5gT9pT9rT90Z6xP9mz9md7zobzJ/fnD+9kyFA6SkcplEIZKANlpIyUiTJRghKUmTJTFspCWSkrZaNslJ2yU07KSecxMeWiXJSkJOWhPJSX8lJ+yk+ePBWiQlSYClMRKkJFqSgVo2JUnIpTSSpJd9AddCfdSXfRXXQ33U3lqTxVpIpUiSpRZapMVagKVaWqVI2qUXWqTjWoBtWkmlSLalFtqk11qA7Vo3rUgBpQQ2pIjagRNaEm1JSaUnNqTi2oBbWkltSKWlFrak1tqA21pbbUjtpRB+pAHakjdaJOlEqp1JW6UjfqRj2oB/WiXtSbelMf6kN9qS/1o37Un/rTABpAA2kQDaYhNJSG0XAaQSNpFI2m0TSGxtBYGkvjaBxNoAk0iSbRFJpCU2kqTafpNINm0EyaSbNpNs2luTSP5tECWkALaSEtokW0hJbQMlpGK2gFraJVtIbW0DpaRxtoA22iTbSZNtNW2krbaTvtpJ20i3bRbtpNe2gP7aW9tI/20X7aTwfoAB2kg3SIDtFhOkxH6AgdpaN0nI7TCTpBJ+kknabTdIZ+orP0M52jQCkuvcvgrnQZ3VUuk7va/dc4m7vBZXc5XE5nXVZ3/V/E5JzL6/K5/K6A866gK+Ru/l1c3JVwJV0pd4cr7e50ZX4XV3L3usruPlfF3e8qunv+Iq7qHnDVyjziqrtHXQ1X19V09V0t94ir7R51dVxdV8/Vd01dM9fcPelauKdcS/f07+J5bj6CW+3WuLVul/vUnXY/ukPuG3fG/eQ6uc6ul3vZ9XavuD7uVdfXvfa7eLAb4oa6YW64G+FGulG/iye4iW6Sm+ymuHfdVDftd/Fc94Gb4Ra4mW6Wm+3m/BLPc/PdAvehW+g+covcYrfELXXL3HK3wq10qy7UutStdxvcRrfTfeI2uy1uq9vmtrsdv8Tnt2O3+8ztcZ+7g+5rt8994fa7w+6A++qX+Pz2HXbfuiPuO3fUHXPH3ffuhPvBnXSnftn+89v+vfvZnXPBASMr1mw44nR8Badwes7AV3JGvooz8dWc4Gs4M1/LWfg6zsrXcza+gbNzDs7JlokdM8eci3Nzkm/kPHwT5+V8nJ8LsOeCXIhv5sJ8CxfhW7ko38bF+HYuziW4JJfiO7g038ll+C4uy3dzOS7PFbgi38OV+F6uzPdxFb6fq/IDXI0f5Or8ENfgh7km/4lr8SNcmx/lOlyX63F9bsCPcUN+nBtxY27CT3BTbsbN+UluwU9xS36aW/EzDKm/Hk3a8vPcjttzB36BO/KL3Ik7cyqncld+ibtxd+7BPbkXv8y9+ZX0Fw5A3I9f5/78Bg/gN3kgD+LBPISH8jAeziN4JI/i0fwWj+G3eSy/w+N4PE/giTyJJ/MUfpen8jSezu/xDH6fZ/Isns1zeC5/wPN4Pi/gD3khf8SLeDEv4aW8jJfzCl7Jq3g1r+G1vI7X8wbeyJv4Y97MW3grb+PtvIN38ie8iz/l3fwZ7+HPeS//mffxF7yfv+QD/BUf5K/5EH/Dh/lbPsLf8VE+xsf5ez7BP/BJPsWn+Uc+wz/xWf6Zz3FgiDFWsY5NHMXp4ivilDh9nGHvkjhjfFWcKb46TsTXxJnja+Ms8XVx1vj6OFt8Q5w9zhHnjG1MsYs5juNcce44Gd8Y54lvivPG+eL8cYHYxwXjQvHNceH4lrhIfGtcNL4tLhbfHhePS8SP3F8qviMuHd8Zl4nvisvGd8fl4vJxhbhifE9cKb43rhzfF1eJ74+LxA/E1eIH4+rxQ3GN+OG4ZvynuFb8SFw7fjSuE9eN68X14wbxY3HD+PG4Udw4bhI/ETeNm8XN4yfjFvFTccv46T9cnxp3ibvGL8UvxSHcp2cn5yTnJj9IzkvOT17cBRYlFyeXJJcmlyWXJ1ckVyZXJVcn1yTXJtcl1yc3JDcmQ6h4BXj0ymtvfOTT+St8ik/vM/grfUZ/lc/kr/YJf43P7K/1Wfx1Pqu/3mfzN/jsPofP6a0n7zz72OfyuX3S3+jz+Jt8Xp/P5/cFvPcFfSFf3zfwDXxD/7hv5Bv7Jv4J/4Rv5pv5J/2T/inf0j/tW/lnfGv/rG/jn/PP+ed9O9/ed/Av+I7+Rd/Jd/apPtV39V19N9/N9/A9fC/fy/f2vX0f38f39X19P9/P9/f9/QA/wA/0A/1gP9gPBfDD/XA/0o/0o/1oP8aP8WP9WD/Oj/MT/AQ/yU/yU/wUP9VP9dP9dD8j7ww/08/0s/1sP9fP9fP8PL/AL/AL/UK/yC/yS/wSv8wv8yv8Cr/Kr/Jr/Bq/zq/zG/wGv8lv8pv9Zr/Vb/Xb/Xa/0+/0u/wuv9vv9nv8Hr/X7/X7/D6/33/pD/iv/EH/tT/kv/GH/bf+iP/OH/XH/HH/vT/hf/An/Sl/2v/oz/if/Fn/sz/ngx+deCsxJvF2YmzincS4xPjEhMTExKTE5MSUxLuJqYlpiemJ9xIzEu8nZiZmJWYn5iTmJj5IzEvMTyxIfJhYmPgosSixOLEksTSxLLE8EUKOzXHIFXKHZLgx5Ak3hbwhX8gfCgQfCoZC4eZQONwSioRbQ9FwWygWbg/FQ4lQMjwa6oS6oV6oHxqEx0LD8HhoFBqHJuGJ0DQ0C83Dk6FFeCq0DE+HVuGZ0Do8G9qE50Lb8HxoF9qHDuGF0DG8GDqFziE1dAldw0uhW+geeoSeoVd4OfQOr4Q+4dXQN7wW+oXXQ//wRhgQ3gwDw6AwOAwJQ8OwMDyMCCPDqDA6vBXGhLfD2PBOGBfGhwlhYpgUJocp4d0wNUwL08N7YUZ4P8wMs8LsMCfMDR+EeWF+WBA+DAvDR2FRWByWhKVhWVgeVoSVYVXAC++V9WFD2Bg2hY/D5rAlbA3bwvawI+wMn4Rd4dOwO3wW9oTPw97w57AvfBH2hy/DgfBVOBi+DofCN+Fw+DYcCd+Fo+FYOB6+DyfCD+FkOBVOhx/DmfBTOBt+Dufkf9aEEEIIIf4mY/5gfZe/8jt1YTmvKwBcteWGA79drwFgXdZfx91V9qYJAHiqc9uHLy7lyqWmXrj0hkUaotyzACAB6S7m//L9A4lfx4uhCTSDFtAYCv/V+rqr9mf4D+ZP3gaQ4Tc5KXApDp0vzn/LfzP/sBl/OP8sgLy5L+Wcv0K8GF+qv8h/M//1Df9g/vRfjAZo9JucjHApvjR/IXgcnoYWf/FIIYQQQgghhBDiV91VydZ/dH17/vo8u7mUcwVcihcD/o/X50IIIYQQQgghhLj8nm3f4cnHWrRo3DpNDrr8vekaLn/x/86BvrC7/GZV/mLwf+VFuPjHLP8p9fxHDC7jh5IQQgghhBDiX+LSSf/lrkQIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhEi7/h1fJ3a5t1EIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYS43P5fAAAA//8Y+BtI") chdir(&(0x7f0000000040)='./file0\x00') r0 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x10) pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0xfea7}], 0x1, 0x0, 0x0, 0x0) creat(&(0x7f0000004280)='./bus\x00', 0x0) kernel console output (not intermixed with test programs): [ 753.823703][T11597] ntfs: (device loop2): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 753.855856][ T4214] pwc: send_video_command error -71 [ 753.884696][T11597] ntfs: (device loop2): read_ntfs_boot_sector(): Primary boot sector is invalid. [ 753.886802][ T4214] pwc: Failed to set video mode VGA@30 fps; return code = -71 [ 754.162457][T11597] ntfs: (device loop2): read_ntfs_boot_sector(): Hot-fix: Recovering invalid primary boot sector from backup copy. [ 754.244297][T11597] ntfs: (device loop2): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 754.341191][T11597] ntfs: (device loop2): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 754.419728][ T4214] Philips webcam: probe of 6-1:0.0 failed with error -71 [ 754.646098][ T4214] usb 6-1: USB disconnect, device number 3 [ 754.712047][T11597] ntfs: (device loop2): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 754.732797][T11597] ntfs: (device loop2): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x200 because its location on disk could not be determined even after retrying (error code -5). [ 754.858502][T11597] ntfs: (device loop2): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 754.928641][T11597] ntfs: (device loop2): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 755.318472][T11597] ntfs: (device loop2): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 755.341290][T11597] ntfs: volume version 3.1. [ 756.218092][ T4214] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 757.703188][ T4214] usb 6-1: device descriptor read/all, error -71 [ 758.614254][T11666] loop5: detected capacity change from 0 to 256 [ 758.931969][T11666] FAT-fs (loop5): Directory bread(block 64) failed [ 758.938756][T11666] FAT-fs (loop5): Directory bread(block 65) failed [ 759.192027][T11666] FAT-fs (loop5): Directory bread(block 66) failed [ 759.239799][T11666] FAT-fs (loop5): Directory bread(block 67) failed [ 759.292311][T11666] FAT-fs (loop5): Directory bread(block 68) failed [ 759.299236][T11666] FAT-fs (loop5): Directory bread(block 69) failed [ 759.397588][T11666] FAT-fs (loop5): Directory bread(block 70) failed [ 759.440909][T11666] FAT-fs (loop5): Directory bread(block 71) failed [ 759.490072][T11666] FAT-fs (loop5): Directory bread(block 72) failed [ 759.580921][T11666] FAT-fs (loop5): Directory bread(block 73) failed [ 759.749512][T11666] attempt to access beyond end of device [ 759.749512][T11666] loop5: rw=0, want=1820, limit=256 [ 760.007745][T11666] FAT-fs (loop5): error, fat_free: invalid cluster chain (i_pos 326) [ 760.620853][T11666] FAT-fs (loop5): Filesystem has been set read-only [ 760.631303][T11666] FAT-fs (loop5): error, fat_free: invalid cluster chain (i_pos 326) [ 761.774974][T11694] loop5: detected capacity change from 0 to 512 [ 762.166670][T11694] UDF-fs: warning (device loop5): udf_load_vrs: No VRS found [ 762.211270][T11694] UDF-fs: Scanning with blocksize 512 failed [ 762.275239][T11694] UDF-fs: warning (device loop5): udf_load_vrs: No VRS found [ 762.323665][T11694] UDF-fs: Scanning with blocksize 1024 failed [ 762.363914][T11694] UDF-fs: warning (device loop5): udf_load_vrs: No VRS found [ 762.413516][T11694] UDF-fs: Scanning with blocksize 2048 failed [ 762.460088][T11694] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256 [ 762.484086][T11694] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 766.874954][T11735] Bluetooth: hci2: Frame reassembly failed (-84) [ 768.690080][T11749] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1564'. [ 768.710868][T11749] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1564'. [ 768.991143][ T4173] Bluetooth: hci2: Entering manufacturer mode failed (-110) [ 770.534646][T11764] loop5: detected capacity change from 0 to 8192 [ 770.821430][T11764] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 771.011102][T11764] REISERFS (device loop5): using ordered data mode [ 771.017765][T11764] reiserfs: using flush barriers [ 771.050937][T11764] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 771.706148][T11764] REISERFS (device loop5): checking transaction log (loop5) [ 772.513897][T11793] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 774.877154][T11764] REISERFS (device loop5): Using tea hash to sort names [ 775.227184][T11764] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [ 775.367491][T11827] Bluetooth: hci2: Frame reassembly failed (-84) [ 776.885566][T11850] loop5: detected capacity change from 0 to 128 [ 778.191665][ T4173] Bluetooth: hci2: Entering manufacturer mode failed (-110) [ 778.976753][T11870] loop2: detected capacity change from 0 to 512 [ 779.041179][T11878] loop5: detected capacity change from 0 to 256 [ 779.285881][T11870] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 779.308703][T11870] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=2802c018, mo2=0002] [ 779.340945][T11870] System zones: 0-2, 18-18, 34-35 [ 779.347317][T11870] EXT4-fs (loop2): mounted filesystem without journal. Opts: lazytime,noinit_itable,debug,,errors=continue. Quota mode: writeback. [ 779.591301][ T26] kauditd_printk_skb: 10 callbacks suppressed [ 779.591342][ T26] audit: type=1800 audit(1739470058.820:48): pid=11885 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1593" name="bus" dev="loop5" ino=1048677 res=0 errno=0 [ 781.108983][T11921] Bluetooth: hci2: Frame reassembly failed (-84) [ 781.235016][ T4348] Bluetooth: hci2: Frame reassembly failed (-84) [ 781.823208][T11925] loop2: detected capacity change from 0 to 512 [ 781.831657][T11924] loop5: detected capacity change from 0 to 512 [ 781.924967][T11925] EXT4-fs error (device loop2): ext4_init_orphan_info:586: comm syz.2.1605: inode #0: comm syz.2.1605: iget: illegal inode # [ 781.944463][T11925] EXT4-fs (loop2): Remounting filesystem read-only [ 781.972719][T11924] EXT4-fs (loop5): mounted filesystem without journal. Opts: grpid,grpquota,,errors=continue. Quota mode: writeback. [ 781.996493][T11925] EXT4-fs (loop2): get orphan inode failed [ 782.034526][T11924] ext4 filesystem being mounted at /24/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 782.063809][T11925] EXT4-fs (loop2): mount failed [ 783.203663][ T4173] Bluetooth: hci2: Entering manufacturer mode failed (-110) [ 783.461355][ T4214] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 783.780285][T11986] loop5: detected capacity change from 0 to 512 [ 783.821137][ T4214] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xB has an invalid bInterval 139, changing to 11 [ 783.846436][ T4214] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid maxpacket 34695, setting to 1024 [ 783.919386][T11986] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 784.004118][T11986] EXT4-fs error (device loop5): mb_free_blocks:1865: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt. [ 784.021270][ T4214] usb 3-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99 [ 784.023108][T11986] EXT4-fs error (device loop5): ext4_do_update_inode:5174: inode #11: comm syz.5.1624: corrupted inode contents [ 784.030424][ T4214] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 784.061171][T11986] EXT4-fs error (device loop5): ext4_dirty_inode:6010: inode #11: comm syz.5.1624: mark_inode_dirty error [ 784.081749][T11986] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #11: comm syz.5.1624: invalid indirect mapped block 1 (level 1) [ 784.118865][T11986] EXT4-fs error (device loop5): ext4_do_update_inode:5174: inode #11: comm syz.5.1624: corrupted inode contents [ 784.161328][T11986] EXT4-fs error (device loop5) in ext4_orphan_del:305: Corrupt filesystem [ 784.175276][ T4214] usb 3-1: Product: syz [ 784.181118][T11986] EXT4-fs error (device loop5): ext4_do_update_inode:5174: inode #11: comm syz.5.1624: corrupted inode contents [ 784.200908][ T4214] usb 3-1: Manufacturer: syz [ 784.205571][ T4214] usb 3-1: SerialNumber: syz [ 784.219286][T11986] EXT4-fs error (device loop5): ext4_truncate:4272: inode #11: comm syz.5.1624: mark_inode_dirty error [ 784.258427][ T4214] usb 3-1: config 0 descriptor?? [ 784.278449][T11986] EXT4-fs error (device loop5) in ext4_process_orphan:347: Corrupt filesystem [ 784.301208][T11925] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 784.321182][T11986] EXT4-fs (loop5): 1 truncate cleaned up [ 784.326862][T11986] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 784.691866][ T4214] usb 3-1: USB disconnect, device number 4 [ 785.300937][T12019] Bluetooth: hci2: Frame reassembly failed (-84) [ 786.473966][T12011] udevd[12011]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 786.557124][T12039] loop5: detected capacity change from 0 to 512 [ 786.907156][T12039] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock [ 787.082093][T12039] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock [ 787.327304][T12039] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 1 overlaps superblock [ 787.760516][T12039] EXT4-fs (loop5): revision level too high, forcing read-only mode [ 787.796820][T12039] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=c040e118, mo2=0000] [ 787.872751][T12039] EXT4-fs (loop5): orphan cleanup on readonly fs [ 787.927336][T12039] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz.5.1636: bg 0: block 34: padding at end of block bitmap is not set [ 788.073003][ T4173] Bluetooth: hci2: Entering manufacturer mode failed (-110) [ 788.084403][T11111] Bluetooth: hci2: command 0xfc11 tx timeout [ 788.114660][T12039] Quota error (device loop5): write_blk: dquota write failed [ 788.246332][T12039] Quota error (device loop5): qtree_write_dquot: Error -28 occurred while creating quota [ 788.408281][T12039] EXT4-fs error (device loop5): ext4_acquire_dquot:6197: comm syz.5.1636: Failed to acquire dquot type 1 [ 788.826557][T12039] EXT4-fs (loop5): 1 truncate cleaned up [ 788.883939][T12039] EXT4-fs (loop5): mounted filesystem without journal. Opts: noload,bsdgroups,nogrpid,noblock_validity,,errors=continue. Quota mode: writeback. [ 789.383291][T12097] device ip6gre1 entered promiscuous mode [ 789.667441][T12111] loop5: detected capacity change from 0 to 8 [ 789.869020][T12117] Bluetooth: hci2: Frame reassembly failed (-84) [ 789.949314][ T9082] Bluetooth: hci2: Frame reassembly failed (-84) [ 789.973952][T12111] MTD: Attempt to mount non-MTD device "/dev/loop5" [ 790.033685][ T9082] Bluetooth: hci2: Frame reassembly failed (-84) [ 790.578838][T12111] cramfs: Error -3 while decompressing! [ 790.621068][T12111] cramfs: ffffffff96bbb2a8(26)->ffff88800c7cd000(4096) [ 790.637298][T12111] cramfs: Error -3 while decompressing! [ 790.653757][T12111] cramfs: ffffffff96bbb2c2(282)->ffff8880598bb000(4096) [ 790.660751][T12111] cramfs: bad data blocksize 4294966884 [ 790.702326][T12122] loop2: detected capacity change from 0 to 256 [ 790.715000][T12111] cramfs: Error -3 while decompressing! [ 790.750896][T12111] cramfs: ffffffff96bbb2a8(26)->ffff88800c7cd000(4096) [ 790.778481][ T26] audit: type=1800 audit(1739470070.090:49): pid=12111 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.1657" name="file2" dev="loop5" ino=348 res=0 errno=0 [ 791.043654][T12132] loop5: detected capacity change from 0 to 1024 [ 791.233203][ T9082] hfsplus: b-tree write err: -5, ino 4 [ 791.588498][T12147] loop5: detected capacity change from 0 to 2048 [ 791.724996][T12147] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 791.940898][ T4173] Bluetooth: hci2: Entering manufacturer mode failed (-110) [ 792.012968][T12155] loop2: detected capacity change from 0 to 64 [ 792.171038][ T1110] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 792.421433][ T1110] usb 6-1: Using