last executing test programs: 13.529081032s ago: executing program 1 (id=379): r0 = pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$khugepaged_scan(r0, &(0x7f0000000040), 0x8) bpf$MAP_CREATE(0x0, 0x0, 0x50) prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x4c, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000840)=@abs={0x0, 0x0, 0x4e20}, 0x6e) recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000400)=@raw={'raw\x00', 0x3c1, 0x1a6cc7, 0x298, 0xd8, 0x5802, 0x294, 0x0, 0x294, 0x1c8, 0x378, 0x378, 0x1c8, 0x378, 0x3, 0x0, {[{{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast1, [0xffffff00, 0xff, 0xff000000, 0xff000000], [0xff, 0xff, 0xff000000, 0xff000000], 'veth0_to_hsr\x00', 'vlan0\x00', {0xff}, {0xff}, 0xff, 0x0, 0x0, 0x80}, 0x0, 0xa8, 0xd8, 0x52020000}, @common=@inet=@SET2={0x30, 'SET\x00', 0x2, {{0x4, 0x5, 0x2}, {0x0, 0x5, 0x5}, 0x40, 0x8000}}}, {{@ipv6={@loopback, @remote, [0x0, 0x0, 0xff], [0x0, 0xff000000, 0x0, 0xffffffff], 'ip6erspan0\x00', 'gre0\x00', {0xff}, {}, 0x16, 0x7e}, 0x0, 0xa8, 0xf0}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x1, 0x3, 0x1, 0x0, 'netbios-ns\x00', {0x5}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x2f8) 12.499716845s ago: executing program 1 (id=385): syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="6e6f646973636172642c6261636b67726f756e645f67633d73796e632c6261636b67726f756e645f67633d6f6e2c6e6f757365725f78617474722c6e6f71756f74612c64697361626c655f726f6c6c5f666f72776172642c67635f6d657267652c6e6f757365725f78617474722c636865636b706f696e743d64697361626c652c757365725f78617474722c6673796e635f6d6f64653d7374726963742c646973636172645f756e69743d73656374696f6e2c636865636b706f696e743d64697361626c652c6e6f696e6c696e655f64656e7472792c00ec6da92d1c80a6c720380e3c2c55bf27596d2776ce408c4bb19b149757508e1c7e919c6c2047023baa412d14fa75c8cac6e5f103e13ea52708af0a7c5da8af4ecb6612"], 0x2, 0x5514, &(0x7f000000b380)="$eJzs3M1rI2UYAPAn7Xa/XYt48LYDi9DCJmz6seit6i5+YJey6sGTpkkasptkSpOmtScPHsWD/4koePLo3+DBszfxoHgTlMxM1q26IjRt7Pb3g8kz8+bNM88bysAzUxLAmTWf/PpzKa7FpYiYjYirEdl+KSLmxpPW8vBCRFyPiJnHtlIx/mjgfERcjohro+R5zlLx1uc3hzdWf3rrl2++u3Duyhdffz+9VQPT9mJEdLfz/b1uHtNWHh8U47VhO4vdlWER8ze6D4vjNI97zc0sw15tPK+WxeVWPj/d3u2P4lanVh/FVnsrG9/u5SfsD1vjPNkHHtR2suNGczOL7X6axdZBXtf+QX5tO+gP8jyNIt9HWfoYDMYxH2/uN/P1bD/MYr03KMbzvGmjuT+KwyIWp4t62mlkdWwe5Zv+f3u73dvdT4bNnX477SWrlepLlertcnUnbTQHzZVyrdu4vZIstDqjaeVBs9Zda6Vpq9Os1NPuYrLQqtfL1WqycKe52a71kmq1sly5VV5dLPZuJq/fey/pNJKFUXy13dsdtDv9ZCvdSfJPLCZLleWXF5Mb1eSd9Y1k4/7du+sb735w5/17r6y/+Vox6W9lJQtLt5aWytVb5aXq4hla/ydF0RNcPxxJadoFAJw+/9b/P7qs6v+BCXti/z+6AB2p/9+5H3H8/X/o/yfiVPW/Z73/P4b1w5Ho/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzqwf5r58I9uZz4+vFOPPFEPPFceliJiJiN//wWycP5Rztsgz94T5c3+p4dtSZBlG57hQbJcjYq3Yfnv2uL8FAAAAeHp99fH1z/JuPX+Zn3ZBnKT8ps3M1Q8nlO9iRMzN/zihbDOjl+cnlCz7+z4X+xPKlt3AujihZPktt3OTyvafzB4KFx8LpTzMnGg5AADAiTjcCZxsFwIAAMBJ+nTaBTAdpRg/yhw/C87+8/7PB4KXDh0BAAAAp1Bp2gUAAAAAxy7r//3+HwAAADzd8t//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YOd+bhMHojgAPxu8sP+0aLX3bWVvUMaWsMc9RhSQJiggB9JCGqAGcksJEUR4HAIRh0ge20r0fZIzGcv8eIPgMDPSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECX7qv14vbq93XbnN2+nTyjAQAAAC7ZVutF/c8s9b829783t342/SIiyoi4NHcfxaezzFGTU708f3P6fPWqhruIOuHwHpPm+hIRf5rr8UfXnwIAAAB8XJvlap5m6+nPbOiC6FNatCm//c2UV0RENXvIlFYe8n5lCqu/3+P4nymtXsCaZgpLS27jXGlvUv/cj6t205OmSE158WXHIrONHQAA6NHorOl3FgIAAECf/g1dAMMo4nkr87gVOElNs733+awHAAAAvEPF0AUAAAAAnavn/z2d/7d3/h8AAAAMI53/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQJe21XqxWa7mbXN2+3byjAYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeGJ/3lEgBMIgDPau70zm/oeVBk1NTapA+PgbgwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgze/+8n9iapxJ5l4bS88jydqpsXVq7J0bR38YX78GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAi/15SYEQCIIomDP+d9L3P6wk6BlEiICGRxW1aAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPii3/3yf2JqnEnmThtLxyPJ2lVj66qx96Bx9GC8/RsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAi537942bigMA/myfr7SAOAK6IQiBxAALvV5LSzfEAIoY+BOQovRaQq/8aDPQqkLcwoYyd0EwIoQEClv/h86tlCVsGW4IEjPIPjvn/JA4ILIvyecjPb+vLcvv+2wpytfPCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAafzuNE6yTWcSx8Wxxzv3V7L+yb4+83B9czFrWRzVmfTx8HJ1J+o2lwgAAAAn2qi6k5T1fQhhK91Yyvq4k9f/aXlOVvN//+wkLuv5/XV/2Ze1f9Z++3X7xd2BOpNxsoteXx0OLhzMq3XkMz0mnvvHM1r5nc/fvST5A4k/GL0wTvP7GX376NF77Tw8U0e2AMB/cb7si6D8fSjr+00mBsCp0aoU3mX9n3SazQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgDuNReLqMoxDCYmsaZ57s3F85rH+4vrlYtisPHqyHr6fXzC6RhhCurw4HF2qdzXy7c/fezeXhcHC7/uCVEEJTo79TTP/mRzOcHEIj90dwREFcPOx5yed4BA3+UAIA4ERKi5bV9VvpxlJ2LFoI4a8f9tb/r1fiMGP9v/3xlcfVsar1f7+2Gc6/3tqtz3t37t57c/XW8o3BjcGnb13sv92/dPXy5au9/F1JzxsTAAAA/p920ar1f7xwcP3/XCUOM9b/X3zX/6o6VqL+P9R00a/pTAAAAE6351/984/okONRux2+XF5bu92fbHf3L062DaT6r50pWrX+TxaazgoAAACow3gU7Vn/v1aJw4zr/8/8+NLP1WsmIYSzxfr/+ZXPhtfqm85cq+PPiZueIwAAAM06W7Tq+n+af/8f737yEIcQ3nhtEhf/BnCm+j95/5ufqmNVv/+/VN8U51LcndyPvO+G0Oo2nREAAAAn2VNFy4r939ONpU9+Ofdh2/f/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHX7OwAA///yxz69") r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1cbb40, 0x117) ioctl$F2FS_IOC_START_ATOMIC_WRITE(r0, 0xf501, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x0) ioctl$FIBMAP(r1, 0x1, &(0x7f0000000000)=0x2) 9.373843719s ago: executing program 1 (id=394): syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f0000000040), 0x3, 0x5eb, &(0x7f0000000c00)="$eJzs3ctvFEcaAPCvxw9sjNYDWu0ue1gsrVYg7WJjAysU5QDXCFnkoVxyiYMNIRiwsKPEJBJGIpdIUS5RFCmnHEL+iwSFK6fklEMuOUVIKIk4RspEPdNtPHaPX9jTiP79pGG6q6Zd1djfVHVNVU8AlTWS/lOLOBgRc0nEcLK0nNcbWeZI63WPfnv/fPpIotF4+Zckkiwtf32SPQ9lBw9ExHffJnGgZ22584s3Lk/Nzs5cz/bHFq7Mjc0v3jh66crUxZmLM1cn/j9x6uSJk6fGj23rvG4WpJ29/dY7wx9Ovvbl578n41/9OJnE6Xghe+HK89gpIzHS/D9J1mYNndrpwkrSk/2dNBqNRp6W9JZbJzYv//31RcTfYzh64vEvbzg+eLHUygG7qpG03ruBKkrEP1RU3g/Ir+1XXwfXSumVAN3w8ExrAGBt/Pe2xgZjoDk2sPdREiuHdZKI2N7IXLt9EXH/3uTtC/cmb8cujcMBxZZuRcQ/iuI/acZ/PQai3oz/Wlv8p/2Cc9lzmv7SNstfPVQs/qF7WvE/sG78R4f4fz19vtmK4Te2WX798eabg23xP7jdUwIAAAAAAIDKunsmIv5X9Pl/bXn+TxTM/xmKiNM7UP7Iqv21n//XHuxAMUCBh2cini+c/1vLZ//We1YsYa1HX3Lh0uzMsYj4S0Qcib496f74OmUc/ejAZ53yRrL5f/kjLf9+Nhcwq8eD3j3tx0xPLUw9wSkDmYe3Iv5ZOP83WW7/k4L2P31nmNtkGQf+c+dcp7yN4x/YLY0vIg4Xtv+P71qRrH9/jrFmf2As7xWs9a/3Pv66U/nbjX+3mIAnl7b/e9eP/3qy8n4981sv4/hib6NT3nb7//3JK827CvVnae9OLSxcH4/oT872pKlt6RNbrzM8i/J4yOMljf8j/15//K+o/z8YEUurfnbya/ua4tzf/hj6qVN99P+hPGn8T2+p/d/6xsSd+jedyt9c+3+i2dYfyVKM/0HLp3mY9renF4Rjb1FWt+sLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM+CWkTsi6Q2urxdq42ORgxFxF9jb2322vzCfy9ce/vqdJrX/P7/Wv5Nv8Ot/ST//v/6iv2JVfvHI2J/RHzSM9jcHz1/bXa67JMHAAAAAAAAAAAAAAAAAACAp8RQh/X/qZ97yq4dsOt6y64AUJqC+P++jHoA3af9h+oS/1Bd4h+qS/xDdYl/qC7xD9Ul/qG6xD8AAAAAADxT9h+6+0MSEUvPDTYfqf4sr6/UmgG7rVZ2BYDSuMUPVJepP1BdrvGBZIP8gY4HbXTkeubOP8HBAAAAAAAAAAAAAFA5hw9a/w9VZf0/VJf1/1Bd+fr/QyXXA+g+1/hAbLCSv3D9/4ZHAQAAAAAAAAAAAAA7aX7xxuWp2dmZ6zZefTqq0c2NRqNxM/0reFrqs/MbSTZDvSuF5lPhu3+m/Zs5wXyt3+Z+cnnvSQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQLs/AwAA//+JjCTl") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket(0x10, 