ep0 maxpacket: 16 [ 792.541115][ T1110] usb 6-1: config 0 has an invalid interface number: 105 but max is 0 [ 792.559712][ T1110] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 792.603377][ T1110] usb 6-1: config 0 has no interface number 0 [ 792.761153][ T1110] usb 6-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28 [ 792.781393][ T1110] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 792.797964][ T1110] usb 6-1: Product: syz [ 792.805714][ T1110] usb 6-1: Manufacturer: syz [ 792.810348][ T1110] usb 6-1: SerialNumber: syz [ 792.843314][ T1110] usb 6-1: config 0 descriptor?? [ 792.893699][ T1110] usb 6-1: Found UVC 0.00 device syz (046d:08f3) [ 792.908630][ T1110] usb 6-1: No valid video chain found. [ 792.990299][T12191] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1677'. [ 793.137818][ T4216] usb 6-1: USB disconnect, device number 6 [ 793.357932][T12202] kernel read not supported for file /½ lhObíñ~åÑhþµ“3žJÇÈyûxÐîÃüv÷Lª=QäRúnÁ·FGr‚¥òqðςû~QV7¶·"qHá—Éd0ú†øˆ¹‰ý%NnyµƒÝD (pid: 12202 comm: syz.1.1681) [ 793.381462][ T26] audit: type=1800 audit(1739470072.700:50): pid=12202 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1681" name=BD16206C684F62EDF17EE501D168FEB51D9093339E8F064AC7C879FB78D0EEC3FC76F74CAA3D51E452FA6EC1B746477282A5F28F71F0CF82C3BB7E517F567F37B6B7227148E11197C964309DFA86F888B989FD254E6E79B503831CDD4402 dev="mqueue" ino=60343 res=0 errno=0 [ 793.897131][T12231] loop5: detected capacity change from 0 to 512 [ 794.253501][T12231] EXT4-fs (loop5): orphan cleanup on readonly fs [ 794.265835][T12231] Quota error (device loop5): find_tree_dqentry: Getting block too big (196613 >= 6) [ 794.294450][T12231] Quota error (device loop5): qtree_read_dquot: Can't read quota structure for id 0 [ 794.390964][T12231] EXT4-fs error (device loop5): ext4_acquire_dquot:6197: comm syz.5.1686: Failed to acquire dquot type 1 [ 794.492777][T12231] EXT4-fs (loop5): 1 truncate cleaned up [ 794.537616][T12231] EXT4-fs (loop5): mounted filesystem without journal. Opts: bsdgroups,noinit_itable,noblock_validity,grpjquota=,grpjquota=,noquota,sysvgroups,noload,nodiscard,,errors=continue. Quota mode: writeback. [ 794.677373][T12231] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended [ 794.877403][T12231] EXT4-fs warning (device loop5): ext4_multi_mount_protect:340: MMP startup interrupted, failing mount [ 794.877403][T12231] [ 795.144939][T12262] loop5: detected capacity change from 0 to 128 [ 795.216487][T12251] loop2: detected capacity change from 0 to 32768 [ 795.253787][T12262] EXT4-fs (loop5): Test dummy encryption mode enabled [ 795.322205][T12262] EXT4-fs (loop5): mounted filesystem without journal. Opts: test_dummy_encryption,,errors=continue. Quota mode: none. [ 795.371108][T12262] ext4 filesystem being mounted at /36/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 795.798729][T12262] fscrypt: AES-256-XTS using implementation "xts-aes-aesni" [ 795.921633][T12251] JFS: charset not found [ 796.265746][T12299] loop5: detected capacity change from 0 to 512 [ 796.415966][T12299] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 796.470136][T12299] EXT4-fs (loop5): 1 truncate cleaned up [ 796.487534][T12299] EXT4-fs (loop5): mounted filesystem without journal. Opts: auto_da_alloc,min_batch_time=0x0000000000000fff,journal_dev=0x0000000000000005,user_xattr,abort,max_batch_time=0x0000000000000004,,errors=continue. Quota mode: none. [ 796.758918][T12319] loop2: detected capacity change from 0 to 128 [ 797.347744][T12319] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 797.561312][T12319] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 797.665181][T12329] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 798.614750][T12371] loop2: detected capacity change from 0 to 256 [ 800.075456][ T8297] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 800.336417][T12403] loop2: detected capacity change from 0 to 4096 [ 800.419324][ T26] audit: type=1326 audit(1739470079.730:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12406 comm="syz.5.1729" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde27839de9 code=0x7ffc0000 [ 800.471063][ T8297] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 800.500938][ T26] audit: type=1326 audit(1739470079.770:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12406 comm="syz.5.1729" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde27839de9 code=0x7ffc0000 [ 800.517819][ T8297] usb 2-1: New USB device found, idVendor=04b4, idProduct=bca1, bcdDevice= 0.00 [ 800.570083][T12415] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 800.588557][ T8297] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 800.641853][ T8297] usb 2-1: config 0 descriptor?? [ 800.704522][T12403] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=12) [ 800.797024][T12403] Remounting filesystem read-only [ 800.931233][ T9708] NILFS (loop2): discard dirty page: offset=0, ino=6 [ 800.970726][ T9708] NILFS (loop2): discard dirty block: blocknr=23, size=4096 [ 800.982229][ T9708] NILFS (loop2): discard dirty page: offset=4096, ino=6 [ 800.989729][ T9708] NILFS (loop2): discard dirty block: blocknr=24, size=4096 [ 801.020149][ T9708] NILFS (loop2): discard dirty page: offset=8192, ino=6 [ 801.035510][ T9708] NILFS (loop2): discard dirty block: blocknr=25, size=4096 [ 801.077847][T12434] loop5: detected capacity change from 0 to 256 [ 801.182760][ T8297] cypress 0003:04B4:BCA1.0004: item fetching failed at offset 0/3 [ 801.201845][ T8297] cypress 0003:04B4:BCA1.0004: parse failed [ 801.207822][ T8297] cypress: probe of 0003:04B4:BCA1.0004 failed with error -22 [ 801.424394][T11111] usb 2-1: USB disconnect, device number 6 [ 802.321172][T12456] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 806.351259][ T5912] Bluetooth: hci5: command 0x0406 tx timeout [ 807.454997][T12569] tipc: Started in network mode [ 807.512047][T12569] tipc: Node identity ffffffff, cluster identity 4711 [ 807.572669][T12569] tipc: Node number set to 4294967295 [ 807.664515][T12565] ipt_CLUSTERIP: Please specify destination IP [ 807.770878][ T1110] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 808.663758][ T1422] ieee802154 phy0 wpan0: encryption failed: -22 [ 808.675002][ T1422] ieee802154 phy1 wpan1: encryption failed: -22 [ 809.191419][ T5912] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 809.561069][ T1110] usb 3-1: unable to read config index 0 descriptor/all [ 809.572798][ T1110] usb 3-1: can't read configurations, error -71 [ 809.835699][T11111] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 809.901431][ T5912] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 810.131032][T11111] usb 2-1: Using ep0 maxpacket: 32 [ 810.161207][ T5912] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 810.219110][ T5912] usb 6-1: New USB device found, idVendor=0eef, idProduct=72d0, bcdDevice= 0.00 [ 810.220002][T12605] netlink: 4 bytes leftover after parsing attributes in process `syz.9.1775'. [ 810.247804][ T5912] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 810.261111][T11111] usb 2-1: config 0 has an invalid interface number: 184 but max is 0 [ 810.284784][T11111] usb 2-1: config 0 has no interface number 0 [ 810.319491][ T5912] usb 6-1: config 0 descriptor?? [ 810.331032][T11111] usb 2-1: config 0 interface 184 has no altsetting 0 [ 810.501372][T11111] usb 2-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 810.515981][T11111] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 810.539672][T11111] usb 2-1: Product: syz [ 810.552990][T11111] usb 2-1: Manufacturer: syz [ 810.572382][T11111] usb 2-1: SerialNumber: syz [ 810.616338][T11111] usb 2-1: config 0 descriptor?? [ 810.682651][T11111] smsc75xx v1.0.0 [ 810.819383][ T5912] hid-multitouch 0003:0EEF:72D0.0005: hidraw0: USB HID v0.00 Device [HID 0eef:72d0] on usb-dummy_hcd.5-1/input0 [ 810.934143][T11111] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -71 [ 810.962499][T11111] smsc75xx: probe of 2-1:0.184 failed with error -71 [ 811.105160][ T4216] usb 6-1: USB disconnect, device number 7 [ 811.183056][T11111] usb 2-1: USB disconnect, device number 7 [ 812.247560][T12628] loop2: detected capacity change from 0 to 32768 [ 812.704795][T12628] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop2 scanned by syz.2.1778 (12628) [ 812.922970][T12628] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm [ 812.971088][T12628] BTRFS info (device loop2): force zlib compression, level 3 [ 812.981206][T12628] BTRFS info (device loop2): force clearing of disk cache [ 812.988761][T12628] BTRFS info (device loop2): setting nodatasum [ 813.029512][T12628] BTRFS info (device loop2): allowing degraded mounts [ 813.055874][T12628] BTRFS info (device loop2): enabling disk space caching [ 813.101070][T12628] BTRFS info (device loop2): disk space caching is enabled [ 813.153707][T12628] BTRFS info (device loop2): has skinny extents [ 813.453387][T12628] BTRFS info (device loop2): clearing free space tree [ 813.511406][T12628] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 813.560825][T12628] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 813.812588][T12628] BTRFS warning (device loop2): can't clear the compat:0,compat:1,compat:2,compat:4,compat:7,compat:9,compat:11,compat:14,compat:17,compat:20,compat:21,compat:22,compat:25,compat:27,compat:28,compat:29,compat:32,compat:33,compat:35,compat:36,compat:37,compat:40,compat:43,compat:44,compat:48,compat:50,compat:54,compat:56,compat:58,compat:59,compat:60,compat:61,compat:63 feature bits while mounted [ 813.970254][T12720] netlink: 28 bytes leftover after parsing attributes in process `syz.9.1796'. [ 815.363416][T12712] Unrecognized hibernate image header format! [ 815.391001][T12712] PM: hibernation: Image mismatch: architecture specific data [ 816.283176][T12012] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 10 /dev/loop2 scanned by udevd (12012) [ 817.189818][T12785] loop2: detected capacity change from 0 to 256 [ 817.534701][T12794] loop5: detected capacity change from 0 to 1024 [ 817.737956][ T26] audit: type=1800 audit(1739470097.050:53): pid=12785 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1809" name="bus" dev="loop2" ino=1048679 res=0 errno=0 [ 820.081059][ T1110] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 820.110866][ T4216] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 820.361333][ T4216] usb 6-1: Using ep0 maxpacket: 8 [ 820.441244][ T1110] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 820.468527][ T1110] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 820.491054][ T4216] usb 6-1: config 0 has an invalid interface number: 150 but max is 0 [ 820.500416][ T1110] usb 3-1: New USB device found, idVendor=05a4, idProduct=8003, bcdDevice= 0.00 [ 820.516175][ T4216] usb 6-1: config 0 has an invalid interface number: 112 but max is 0 [ 820.559645][ T1110] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 820.568341][ T4216] usb 6-1: config 0 has an invalid interface number: 3 but max is 0 [ 820.578163][ T4216] usb 6-1: config 0 has 3 interfaces, different from the descriptor's value: 1 [ 820.596502][ T1110] usb 3-1: config 0 descriptor?? [ 820.602083][ T4216] usb 6-1: config 0 has no interface number 0 [ 820.608333][ T4216] usb 6-1: config 0 has no interface number 1 [ 820.621463][ T4216] usb 6-1: config 0 has no interface number 2 [ 820.631231][ T4216] usb 6-1: config 0 interface 150 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 820.677167][ T4216] usb 6-1: too many endpoints for config 0 interface 112 altsetting 233: 104, using maximum allowed: 30 [ 820.730217][ T4216] usb 6-1: config 0 interface 112 altsetting 233 has 1 endpoint descriptor, different from the interface descriptor's value: 104 [ 820.806238][ T4216] usb 6-1: config 0 interface 150 has no altsetting 0 [ 820.822897][ T4216] usb 6-1: config 0 interface 112 has no altsetting 0 [ 821.645797][ T4216] usb 6-1: New USB device found, idVendor=1395, idProduct=0300, bcdDevice=81.75 [ 821.655962][ T4216] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 821.683287][ T1110] ortek 0003:05A4:8003.0006: unknown main item tag 0x0 [ 821.690216][ T1110] ortek 0003:05A4:8003.0006: unknown main item tag 0x0 [ 821.699001][ T4216] usb 6-1: config 0 descriptor?? [ 821.705281][ T1110] ortek 0003:05A4:8003.0006: unknown main item tag 0x0 [ 821.713351][ T1110] ortek 0003:05A4:8003.0006: unknown main item tag 0x0 [ 821.720347][ T1110] ortek 0003:05A4:8003.0006: unknown main item tag 0x0 [ 821.748316][ T1110] ortek 0003:05A4:8003.0006: hidraw0: USB HID v0.00 Device [HID 05a4:8003] on usb-dummy_hcd.2-1/input0 [ 821.965923][ T1110] usb 3-1: USB disconnect, device number 7 [ 822.101852][ T4216] usb 6-1: string descriptor 0 read error: -71 [ 822.149611][ T4216] usb 6-1: USB disconnect, device number 8 [ 822.699412][T12903] loop5: detected capacity change from 0 to 256 [ 823.125044][T12904] loop2: detected capacity change from 0 to 4096 [ 823.891012][ T26] audit: type=1800 audit(1739470103.200:54): pid=12904 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1834" name="file1" dev="loop2" ino=30 res=0 errno=0 [ 825.431141][ T4179] Bluetooth: hci0: link tx timeout [ 825.437130][ T4179] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa [ 825.455412][ T4179] Bluetooth: hci0: link tx timeout [ 825.460619][ T4179] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa [ 827.030279][T12941] loop2: detected capacity change from 0 to 32768 [ 827.087052][T12979] loop5: detected capacity change from 0 to 128 [ 827.285164][T12941] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.1844 (12941) [ 827.415159][T12941] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 827.461425][T12941] BTRFS info (device loop2): using free space tree [ 827.484182][T12941] BTRFS info (device loop2): has skinny extents [ 827.561715][ T23] Bluetooth: hci0: command 0x0406 tx timeout [ 827.750991][T12941] BTRFS info (device loop2): enabling ssd optimizations [ 827.901260][ T23] usb 6-1: new full-speed USB device number 9 using dummy_hcd [ 828.270952][ T23] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 828.302655][ T23] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 1024, setting to 64 [ 828.506087][ T23] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 828.537876][ T23] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 828.701194][T13059] loop2: detected capacity change from 0 to 1024 [ 828.745252][ T23] usb 6-1: Product: syz [ 828.749555][ T23] usb 6-1: Manufacturer: syz [ 828.755280][ T23] usb 6-1: SerialNumber: syz [ 829.008712][T12989] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 829.481102][ T23] cdc_ncm 6-1:1.0: failed GET_NTB_PARAMETERS [ 829.491365][ T23] cdc_ncm 6-1:1.0: bind() failure [ 829.526669][ T23] cdc_ncm 6-1:1.1: CDC Union missing and no IAD found [ 829.555479][ T23] cdc_ncm 6-1:1.1: bind() failure [ 829.602921][ T23] usb 6-1: USB disconnect, device number 9 [ 832.804397][T13095] loop2: detected capacity change from 0 to 32768 [ 832.899200][T13095] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz.2.1872 (13095) [ 833.004298][T13095] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 833.021271][T13095] BTRFS info (device loop2): turning on sync discard [ 833.028009][T13095] BTRFS info (device loop2): doing ref verification [ 833.091143][T13095] BTRFS info (device loop2): disabling tree log [ 833.097488][T13095] BTRFS info (device loop2): enabling ssd optimizations [ 833.187070][T13111] loop5: detected capacity change from 0 to 32768 [ 833.216897][T13095] BTRFS info (device loop2): using spread ssd allocation scheme [ 833.266858][T13095] BTRFS info (device loop2): not using ssd optimizations [ 833.320501][T13095] BTRFS info (device loop2): not using spread ssd allocation scheme [ 833.330919][T13111] JBD2: Ignoring recovery information on journal [ 833.352669][T13095] BTRFS info (device loop2): using free space tree [ 833.359337][T13095] BTRFS info (device loop2): has skinny extents [ 834.198908][T13111] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 834.802823][T13095] BTRFS error (device loop2): open_ctree failed [ 835.021164][T10842] ocfs2: Unmounting device (7,5) on (node local) [ 835.384419][T13203] loop2: detected capacity change from 0 to 256 [ 836.808012][ T26] audit: type=1800 audit(1739470116.120:55): pid=13203 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1894" name="bus" dev="loop2" ino=1048681 res=0 errno=0 [ 836.949639][T13219] loop5: detected capacity change from 0 to 256 [ 837.479851][ T26] audit: type=1800 audit(1739470116.770:56): pid=13230 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1900" name="bus" dev="loop5" ino=1048682 res=0 errno=0 [ 838.954312][T13261] loop5: detected capacity change from 0 to 1024 [ 840.702367][T13290] loop5: detected capacity change from 0 to 4096 [ 840.786929][T13290] ntfs3: loop5: Different NTFS' sector size (4096) and media sector size (512) [ 842.081952][T13318] loop2: detected capacity change from 0 to 256 [ 842.374491][ T4213] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 842.650989][ T4213] usb 2-1: Using ep0 maxpacket: 32 [ 842.771189][ T4213] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 842.810896][ T4213] usb 2-1: New USB device found, idVendor=1b1c, idProduct=1c05, bcdDevice= 0.00 [ 842.858851][ T4213] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 842.948748][ T4213] usb 2-1: config 0 descriptor?? [ 843.066038][T13337] loop2: detected capacity change from 0 to 4096 [ 843.177354][T13315] loop5: detected capacity change from 0 to 40427 [ 843.236023][T13337] ntfs3: loop2: try to read out of volume at offset 0x3fffffc0c00 [ 843.275043][T13337] ntfs3: loop2: try to read out of volume at offset 0x3fffffc0c00 [ 843.309532][T13337] ntfs3: loop2: try to read out of volume at offset 0x3fffffc0c00 [ 843.317506][T13337] ntfs3: loop2: try to read out of volume at offset 0x3fffffc0c00 [ 843.325604][T13337] ntfs3: loop2: try to read out of volume at offset 0x3fffffc1c00 [ 843.340861][T13315] F2FS-fs (loop5): Invalid SB checksum offset: 0 [ 843.348666][T13337] ntfs3: loop2: try to read out of volume at offset 0x3fffffc2c00 [ 843.367262][T13315] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 843.583966][T13337] ntfs3: loop2: try to read out of volume at offset 0x3fffffc4c00 [ 843.819005][T13337] ntfs3: loop2: try to read out of volume at offset 0x3fffffc8c00 [ 844.017840][T13315] F2FS-fs (loop5): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 844.059756][T13337] ntfs3: loop2: try to read out of volume at offset 0x3fffffd0c00 [ 844.101255][T13337] ntfs3: loop2: try to read out of volume at offset 0x3fffffe0c00 [ 844.145128][ T4213] corsair-psu 0003:1B1C:1C05.0007: unbalanced collection at end of report description [ 844.156260][ T4213] corsair-psu: probe of 0003:1B1C:1C05.0007 failed with error -22 [ 844.184603][ T4213] usb 2-1: USB disconnect, device number 8 [ 844.413109][T13315] F2FS-fs (loop5): Try to recover 2th superblock, ret: 0 [ 844.420198][T13315] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 844.535062][T13367] loop2: detected capacity change from 0 to 256 [ 844.621584][T13367] exfat: Deprecated parameter 'namecase' [ 844.668167][T13367] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d) [ 844.852649][T10842] attempt to access beyond end of device [ 844.852649][T10842] loop5: rw=2049, want=45104, limit=40427 [ 845.392488][T13384] loop2: detected capacity change from 0 to 8192 [ 845.849524][T13384] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 845.859507][T13384] REISERFS (device loop2): using ordered data mode [ 845.866311][T13384] reiserfs: using flush barriers [ 845.893146][T13384] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 846.041783][T13384] REISERFS (device loop2): checking transaction log (loop2) [ 846.481015][T12761] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 846.912118][T12761] usb 6-1: Using ep0 maxpacket: 32 [ 847.031124][T12761] usb 6-1: config 9 has an invalid interface number: 122 but max is 0 [ 847.039537][T12761] usb 6-1: config 9 has no interface number 0 [ 847.070047][T12761] usb 6-1: config 9 interface 122 altsetting 6 endpoint 0xB has invalid maxpacket 1023, setting to 64 [ 847.078975][T13384] REISERFS (device loop2): Using tea hash to sort names [ 847.091828][T13384] REISERFS warning (device loop2): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 4) not found (pos 2) [ 847.116190][T12761] usb 6-1: config 9 interface 122 has no altsetting 0 [ 847.131696][T13384] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 847.301012][T12761] usb 6-1: New USB device found, idVendor=0499, idProduct=1039, bcdDevice= 5.9e [ 847.310232][T12761] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 847.340853][T12761] usb 6-1: Product: syz [ 847.350696][T12761] usb 6-1: Manufacturer: syz [ 847.411061][T12761] usb 6-1: SerialNumber: syz [ 847.908285][T12761] snd-usb-audio: probe of 6-1:9.122 failed with error -2 [ 848.540011][ T4213] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 848.552107][T12761] usb 6-1: USB disconnect, device number 10 [ 848.589077][T12012] udevd[12012]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:9.122/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 848.878404][T13450] loop5: detected capacity change from 0 to 256 [ 849.011217][ T4213] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 33, using maximum allowed: 30 [ 849.042566][ T4213] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 26, changing to 8 [ 849.117438][ T4213] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 33 [ 849.171600][ T4213] usb 2-1: New USB device found, idVendor=1241, idProduct=5015, bcdDevice= 0.00 [ 849.198249][ T4213] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 849.300121][ T26] audit: type=1800 audit(1739470128.610:57): pid=13458 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1955" name="bus" dev="loop5" ino=1048687 res=0 errno=0 [ 849.979807][ T4213] usb 2-1: config 0 descriptor?? [ 850.462961][ T4213] holtek 0003:1241:5015.0008: item fetching failed at offset 2/4 [ 850.491316][ T4213] holtek 0003:1241:5015.0008: parse failed [ 850.497201][ T4213] holtek: probe of 0003:1241:5015.0008 failed with error -22 [ 850.555950][T13443] loop2: detected capacity change from 0 to 32768 [ 850.664414][ T4213] usb 2-1: USB disconnect, device number 9 [ 850.683181][T13443] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 850.716332][T13443] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 850.797991][T13443] gfs2: fsid=syz:syz.0: journal 0 mapped with 18 extents in 0ms [ 850.833920][T12738] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 850.851747][T12738] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 850.936906][T13466] loop5: detected capacity change from 0 to 32768 [ 851.001662][T13466] XFS: ikeep mount option is deprecated. [ 851.031777][T12738] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 180ms [ 851.052092][T12738] gfs2: fsid=syz:syz.0: jid=0: Done [ 851.060521][T13443] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 851.181283][T13466] XFS (loop5): Mounting V5 Filesystem [ 851.457287][T13466] XFS (loop5): Ending clean mount [ 851.491587][T13466] XFS (loop5): Quotacheck needed: Please wait. [ 851.644998][T13466] XFS (loop5): Quotacheck: Done. [ 851.938829][T13507] loop2: detected capacity change from 0 to 4096 [ 852.018219][T10842] XFS (loop5): Unmounting Filesystem [ 852.147203][T13507] NILFS (loop2): invalid segment: Checksum error in segment payload [ 852.201173][T13507] NILFS (loop2): trying rollback from an earlier position [ 852.326869][T13507] NILFS (loop2): recovery complete [ 852.371280][T13519] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 853.871458][T13184] usb 3-1: new full-speed USB device number 8 using dummy_hcd [ 854.017756][T13550] xt_policy: neither incoming nor outgoing policy selected [ 854.311233][T13184] usb 3-1: config index 0 descriptor too short (expected 5924, got 36) [ 854.327939][T13184] usb 3-1: config 250 has an invalid interface number: 228 but max is -1 [ 854.388282][T13557] loop5: detected capacity change from 0 to 4096 [ 854.413828][T13184] usb 3-1: config 250 has 1 interface, different from the descriptor's value: 0 [ 854.448498][T13184] usb 3-1: config 250 has no interface number 0 [ 854.468447][T13557] ntfs3: loop5: Different NTFS' sector size (4096) and media sector size (512) [ 854.494147][T13184] usb 3-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 64 [ 854.534540][T13184] usb 3-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0 [ 854.565508][T13184] usb 3-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17 [ 854.614680][T13184] usb 3-1: config 250 interface 228 has no altsetting 0 [ 854.761485][T13184] usb 3-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07 [ 854.775228][T13184] usb 3-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59 [ 854.821566][T13184] usb 3-1: Product: syz [ 854.863713][T13184] usb 3-1: SerialNumber: syz [ 854.942700][T13184] hub 3-1:250.228: bad descriptor, ignoring hub [ 854.950102][T13184] hub: probe of 3-1:250.228 failed with error -5 [ 855.143484][ T4179] Bluetooth: hci0: link tx timeout [ 855.148953][ T4179] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa [ 855.178560][ T4179] Bluetooth: hci0: link tx timeout [ 855.184317][ T4179] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa [ 855.485444][ T4179] Bluetooth: hci0: link tx timeout [ 855.490671][ T4179] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa [ 855.517160][T13184] usblp 3-1:250.228: usblp0: USB Bidirectional printer dev 8 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292 [ 855.595469][T13184] usb 3-1: USB disconnect, device number 8 [ 855.740160][T13184] usblp0: removed [ 856.151188][T11111] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 856.281403][ T4179] Bluetooth: hci0: link tx timeout [ 856.286888][ T4179] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa [ 856.380420][T13600] loop2: detected capacity change from 0 to 256 [ 857.202376][ T4179] Bluetooth: hci0: link tx timeout [ 857.207536][ T4179] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa [ 857.431407][T11111] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 857.443324][T11111] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 857.453636][T11111] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2db4, bcdDevice= 0.00 [ 857.463184][T11111] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 857.594208][T11111] usb 6-1: config 0 descriptor?? [ 857.652312][ T26] audit: type=1800 audit(1739470136.970:58): pid=13608 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1982" name="bus" dev="loop2" ino=1048688 res=0 errno=0 [ 857.749560][ T4179] Bluetooth: hci0: link tx timeout [ 857.755191][ T4179] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa [ 858.075700][T11111] konepure 0003:1E7D:2DB4.0009: hidraw0: USB HID v0.00 Device [HID 1e7d:2db4] on usb-dummy_hcd.5-1/input0 [ 858.263960][ T4179] Bluetooth: hci0: link tx timeout [ 858.269125][ T4179] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa [ 858.305028][ T1110] usb 6-1: USB disconnect, device number 11 [ 858.585941][ T4179] Bluetooth: hci0: link tx timeout [ 858.591578][ T4179] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa [ 859.018908][T13653] loop5: detected capacity change from 0 to 256 [ 859.029389][T13618] loop2: detected capacity change from 0 to 32768 [ 859.321872][T13618] ea_get: invalid extended attribute [ 859.330689][ T26] audit: type=1800 audit(1739470138.640:59): pid=13656 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1998" name="bus" dev="loop5" ino=1048689 res=0 errno=0 [ 859.366322][T13618] ea_get: invalid extended attribute [ 859.384826][ T26] audit: type=1800 audit(1739470138.700:60): pid=13618 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1987" name="file1" dev="loop2" ino=4 res=0 errno=0 [ 859.938332][T11111] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 860.321450][T11111] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 860.365206][T11111] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 860.473486][T11111] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 860.505777][T11111] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 860.551662][T11111] usb 2-1: SerialNumber: syz [ 860.872770][T11111] usb 2-1: 0:2 : does not exist [ 860.910442][T11111] usb 2-1: USB disconnect, device number 10 [ 861.152591][ T4179] Bluetooth: hci0: link tx timeout [ 861.157753][ T4179] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa [ 862.267259][T13739] program syz.5.2024 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 862.620979][ T4179] Bluetooth: hci0: link tx timeout [ 862.627288][ T4179] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa [ 863.570344][ T4179] Bluetooth: hci0: link tx timeout [ 863.576061][ T4179] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa [ 863.644251][T13752] loop2: detected capacity change from 0 to 512 [ 863.721255][T13756] loop5: detected capacity change from 0 to 256 [ 863.756124][T13752] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 863.823655][T13752] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 863.836117][T13752] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a84ee01c, mo2=0002] [ 863.844373][T13752] System zones: 1-12 [ 863.849527][T13752] EXT4-fs (loop2): orphan cleanup on readonly fs [ 863.861614][T13752] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz.2.2026: invalid indirect mapped block 2 (level 2) [ 863.882587][T13752] EXT4-fs (loop2): 1 truncate cleaned up [ 863.888368][T13752] EXT4-fs (loop2): mounted filesystem without journal. Opts: dioread_nolock,journal_dev=0x0000000000000d66,usrquota,nolazytime,abort,errors=continue. Quota mode: writeback. [ 863.976731][T13752] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 864.010880][T13752] EXT4-fs error (device loop2): ext4_remount:5855: comm syz.2.2026: Abort forced by user [ 864.281800][ T26] audit: type=1800 audit(1739470143.510:61): pid=13763 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2028" name="bus" dev="loop5" ino=1048690 res=0 errno=0 [ 865.007146][ T4179] Bluetooth: hci0: link tx timeout [ 865.012600][ T4179] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa [ 865.699291][T13794] loop2: detected capacity change from 0 to 128 [ 865.796484][T13794] VFS: Found a Xenix FS (block size = 1024) on device loop2 [ 865.925534][T13794] sysv_count_free_blocks: >flc_size entries in free-list block [ 866.015232][T13794] sysv_count_free_inodes: unable to read inode table [ 866.036573][T13794] sysv_count_free_blocks: >flc_size entries in free-list block [ 866.066414][T13794] sysv_count_free_inodes: unable to read inode table [ 866.237667][T13798] loop5: detected capacity change from 0 to 8 [ 866.390414][ T9708] sysv_free_block: flc_count > flc_size [ 866.442115][ T9708] sysv_free_block: flc_count > flc_size [ 866.541133][ T9708] sysv_free_block: flc_count > flc_size [ 866.640216][ T9708] sysv_free_block: flc_count > flc_size [ 866.746036][ T9708] sysv_free_block: flc_count > flc_size [ 866.849905][ T9708] sysv_free_block: flc_count > flc_size [ 866.956413][ T4179] Bluetooth: hci0: link tx timeout [ 866.961728][ T4179] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa [ 866.970101][ T4179] Bluetooth: hci0: link tx timeout [ 866.974739][ T9708] sysv_free_block: flc_count > flc_size [ 866.991238][ T4179] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa [ 867.011113][T13798] SQUASHFS error: xz decompression failed, data probably corrupt [ 867.019164][T13798] SQUASHFS error: Failed to read block 0x108: -5 [ 867.019923][ T9708] sysv_free_block: flc_count > flc_size [ 867.025951][T13798] SQUASHFS error: Unable to read metadata cache entry [106] [ 867.038945][T13798] SQUASHFS error: Unable to read inode 0x11f [ 867.052740][ T9708] sysv_free_block: flc_count > flc_size [ 867.058611][ T9708] sysv_free_block: flc_count > flc_size [ 867.067507][ T9708] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 868.273457][T13821] netlink: 596 bytes leftover after parsing attributes in process `syz.9.2046'. [ 868.313077][T13821] netlink: 596 bytes leftover after parsing attributes in process `syz.9.2046'. [ 868.375430][T13824] loop5: detected capacity change from 0 to 256 [ 868.813960][ T26] audit: type=1800 audit(1739470148.070:62): pid=13839 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2047" name="bus" dev="loop5" ino=1048691 res=0 errno=0 [ 869.211796][T13810] loop2: detected capacity change from 0 to 40427 [ 869.447868][T13810] F2FS-fs (loop2): invalid crc value [ 869.565443][T13810] F2FS-fs (loop2): Found nat_bits in checkpoint [ 869.754475][T13869] loop5: detected capacity change from 0 to 256 [ 869.810954][T13810] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 870.086972][ T26] audit: type=1800 audit(1739470149.400:63): pid=13873 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2057" name="bus" dev="loop5" ino=1048692 res=0 errno=0 [ 870.109274][ T1422] ieee802154 phy0 wpan0: encryption failed: -22 [ 870.120048][ T1422] ieee802154 phy1 wpan1: encryption failed: -22 [ 870.469328][T13810] syz.2.2040 (13810): drop_caches: 2 [ 871.174068][T13913] loop5: detected capacity change from 0 to 256 [ 871.568726][ T26] audit: type=1800 audit(1739470150.880:64): pid=13924 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2066" name="bus" dev="loop5" ino=1048693 res=0 errno=0 [ 871.778404][ T4179] Bluetooth: hci0: link tx timeout [ 871.783990][ T4179] Bluetooth: hci0: killing stalled connection 10:aa:aa:aa:aa:aa [ 871.791941][ T4179] Bluetooth: hci0: link tx timeout [ 871.797205][ T4179] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa [ 872.782525][ T13] usb 6-1: new low-speed USB device number 12 using dummy_hcd [ 872.831886][ T4179] Bluetooth: hci0: link tx timeout [ 872.837051][ T4179] Bluetooth: hci0: killing stalled connection 10:aa:aa:aa:aa:aa [ 872.847257][ T4179] Bluetooth: hci0: link tx timeout [ 872.852531][ T4179] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa [ 873.231186][ T13] usb 6-1: config index 0 descriptor too short (expected 1307, got 27) [ 873.267200][ T13] usb 6-1: config 0 has an invalid interface number: 0 but max is -1 [ 873.291151][ T13] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 873.337944][ T13] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 0 [ 873.611134][ T13] usb 6-1: string descriptor 0 read error: -22 [ 873.617458][ T13] usb 6-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=c3.de [ 873.637900][ T13] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 873.667057][ T4179] Bluetooth: hci0: link tx timeout [ 873.672652][ T4179] Bluetooth: hci0: killing stalled connection 10:aa:aa:aa:aa:aa [ 873.680316][ T4179] Bluetooth: hci0: link tx timeout [ 873.685711][ T4179] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa [ 873.705282][ T13] usb 6-1: config 0 descriptor?? [ 873.759109][ T13] hub 6-1:0.0: bad descriptor, ignoring hub [ 873.805904][ T13] hub: probe of 6-1:0.0 failed with error -5 [ 873.871218][T13185] Bluetooth: hci0: command 0x0406 tx timeout [ 874.071603][T13185] usb 6-1: USB disconnect, device number 12 [ 874.683021][ T21] usb 2-1: new full-speed USB device number 11 using dummy_hcd [ 874.748888][T14049] loop5: detected capacity change from 0 to 1024 [ 874.768563][T14054] loop2: detected capacity change from 0 to 8 [ 874.840451][T14049] EXT4-fs (loop5): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 874.878634][T14054] SQUASHFS error: Failed to read block 0x6e6: -5 [ 874.912131][T14049] EXT4-fs (loop5): mounted filesystem without journal. Opts: dioread_nolock,noinit_itable,errors=remount-ro,quota,abort,. Quota mode: writeback. [ 874.940163][T14049] EXT4-fs error (device loop5): ext4_empty_dir:3166: inode #11: block 623: comm syz.5.2096: Attempting to read directory block (623) that is past i_size (638464) [ 874.948557][T14054] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 874.962595][T14049] EXT4-fs (loop5): Remounting filesystem read-only [ 874.964798][T14054] SQUASHFS error: Unable to read directory block [6e4:0] [ 875.220700][ T21] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 875.232462][ T21] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 875.268641][T14065] loop2: detected capacity change from 0 to 256 [ 875.610228][ T21] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 875.620193][ T21] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 875.628435][ T21] usb 2-1: Product: syz [ 875.633563][ T21] usb 2-1: Manufacturer: syz [ 875.638200][ T21] usb 2-1: SerialNumber: syz [ 875.987164][ T26] audit: type=1800 audit(1739470155.170:65): pid=14081 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2101" name="bus" dev="loop2" ino=1048694 res=0 errno=0 [ 877.734369][ T21] usb 2-1: 0:2 : does not exist [ 877.964770][ T21] usb 2-1: USB disconnect, device number 11 [ 878.235325][T14073] loop5: detected capacity change from 0 to 32768 [ 878.291983][T12012] udevd[12012]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 881.029365][T14153] loop2: detected capacity change from 0 to 4096 [ 881.188149][ T4213] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 881.404840][T14164] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 881.430831][ T4213] usb 2-1: Using ep0 maxpacket: 16 [ 882.343274][ T26] audit: type=1800 audit(1739470161.610:66): pid=14171 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2120" name="file1" dev="loop2" ino=15 res=0 errno=0 [ 882.429935][ T4213] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 882.454728][T14177] loop5: detected capacity change from 0 to 256 [ 882.470786][ T4213] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 882.502856][T14153] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=15) [ 882.517267][ T4213] usb 2-1: New USB device found, idVendor=056a, idProduct=0300, bcdDevice= 0.00 [ 882.546617][ T4213] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 882.560708][T14153] Remounting filesystem read-only [ 882.568681][T14153] NILFS (loop2): discard dirty page: offset=0, ino=15 [ 882.608534][T14177] FAT-fs (loop5): Directory bread(block 64) failed [ 882.617877][T14153] NILFS (loop2): discard dirty block: blocknr=18, size=4096 [ 882.628433][ T4213] usb 2-1: config 0 descriptor?? [ 882.633857][T14177] FAT-fs (loop5): Directory bread(block 65) failed [ 882.640494][T14177] FAT-fs (loop5): Directory bread(block 66) failed [ 882.667919][T14177] FAT-fs (loop5): Directory bread(block 67) failed [ 882.678105][T14177] FAT-fs (loop5): Directory bread(block 68) failed [ 882.695010][T14153] NILFS (loop2): discard dirty page: offset=4096, ino=15 [ 882.695936][T14177] FAT-fs (loop5): Directory bread(block 69) failed [ 882.720810][T14153] NILFS (loop2): discard dirty block: blocknr=0, size=4096 [ 882.728074][T14153] NILFS (loop2): discard dirty page: offset=8192, ino=15 [ 882.735805][T14177] FAT-fs (loop5): Directory bread(block 70) failed [ 882.750942][T14177] FAT-fs (loop5): Directory bread(block 71) failed [ 882.770971][T14177] FAT-fs (loop5): Directory bread(block 72) failed [ 882.778444][T14153] NILFS (loop2): discard dirty block: blocknr=0, size=4096 [ 882.788303][T14177] FAT-fs (loop5): Directory bread(block 73) failed [ 882.825676][ T9708] NILFS (loop2): discard dirty page: offset=8192, ino=6 [ 882.851671][ T9708] NILFS (loop2): discard dirty block: blocknr=25, size=4096 [ 882.878138][ T9708] NILFS (loop2): disposed unprocessed dirty file(s) when detaching log writer [ 882.889033][ T4179] Bluetooth: hci0: link tx timeout [ 882.894350][ T4179] Bluetooth: hci0: killing stalled connection 10:aa:aa:aa:aa:aa [ 882.910904][ T4179] Bluetooth: hci0: link tx timeout [ 882.916126][ T4179] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa [ 882.939401][ T9708] NILFS (loop2): discard dirty page: offset=0, ino=3 [ 882.946330][ T9708] NILFS (loop2): discard dirty block: blocknr=28, size=4096 [ 882.954010][ T9708] NILFS (loop2): discard dirty page: offset=4096, ino=3 [ 882.966123][ T9708] NILFS (loop2): discard dirty block: blocknr=29, size=4096 [ 882.980969][ T9708] NILFS (loop2): discard dirty page: offset=925696, ino=3 [ 883.000804][ T9708] NILFS (loop2): discard dirty block: blocknr=36, size=4096 [ 883.133964][T14190] loop2: detected capacity change from 0 to 512 [ 883.194611][ T4213] wacom 0003:056A:0300.000A: unknown main item tag 0x0 [ 883.225315][ T4213] wacom 0003:056A:0300.000A: Unknown device_type for 'HID 056a:0300'. Assuming pen. [ 883.277029][ T4213] wacom 0003:056A:0300.000A: hidraw0: USB HID v0.00 Device [HID 056a:0300] on usb-dummy_hcd.1-1/input0 [ 883.312327][ T4213] input: Wacom Bamboo One S Pen as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:056A:0300.000A/input/input11 [ 883.452204][ T4213] usb 2-1: USB disconnect, device number 12 [ 883.462820][T14190] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback. [ 883.482602][T14190] ext4 filesystem being mounted at /150/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 884.311608][T12738] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 884.383799][T14232] loop5: detected capacity change from 0 to 1024 [ 884.880878][ T13] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 884.930803][T12738] usb 3-1: Using ep0 maxpacket: 32 [ 885.081367][T12738] usb 3-1: config 0 has an invalid interface number: 1 but max is 0 [ 885.089408][T12738] usb 3-1: config 0 has no interface number 0 [ 885.106068][T12738] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 885.131305][T12738] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 885.152040][T12738] usb 3-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00 [ 885.170824][T12738] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 885.254750][ T13] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 885.277766][ T13] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 885.317477][ T13] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 885.364678][T12738] usb 3-1: config 0 descriptor?? [ 885.511043][ T13] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 885.532926][ T13] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 885.575240][ T13] usb 2-1: Product: syz [ 885.592349][ T13] usb 2-1: Manufacturer: syz [ 885.610352][ T13] usb 2-1: SerialNumber: syz [ 885.904839][ T13] usblp 2-1:1.0: usblp0: USB Unidirectional printer dev 13 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 886.165993][ T13] usb 2-1: USB disconnect, device number 13 [ 886.203041][ T13] usblp0: removed [ 886.373902][T12738] input: HID 28bd:0094 Pen as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.1/0003:28BD:0094.000B/input/input14 [ 886.827110][T12738] uclogic 0003:28BD:0094.000B: input,hidraw0: USB HID v0.00 Device [HID 28bd:0094] on usb-dummy_hcd.2-1/input1 [ 887.249666][T12738] usb 3-1: USB disconnect, device number 9 [ 888.640531][T14275] loop2: detected capacity change from 0 to 8192 [ 888.840574][ T4179] Bluetooth: hci0: link tx timeout [ 888.845802][ T4179] Bluetooth: hci0: killing stalled connection 10:aa:aa:aa:aa:aa [ 888.853549][ T4179] Bluetooth: hci0: link tx timeout [ 888.858679][ T4179] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa [ 888.870343][T14275] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 888.897484][T14275] REISERFS (device loop2): using ordered data mode [ 888.971122][T14275] reiserfs: using flush barriers [ 889.000952][T14275] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 889.084526][T14275] REISERFS (device loop2): checking transaction log (loop2) [ 889.372738][T14275] REISERFS (device loop2): Using tea hash to sort names [ 889.380268][T14275] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 889.718304][T14283] loop5: detected capacity change from 0 to 32768 [ 889.777213][T14294] REISERFS warning (device loop2): vs-13060 reiserfs_update_sd_size: stat data of object [2 4 0x0 SD] (nlink == 1) not found (pos 3) [ 889.822708][T14283] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 scanned by syz.5.2159 (14283) [ 889.831996][T14294] REISERFS warning (device loop2): vs-13060 reiserfs_update_sd_size: stat data of object [2 4 0x0 SD] (nlink == 1) not found (pos 3) [ 889.879080][T14283] BTRFS info (device loop5): using sha256 (sha256-avx2) checksum algorithm [ 889.917561][T14283] BTRFS info (device loop5): using free space tree [ 889.942815][T14283] BTRFS info (device loop5): has skinny extents [ 890.136045][T14283] BTRFS info (device loop5): enabling ssd optimizations [ 892.681661][T14344] loop2: detected capacity change from 0 to 1024 [ 892.760215][T14344] hfsplus: bad catalog entry type [ 892.886407][T14347] serio: Serial port ptm0 [ 893.284244][ T144] BTRFS info (device loop5): qgroup scan completed (inconsistency flag cleared) [ 893.607927][T14361] loop2: detected capacity change from 0 to 64 [ 894.013707][T14361] hfs: bad catalog entry type 0 [ 895.294518][T14391] loop5: detected capacity change from 0 to 1024 [ 895.503329][ T4348] hfsplus: b-tree write err: -5, ino 4 [ 895.985622][ T26] audit: type=1326 audit(1739470175.300:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14403 comm="syz.5.2192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde27839de9 code=0x7ffc0000 [ 896.061534][ T26] audit: type=1326 audit(1739470175.330:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14403 comm="syz.5.2192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde27839de9 code=0x7ffc0000 [ 896.140827][ T26] audit: type=1326 audit(1739470175.340:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14403 comm="syz.5.2192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fde27839de9 code=0x7ffc0000 [ 896.389710][ T26] audit: type=1326 audit(1739470175.340:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14403 comm="syz.5.2192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde27839de9 code=0x7ffc0000 [ 897.569641][ T26] audit: type=1326 audit(1739470175.340:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14403 comm="syz.5.2192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde27839de9 code=0x7ffc0000 [ 897.594014][ T26] audit: type=1326 audit(1739470175.350:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14403 comm="syz.5.2192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fde27839de9 code=0x7ffc0000 [ 897.949695][ T26] audit: type=1326 audit(1739470175.350:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14403 comm="syz.5.2192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde27839de9 code=0x7ffc0000 [ 898.017104][ T26] audit: type=1326 audit(1739470175.350:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14403 comm="syz.5.2192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde27839de9 code=0x7ffc0000 [ 898.090672][ T26] audit: type=1326 audit(1739470175.350:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14403 comm="syz.5.2192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=151 compat=0 ip=0x7fde27839de9 code=0x7ffc0000 [ 898.144041][ T26] audit: type=1326 audit(1739470175.350:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14403 comm="syz.5.2192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde27839de9 code=0x7ffc0000 [ 898.925355][T14443] loop2: detected capacity change from 0 to 8 [ 898.942003][T13055] usb 6-1: new high-speed USB device number 13 using dummy_hcd [ 898.996148][T14443] SQUASHFS error: xz decompression failed, data probably corrupt [ 899.004119][T14443] SQUASHFS error: Failed to read block 0x108: -5 [ 899.010468][T14443] SQUASHFS error: Unable to read metadata cache entry [106] [ 899.018135][T14443] SQUASHFS error: Unable to read inode 0x11f [ 899.250815][T13055] usb 6-1: Using ep0 maxpacket: 16 [ 899.371186][T13055] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 899.406793][T13055] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 899.440963][T13055] usb 6-1: New USB device found, idVendor=1b96, idProduct=0008, bcdDevice= 0.00 [ 899.457834][T13055] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 899.469082][T13055] usb 6-1: config 0 descriptor?? [ 900.816373][T13055] ntrig 0003:1B96:0008.000C: hidraw0: USB HID v0.00 Device [HID 1b96:0008] on usb-dummy_hcd.5-1/input0 [ 901.086135][T13055] usb 6-1: USB disconnect, device number 13 [ 901.651563][T12738] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 901.912385][T12738] usb 3-1: Using ep0 maxpacket: 8 [ 902.776879][T12738] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 902.787916][T12738] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 902.798120][T12738] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 902.810314][T12738] usb 3-1: config 0 descriptor?? [ 903.790759][T12738] iowarrior 3-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 904.024536][T14516] loop5: detected capacity change from 0 to 256 [ 904.109814][ T4213] usb 3-1: USB disconnect, device number 10 [ 904.603246][ T26] kauditd_printk_skb: 1 callbacks suppressed [ 904.603265][ T26] audit: type=1800 audit(1739470183.700:78): pid=14523 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2231" name="bus" dev="loop5" ino=1048695 res=0 errno=0 [ 905.354668][T14544] futex_wake_op: syz.1.2239 tries to shift op by -1; fix this program [ 905.441676][T12738] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 905.529135][T13184] usb 6-1: new high-speed USB device number 14 using dummy_hcd [ 906.190815][T12738] usb 3-1: Using ep0 maxpacket: 8 [ 906.281588][T13184] usb 6-1: Using ep0 maxpacket: 8 [ 906.321309][T12738] usb 3-1: config 0 has an invalid interface number: 1 but max is 0 [ 906.339938][T12738] usb 3-1: config 0 has no interface number 0 [ 906.379365][T12738] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 906.439718][T12738] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 906.479861][T12738] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 906.525129][T12738] usb 3-1: config 0 descriptor?? [ 906.571596][T13184] usb 6-1: New USB device found, idVendor=2770, idProduct=9120, bcdDevice=6c.77 [ 906.588132][T12738] iowarrior 3-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 906.613112][T13184] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 906.650421][T13184] usb 6-1: Product: syz [ 906.670910][T13184] usb 6-1: Manufacturer: syz [ 906.689412][T13184] usb 6-1: SerialNumber: syz [ 906.713144][T13184] usb 6-1: config 0 descriptor?? [ 906.763689][T13184] gspca_main: sq905-2.14.0 probing 2770:9120 [ 907.469912][T13184] gspca_sq905: sq905_command: usb_control_msg failed 2 (-71) [ 907.478272][T13184] sq905: probe of 6-1:0.0 failed with error -71 [ 907.486751][T13184] usb 6-1: USB disconnect, device number 14 [ 907.962033][T13055] usb 3-1: USB disconnect, device number 11 [ 908.050192][T14591] tipc: Started in network mode [ 908.055513][T14591] tipc: Node identity 6635004000000f3, cluster identity 4711 [ 908.067796][T14591] tipc: Enabling of bearer rejected, failed to enable media [ 908.206370][T14595] loop5: detected capacity change from 0 to 256 [ 908.400129][ T26] audit: type=1800 audit(1739470187.710:79): pid=14595 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2257" name="bus" dev="loop5" ino=1048696 res=0 errno=0 [ 908.697553][ T21] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 909.061578][ T21] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 909.147761][ T21] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 909.188518][ T21] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 909.202404][ T21] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 909.217868][ T21] usb 2-1: config 0 descriptor?? [ 909.479061][ T21] usb 2-1: USB disconnect, device number 14 [ 909.525102][T14618] loop5: detected capacity change from 0 to 256 [ 909.868554][ T26] audit: type=1800 audit(1739470189.180:80): pid=14618 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2266" name="bus" dev="loop5" ino=1048697 res=0 errno=0 [ 909.940131][T10842] FAT-fs (loop5): error, corrupted directory (invalid entries) [ 909.966120][T10842] FAT-fs (loop5): Filesystem has been set read-only [ 909.988967][T10842] FAT-fs (loop5): error, corrupted directory (invalid entries) [ 910.418962][T14631] loop2: detected capacity change from 0 to 256 [ 910.489657][T10731] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 910.703181][T10731] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 911.492380][T10731] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 911.552388][ T26] audit: type=1800 audit(1739470190.870:81): pid=14646 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2271" name="bus" dev="loop2" ino=1048704 res=0 errno=0 [ 911.616100][T10731] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 913.172012][T14655] chnl_net:caif_netlink_parms(): no params data found [ 914.101097][T12738] Bluetooth: hci2: command 0x0409 tx timeout [ 914.246128][T14655] bridge0: port 1(bridge_slave_0) entered blocking state [ 914.256745][T14655] bridge0: port 1(bridge_slave_0) entered disabled state [ 914.405023][T14655] device bridge_slave_0 entered promiscuous mode [ 914.420031][T14655] bridge0: port 2(bridge_slave_1) entered blocking state [ 914.428242][T14655] bridge0: port 2(bridge_slave_1) entered disabled state [ 914.441904][T14655] device bridge_slave_1 entered promiscuous mode [ 914.630165][T14655] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 914.735103][T10731] device hsr_slave_0 left promiscuous mode [ 914.763805][T10731] device hsr_slave_1 left promiscuous mode [ 914.782345][T10731] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 914.789845][T10731] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 914.844072][T10731] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 914.869592][T10731] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 915.082200][T10731] device bridge_slave_1 left promiscuous mode [ 915.095424][T10731] bridge0: port 2(bridge_slave_1) entered disabled state [ 915.115284][T10731] device bridge_slave_0 left promiscuous mode [ 915.132829][T10731] bridge0: port 1(bridge_slave_0) entered disabled state [ 915.179432][T10731] device veth1_macvtap left promiscuous mode [ 915.185878][T10731] device veth0_macvtap left promiscuous mode [ 915.192454][T10731] device veth1_vlan left promiscuous mode [ 915.206725][T10731] device veth0_vlan left promiscuous mode [ 915.696622][T10731] team0 (unregistering): Port device team_slave_1 removed [ 915.723275][T10731] team0 (unregistering): Port device team_slave_0 removed [ 915.750140][T10731] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 915.766555][T10731] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 916.063863][T10731] bond0 (unregistering): Released all slaves [ 916.158648][T14655] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 916.181527][ T21] Bluetooth: hci2: command 0x041b tx timeout [ 917.211645][T14655] team0: Port device team_slave_0 added [ 917.311306][T14655] team0: Port device team_slave_1 added [ 917.581654][T14655] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 917.589275][T14655] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 917.748149][T14655] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 917.799407][T14655] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 917.989418][T14655] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 918.026454][T14655] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 918.116333][T14655] device hsr_slave_0 entered promiscuous mode [ 918.142663][T14655] device hsr_slave_1 entered promiscuous mode [ 918.164579][T14655] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 918.189038][T14655] Cannot create hsr debugfs directory [ 918.261123][ T21] Bluetooth: hci2: command 0x040f tx timeout [ 918.295426][ T26] audit: type=1326 audit(1739470197.610:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14751 comm="syz.8.2305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84fcfcade9 code=0x7fc00000 [ 919.335579][T14791] netlink: 24 bytes leftover after parsing attributes in process `syz.8.2311'. [ 919.524700][T14764] loop2: detected capacity change from 0 to 32768 [ 919.692669][T14764] XFS (loop2): Mounting V5 Filesystem [ 920.341325][T12761] Bluetooth: hci2: command 0x0419 tx timeout [ 920.472011][T14764] XFS (loop2): Ending clean mount [ 920.587143][T14828] XFS (loop2): User initiated shutdown received. [ 920.650387][T14828] XFS (loop2): Log I/O Error (0x6) detected at xfs_fs_goingdown+0xde/0x150 (fs/xfs/xfs_fsops.c:491). Shutting down filesystem. [ 920.671331][T14828] XFS (loop2): Please unmount the filesystem and rectify the problem(s) [ 920.717191][T14655] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 920.772841][T14655] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 920.815934][T14655] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 920.818147][ T9708] XFS (loop2): Unmounting Filesystem [ 920.890276][T14655] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 921.443455][T14655] 8021q: adding VLAN 0 to HW filter on device bond0 [ 921.525009][T11413] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 921.541402][T11413] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 921.581855][T14655] 8021q: adding VLAN 0 to HW filter on device team0 [ 921.612805][T11413] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 921.632915][T11413] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 921.831524][T11413] bridge0: port 1(bridge_slave_0) entered blocking state [ 921.838625][T11413] bridge0: port 1(bridge_slave_0) entered forwarding state [ 921.871679][T11413] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 921.962402][ T4348] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 921.973052][ T4179] Bluetooth: hci0: link tx timeout [ 921.978200][ T4179] Bluetooth: hci0: killing stalled connection 10:aa:aa:aa:aa:aa [ 921.986100][ T4179] Bluetooth: hci0: link tx timeout [ 921.991608][ T4179] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa [ 922.001424][T14870] loop2: detected capacity change from 0 to 16 [ 922.027472][ T4348] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 922.079001][ T4348] bridge0: port 2(bridge_slave_1) entered blocking state [ 922.086182][ T4348] bridge0: port 2(bridge_slave_1) entered forwarding state [ 922.115758][ T9082] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 922.161644][ T7713] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 922.171493][T14870] erofs: (device loop2): mounted with root inode @ nid 36. [ 922.231451][ T7713] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 922.293993][ T7713] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 922.351466][ T7713] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 922.446214][ T7713] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 922.508233][T14655] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 922.620779][T14655] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 922.646973][T14882] loop2: detected capacity change from 0 to 128 [ 922.675509][ T7713] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 922.692347][ T7713] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 922.712092][ T7713] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 922.740633][T14882] VFS: Found a Xenix FS (block size = 1024) on device loop2 [ 922.783482][ T7713] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 922.806784][ T7713] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 922.948634][ T7713] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 923.033957][ T9708] sysv_free_block: flc_count > flc_size [ 923.050033][ T9708] sysv_free_block: flc_count > flc_size [ 923.089588][ T9708] sysv_free_block: flc_count > flc_size [ 923.120812][ T9708] sysv_free_block: flc_count > flc_size [ 923.156475][ T9708] sysv_free_block: flc_count > flc_size [ 923.175525][ T9708] sysv_free_block: flc_count > flc_size [ 923.192006][ T9708] sysv_free_block: flc_count > flc_size [ 923.197588][ T9708] sysv_free_block: flc_count > flc_size [ 923.363437][ T9708] sysv_free_block: flc_count > flc_size [ 923.378233][ T9708] sysv_free_block: flc_count > flc_size [ 923.399007][ T9708] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 923.478852][T14655] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 923.515073][T11736] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 923.525393][T11736] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 923.880996][T12738] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 924.138145][ T9082] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 924.161052][T12738] usb 3-1: Using ep0 maxpacket: 8 [ 924.163847][ T9082] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 924.239849][ T9082] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 924.258307][ T9082] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 924.281157][T12738] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 924.292649][T14655] device veth0_vlan entered promiscuous mode [ 924.299450][T12738] usb 3-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a [ 924.329063][T12738] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 924.338872][ T9082] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 924.365334][ T9082] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 924.383303][T12738] usb 3-1: config 0 descriptor?? [ 924.404052][T14655] device veth1_vlan entered promiscuous mode [ 924.424225][T12738] gspca_main: vc032x-2.14.0 probing 046d:0892 [ 924.483864][T11736] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 924.493319][T11736] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 