0x80000000000802, 0x0) sendmsg(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000180)="5500000018007f5300fe01b2a4a280930a60000b00a84302911000ed3900090035000800060000000400150004000000000000dc1338d54400009b84136ef7", 0x3f}], 0x1}, 0x0) r4 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$ARPT_SO_SET_REPLACE(r4, 0x0, 0x60, &(0x7f0000000300)={'filter\x00', 0x104, 0x4, 0x3f0, 0x1f8, 0x1f8, 0x0, 0x308, 0x308, 0x308, 0x4, 0x0, {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@broadcast, @empty, @multicast1, @remote, 0x8, 0x4000000}}}, {{@arp={@dev={0xac, 0x14, 0x14, 0x19}, @multicast2, 0xffffffff, 0xff, 0xa, 0x2, {@empty, {[0x0, 0x0, 0x0, 0xff]}}, {@mac=@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, {[0x0, 0x0, 0x0, 0xff, 0xff, 0xff]}}, 0x2, 0x4, 0x2, 0x2, 0x5, 0x7, 'ip6tnl0\x00', 'pimreg\x00', {0xff}, {}, 0x0, 0x184}, 0xc0, 0xe8}, @unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0x5, 0x101, 0x1}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @remote, @rand_addr=0x64010102, 0x1, 0xffffffff}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x440) 7.667226423s ago: executing program 3 (id=400): syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2008002, &(0x7f0000000080), 0x1, 0x55c, &(0x7f00000006c0)="$eJzs3c1vG2kZAPBnJh92u91mC3uAFdCCFgqqajfubrXay7YXEFqthFhxQBy6IXGjqHZdamfZhEpk/4ZFAokT/AkckDgg7YkDN45IHBDSckAqEIEaJJCMZux8NHGIiR17E/9+0mQ+Xs88z9tkPK/fcecNYGJdiYiNiJiNiHciYq67PelOcbszZa97uvl4cWvz8WIS7fbbf0vy8mxbvkNh95jPdY9ZjIhvfi3iu8nBuM219fsLtVr1UXe93Ko/LDfX1q+v1BeWq8vVB5XKrflbN167+WplaHW9XP/Fk6+uvPmtX//qsx/9buMrP8jSutAt26nHkHWqPrMTJzMdEW+eRLAxmOrOZ8ecB8eTRsQnIuIL+fk/F1P5XycAcJa123PRntu7DgCcdWneB5akpYhI024joNTpw3sxzqe1RrN17V5j9cFSp6/shZhJ763UqjcuFf7wvfzFM0m2Pp+X5eX5emXf+s2IuBQRPyqcy9dLi43a0niaPAAw8Z7be/2PiH8W0rRU6mvXHnf1AIBTo3jsPX1ZAABOq+Nf/wGA02rf9f/cuPIAAEanj8//3Zv9GyeeCwAwGv9f///FE8sDABgd9/8BYPK4/gPARPnGW29lU3ur+/zrpXfXVu833r2+VG3eL9VXF0uLjUcPS8uNxnL+zJ76UcerNRoP51+J1ffKrWqzVW6urd+tN1YftO7mz/W+W50ZSa0AgP/l0uUPf59ExMbr5/Ip9ozl4FoNZ1s67gSAsZkaZGcNBDjVPMALJldfl/C8kfDbE88FGI+eD/Mu9lx81k86sw/6CeJ7RvCxcvXT/ff/G+MZzhb9/zC5jtf//8bQ8wBGT/8/TK52O9k/5v/sThEAcCYN8BW+9g+H1QgBxuqowbyPuv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAk+jC7exnkpbyscDT7GdaKkU8HxEvxExyb6VWvRERF+NyRMwUsvX5cScNAAwo/UvSHf/r6tzLF/aXzib/KuTziPj+T9/+8XsLrdaj+Wz733e2F7aHD6vs7jfAuIIAwJDl1+9Kd77ng/zTzceL29Mo83lyJ/7THYp4cWvzcT51SqYj2xhRzNsS5/+RxHR3n2JEvBQRU0OIv/F+RHyqV/2TuJD3gXRGPt0bP7qxnx9p/PSZ+Gle1plnja9PDiEXmDQf3omI273OvzSu5PPe538xf4ca3JM7nYNtv/dt7Yk/3Y001SN+ds5f6TfGK7/5+oGN7blO2fsRL033ip/sxE8Oif9yn/H/+JnPffDGIWXtn0Vcjd7x98Yqt+oPy8219esr9YXl6nL1QaVya/7Wjdduvlop533U5e2e6oP++vq1i4flltX//CHxiz3rP7uz7xf7rP/P//3Odz6/u1rYH//L21v2/f5f7Bm/I7smfqnP+Avnf3no8N1Z/KVD6n/U7/9an/E/+vP6Up8vBQBGoLm2fn+hVqs+Gmgh+xQ6jOMcWMhS7O/F283FwYL+KU6iFsdcmDmpf9VjLxT7zGd6p6043DS+nR2xR1Ha5x/JcRbSoddioIWno4o1vvckYDR2T/pxZwIAAAAAAAAAAAAAABxmFP91adx1BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Oz6bwAAAP//yxbH0Q==") r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) getdents64(r0, &(0x7f0000001f80)=""/4097, 0x1001) 7.51349298s ago: executing program 1 (id=401): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair(0x28, 0xa, 0x0, &(0x7f0000000040)) connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_open_dev$usbfs(&(0x7f0000000480), 0x76, 0x160341) ioctl$USBDEVFS_FREE_STREAMS(r2, 0x8008551d, &(0x7f0000000100)=ANY=[@ANYBLOB="5fca00060700000082028103030f82"]) 7.155970513s ago: executing program 0 (id=402): socket$netlink(0x10, 0x3, 0x8000000004) socket(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x10000000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={&(0x7f0000000140)=ANY=[], 0x0, 0x44}, 0x28) syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000300)='.\x02\x00', 0x2000800, &(0x7f0000000040)=ANY=[], 0x1, 0x2f4, &(0x7f0000000640)="$eJzs3c9qE10UAPCTP03T8n22a3ERcKObooI7N0EqiIFCJQt1Y6AK0oqQbqIg5BXciA/gykdy4UN0VXARSWbaSdOpxTrN2Pb3g2lP7pnOnJlO587i3unLG2+3t97tvh59/xLNZivq0YzYj1iNatQiURl/aR7EjZg2rB35GIsBAPzrNjd77ZNyw/mWQiHqx1r6/XZvIffZrPttTkUBAAAAAAAAAABQsOPj/2OYO/4/IqpHx/9PAmMEAeDi+d34fy6Hfr/dW06e32Zmaxr/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJSnHqOV0Wh0+7/k4zjOlkaslF0fAFC8/en+/nD5OUrp/wHgEsrv/7Ol7PoAgOJN9f8Rp/T/tfLKBAAK9PTZ8yftTmd9s9VqRuwNB91BN/me5B897qzfaU2sRkQ1ad0bDLq1w/zdJN/KtjrOL8Rymr+Xm2/ErZtJfpx7uNGZyS/G1nxOAQAAAAAAAAAAAAAAAAAAAJRu7eClPsn8/lQ2v39tbePzjzeH8/+n8kmUvh+gGjPz+z9+rcf1+ml7XyzqMAAAAAAAAAAAAAAAAAAAAOBC233/Ybu3s/OqnwaV/mxLoUElIordci0iJkE9ban9xS4a6Vk5cZ2Ci58JmjEJKpFb2Jm3PD7p+alx5qw1f0qCiLP8+IMXEaeuXNleimOppZyLtqBgJf3tn9fFnx8sHex10nL//6L/QP40uJZeLSfdMRrnf1MCAAAAAAAAAAAAAAAAAIArKpv9W3YlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFCe7P//n19Q9jECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAV8OvAAAA//9J3WyF") bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000001900)=ANY=[@ANYBLOB="61105c00000000006113380000000000bfa00000000000000700000008ffffffd50301001874004095000600000000006916360000000000bf67000000000000360607000fff07201706000020190000160300000ee60060bf050000000000007b650000000000006507f9ff01000000070700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f17540faf80250aa20c669a5e12814cb1cea5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000400c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10fd7ed6735154beb4000000000000000000000000004000bc00f6746a9709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c1d926a0f6a5480a55c22fe3a5ac00000000000000000000000500002000000000fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e14d90deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b06ff7f0000000000007f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089e0b1c23c0f3cdad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631d22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0af1cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c29984864961a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081383409ed2912c811ae63f03212a5331c2a4ead000000000000000000000000000000000000000000000000001386866b311bd144bc32e059658c9f8342c90c1ade31b78072841b8b5a943d62a44cea6b050c42e3c205fad6a23fb43c93da0f49d911877265e6ee443e37397ecf89021e7f579e8d3a74c12b52938d91e9de07fc8eeeb9505f4a9c26266bf5449484ccc1317c747664e9f7478f8200000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb}, 0x94) 5.997939727s ago: executing program 0 (id=405): syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) socket$netlink(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$inet6(0xa, 0x3, 0x20) bind$inet6(r3, &(0x7f0000000080)={0xa, 0x0, 0x0, @mcast1, 0x1}, 0x1c) connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x4e24, 0xa, @ipv4={'\x00', '\xff\xff', @multicast2}, 0x5}, 0x1c) connect$inet6(r3, &(0x7f0000000040)={0xa, 0x4e20, 0x9, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c) 5.641121132s ago: executing program 3 (id=406): timer_create(0x0, &(0x7f0000000000)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, 0x0) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) setitimer(0x0, &(0x7f0000000000)={{0xffffffff}, {0x0, 0x82}}, 0x0) 5.512591837s ago: executing program 2 (id=407): syz_open_dev$usbfs(&(0x7f0000000100), 0x206, 0x20182) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x12, 0x4, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @cgroup_sock_addr=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1c1) sendmsg$ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000140)={0x14, 0x0, 0x800, 0x70bd2d, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x8004}, 0xa4) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x8000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) openat$null(0xffffffffffffff9c, &(0x7f0000000000), 0x400000, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000ff8000/0x1000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000880)={0x1, 0x0, @pic={0x8, 0x7, 0x8, 0x3, 0x2, 0x1, 0xc5, 0x9, 0x28, 0x2, 0x4, 0x95, 0xb, 0x8, 0x7f, 0x7}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 4.946302022s ago: executing program 1 (id=409): syz_open_dev$tty1(0xc, 0x4, 0x1) syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="6e6f646973636172642c6261636b67726f756e645f67633d73796e632c6261636b67726f756e645f67633d6f6e2c6e6f757365725f78617474722c6e6f71756f74612c64697361626c655f726f6c6c5f666f72776172642c67635f6d657267652c6e6f757365725f78617474722c636865636b706f696e743d64697361626c652c757365725f78617474722c6673796e635f6d6f64653d7374726963742c646973636172645f756e69743d73656374696f6e2c636865636b706f696e743d64697361626c652c6e6f696e6c696e655f64656e7472792c00ec6da92d1c80a6c720380e3c2c55bf27596d2776ce408c4bb19b149757508e1c7e919c6c2047023baa412d14fa75c8cac6e5f103e13ea52708af0a7c5da8af4ecb6612"], 0x2, 0x5505, &(0x7f0000002480)="$eJzs3M1rI2UYAPAn/djtfrgW8eBtBxahhU1o+rHoreoufmCXsurBk6ZJGrKbZEqTprUnDx7Fg/+JKHjy6N/gwbM38aB4E5TMTHXrBwhNm+3294PJM++bN888b1gWnpmSAC6s+eTXn0txI65ExHREXI/IzkvFkVnPwwsRcTMiph47SsX8nxOXIuJqRNwYJc9zloq3Pr89vLX201u/fPPd5ZlrX3z9/eR2DUzaixHR3cnP97t5TFt5fFjM14btLHZXh0XM3+g+KsZpHvebW1mG/drRuloWV1r5+nRnrz+K251afRRb7e1sfqeXX7A/bB3lyT7wsLabjRvNrSy2+2kWW4d5XQeH+f9th/1BnqdR5PsoSx+DwVHM55sHzXw/O4+yWO8Nivk8b9poHozisIjF5aKedhpZHVsn+aafbG+3e3sHybC522+nvWStUn2pUr1Tru6mjeaguVqudRt3VpOFVme0rDxo1rrrrTRtdZqVetpdTBZa9Xq5Wk0W7ja32rVeUq1WVipL5bXF4ux28vr995JOI1kYxVfbvb1Bu9NPttPdJP/EYrJcWXl5MblVTd7Z2Ew2H9y7t7H57gd337//ysabrxWL/lFWsrC8tLxcri6Vl6uLF2j/nxRFj3H/cCKlSRcAcP7o/4FJOL3+f/dBxOn3/6H/H4tz1f9e9P7/FPYPJ6L/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4sH6Y/fKN7GQ+H18r5p8ppp4rxqWImIqI3//FdFw6lnO6yDP7H+tn/1bDt6XIMoyucbk4rkbEenH89uxpfwsAAADw9Prq45uf5d16/jI/6YI4S/lNm6nrH44p31xEzM7/OKZsU6OX58eULPv3PRMHY8qW3cCaG1Oy/JbbzLiy/S/Tx8LcY6GUh6kzLQcAADgTxzuBs+1CAAAAOEufTroAJqMUR48yj54FZ395/9cDwSvHRgAAAMA5VJp0AQAAAMCpy/p/v/8HAAAAT7f89/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgD3bu5zZxIIoD8LPBC/tPi1Z731b2BmVsCXvcY0QBaYICciAtpAFqILeUEEGExyEQcYjksa1E3yc5k7HMjzcIDjMjDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KX7ar24vfp93TZnt28nz2gAAACAS7bVelH/M0v9r839782tn02/iIgyIi7N3Ufx6Sxz1ORUL8/fnD5fvarhLqJOOLzHpLm+RMSf5nr80fWnAAAAAB/XZrmap9l6+jMbuiD6lBZtym9/M+UVEVHNHjKllYe8X5nC6u/3OP5nSqsXsKaZwtKS2zhX2pvUP/fjqt30pClSU1582bHIbGMHAAB6NDpr+p2FAAAA0Kd/QxfAMIp43so8bgVOUtNs730+6wEAAADvUDF0AQAAAEDn6vl/T+f/7Z3/BwAAAMNI5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQpW21XmyWq3nbnN2+nTyjAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCf25x0FQiAMwmDv+s5k7n9YadDU1KQKhI+/MRgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHjzu7/8n5gaZ5K518bS80iydmpsnRp758bRH8bXrwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuNiflxQIgSCIgjnjfyd9/8NKgp5BhAhoeFRRiwYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvuh3v/yfmBpnkrnTxtLxSLJ21di6auw9aBw9GG//BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuNi5n9c4qjgA4G9mdra2Kq5R9hARBQ96sdttbe1NPCjBg3+CENJtjd36o83BliLm4k1y7kX0KCIo8db/IecEcom3HPYQwbMyszPZyQ9w/TWzST4fePO+Owzzvm8WQr7zXgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEBp9PYkTrJDZxzHxbnNvYdLWb91qM88Xtuez1oWR3UmfTK8WP0QdZtLBAAAgLMjKev7EMJOur6Q9XEnr//T8pqs5v/26XFc1vOH6/6yL2v/rP3y8+7z+wN1xuNkN725PBxcOppK6/+b5Wx75i+vaOVPPn/3kuRfSPze6nOjNH+e0dcbG++08/BcHdkCAP/ExbIvgvL3oazvN5kYAGdGq1J4l/V/0mk2JwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA6jFbDk2UchRDmW5M4s7X3cOm4/vHa9nzZrj16tBa+nNwzu0UaQri5PBxcqnU2s+3e/Qe3F4fDwd36g5dCCE2N/lYx/dsfTHFxCI08H8F/FMTFlz0r+ZyMoMEfSgAAnEpp0bK6fiddX8jORXMh/PHdwfr/1Uocpqz/dz+8tlkdq1r/92ub4ezrrdz5tHfv/oPXl+8s3hrcGnz8xuX+m/0r169evd7L35X0vDEBAADg32kXrVr/x3NH1/8vVOIwZf3/2Tf9L6pjJer/Y00W/ZrOBAAA4Gx79uXff4uOOR+12+HzxZWVu/3xcf/z5fGxgVT/tnNFq9b/yVzTWQEAAAB1GK1GB9b/b1TiMOX6/1Pfv/Bj9Z5JCOF8sf5/cemT4Y36pjPT6vhz4qbnCAAAQLPOF626/p/m+//j/S0PcQjhtVfGcfFvAKeq/5N3v/qhOlZ1//+V+qY4k+Lu+HnkfTeEVrfpjAAAADjNnihaVuz/mq4vfPTThffb9v8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1O3PAAAA//9WwT6Z") bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0xfffa, @local}, 0x10) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x2f, &(0x7f00000000c0)=0x7, 0x4) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x4040894, &(0x7f0000000000)={0x2, 0x4e24, @broadcast}, 0x10) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x183341, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x90}, 0x0) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000440)={0x500, 0x0, &(0x7f0000000040)={&(0x7f0000000480)={0x2, 0x17, 0x0, 0x2, 0x2, 0x0, 0x70bd31}, 0x10}, 0x19}, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=@base={0xa, 0x4, 0x8, 0xf}, 0x50) r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000000)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x1, 0x6, 0x8, 0x8, 0x40}, 