924.544461][T11736] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 924.569362][T11736] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 924.599883][T14655] device veth0_macvtap entered promiscuous mode [ 924.655756][T14655] device veth1_macvtap entered promiscuous mode [ 924.771326][T14655] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 924.851210][T14655] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 924.870858][T14655] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 924.891266][T14655] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 924.917115][T14655] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 924.953821][T14655] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 925.155519][T14655] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 925.166207][T14655] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 925.176153][T14655] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 925.186939][T14655] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 925.205853][T14655] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 925.216387][T14655] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 925.247545][T14655] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 925.288172][T14655] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 925.309226][T14655] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 925.346623][T14655] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 925.381525][T14655] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 925.402177][T14655] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 925.423059][T14655] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 925.443412][T14655] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 925.474869][T14655] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 925.500150][T14655] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 925.528793][T11736] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 925.538080][T12738] gspca_vc032x: reg_r err -71 [ 925.545433][T12738] vc032x: probe of 3-1:0.0 failed with error -71 [ 925.554409][T11736] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 925.576228][T12738] usb 3-1: USB disconnect, device number 12 [ 925.583163][T11736] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 925.609199][T11736] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 925.623458][T11736] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 925.633651][T11736] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 925.660967][T14968] device veth1_to_hsr entered promiscuous mode [ 925.667429][T14969] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2347'. [ 925.845345][T14969] device veth1_to_hsr left promiscuous mode [ 925.867731][T14969] device hsr_slave_1 left promiscuous mode [ 926.016195][T14655] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 926.051081][T14655] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 926.059821][T14655] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 926.076748][T14655] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 926.252753][T14979] loop2: detected capacity change from 0 to 512 [ 926.282493][T10731] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 926.341067][T10731] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 926.375080][ T7713] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 926.387356][T11736] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 926.400066][T14979] EXT4-fs (loop2): Ignoring removed nomblk_io_submit option [ 926.408519][ T7713] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 926.449854][T14979] EXT4-fs error (device loop2): ext4_orphan_get:1401: inode #15: comm syz.2.2351: casefold flag without casefold feature [ 926.492428][ T1276] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 926.506726][T14979] EXT4-fs error (device loop2): ext4_orphan_get:1406: comm syz.2.2351: couldn't read orphan inode 15 (err -117) [ 926.607205][T14979] EXT4-fs (loop2): mounted filesystem without journal. Opts: dioread_lock,delalloc,nomblk_io_submit,,errors=continue. Quota mode: writeback. [ 926.667455][T15006] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 927.694425][T15041] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2365'. [ 929.119278][T15080] loop2: detected capacity change from 0 to 512 [ 929.612698][T15080] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 929.809450][T15080] ext4 filesystem being mounted at /180/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 930.068708][T13055] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 930.096403][T15089] loop7: detected capacity change from 0 to 256 [ 930.114997][ T26] audit: type=1800 audit(1739470209.430:83): pid=15080 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2375" name="bus" dev="loop2" ino=18 res=0 errno=0 [ 930.219014][ T26] audit: type=1804 audit(1739470209.430:84): pid=15091 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.2375" name="/newroot/180/file0/bus" dev="loop2" ino=18 res=1 errno=0 [ 930.245978][ T26] audit: type=1800 audit(1739470209.510:85): pid=15089 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.2377" name="bus" dev="loop7" ino=1048707 res=0 errno=0 [ 930.268051][T14655] FAT-fs (loop7): error, corrupted directory (invalid entries) [ 930.288840][T14655] FAT-fs (loop7): Filesystem has been set read-only [ 930.303889][T14655] FAT-fs (loop7): error, corrupted directory (invalid entries) [ 930.541099][T13055] usb 2-1: config 0 has no interfaces? [ 930.718566][T13055] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 930.837090][T13055] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 930.903859][T13055] usb 2-1: Product: syz [ 930.913754][T13055] usb 2-1: Manufacturer: syz [ 930.929702][T13055] usb 2-1: config 0 descriptor?? [ 930.988239][ T1276] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 931.058007][ T1276] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 931.130641][ T1276] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 931.211468][T15128] loop2: detected capacity change from 0 to 256 [ 931.248330][ T1276] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 931.388058][T15078] udc-core: couldn't find an available UDC or it's busy [ 931.411493][T15078] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 931.533417][T13185] usb 2-1: USB disconnect, device number 15 [ 931.554386][ T1422] ieee802154 phy0 wpan0: encryption failed: -22 [ 931.560929][ T1422] ieee802154 phy1 wpan1: encryption failed: -22 [ 932.814270][T15146] device gtp1 entered promiscuous mode [ 934.083678][T15152] chnl_net:caif_netlink_parms(): no params data found [ 934.240319][T15158] loop2: detected capacity change from 0 to 32768 [ 934.510499][T15158] XFS (loop2): Mounting V5 Filesystem [ 934.535152][T15152] bridge0: port 1(bridge_slave_0) entered blocking state [ 934.542546][T15152] bridge0: port 1(bridge_slave_0) entered disabled state [ 934.577481][T15152] device bridge_slave_0 entered promiscuous mode [ 934.733602][T15152] bridge0: port 2(bridge_slave_1) entered blocking state [ 934.749284][T15152] bridge0: port 2(bridge_slave_1) entered disabled state [ 935.008451][T15158] XFS (loop2): Ending clean mount [ 935.040948][T15152] device bridge_slave_1 entered promiscuous mode [ 935.140818][T13185] Bluetooth: hci2: command 0x0409 tx timeout [ 935.269051][T15152] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 935.278778][ T9708] XFS (loop2): Unmounting Filesystem [ 935.367346][T15152] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 935.615100][T15152] team0: Port device team_slave_0 added [ 935.709947][T15152] team0: Port device team_slave_1 added [ 935.730228][T15231] overlayfs: failed to clone lowerpath [ 935.791875][T15152] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 935.800316][T15152] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 935.897504][T15152] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 935.962753][T15152] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 935.983867][T15152] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 936.069836][T15152] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 936.427435][ T1276] device hsr_slave_0 left promiscuous mode [ 936.874918][ T1276] device hsr_slave_1 left promiscuous mode [ 937.038907][ T1276] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 937.085849][T15258] loop6: detected capacity change from 0 to 524287999 [ 937.139301][ T1276] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 937.172873][ T1276] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 937.201323][ T1276] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 937.219705][ C1] blk_update_request: I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 937.230664][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 937.257759][ C1] blk_update_request: I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 937.268928][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 937.279427][T12761] Bluetooth: hci2: command 0x041b tx timeout [ 937.286981][ C1] blk_update_request: I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 937.297972][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 937.337790][ C1] blk_update_request: I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 937.348879][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 937.363499][ T1276] device bridge_slave_1 left promiscuous mode [ 937.369779][ T1276] bridge0: port 2(bridge_slave_1) entered disabled state [ 937.382415][ T1276] device bridge_slave_0 left promiscuous mode [ 937.388646][ T1276] bridge0: port 1(bridge_slave_0) entered disabled state [ 937.428386][ C1] blk_update_request: I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 937.439393][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 937.457825][ T1276] device veth1_macvtap left promiscuous mode [ 937.459638][ C1] blk_update_request: I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 937.470001][ T1276] device veth0_macvtap left promiscuous mode [ 937.474798][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 937.490848][T15272] loop2: detected capacity change from 0 to 256 [ 937.518467][ T1276] device veth1_vlan left promiscuous mode [ 937.523226][ C1] blk_update_request: I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 937.524346][ T1276] device veth0_vlan left promiscuous mode [ 937.535144][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 937.558935][ C1] blk_update_request: I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 937.569914][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 937.669176][T15258] ldm_validate_partition_table(): Disk read failed. [ 937.695832][ C1] blk_update_request: I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 937.706884][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 937.737796][ C0] blk_update_request: I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 937.748872][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 937.801312][T15258] Dev loop6: unable to read RDB block 0 [ 937.829382][T15258] loop6: unable to read partition table [ 937.845610][T15258] loop_reread_partitions: partition scan of loop6 (3Ÿ ¾x³˜CÖ) failed (rc=-5) [ 939.134815][ T1276] team0 (unregistering): Port device team_slave_1 removed [ 939.173599][ T1276] team0 (unregistering): Port device team_slave_0 removed [ 939.187393][ T1276] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 939.204100][ T1276] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 939.360915][T12761] Bluetooth: hci2: command 0x040f tx timeout [ 939.719043][ T1276] bond0 (unregistering): Released all slaves [ 939.965915][T15152] device hsr_slave_0 entered promiscuous mode [ 940.185621][T15152] device hsr_slave_1 entered promiscuous mode [ 940.241568][T15152] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 940.249633][T15152] Cannot create hsr debugfs directory [ 941.381184][T13185] Bluetooth: hci2: command 0x0419 tx timeout [ 941.821011][T13185] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 941.903031][T15364] loop2: detected capacity change from 0 to 256 [ 942.081321][T13185] usb 2-1: Using ep0 maxpacket: 32 [ 942.242403][T13185] usb 2-1: unable to get BOS descriptor or descriptor too short [ 942.881645][T13185] usb 2-1: config 7 has an invalid interface number: 187 but max is 0 [ 942.890039][T13185] usb 2-1: config 7 has no interface number 0 [ 942.916973][T13185] usb 2-1: config 7 interface 187 has no altsetting 0 [ 943.319450][T13185] usb 2-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice=5a.bb [ 943.382577][T13185] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 943.417363][T13185] usb 2-1: Product: syz [ 943.603944][T13185] usb 2-1: Manufacturer: syz [ 943.609066][T13185] usb 2-1: SerialNumber: syz [ 944.181448][T13185] usb 2-1: Cannot retrieve CPort count: -110 [ 944.197183][T13185] usb 2-1: Cannot retrieve CPort count: -110 [ 944.359453][T15397] syz.2.2431 (15397) used obsolete PPPIOCDETACH ioctl [ 944.367419][T13185] es2_ap_driver: probe of 2-1:7.187 failed with error -110 [ 945.501116][T12761] usb 2-1: USB disconnect, device number 16 [ 945.999503][T15152] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 946.066105][T15152] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 946.143814][T15152] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 946.225011][T15152] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 946.386828][T15440] loop2: detected capacity change from 0 to 8 [ 946.647704][T15440] SQUASHFS error: xz decompression failed, data probably corrupt [ 946.655951][T15440] SQUASHFS error: Failed to read block 0x108: -5 [ 946.662787][T15440] SQUASHFS error: Unable to read metadata cache entry [106] [ 946.670126][T15440] SQUASHFS error: Unable to read inode 0x11f [ 947.334246][T15152] 8021q: adding VLAN 0 to HW filter on device bond0 [ 947.395713][ T4281] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 947.417399][ T4281] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 947.476705][T15152] 8021q: adding VLAN 0 to HW filter on device team0 [ 947.509320][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 947.539186][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 947.571992][ T144] bridge0: port 1(bridge_slave_0) entered blocking state [ 947.579129][ T144] bridge0: port 1(bridge_slave_0) entered forwarding state [ 947.661361][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 947.781678][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 947.790517][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 947.867071][ T144] bridge0: port 2(bridge_slave_1) entered blocking state [ 947.874210][ T144] bridge0: port 2(bridge_slave_1) entered forwarding state [ 947.882750][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 947.934414][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 947.952047][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 947.974050][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 948.316819][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 948.377815][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 948.449827][T15152] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 948.527763][T15152] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 948.624010][ T13] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 948.641827][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 