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000500)={r2}, 0x4) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0x19, &(0x7f0000000300)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000080)={r3, r1}, 0xc) 4.798225392s ago: executing program 4 (id=410): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000040)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x400}, 0x50) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write(0xffffffffffffffff, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x15, 0x10, 0x2, 0x0, 0x0, 0xffffffffffffffff, 0x4}, 0x20) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b000000080000000c0000000300000001", @ANYBLOB], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r2}, 0x38) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000200)={&(0x7f0000000180), &(0x7f0000000440)=""/179, &(0x7f0000000500), &(0x7f00000006c0), 0x3, r2}, 0x38) syz_emit_ethernet(0x0, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000080)={'syz0\x00', {}, 0x0, [0x80000000, 0x3, 0x3fc, 0x8, 0xfffffffd, 0x0, 0x4000004, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x4, 0x0, 0x0, 0x40, 0x0, 0xf5b1, 0xffffffff, 0x10000000, 0x99, 0x20000000, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x4, 0x0, 0x4, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfffffffe, 0x0, 0x0, 0x1], [0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xedc0, 0x0, 0x5ee, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa0000000, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0xfffffff8, 0x2, 0x0, 0x2000079, 0x400, 0x0, 0x0, 0x10000, 0x40000, 0x7, 0xc0800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x4771, 0x0, 0x0, 0x3], [0x0, 0x7f, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x6, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0xfffffffc, 0x4], [0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xfffffffe, 0x8, 0x0, 0x0, 0x0, 0x3, 0xfffffffc, 0x4, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x10, 0x5, 0xfffffffd, 0x0, 0x0, 0x0, 0x8001, 0x80, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8ec5, 0x0, 0x8000000, 0x4, 0x0, 0x0, 0x0, 0xffffe]}, 0x45c) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x20}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x6, 0x0, 0xd, 0x9}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x7, 0x1, 0xb, 0x7, 0x2}, {0x7, 0x0, 0x0, 0x8, 0x0, 0x0, 0xfffffdff}, {0x7, 0x1, 0xb, 0x4, 0x9}, {}, {0x4, 0x0, 0x6}, {0x18, 0x2, 0x2, 0x0, r0}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x5}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 4.576289108s ago: executing program 0 (id=411): syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f0000000040), 0x3, 0x5eb, &(0x7f0000000c00)="$eJzs3ctvFEcaAPCvxw9sjNYDWu0ue1gsrVYg7WJjAysU5QDXCFnkoVxyiYMNIRiwsKPEJBJGIpdIUS5RFCmnHEL+iwSFK6fklEMuOUVIKIk4RspEPdNtPHaPX9jTiP79pGG6q6Zd1djfVHVNVU8AlTWS/lOLOBgRc0nEcLK0nNcbWeZI63WPfnv/fPpIotF4+Zckkiwtf32SPQ9lBw9ExHffJnGgZ22584s3Lk/Nzs5cz/bHFq7Mjc0v3jh66crUxZmLM1cn/j9x6uSJk6fGj23rvG4WpJ29/dY7wx9Ovvbl578n41/9OJnE6Xghe+HK89gpIzHS/D9J1mYNndrpwkrSk/2dNBqNRp6W9JZbJzYv//31RcTfYzh64vEvbzg+eLHUygG7qpG03ruBKkrEP1RU3g/Ir+1XXwfXSumVAN3w8ExrAGBt/Pe2xgZjoDk2sPdREiuHdZKI2N7IXLt9EXH/3uTtC/cmb8cujcMBxZZuRcQ/iuI/acZ/PQai3oz/Wlv8p/2Cc9lzmv7SNstfPVQs/qF7WvE/sG78R4f4fz19vtmK4Te2WX798eabg23xP7jdUwIAAAAAAIDKunsmIv5X9Pl/bXn+TxTM/xmKiNM7UP7Iqv21n//XHuxAMUCBh2cini+c/1vLZ//We1YsYa1HX3Lh0uzMsYj4S0Qcib496f74OmUc/ejAZ53yRrL5f/kjLf9+Nhcwq8eD3j3tx0xPLUw9wSkDmYe3Iv5ZOP83WW7/k4L2P31nmNtkGQf+c+dcp7yN4x/YLY0vIg4Xtv+P71qRrH9/jrFmf2As7xWs9a/3Pv66U/nbjX+3mIAnl7b/e9eP/3qy8n4981sv4/hib6NT3nb7//3JK827CvVnae9OLSxcH4/oT872pKlt6RNbrzM8i/J4yOMljf8j/15//K+o/z8YEUurfnbya/ua4tzf/hj6qVN99P+hPGn8T2+p/d/6xsSd+jedyt9c+3+i2dYfyVKM/0HLp3mY9renF4Rjb1FWt+sLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM+CWkTsi6Q2urxdq42ORgxFxF9jb2322vzCfy9ce/vqdJrX/P7/Wv5Nv8Ot/ST//v/6iv2JVfvHI2J/RHzSM9jcHz1/bXa67JMHAAAAAAAAAAAAAAAAAACAp8RQh/X/qZ97yq4dsOt6y64AUJqC+P++jHoA3af9h+oS/1Bd4h+qS/xDdYl/qC7xD9Ul/qG6xD8AAAAAADxT9h+6+0MSEUvPDTYfqf4sr6/UmgG7rVZ2BYDSuMUPVJepP1BdrvGBZIP8gY4HbXTkeubOP8HBAAAAAAAAAAAAAFA5hw9a/w9VZf0/VJf1/1Bd+fr/QyXXA+g+1/hAbLCSv3D9/4ZHAQAAAAAAAAAAAAA7aX7xxuWp2dmZ6zZefTqq0c2NRqNxM/0reFrqs/MbSTZDvSuF5lPhu3+m/Zs5wXyt3+Z+cnnvSQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQLs/AwAA//+JjCTl") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket(0x10, 0x80000000000802, 0x0) sendmsg(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000180)="5500000018007f5300fe01b2a4a280930a60000b00a84302911000ed3900090035000800060000000400150004000000000000dc1338d54400009b84136ef7", 0x3f}], 0x1}, 0x0) r4 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$ARPT_SO_SET_REPLACE(r4, 0x0, 0x60, &(0x7f0000000300)={'filter\x00', 0x104, 0x4, 0x3f0, 0x1f8, 0x1f8, 0x0, 0x308, 0x308, 0x308, 0x4, 0x0, {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@broadcast, @empty, @multicast1, @remote, 0x8, 0x4000000}}}, {{@arp={@dev={0xac, 0x14, 0x14, 0x19}, @multicast2, 0xffffffff, 0xff, 0xa, 0x2, {@empty, {[0x0, 0x0, 0x0, 0xff]}}, {@mac=@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, {[0x0, 0x0, 0x0, 0xff, 0xff, 0xff]}}, 0x2, 0x4, 0x2, 0x2, 0x5, 0x7, 'ip6tnl0\x00', 'pimreg\x00', {0xff}, {}, 0x0, 0x184}, 0xc0, 0xe8}, @unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0x5, 0x101, 0x1}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @remote, @rand_addr=0x64010102, 0x1, 0xffffffff}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x440) 4.426792156s ago: executing program 2 (id=412): r0 = pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$khugepaged_scan(r0, &(0x7f0000000040), 0x8) bpf$MAP_CREATE(0x0, 0x0, 0x50) prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x4c, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0) r4 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000400)=@raw={'raw\x00', 0x3c1, 0x1a6cc7, 0x298, 0xd8, 0x5802, 0x294, 0x0, 0x294, 0x1c8, 0x378, 0x378, 0x1c8, 0x378, 0x3, 0x0, {[{{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast1, [0xffffff00, 0xff, 0xff000000, 0xff000000], [0xff, 0xff, 0xff000000, 0xff000000], 'veth0_to_hsr\x00', 'vlan0\x00', {0xff}, {0xff}, 0xff, 0x0, 0x0, 0x80}, 0x0, 0xa8, 0xd8, 0x52020000}, @common=@inet=@SET2={0x30, 'SET\x00', 0x2, {{0x4, 0x5, 0x2}, {0x0, 0x5, 0x5}, 0x40, 0x8000}}}, {{@ipv6={@loopback, @remote, [0x0, 0x0, 0xff], [0x0, 0xff000000, 0x0, 0xffffffff], 'ip6erspan0\x00', 'gre0\x00', {0xff}, {}, 0x16, 0x7e}, 0x0, 0xa8, 0xf0}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x1, 0x3, 0x1, 0x0, 'netbios-ns\x00', {0x5}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x2f8) 4.341105342s ago: executing program 3 (id=413): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file0\x00', 0x2000759, &(0x7f0000000640)={[{@dioread_nolock}, {@stripe={'stripe', 0x3d, 0x6}}, {@usrquota}, {@errors_remount}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x9}, 0x0}, {@stripe={'stripe', 0x3d, 0x9}}, {@nobh}, {@dax_inode}, {@mblk_io_submit}, {@dax_always}, {@usrjquota}, {@user_xattr}, {@journal_dev={'journal_dev', 0x3d, 0x724}}, {@usrquota}, {@jqfmt_vfsold}, {@journal_checksum}, {@journal_checksum}], [{@audit}, {@fowner_gt}, {@audit}], 0x2c}, 0x6, 0x50c, &(0x7f0000000a40)="$eJzs3E1vVFUfAPD/nU5p+wBP+/C88aaMorHRSGl5XbgAogkbExONwWVtC0EKGFoTaBopxkDiQsMn8GVn4idwpRujxoUvWwlbY0JMN6ALc82duVOnnU5bykwnpb9fMsO595475/zvvYe555y5DWDDKmVvScSWiPg5Inori/MzlCr/3JudHvl9dnokiTR9+beknO/u7PRINWt1v835Qn8hovBuErvqi+2auDJ1bnh8fOxSvmJgspCnzg+fGTszdmHo6NGDB3qOHB461JQ4szrd3fn2xd07Tr5288WRUzdf/+azrL5pvr02joq+8vumFZfQUbemFKX5x7LGkyuv+rqwtSadFLP3Qvsqw4plV212ujrL7b83OspLFb3xwjttrRzQUmmapl11a+e+y2bSWklS2SFNr6XAQyCJdtcAaI/qF/3d2aynOj1S3w9+uN05HuUeUBb3vfxV2VIs92BLfZW+UWeLyv9PRJya+ePD7BWLjkMAADTXF8cjbpyIYnbfUX1VthTifzX5/pnPDfVFxL8iYltE/Du/f/lvRDnv/yNie80+W1cwC1BasFx///NDT56ovV1tmuz+77l8bmv+/d9czfs68qWt5fg7k9Nnx8f258ekPzq7suXB+o+eG1b78vmfPmhUfqnm/i97ZeVX7wXzevxaXDBANzo8OfygcVfduVY+sFfr40+imFRTETsiYucqPj87Zmef/nR3o+3z4s/irIv//cYfXlxFhRZIP454qnL+Z2JB/JHP/yXl+cnzbw5MXJl69mzt/OTgkcNDhwa6Y3xs/0D1qqj37ffXX8qTdd2IJc5/tWm0dCItO///WPT6n5u57MtSc/O1E/dfxvVbNxr2aVZ7/W9KXimnq/Ozl4cnJy8NRmxKZurXD/297+Xhnnn5s/j79y7e/rdF/PlRvt+uiMgu4kci4tGI2JPX/bGIeDwi9i4R/9cnnnijURdy+fhbK4t/9L7Of6PEse8iFt/Uce6rz2vL/PF2RLxXqou/Mxqd/4PlVH++ZnR4snu5uJaq6diliaQYscqrGQAAANafPRGxJZLCvnygaUsUCvv2RWyeG0GZmHzm9MW3LoxWnhHoi85CdaSrt2Y8dDAfG86Ws72Gapaz7QfK48ZpmqY92XLWfx/f3t7QYcPb3KD9Z36pf6QFeNjc1zxaoyfagHVpYfu/teI9m/+DDGBtNeF3NMA6pf3DxrXi9t+qp+CAtlms/V+NuNeGqgBrbLH2/2rdmmNrUhdgben/w8a1+vbvxwCw3vn+hw1p+ef6V5fYdnKJPEmxNYU2ThRiyTzRl/85gCtT56r3NEt/4O1CRHNq2NHUSHvmndPConm6oxllRWHZPMXl/xBDSxPdDUsvNLWswoPt3hURy1y9cxfb1WpiqtXHsNwIPmnv/04AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP7q8AAAD//92p0rs=") timer_create(0x3, 0x0, &(0x7f0000bbdffc)=0x0) timer_settime(r0, 0x0, 0x0, 0x0) quotactl$Q_QUOTAON(0xffffffff80000200, &(0x7f0000000000)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000080)='./file0\x00') 3.664036494s ago: executing program 4 (id=414): bpf$MAP_CREATE(0x0, 0x0, 0x50) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeeb, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) waitid(0x1, r0, 0x0, 0x2, 0x0) read$FUSE(0xffffffffffffffff, &(0x7f0000004dc0)={0x2020}, 0x2020) r3 = socket$inet6(0xa, 0x80002, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x19, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r5 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0) r6 = fsmount(r5, 0x0, 0x80) bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000000c0)={r4, r6, 0x16, 0x0, @void}, 0x10) getsockopt$CAN_RAW_LOOPBACK(r6, 0x65, 0x3, &(0x7f0000000000), &(0x7f0000000080)=0x4) flock(0xffffffffffffffff, 0x2) setsockopt$sock_linger(r3, 0x1, 0x3c, &(0x7f0000000040)={0x200000000000001}, 0x8) 3.521249061s ago: executing program 0 (id=415): r0 = socket(0x840000000002, 0x3, 0x100) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @remote}, 0x10) socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xc, &(0x7f00000000c0)=0xe94, 0x4) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0) ppoll(0x0, 0x0, 0x0, &(0x7f0000000100)={[0x6]}, 0x8) r1 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10) connect$inet(r1, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) sendto$inet(r1, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x11) recvfrom$inet(r1, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x700, 0x0, 0xfffffffffffffd25) creat(0x0, 0x192) openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x181242, 0x148) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x15) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) syz_mount_image$ext4(&(0x7f0000002540)='ext3\x00', &(0x7f00000005c0)='./file1\x00', 0x800000, &(0x7f0000000600), 0x1, 0x62d, &(0x7f0000002d00)="$eJzs3c9rHNcdAPDvjH5YstXKLsXUhlJBDzYU64drcNuT7Ut96MFQH0rpocKSjPDKFpYMtWuwfKuhh1J6LcGX/AO5B5NrbiGQ5JZzwAlBIYckeMPMztjr1a68Wmt/SPv5wGrfvJ2d974z+zRvdubtBDC0ZrI/acSpiPh7EjFd99pU1F6cKebb/vrhjeyRRLX656+SSIq8cv4XxfOx7E8SMRERH12J+NnIznI37j+4tVip1jyKmNtcW5/buP/g3Ora4s3lm8u3F87/7sLF+d8vXFjYlzjLuCaK55WPK+eSuBTXx/65FA1x7JeZmIkXRYj1+aMRcTFLNFkvB00ZQtLnetCZkeLzOBYRJ2M6RvKpmulY/XdfKwd0VXUkogoMqUT7hyFV9gPKY/tuHAcPsueXawdAO+MfrX03EhP5sdHR7aTuyKh2vHt8H8rPyvjh4en/Z4/8cKzJ+h/dh3Ja2XocEb9oFn+S1+148Y3J0e000rr3Zen5iBgv1kXaYfkzDdO9/vztJf767ZDFe6l4zvKvdFh+v+MHYDg9u1zsyLeyqVf7v6xnWPZ/okn/Z6rJvqsT/d7/te7/lfv7ifw78rShH5b1ea41X+RYY8bnT67+t1X59f2/7JGVX/QFe+L544jTDfH/K+/MJS+3f7Jz++/pzNUfP/nyaqvXOo9/f844VZ9GnDnSvP9XX9Lc5tp6mddwfnJuZbWyPF/727SM9z/827utyh+E7R9Nj/923f553nqbZbx37elaq9em3hh/+sV4cj1PjRc5/1jc3Ly7EDGe/KmYpS7//O51Kecpl5HFf/bXzdv/LvHnG3qrzfjX/3Jru5ba+Zlte/vv+K+Se1Ftsw6tZPEv7Xn711L/abOMb/9675cNWZNlYrf4J3cuKml3nQMAAAAAAMAwSvNzsEk6+zKdprOztTG8P4+jaeXOxuZvVu7cu70UcTa/HnIsLc90T9emk2x6obgetpw+3zD924g4ERH/G5nMp2dv3Kks9Tt4AAAAAAAAAAAAAAAAAAAAGBDHivH/5X2qvxmpjf9vy+bJLtcO6Lpu3mAOGGzaPwyvvP13egdX4EB7tf9/dKKvFQF6Tv8fhpf2D8Nrb+1/T/f+Bgac/T8Mr7ba/3j36wH0nv0/DC/tHwAAAAAOpRO/evZZEhFbf5jMH1F3pm+srzUDuq29Nl4/NnCma3UBeqvDi3ldAwyHwMtT/4b/w9Bpq///XfHjgN2vDtAHSbPMvHNQ3b3xP2v6znY9eZs3AwAAAAAAAAAAAMCwOXPK+H8YVml80O8qAH3yFgP5/QYAHHB++h+Gl2N84E2j+CdavdAw/t/PCAEAAAAAAAAAAABA90zljySdLa7dnYo0nZ2N+ElEHI+xZGW1sjwfET+NiE9Hxo5k0wv9rjQAAAAAAAAAAAAAAAAAAAAcMhv3H9xarFSW79Ynvt+Rc7gT5V1QB6U+9YlIel/oZETs0wKnYwDW4euJ0bqcJGIr2/Kvz1Pe2brnNYxBWD9307waffynBAAAAAAAAAAAAAAAAAAAQ6pu7HFzp9/pcY0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoPde3f+/80TyhuX0O0YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4GD6MQAA//96WTIp") 2.389450365s ago: executing program 2 (id=416): sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000007880)=[{{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000040)="af0ac9", 0x3}], 0x1}}], 0x1, 0x4000000) r0 = syz_open_dev$loop(&(0x7f0000000100), 0x5, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_misc(r2, &(0x7f0000000040), 0xe09) ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x3, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900", [0x0, 0x2000000000001]}}) 2.350746344s ago: executing program 4 (id=417): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, 0x0) ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, 0x0) r3 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00', 0x0}) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60) ioctl$KVM_CREATE_PIT2(r6, 0x4040ae77, &(0x7f0000000180)={0x1}) ioctl$KVM_SET_PIT2(r6, 0x4070aea0, &(0x7f0000002400)={[{0x7, 0xce, 0xfa, 0x5, 0x8, 0x96, 0x9, 0x6, 0x75, 0x0, 0x2, 0x6, 0xffffffff}, {0x15, 0x1, 0x6, 0x2, 0x1, 0x80, 0x2, 0x6, 0xb, 0x2, 0x4, 0x9, 0x1}, {0x2, 0x1c1, 0x8, 0x52, 0x1, 0x2a, 0xff, 0xa6, 0xb, 0x40, 0xf4, 0x4, 0x200}], 0x9}) sendmsg$nl_route_sched(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2c, 0xfffffffd, {0x0, 0x0, 0x0, r4, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0xe}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}}, 0x0) sched_setaffinity(0x0, 0x0, 0x0) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2182, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/meminfo\x00', 0x0, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0xd, 0xf, &(0x7f00000007c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xff000000}, {{0x18, 0x1, 0x1, 0x0, r7}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4}}, {{0x6, 0x0, 0xb}, {0x65}}, [], {{0x7, 0x1, 0x3, 0x3}, {0x5, 0x0, 0xb, 0x3}, {0x85, 0x0, 0x0, 0x76}}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bind$inet6(0xffffffffffffffff, 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000004100), 0x0, 0x2, 0x0) userfaultfd(0x801) socket$inet6_tcp(0xa, 0x1, 0x0) 2.350066734s ago: executing program 3 (id=418): unshare(0x22020600) r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x129942, 0x18) fcntl$setlease(r0, 0x400, 0x1) 2.212547226s ago: executing program 1 (id=419): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair(0x28, 0xa, 0x0, &(0x7f0000000040)) connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_open_dev$usbfs(&(0x7f0000000480), 0x76, 0x160341) ioctl$USBDEVFS_FREE_STREAMS(r2, 0x8008551d, &(0x7f0000000100)=ANY=[@ANYBLOB="5fca00060700000082028103030f82"]) 1.621238675s ago: executing program 3 (id=420): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x47) setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4) sendto$inet(r0, &(0x7f0000000240)="35569d", 0x3, 0x805, 0x0, 0x0) 1.5696554s ago: executing program 3 (id=421): syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) socket$netlink(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8) getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = socket$inet6(0xa, 0x3, 0x20) bind$inet6(r2, &(0x7f0000000080)={0xa, 0x0, 0x0, @mcast1, 0x1}, 0x1c) connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x4e24, 0xa, @ipv4={'\x00', '\xff\xff', @multicast2}, 0x5}, 0x1c) connect$inet6(r2, &(0x7f0000000040)={0xa, 0x4e20, 0x9, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c) 1.325141582s ago: executing program 2 (id=422): syz_open_dev$usbfs(&(0x7f0000000100), 0x206, 0x20182) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x12, 0x4, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @cgroup_sock_addr=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1c1) sendmsg$ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000140)={0x14, 0x0, 0x800, 0x70bd2d, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x8004}, 0xa4) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x8000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) openat$null(0xffffffffffffff9c, &(0x7f0000000000), 0x400000, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000ff8000/0x1000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000440)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000880)={0x1, 0x0, @pic={0x8, 0x7, 0x8, 0x3, 0x2, 0x1, 0xc5, 0x9, 0x28, 0x2, 0x4, 0x95, 0xb, 0x8, 0x7f, 0x7}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 1.260024014s ago: executing program 4 (id=423): r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet6(r0, &(0x7f0000000f80)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x100, @remote, 0x9}, 0x1c, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="38020000000000002900000036000000004300000000000004013f040100c910ff010000000000000000000000000001c910fc0000000000000000000000000000000001000740000000000e07010101000000010000000200000000000000000000000000000001000000010000002000000000000000ffffffff00000000ffffffffffffff7f06aeb07c1c192077cc9e7c45705803ad5588ca8b194d23f748fe792cfa5732221f25d73b8ffe64a4ddda6efcfb7483b588194d29c7a04395d8500965a9a1d07879040c44db1d5d6f618d2ab920f0bf168ddc9acc6a51edd1230760d4ae8bf30f5f82a78e8114849ee8e37364560400000035bfa8197ef2ba99103ee5f5aae28ec5c8e2675db11530f5c466d55f2244d479dc653c854406155eada3eaeb90d39149b8d13bab75a9bd1452c8c76284b9ddfbeff41344e64f1771d78a706e1c5a6d63f1c954e24a1e73f75c26e9f09ec9b606cc3470f11c4842db651926bd2263a4a0a8fe80de8b2f9cb176e51819d5f4d10a5d1f0488d5e46953fbfd750f6137fbebe89a8d462158a87f9622355104b4f68d7a6d3ad85c373ea52a25afad37ffb743a5c361158087904b09fcc806d032bac00ee0e0251fc032446e45a3e12417ff4703526ffc45f71567857777927903799e0ba453334186009d22e38099c67b5350c7e82136bba947a18fb61d36fcba1f9efe3d79485d06252702833dc8ee417f40bb9064878fb89dd75a49135e5df148c4ad1e1d5626b44c8112d822f4c9a05e693fd5ae5595627f8684016b37a2bf6d0040030000000000002900000037000000006500000000000000fb1a63687c244e6df3aecb13d6eb957495b669cc032f6d0a11a5e16eed9937b046c9dc1a61dcf9754b767df4735c3f8c37b4d5cd15a99c5a19cc62c921ad4e90d6e3695e85000000a53600d5031b5735acafb556e22279975f958ad437c76573e544506e58455772eb11493af933099a5dc7e9e0c8b907e68e23e59d7b94bc774309e2047132758b60955301f277a9032b0bc47e660b243e9e2126733f13ab99055a0999068ada35a38d105a5efe6c7115774effe28695ecae3944413b7764eefde26ed571d857b2cb2dd1b2a4a84c1fec0799cf90f57f7a6d35e2b60cd425b9372ae4a27f453e5d7da2eacd3b98cdb10cec9152d5829c2511eb0f9600a0cd280f3d08849b6cd43d25e3dcd62f7c7dee6123a2682daf4aa9a856b31e9204c5c2b80b84dbeec05d93a64a550f1ebc326488cd620c6fe1aa266a0ce5b24be03b5037786e037cc85ed61f362e081fb694e12e54fcb9eb0f86d6d91fd159023a073278f84d6ada8f9aa25ec223d268f3291b25392c941740932bd1a82f40a8fc586db23d2f6240ce883e3c1dc1e0d07fc3aa73a9ac82a1538d129c9e66cb6a8100abe95bc4064581e8c01ce65ba3ea751db5d8c0a1173fe62b2fd2d415042a97ade4d274a466b6d997eed6bf5d7a305ead804c36b9e1c314b26676ed83412417610d3cf4d07e5b24cf3de9c790ae93850e0f8bba047b710cf340c78a80cef5f6665a647681ff5f7b6ecce8ab65e26406b6a6e0e72ff8501c545bffc00f034dc3a5b251390ae68bb61d936dc9a24e6f66c72e7911c51c716dfd4304566fb32e6c2745d232f990d0bbe0ddf9dc58398dda292c07b16da766a37c60bd9993b4f21e641036a8afa2ccdb47d7990d5a007faccb2f86664179f2e229723bce870aec3f7f4e529c92add713590ce6c0ea1a0499fb76d32636cfd18b6b39fb48f1a6d46f6ae8f45c47ee8260f9531070d170ab92739be0bdf5b76f8a9b93a5e550dfecab79d2e46085a67024b6be883c79ade2873458fda5a7f4eb62b05634356ee3b45723f4cff19c654ad441ff5b8792df7f18d841c351e195151b1b3532e742a6525c86efdb29653f35ce8e0a41c8c6d39f39531e13aeb1172893eeedd83b6afb939f8e6abc5482696aa48918000000000000002900000037"], 