948.650160][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 948.710300][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 948.768504][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 948.805980][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 948.842980][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 948.930907][ T13] usb 2-1: Using ep0 maxpacket: 8 [ 949.051384][ T13] usb 2-1: config 63 has too many interfaces: 254, using maximum allowed: 32 [ 949.060293][ T13] usb 2-1: config 63 has an invalid descriptor of length 0, skipping remainder of the config [ 949.120772][ T13] usb 2-1: config 63 has 1 interface, different from the descriptor's value: 254 [ 949.180802][ T13] usb 2-1: New USB device found, idVendor=2201, idProduct=012c, bcdDevice=3f.e0 [ 949.214903][T15449] loop2: detected capacity change from 0 to 32768 [ 949.221672][ T13] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 949.251601][T11413] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 949.261030][T11413] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 949.288236][T15152] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 949.315723][ T13] usb 2-1: probing VID:PID(2201:012C) [ 949.371431][ T13] usb 2-1: Could not find two sets of bulk-in/out endpoint pairs [ 949.491638][T11413] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 949.501058][ T13] vub300: probe of 2-1:63.0 failed with error -22 [ 949.505598][T11413] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 949.552142][ T13] usb 2-1: USB disconnect, device number 17 [ 949.598544][T15449] XFS (loop2): Mounting V5 Filesystem [ 949.637123][ T4281] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 949.721602][ T4281] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 949.769091][T15449] XFS (loop2): Ending clean mount [ 949.799661][T15152] device veth0_vlan entered promiscuous mode [ 949.834090][ T4281] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 949.864859][ T4281] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 949.886755][ T26] audit: type=1804 audit(1739470229.200:86): pid=15511 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.2445" name="/newroot/195/file1/file1" dev="loop2" ino=6150 res=1 errno=0 [ 949.934019][T15152] device veth1_vlan entered promiscuous mode [ 950.014930][ T4281] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 950.055495][ T9708] XFS (loop2): Unmounting Filesystem [ 950.084409][ T4281] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 950.157411][T15152] device veth0_macvtap entered promiscuous mode [ 950.227223][T15152] device veth1_macvtap entered promiscuous mode [ 950.937500][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 950.982250][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 951.006683][T15152] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 951.040201][T15152] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 951.074525][T15152] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 951.125921][T15152] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 951.166581][T15152] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 951.198152][T15152] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 951.230024][T15152] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 951.267885][T15152] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 951.298653][T15152] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 951.327259][T15152] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 951.465746][T15152] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 951.480504][T15152] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 951.491400][T15152] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 951.501580][T15152] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 951.521027][T15152] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 951.540941][T15152] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 951.562109][T15152] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 951.731792][T15152] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 951.768011][T15152] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 951.796989][T15152] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 951.823829][T15152] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 951.875181][T15152] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 951.935337][T15152] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 951.980441][T15152] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 952.941535][T15152] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 952.982379][T15152] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 953.081019][ T4281] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 953.107165][ T4281] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 953.181444][ T4281] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 953.211838][ T4281] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 953.473509][ T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 953.522047][ T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 953.577019][T11413] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 953.600059][T11413] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 953.622083][T11413] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 953.670640][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 953.693710][T13055] usb 2-1: new high-speed USB device number 18 using dummy_hcd [ 953.859618][T15574] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 953.984520][ T1110] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 954.056569][T13055] usb 2-1: Using ep0 maxpacket: 8 [ 954.221178][T13055] usb 2-1: config 0 has an invalid interface number: 52 but max is 0 [ 954.249876][T13055] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 954.270819][ T1110] usb 3-1: Using ep0 maxpacket: 8 [ 954.286010][T13055] usb 2-1: config 0 has no interface number 0 [ 954.299870][T13055] usb 2-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 0, changing to 7 [ 954.324302][T13055] usb 2-1: config 0 interface 52 altsetting 1 endpoint 0x8A has invalid wMaxPacketSize 0 [ 954.345094][T13055] usb 2-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 954.365783][T13055] usb 2-1: config 0 interface 52 has no altsetting 0 [ 954.431200][ T1110] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 954.434485][T15584] netlink: 9286 bytes leftover after parsing attributes in process `syz.9.2465'. [ 954.460063][ T1110] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 954.510780][ T1110] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 954.549785][ T1110] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 954.563637][T13055] usb 2-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 0.00 [ 954.609795][T13055] usb 2-1: New USB device strings: Mfr=0, Product=149, SerialNumber=35 [ 954.627818][ T1110] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 954.646210][T13055] usb 2-1: Product: syz [ 954.657257][T13055] usb 2-1: SerialNumber: syz [ 954.670806][ T1110] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 954.845065][T13055] usb 2-1: config 0 descriptor?? [ 955.116178][T13055] input: syz (Stick) as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.52/input/input15 [ 955.148807][ T3532] synaptics_usb 2-1:0.52: synusb_open - usb_submit_urb failed, error: -90 [ 955.161071][ T1110] usb 3-1: GET_CAPABILITIES returned 0 [ 955.170773][ T1110] usbtmc 3-1:16.0: can't read capabilities [ 955.191346][ T3532] synaptics_usb 2-1:0.52: synusb_open - usb_submit_urb failed, error: -90 [ 955.257533][ T3532] synaptics_usb 2-1:0.52: synusb_open - usb_submit_urb failed, error: -90 [ 955.288609][ T3532] synaptics_usb 2-1:0.52: synusb_open - usb_submit_urb failed, error: -90 [ 955.308839][T15604] netlink: 'syz.3.2468': attribute type 12 has an invalid length. [ 955.316604][ T1110] usb 2-1: USB disconnect, device number 18 [ 955.331156][T15604] netlink: 'syz.3.2468': attribute type 29 has an invalid length. [ 955.357145][T15604] netlink: 148 bytes leftover after parsing attributes in process `syz.3.2468'. [ 955.405845][ T4211] usb 3-1: USB disconnect, device number 13 [ 955.453820][T15604] netlink: 'syz.3.2468': attribute type 1 has an invalid length. [ 955.468882][T15604] netlink: 'syz.3.2468': attribute type 2 has an invalid length. [ 955.487355][T15604] netlink: 39 bytes leftover after parsing attributes in process `syz.3.2468'. [ 957.107641][T15651] program syz.1.2481 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 957.222345][T15656] loop2: detected capacity change from 0 to 256 [ 957.781896][ T26] audit: type=1800 audit(1739470237.100:87): pid=15670 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2482" name="bus" dev="loop2" ino=1048716 res=0 errno=0 [ 959.968803][T15697] loop3: detected capacity change from 0 to 32768 [ 960.004735][T15723] loop2: detected capacity change from 0 to 256 [ 960.309463][T15697] XFS (loop3): Mounting V5 Filesystem [ 960.457872][T15697] XFS (loop3): Ending clean mount [ 960.620663][T15152] XFS (loop3): Unmounting Filesystem [ 961.464503][T15766] input: syz0 as /devices/virtual/input/input16 [ 961.655423][T15772] loop3: detected capacity change from 0 to 512 [ 961.871471][T15772] EXT4-fs error (device loop3): ext4_do_update_inode:5174: inode #3: comm syz.3.2495: corrupted inode contents [ 961.947692][T15772] EXT4-fs error (device loop3): ext4_dirty_inode:6010: inode #3: comm syz.3.2495: mark_inode_dirty error [ 962.044724][T15772] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.2495: bg 0: block 296: padding at end of block bitmap is not set [ 962.121786][T15772] Quota error (device loop3): write_blk: dquota write failed [ 962.129317][T15772] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 962.174639][T15772] EXT4-fs error (device loop3): ext4_acquire_dquot:6197: comm syz.3.2495: Failed to acquire dquot type 0 [ 962.236123][T15772] EXT4-fs (loop3): 1 truncate cleaned up [ 962.242116][T15772] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 962.289121][T15772] ext4 filesystem being mounted at /6/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 962.341039][T13055] usb 2-1: new high-speed USB device number 19 using dummy_hcd [ 962.600843][T13055] usb 2-1: Using ep0 maxpacket: 32 [ 962.635786][T15810] loop3: detected capacity change from 0 to 256 [ 962.748669][T13055] usb 2-1: config 0 has an invalid interface number: 1 but max is 0 [ 962.766957][T13055] usb 2-1: config 0 has no interface number 0 [ 962.791778][T13055] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 962.904562][T13055] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 962.943572][T13055] usb 2-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00 [ 962.986304][T13055] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 963.026707][T13055] usb 2-1: config 0 descriptor?? [ 963.349349][ T26] audit: type=1800 audit(1739470242.660:88): pid=15826 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2509" name="bus" dev="loop3" ino=1048717 res=0 errno=0 [ 963.575947][T15842] loop2: detected capacity change from 0 to 256 [ 963.823780][T13055] input: HID 28bd:0094 Pen as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.1/0003:28BD:0094.000D/input/input17 [ 963.933903][T13055] uclogic 0003:28BD:0094.000D: input,hidraw0: USB HID v0.00 Device [HID 28bd:0094] on usb-dummy_hcd.1-1/input1 [ 964.018182][T13055] usb 2-1: USB disconnect, device number 19 [ 964.024793][ T26] audit: type=1800 audit(1739470243.340:89): pid=15851 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2517" name="bus" dev="loop2" ino=1048718 res=0 errno=0 [ 964.920889][T13055] usb 2-1: new high-speed USB device number 20 using dummy_hcd [ 965.210896][T13055] usb 2-1: Using ep0 maxpacket: 8 [ 965.358129][T13055] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 965.400130][T13055] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 965.450178][T13055] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 965.497938][T13055] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 965.550371][T13055] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 965.588111][T13055] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 965.796512][T15900] loop3: detected capacity change from 0 to 2048 [ 965.861284][T13055] usb 2-1: GET_CAPABILITIES returned 0 [ 965.866812][T13055] usbtmc 2-1:16.0: can't read capabilities [ 965.902416][T15905] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 966.132720][T13055] usb 2-1: USB disconnect, device number 20 [ 966.170672][ T26] audit: type=1800 audit(1739470245.480:90): pid=15908 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2525" name="file1" dev="loop3" ino=16 res=0 errno=0 [ 966.637179][T15926] loop2: detected capacity change from 0 to 8 [ 966.903402][T15926] SQUASHFS error: xz decompression failed, data probably corrupt [ 966.911450][T15926] SQUASHFS error: Failed to read block 0x108: -5 [ 966.917848][T15926] SQUASHFS error: Unable to read metadata cache entry [106] [ 966.925270][T15926] SQUASHFS error: Unable to read inode 0x11f [ 967.803648][T15949] loop2: detected capacity change from 0 to 256 [ 969.374034][T15932] loop3: detected capacity change from 0 to 32768 [ 969.512453][ T26] audit: type=1800 audit(1739470248.830:91): pid=15975 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2538" name="bus" dev="loop2" ino=1048719 res=0 errno=0 [ 969.603854][T15932] XFS (loop3): Mounting V5 Filesystem [ 969.847880][T15932] XFS (loop3): Ending clean mount [ 969.990819][ T26] audit: type=1804 audit(1739470249.300:92): pid=15932 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.2530" name="/newroot/11/file1/file1" dev="loop3" ino=6150 res=1 errno=0 [ 970.135974][T15152] XFS (loop3): Unmounting Filesystem [ 972.052678][ T1110] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 972.461719][ T1110] usb 4-1: New USB device found, idVendor=1645, idProduct=0008, bcdDevice=cf.36 [ 972.484557][ T1110] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 972.525265][ T1110] usb 4-1: config 0 descriptor?? [ 972.826227][ T1110] kaweth 4-1:0.0: Firmware present in device. [ 973.030984][ T1110] kaweth 4-1:0.0: Statistics collection: 0 [ 973.036842][ T1110] kaweth 4-1:0.0: Multicast filter limit: 0 [ 973.057951][ T1110] kaweth 4-1:0.0: MTU: 0 [ 973.090331][ T1110] kaweth 4-1:0.0: Read MAC address 00:00:00:00:00:00 [ 974.147369][T16063] device syzkaller1 entered promiscuous mode [ 974.321074][ T1110] kaweth 4-1:0.0: Error setting receive filter [ 974.327388][ T1110] kaweth: probe of 4-1:0.0 failed with error -5 [ 974.386423][ T1110] usb 4-1: USB disconnect, device number 9 [ 974.991201][T16085] loop3: detected capacity change from 0 to 256 [ 976.954638][ T26] audit: type=1800 audit(1739470256.270:93): pid=16113 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2562" name="bus" dev="loop3" ino=1048720 res=0 errno=0 [ 977.910790][ T4211] usb 2-1: new high-speed USB device number 21 using dummy_hcd [ 978.351093][ T4211] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 978.376218][ T4211] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 978.402742][ T4211] usb 2-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice=d6.af [ 978.420534][ T4211] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 978.492436][ T4211] usb 2-1: config 0 descriptor?? [ 