0x590}}, {{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000000c0)="0a649329b2a344470f9bc0faa8d0cf04aa19bcc4cb4b0f6cccc826140704427ced8e3a0b950b7f", 0x27}], 0x1}}, {{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000200)="a70b", 0x2}, {&(0x7f0000000340)="5d08d193", 0x4}], 0x2, &(0x7f0000004500)=ANY=[], 0x1188}}], 0x3, 0x8008800) sendto$inet6(r0, &(0x7f00000001c0)='W', 0x1, 0x4005, 0x0, 0x0) 1.107812462s ago: executing program 4 (id=424): openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) io_setup(0x197, &(0x7f0000000440)=0x0) r1 = openat$sysfs(0xffffff9c, &(0x7f0000000300)='/sys/power/resume', 0x8402, 0x37) io_submit(r0, 0x1, &(0x7f0000000500)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000000), 0xfffffc98}]) 956.351519ms ago: executing program 0 (id=425): syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f0000000040), 0x3, 0x5eb, &(0x7f0000000c00)="$eJzs3ctvFEcaAPCvxw9sjNYDWu0ue1gsrVYg7WJjAysU5QDXCFnkoVxyiYMNIRiwsKPEJBJGIpdIUS5RFCmnHEL+iwSFK6fklEMuOUVIKIk4RspEPdNtPHaPX9jTiP79pGG6q6Zd1djfVHVNVU8AlTWS/lOLOBgRc0nEcLK0nNcbWeZI63WPfnv/fPpIotF4+Zckkiwtf32SPQ9lBw9ExHffJnGgZ22584s3Lk/Nzs5cz/bHFq7Mjc0v3jh66crUxZmLM1cn/j9x6uSJk6fGj23rvG4WpJ29/dY7wx9Ovvbl578n41/9OJnE6Xghe+HK89gpIzHS/D9J1mYNndrpwkrSk/2dNBqNRp6W9JZbJzYv//31RcTfYzh64vEvbzg+eLHUygG7qpG03ruBKkrEP1RU3g/Ir+1XXwfXSumVAN3w8ExrAGBt/Pe2xgZjoDk2sPdREiuHdZKI2N7IXLt9EXH/3uTtC/cmb8cujcMBxZZuRcQ/iuI/acZ/PQai3oz/Wlv8p/2Cc9lzmv7SNstfPVQs/qF7WvE/sG78R4f4fz19vtmK4Te2WX798eabg23xP7jdUwIAAAAAAIDKunsmIv5X9Pl/bXn+TxTM/xmKiNM7UP7Iqv21n//XHuxAMUCBh2cini+c/1vLZ//We1YsYa1HX3Lh0uzMsYj4S0Qcib496f74OmUc/ejAZ53yRrL5f/kjLf9+Nhcwq8eD3j3tx0xPLUw9wSkDmYe3Iv5ZOP83WW7/k4L2P31nmNtkGQf+c+dcp7yN4x/YLY0vIg4Xtv+P71qRrH9/jrFmf2As7xWs9a/3Pv66U/nbjX+3mIAnl7b/e9eP/3qy8n4981sv4/hib6NT3nb7//3JK827CvVnae9OLSxcH4/oT872pKlt6RNbrzM8i/J4yOMljf8j/15//K+o/z8YEUurfnbya/ua4tzf/hj6qVN99P+hPGn8T2+p/d/6xsSd+jedyt9c+3+i2dYfyVKM/0HLp3mY9renF4Rjb1FWt+sLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM+CWkTsi6Q2urxdq42ORgxFxF9jb2322vzCfy9ce/vqdJrX/P7/Wv5Nv8Ot/ST//v/6iv2JVfvHI2J/RHzSM9jcHz1/bXa67JMHAAAAAAAAAAAAAAAAAACAp8RQh/X/qZ97yq4dsOt6y64AUJqC+P++jHoA3af9h+oS/1Bd4h+qS/xDdYl/qC7xD9Ul/qG6xD8AAAAAADxT9h+6+0MSEUvPDTYfqf4sr6/UmgG7rVZ2BYDSuMUPVJepP1BdrvGBZIP8gY4HbXTkeubOP8HBAAAAAAAAAAAAAFA5hw9a/w9VZf0/VJf1/1Bd+fr/QyXXA+g+1/hAbLCSv3D9/4ZHAQAAAAAAAAAAAAA7aX7xxuWp2dmZ6zZefTqq0c2NRqNxM/0reFrqs/MbSTZDvSuF5lPhu3+m/Zs5wXyt3+Z+cnnvSQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQLs/AwAA//+JjCTl") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket(0x10, 0x80000000000802, 0x0) sendmsg(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000180)="5500000018007f5300fe01b2a4a280930a60000b00a84302911000ed3900090035000800060000000400150004000000000000dc1338d54400009b84136ef7", 0x3f}], 0x1}, 0x0) r4 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$ARPT_SO_SET_REPLACE(r4, 0x0, 0x60, &(0x7f0000000300)={'filter\x00', 0x104, 0x4, 0x3f0, 0x1f8, 0x1f8, 0x0, 0x308, 0x308, 0x308, 0x4, 0x0, {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@broadcast, @empty, @multicast1, @remote, 0x8, 0x4000000}}}, {{@arp={@dev={0xac, 0x14, 0x14, 0x19}, @multicast2, 0xffffffff, 0xff, 0xa, 0x2, {@empty, {[0x0, 0x0, 0x0, 0xff]}}, {@mac=@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, {[0x0, 0x0, 0x0, 0xff, 0xff, 0xff]}}, 0x2, 0x4, 0x2, 0x2, 0x5, 0x7, 'ip6tnl0\x00', 'pimreg\x00', {0xff}, {}, 0x0, 0x184}, 0xc0, 0xe8}, @unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0x5, 0x101, 0x1}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @remote, @rand_addr=0x64010102, 0x1, 0xffffffff}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x440) 919.495732ms ago: executing program 4 (id=426): r0 = pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$khugepaged_scan(r0, &(0x7f0000000040), 0x8) bpf$MAP_CREATE(0x0, 0x0, 0x50) prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x4c, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0) r4 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000400)=@raw={'raw\x00', 0x3c1, 0x1a6cc7, 0x298, 0xd8, 0x5802, 0x294, 0x0, 0x294, 0x1c8, 0x378, 0x378, 0x1c8, 0x378, 0x3, 0x0, {[{{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast1, [0xffffff00, 0xff, 0xff000000, 0xff000000], [0xff, 0xff, 0xff000000, 0xff000000], 'veth0_to_hsr\x00', 'vlan0\x00', {0xff}, {0xff}, 0xff, 0x0, 0x0, 0x80}, 0x0, 0xa8, 0xd8, 0x52020000}, @common=@inet=@SET2={0x30, 'SET\x00', 0x2, {{0x4, 0x5, 0x2}, {0x0, 0x5, 0x5}, 0x40, 0x8000}}}, {{@ipv6={@loopback, @remote, [0x0, 0x0, 0xff], [0x0, 0xff000000, 0x0, 0xffffffff], 'ip6erspan0\x00', 'gre0\x00', {0xff}, {}, 0x16, 0x7e}, 0x0, 0xa8, 0xf0}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x1, 0x3, 0x1, 0x0, 'netbios-ns\x00', {0x5}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x2f8) 904.047347ms ago: executing program 2 (id=427): ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) prlimit64(0x0, 0xe, 0x0, 0x0) getrlimit(0x6, &(0x7f00000000c0)) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) munmap(&(0x7f0000002000/0x1000)=nil, 0x1000) r2 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r2, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) sendto$inet6(r2, 0x0, 0x0, 0x2409c8c1, &(0x7f0000000240)={0xa, 0x4e20, 0x6, @mcast1}, 0x1c) sendto$inet6(r2, 0x0, 0x0, 0x6d91fb6102d8910c, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r3, &(0x7f0000000040)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x88fd537e5e114b6f, 0x12, r3, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000000)={[0x18addbae, 0x1000000000000fff, 0x0, 0x180, 0x4, 0x14, 0xf1, 0x0, 0x7fffffffffffe, 0x7, 0x8, 0x3, 0xfffffffffffffffe, 0x45, 0x4, 0xbdb], 0xffff1000, 0x1c4213}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 354.885193ms ago: executing program 2 (id=428): syz_mount_image$erofs(&(0x7f0000000040), &(0x7f0000000080)='./file2\x00', 0x0, &(0x7f0000000000)=ANY=[], 0x1, 