978.993841][ T4211] playstation 0003:054C:0DF2.000E: unknown main item tag 0x0 [ 979.021186][ T4211] playstation 0003:054C:0DF2.000E: unknown main item tag 0x0 [ 979.056833][ T4211] playstation 0003:054C:0DF2.000E: unknown main item tag 0x0 [ 979.097191][ T4211] playstation 0003:054C:0DF2.000E: unknown main item tag 0x0 [ 979.149213][ T4211] playstation 0003:054C:0DF2.000E: unknown main item tag 0x0 [ 979.196360][ T4211] playstation 0003:054C:0DF2.000E: hidraw0: USB HID v1.01 Device [HID 054c:0df2] on usb-dummy_hcd.1-1/input0 [ 979.573972][ T4211] playstation 0003:054C:0DF2.000E: Failed to retrieve feature with reportID 32: -71 [ 980.519951][ T4211] playstation 0003:054C:0DF2.000E: Failed to retrieve DualSense firmware info: -71 [ 980.529843][ T4211] playstation 0003:054C:0DF2.000E: Failed to get firmware info from DualSense [ 980.539555][ T4211] playstation 0003:054C:0DF2.000E: Failed to create dualsense. [ 980.557169][ T4211] playstation: probe of 0003:054C:0DF2.000E failed with error -71 [ 980.583131][ T4211] usb 2-1: USB disconnect, device number 21 [ 981.246339][T16198] loop2: detected capacity change from 0 to 256 [ 983.065514][T16222] loop2: detected capacity change from 0 to 64 [ 983.321775][T16194] loop3: detected capacity change from 0 to 40427 [ 983.409365][T16194] F2FS-fs (loop3): invalid crc value [ 983.483546][T16194] F2FS-fs (loop3): Found nat_bits in checkpoint [ 983.609193][T16194] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 983.780031][T16194] attempt to access beyond end of device [ 983.780031][T16194] loop3: rw=2049, want=45104, limit=40427 [ 983.972240][T15152] attempt to access beyond end of device [ 983.972240][T15152] loop3: rw=2049, want=45112, limit=40427 [ 984.565351][T16230] loop2: detected capacity change from 0 to 32768 [ 984.737160][T16230] ocfs2: Slot 0 on device (7,2) was already allocated to this node! [ 984.833407][T16230] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 985.835621][ T9708] ocfs2: Unmounting device (7,2) on (node local) [ 986.231172][T13184] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 986.490864][T13184] usb 4-1: Using ep0 maxpacket: 16 [ 986.612219][T13184] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 986.841186][T13184] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 986.912067][T13184] usb 4-1: New USB device found, idVendor=1b96, idProduct=0008, bcdDevice= 0.00 [ 986.982974][T13184] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 987.035680][T13184] usb 4-1: config 0 descriptor?? [ 987.206956][T16311] loop2: detected capacity change from 0 to 4096 [ 987.530830][ T9708] ntfs3: loop2: ntfs_evict_inode r=5 failed, -22. [ 987.555181][T13184] ntrig 0003:1B96:0008.000F: hidraw0: USB HID v0.00 Device [HID 1b96:0008] on usb-dummy_hcd.3-1/input0 [ 987.574704][ T9708] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 987.862920][T13184] usb 4-1: USB disconnect, device number 10 [ 988.500901][ T1110] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 988.790932][ T1110] usb 3-1: Using ep0 maxpacket: 8 [ 989.694127][ T1110] usb 3-1: config index 0 descriptor too short (expected 301, got 45) [ 989.704629][ T1110] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 989.716040][ T1110] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 989.727378][ T1110] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 989.742677][ T1110] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 989.756048][ T1110] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 989.776685][ T1110] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 990.140975][ T1110] usb 3-1: usb_control_msg returned -32 [ 990.146589][ T1110] usbtmc 3-1:16.0: can't read capabilities [ 991.537363][ T13] usb 3-1: USB disconnect, device number 14 [ 992.344928][T16436] loop2: detected capacity change from 0 to 256 [ 993.078112][ T1422] ieee802154 phy0 wpan0: encryption failed: -22 [ 993.078265][ T1422] ieee802154 phy1 wpan1: encryption failed: -22 [ 993.122129][ T26] audit: type=1800 audit(1739470272.180:94): pid=16446 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2633" name="bus" dev="loop2" ino=1048721 res=0 errno=0 [ 994.000782][T13185] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 994.310798][T13185] usb 3-1: Using ep0 maxpacket: 8 [ 994.591312][T13185] usb 3-1: New USB device found, idVendor=04a5, idProduct=3003, bcdDevice=3a.b2 [ 994.600395][T13185] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 994.640753][T13185] usb 3-1: Product: syz [ 994.644982][T13185] usb 3-1: Manufacturer: syz [ 994.649589][T13185] usb 3-1: SerialNumber: syz [ 994.683546][T13185] usb 3-1: config 0 descriptor?? [ 994.911326][ T4211] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 995.038303][T13185] gspca_main: sunplus-2.14.0 probing 04a5:3003 [ 996.111132][ T4211] usb 4-1: config 0 has an invalid interface number: 255 but max is 0 [ 996.967146][T13185] gspca_sunplus: reg_w_riv err -110 [ 996.974824][T13185] sunplus: probe of 3-1:0.0 failed with error -110 [ 997.000754][ T4211] usb 4-1: config 0 has no interface number 0 [ 997.002543][T13185] usb 3-1: USB disconnect, device number 15 [ 997.016040][ T4211] usb 4-1: too many endpoints for config 0 interface 255 altsetting 255: 255, using maximum allowed: 30 [ 998.616740][ T4211] usb 4-1: config 0 interface 255 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255 [ 998.714388][T16524] loop3: detected capacity change from 0 to 256 [ 998.720735][ T4211] usb 4-1: config 0 interface 255 has no altsetting 0 [ 998.720776][ T4211] usb 4-1: New USB device found, idVendor=0bda, idProduct=0177, bcdDevice=7d.0b [ 998.784783][T16526] 9pnet: Insufficient options for proto=fd [ 998.798299][ T4211] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 998.932466][ T4211] usb 4-1: config 0 descriptor?? [ 999.000808][ T4211] usb 4-1: can't set config #0, error -71 [ 999.035216][ T4211] usb 4-1: USB disconnect, device number 11 [ 1002.317063][T16595] loop2: detected capacity change from 0 to 8192 [ 1002.432513][T16595] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal [ 1002.474249][T16595] REISERFS (device loop2): using ordered data mode [ 1002.492567][T16595] reiserfs: using flush barriers [ 1002.507818][T16595] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 1002.603919][T16595] REISERFS (device loop2): checking transaction log (loop2) [ 1002.623355][T16595] REISERFS (device loop2): Using rupasov hash to sort names [ 1002.660357][T16595] REISERFS (device loop2): using 3.5.x disk format [ 1002.701127][T16595] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP [ 1002.769644][T16595] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP [ 1002.815972][T16595] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP [ 1002.990940][T16595] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 1003.069737][T16595] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP [ 1003.162550][T16595] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP [ 1005.976208][T16668] loop2: detected capacity change from 0 to 512 [ 1006.214182][T16668] Quota error (device loop2): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5 [ 1006.383968][T16668] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 1006.516538][T16668] EXT4-fs error (device loop2): ext4_acquire_dquot:6197: comm syz.2.2687: Failed to acquire dquot type 1 [ 1006.902466][T16668] EXT4-fs (loop2): 1 truncate cleaned up [ 1006.941101][T16668] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 1007.004412][T16668] ext4 filesystem being mounted at /239/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1007.085443][T16679] loop3: detected capacity change from 0 to 256 [ 1007.588297][ T26] audit: type=1800 audit(1739470286.880:95): pid=16687 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2688" name="bus" dev="loop3" ino=1048722 res=0 errno=0 [ 1008.810870][T16711] overlayfs: failed to resolve './file0': -2 [ 1011.546559][T16754] loop2: detected capacity change from 0 to 8192 [ 1011.837741][T16754] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 1011.871781][T16754] REISERFS (device loop2): using ordered data mode [ 1011.881156][T16754] reiserfs: using flush barriers [ 1011.989861][T16754] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 1012.350011][T16754] REISERFS (device loop2): checking transaction log (loop2) [ 1012.624278][T16754] REISERFS (device loop2): Using r5 hash to sort names [ 1012.651159][T16754] REISERFS warning (device loop2): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2) [ 1012.763410][T16754] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 1012.861655][T16754] REISERFS warning (device loop2): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2) [ 1013.031007][T16754] REISERFS warning (device loop2): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2) [ 1013.078568][ T13] usb 2-1: new high-speed USB device number 22 using dummy_hcd [ 1013.088458][T16754] REISERFS warning (device loop2): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2) [ 1014.110746][ T13] usb 2-1: Using ep0 maxpacket: 32 [ 1014.241058][ T13] usb 2-1: config 0 has an invalid interface number: 12 but max is 0 [ 1014.252643][ T13] usb 2-1: config 0 has no interface number 0 [ 1014.265662][ T13] usb 2-1: config 0 interface 12 has no altsetting 0 [ 1014.451308][ T13] usb 2-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40 [ 1014.475648][ T13] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1014.499923][ T13] usb 2-1: Product: syz [ 1014.505883][ T13] usb 2-1: Manufacturer: syz [ 1014.539014][ T13] usb 2-1: SerialNumber: syz [ 1014.562896][ T13] usb 2-1: config 0 descriptor?? [ 1015.626734][T16829] loop2: detected capacity change from 0 to 32768 [ 1015.731132][ T4179] Bluetooth: hci0: link tx timeout [ 1015.736332][ T4179] Bluetooth: hci0: killing stalled connection 10:aa:aa:aa:aa:aa [ 1015.744519][ T4179] Bluetooth: hci0: link tx timeout [ 1015.749642][ T4179] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa [ 1015.783296][T16871] general protection fault, probably for non-canonical address 0xdffffc0000000104: 0000 [#1] PREEMPT SMP KASAN [ 1015.795056][T16871] KASAN: null-ptr-deref in range [0x0000000000000820-0x0000000000000827] [ 1015.803497][T16871] CPU: 1 PID: 16871 Comm: syz.2.2719 Not tainted 5.15.178-syzkaller #0 [ 1015.811750][T16871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 1015.821816][T16871] RIP: 0010:diRead+0x14e/0xbb0 [ 1015.826602][T16871] Code: 8b 75 80 48 89 6c 24 28 4c 8d bd 98 fc ff ff 4c 89 ff be 01 00 00 00 e8 70 35 77 fe 49 8d 9e 20 08 00 00 48 89 d8 48 c1 e8 03 <42> 80 3c 28 00 74 08 48 89 df e8 53 88 df fe 4c 8b 2b 49 8d 6d 28 [ 1015.846222][T16871] RSP: 0018:ffffc9000347f658 EFLAGS: 00010202 [ 1015.852314][T16871] RAX: 0000000000000104 RBX: 0000000000000820 RCX: 0000000000000001 [ 1015.860594][T16871] RDX: 0000000000000001 RSI: 0000000000000008 RDI: 0000000000000001 [ 1015.868574][T16871] RBP: ffff88805e6f2930 R08: dffffc0000000000 R09: ffffed100bcde4bb [ 1015.876573][T16871] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000004 [ 1015.884559][T16871] R13: dffffc0000000000 R14: 0000000000000000 R15: ffff88805e6f25c8 [ 1015.892540][T16871] FS: 00007fb622d426c0(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000 [ 1015.901487][T16871] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1015.908082][T16871] CR2: 00007fb622d41f98 CR3: 000000004cf30000 CR4: 00000000003506e0 [ 1015.916068][T16871] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1015.924054][T16871] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1015.932174][T16871] Call Trace: [ 1015.935463][T16871] [ 1015.938404][T16871] ? __die_body+0x5e/0xa0 [ 1015.942755][T16871] ? die_addr+0x95/0xc0 [ 1015.946932][T16871] ? exc_general_protection+0x327/0x4f0 [ 1015.952511][T16871] ? __might_sleep+0xc0/0xc0 [ 1015.957129][T16871] ? read_lock_is_recursive+0x10/0x10 [ 1015.962532][T16871] ? asm_exc_general_protection+0x22/0x30 [ 1015.968291][T16871] ? diRead+0x14e/0xbb0 [ 1015.972468][T16871] ? diRead+0x140/0xbb0 [ 1015.976651][T16871] jfs_iget+0x88/0x3b0 [ 1015.980757][T16871] jfs_lookup+0x222/0x400 [ 1015.985109][T16871] ? jfs_get_parent+0xa0/0xa0 [ 1015.989818][T16871] ? __d_lookup+0x671/0x730 [ 1015.994379][T16871] ? mode_strip_sgid+0x9e/0x210 [ 1015.999342][T16871] ? jfs_get_parent+0xa0/0xa0 [ 1016.004035][T16871] path_openat+0x111d/0x2f20 [ 1016.008660][T16871] ? do_filp_open+0x460/0x460 [ 1016.013478][T16871] do_filp_open+0x21c/0x460 [ 1016.018094][T16871] ? vfs_tmpfile+0x2e0/0x2e0 [ 1016.022781][T16871] ? _raw_spin_unlock+0x24/0x40 [ 1016.027659][T16871] ? alloc_fd+0x598/0x630 [ 1016.032016][T16871] do_sys_openat2+0x13b/0x4f0 [ 1016.036814][T16871] ? do_sys_open+0x220/0x220 [ 1016.041433][T16871] __x64_sys_openat+0x243/0x290 [ 1016.046307][T16871] ? __ia32_sys_open+0x270/0x270 [ 1016.051263][T16871] ? syscall_enter_from_user_mode+0x2e/0x240 [ 1016.057267][T16871] ? lockdep_hardirqs_on+0x94/0x130 [ 1016.062503][T16871] ? syscall_enter_from_user_mode+0x2e/0x240 [ 1016.063457][ T1110] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 1016.068507][T16871] do_syscall_64+0x3b/0xb0 [ 1016.080498][T16871] ? clear_bhb_loop+0x15/0x70 [ 1016.085203][T16871] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 1016.091122][T16871] RIP: 0033:0x7fb624ef9de9 [ 1016.095554][T16871] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1016.115182][T16871] RSP: 002b:00007fb622d42038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1016.123623][T16871] RAX: ffffffffffffffda RBX: 00007fb625113080 RCX: 00007fb624ef9de9 [ 1016.131616][T16871] RDX: 0000000000101042 RSI: 0000400000000040 RDI: ffffffffffffff9c [ 1016.139610][T16871] RBP: 00007fb624f7b2a0 R08: 0000000000000000 R09: 0000000000000000 [ 1016.147655][T16871] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1016.155644][T16871] R13: 0000000000000001 R14: 00007fb625113080 R15: 00007ffd3b4a3a78 [ 1016.163645][T16871] [ 1016.166686][T16871] Modules linked in: [ 1016.178374][T16871] ---[ end trace b5e9f7aeb2148f22 ]--- [ 1016.184421][T16871] RIP: 0010:diRead+0x14e/0xbb0 [ 1016.189370][T16871] Code: 8b 75 80 48 89 6c 24 28 4c 8d bd 98 fc ff ff 4c 89 ff be 01 00 00 00 e8 70 35 77 fe 49 8d 9e 20 08 00 00 48 89 d8 48 c1 e8 03 <42> 80 3c 28 00 74 08 48 89 df e8 53 88 df fe 4c 8b 2b 49 8d 6d 28 [ 1016.209491][T16871] RSP: 0018:ffffc9000347f658 EFLAGS: 00010202 [ 1016.215688][T16871] RAX: 0000000000000104 RBX: 0000000000000820 RCX: 0000000000000001 [ 1016.224019][T16871] RDX: 0000000000000001 RSI: 0000000000000008 RDI: 0000000000000001 [ 1016.233035][T16871] RBP: ffff88805e6f2930 R08: dffffc0000000000 R09: ffffed100bcde4bb [ 1016.241630][T16871] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000004 [ 1016.249823][T16871] R13: dffffc0000000000 R14: 0000000000000000 R15: ffff88805e6f25c8 [ 1016.258246][T16871] FS: 00007fb622d426c0(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000 [ 1016.267845][T16871] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1016.274867][T16871] CR2: 00007fb622d20f98 CR3: 000000004cf30000 CR4: 00000000003506e0 [ 1016.293115][T16871] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1016.309014][T16871] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1016.317572][T16871] Kernel panic - not syncing: Fatal exception [ 1016.323857][T16871] Kernel Offset: disabled [ 1016.328181][T16871] Rebooting in 86400 seconds..