0x1db, &(0x7f0000000380)="$eJzslb+qE0EUxr+ZjbuJiA9gY2HAa+Fmd6Nic+Ha2GghRI0WgsFsQnRjJNnCBER8AjsLOwsfQ4itDyFR8A+INmo9Mn92M4ZESMyawvODnHyzM3vmzBn4FgRB/Le8f/dzJn7sfyoDOIIqPPP8swPgQGturX9b/vbo9eWLzae3Xr7xZn7l92ze2vuXAEwvOEjNWAgh7Pmq+b8Kjio+Kn0NHKfM8yYYfKNvg+O60TEYbhp919IDud73O70k9u8MkrYUgQyhDJEM9cX6vj5haFv1MWt+NJ7cayVJPCxQLO/c9EteXxnYt+qz78uHrjZQ/dOE4AiNroOhYfR5eFlvdEus8x8rzfM7fzy/i7889gcA8yedIjvryq02eh1g/+TuCxYOlMhudOf1bF2gtLWEwgM2fr1x49ml4k76yjh1XupjPV4vz8GKKXfNPKbzuX+KFwwnLX/SVvJcfSxqaf9BbTSenO71W924G9+Povq54EwQnI1qyoh0XG6BKn9F+dPho3n+yqq1LnPxsJWmw1DHfBzpuMxxufI/jr0TOCTH0k3dhbzfAWSbMvPj6l+qPWdl8QRBEDvkOJjyZOXLmTBfk3xCiOjKjuskCIIgCIIgCIIgCGJzfgUAAP//K0NgKg==") r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x1, 0x6}, 0x4) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0a0000000b00000002000000060000004200", @ANYRES32, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00'], 0x50) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000080)={{r1}, &(0x7f0000000000), &(0x7f0000000040)='%-010d \x00'}, 0x20) syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f0000000000), 0xfd, 0x4cb, &(0x7f0000000480)="$eJzs3M1vG0UbAPBnbSdt+vEmbykfLYUGCqJQkTRpgR44UAQSB5CQuJRjSNJSmjYoCYhWFQQO5YgqcUcckfgLOMEFASekXssdVapQLy0gJKO1dx0nsV0ndWJa/36S7ZndiWee7Iy9s2M7gJ41nN4lETsi4mpEDFazywsMVx9u3bg4+eeNi5NJlMtv/ZFUyt28cXEyL5r/3fY8s7h8e7358xfOTMzMTM9l+dGFs++Pzp+/8OzpsxOnpk9Nnxs/duzokbEXnh9/rnnj+1bkG1VU16abez+e3bfntbcvvzF54vI7P3+b5PEvi+PD5k+yNsMNthXzxJOdquU/YmflfqByn5TyrYXuNYi2pB2ylA2lqzEYxagdvBiMVz/rauOADVUul8tbGu5Jtw5lJTJJ9li/DbiLJW2P5j7jHu4p2Zt9ErE4mc6B6+fzveD68eoEKI37Vnar7inVZq99tflt56WzrROLf32V3mLpOkT/BlUHABDfH68+5ud+S+d/hVJ9uZeytaGhiPh/ROyKiPsiYndE3B8RD0TEgxHxUN3ftFiOqVm5SLL6/LNwbV2Bten6oYgXs7Wt5ed/tbWLoWKW21mJvy85eXpm+nBE/C8iDkbfljQ/1qKOH1658kWWXHVeN1x3/pfe0vrzc8GsHddKKy7QTU0sTNxp3Lnrn0bsLTWKP6mtBKTHcU9E7N2/vjpOP/PNvmb7bh9/C6X1tade+euIp6rHfzFWxJ9LWq9Pjm6NmenDo3mvWO2XXy+92az+O4q/A9Ljv61h/6/FP5TUr9fOr72OS7993nRO2Wb/XzZu0v7fnywfSh9NLCzMjUX0J69X8v2VV6x0e6wuN75UPo3/4IHG439XLP0nHo6ItBM/EhGPRsT+rO2PRcTjEXGgRfw/vfzEe+uOv/HF+Y5J45+6/fF/9+na8W+ayNe2V+0qnvnxu8qe/JANtYg/iQbH/2gldTDb0s7rX8uWzt1JbwYAAIC7TyEidkRSGKmlC4WRkern5XfHtsLM7PzCoZOzH5ybqn5HYCj6CvmVrsHa9dBYHMum9fn10fEV+SPZdeMviwOV/Mjk7MxUt4OHHre9yfhP/V7sduuADdeBdTTgLrXe8V8ulz/pcFOATeb9H3pXi/G/oR++BLqvwfgfWJHf4I8hAt1SapCpm9j/s/Q9YeBe0+z8/8omtwPYfK7/Qe8y/qF3Gf/Qk7JvwpeirW/Lb1Aiff1pWqYYEd1qWJNEubx19a8cbEaiv4NPuGPlryQMru15orDGSpP6PrZ1Db/RsCoR7RcudrVjZ4m/sx/b3IS60qE0N9B8NLWf6PYrEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQGf8GwAA//+9UNjR") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) connect$pppl2tp(0xffffffffffffffff, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x6, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000fdffffde18000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r5}, 0xc) sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x6) bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0) setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x2, &(0x7f0000000180)=[{0x28, 0x0, 0xd, 0xfffff028}, {0x6, 0x0, 0x2, 0xffffffff}]}, 0x10) syz_clone3(&(0x7f0000000080)={0x2200, &(0x7f0000000040)=0xffffffffffffffff, 0x0, 0x0, {0xa}, 0x0, 0x0, 0x0, 0x0}, 0x58) pidfd_getfd(r6, r6, 0x0) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$KVM_X86_SET_MSR_FILTER(r8, 0x4188aec6, &(0x7f0000000380)={0x1, [{0x2, 0x0, 0x76, 0x0}, {0x1, 0x8, 0x4, &(0x7f00000001c0)="b5"}, {0x0, 0x0, 0x7f, 0x0}, {0x1, 0x0, 0x208, 0x0}, {0x2, 0x0, 0xffff6f56, 0x0}, {0x3, 0x0, 0x7, 0x0}, {0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x10000009, 0x0}, {0x2, 0x0, 0x3, 0x0}, {0x2, 0x0, 0x2ff, 0x0}, {0x1, 0x0, 0x4ed, 0x0}, {0x0, 0x0, 0x10, 0x0}, {0x0, 0x0, 0x9, 0x0}, {0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0xb, 0x0}, {0x2, 0x0, 0x0, 0x0}]}) syz_kvm_setup_syzos_vm$x86(r8, &(0x7f0000b6b000/0x400000)=nil) 0s ago: executing program 0 (id=429): syz_mount_image$exfat(&(0x7f0000000100), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000600)=ANY=[], 0x2, 0x1511, &(0x7f00000031c0)="$eJzs3Au4TtXWOPAx5pxLm8Sb5D7HHIs3uUySJJeERJIkSZJbQpIkSUhscktCEnJPcg/JLST3+y33JDmSJAkJSeb/0anPOadzTuf8zzmf7zl7/J5nPXuOvd4x3rH22Hu/a6397Pfr9gMr161SsTYzw78E//ghFQBSAKAPAGQGgAgASmQpkQVwCKTXmPqvPYn493pgyuXuQFxOMv+0Teaftsn80zaZf9om80/bZP5pm8w/bZP5C5GWbZma82rZ0u72z9z/z/D3dv7u/X+Q+///58jr/3+RQ0VGfb6uyLUd/okUmX/aJvNP22T+aZvMP22T+adtMv//chFAhb+zW+aftsn8hUjLLvf9Z9ku73a5v/+EEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQqQNZ8MlBgB+XV/uvoQQQgghhBBCCPHvE6740yjd5WtECCGEEEIIIYQQ/0EICjQYiCAdXAEpkB4ywJWQEa6CTJAZEnA1ZIFrICtcC9kgO+SAnJALckMesEDggCGGvJAPknAd5IfroQAUhEJQGDwUgaJwAxSDG6E43AQl4GYoCbdAKSgNZaAs3Arl4DYoDxWgItwOleAOqAxV4E6oCndBNbgbqsM9UAPuhZpwH9SC+6E2PAB14EGoCw9BPXgY6kMDaAiNoPH/V/7z0BlegC7QFVKhG3SHF6EH9IRe0Bv6wEvQF16GfvAK9IcBMBBehUHwGgyG12EIDIVh8AYMhxEwEkbBaBgDY+FNGAdvwXh4GybARJgEk2EKTIVp8A5MhxkwE96FWfAezIY5MBfmwXx4HxbAQlgEH8Bi+BCWwFJYBsthBayEVbAa1sBaWAfrYQNshE2wGbbAR7AVtsF22AE7YRfsho9hD3wCe+FT2Aef/WV+5r+ff+Yv8jsgIKBChQYNpsN0mIIpmAEzYEbMiJkwEyYwgVkwC2bFrJgNs2EOzIG5MBfmwTxISMjImBfzYhKTmB/zYwEsgIWwEHr0WBSLYjG8EYtjcSyBJbAklsRSWBpLY1ksi+WwHJbH8lgRK2IlrISVsTLeiXfiXVgNq2F1rI41sAbWxJpYC2thbayNdbAO1sW6WA/rYX2sjw2xITbGxtgEm2BTbIrNsTm2wBbYEltiK2yFrbE1tkHEttgW22E7bI/tsQN2xI74PD6PL+AL2BUrqW7YHbtjD+yBvbA39saXsC++jC/jK9gfB+BAfBVfxddwMJ7GITgUh+EwLKdG4EgchazG4Fgci+NwHI7H8TgBJ+JEnIxTcCpOw2k4HWfgDHwXZ+F7+B7OwTk4D+fjfFyAC3ERLsLFeAaX4FJchstxBa7EFbga1+BqXIfrcR1uxI24GTfjR/gRbsNtuAN34C7chR/jx/gJfoL9cR/uw/24Hw/gATyIB/EQHsLDeBiP4BE8ikfxGB7D43gCT+IJPIWn8DSewbN4Fs/hOTyPz+b6ss6ugmv7g7rIKKPSqXQqRaWoDCqDyqgyqkwqk0qohMqisqisKqvKprKpHCqHyqVyqTwqjyJFilWs8qq8KqmSKr/KrwqoAqqQKqS88qqoKqqKqWKquCquSqibVUl1iyqlSqtmvqwqq8qp5r68qqAqqoqqkrpDVVZVVBVVVVVV1VQ1VV1VVzVUDVVT3adqqW7YCx9QFydTVw3Aemog1lcNVEPVSL2Gj6gmajA2Vc1Uc/WYGopDsKVq4lupJ1VrNRLbqKfVKHxGtVNjsL16TnVQHVUn9bzqrJr6Lr/e7lSTsYfqqXqp3mo63qEuTqyyekX1VwPUQPWqmoevqcHqdTVEDVXD1BtquBqhRqpRarQao8aqN9U49ZYar95WE9RENUlNVlPUVDVNvaOmqxlqpnpXzVLvqdlqjpqr5qn56n21QC1Ui9QHarH6UC1RS9UytVytUCvVKrVarVFr1Tq1Xm1QG9UmtVltUR+prWqb2q52qJ1ql9qtPlZ71Cdqr/pU7VOfqf3qD+qA+lwdVF+oQ+pLdVh9pY6or9VR9Y06pr5Vx9UJdVJ9p06p7xOn1Rl1Vv2gzqkf1Xn1k7qgggKNWmmtjY50On2FTtHpdQZ9pQZ9lc6kM+uEvlpn0dforPpanU1n1zl0Tp1L59Z5tNWknWYd67w6n07q63R+fb0uoAvqQrqw9rqILqpv0MX0jbq4vkmX0DfrkvoWXUqX1mV0WX2rLqdv0+V1BV1R364r6Tt0ZV1F36mr6rt0NX23rq7v0TX0vbqmvk/X0vfr2voBXUc/qOvqh3Q9/bCurxvohrqRbqwf0U30o7qpbqab68d0C/24bqmf0K30k7q1fkq30U/rtvoZ3U4/q9vr53QH3VF30j/pCzroLrqrTtXddHf9ou6he+peurfuo1/SffXLup9+RffXA/RA/aoepF/Tg/XreogeqofpN/RwPUKP1KP0aD1Gj9Vv6nH6LT1ev60n6Il6kp6sp+iputcvlWb+A/lv/ZX8fj8/+2a9RX+kt+pterveoXfqXXq33q336D16r96r9+l9er/erw/oA/qgPqgP6UP6sD6sj+gj+qg+qo/pY/q4PqF/0N/pU/p7fVqf0Wf0D/qcPqfP//I1AINGGW2MiUw6c4VJMelNBnOlyWiuMplMZpMwV5ss5hqT1VxrspnsJofJaXKZ3CaPsYaMM2xik9fkM0lznclvrjcFTEFTyBQ23hQxRc0N/3L+7/XX2DQ2TUwT09Q0Nc1Nc9PCtDAtTUvTyrQyrU1r08a0MW1NW9POtDPtTXvTwXQwnUwn09l0Nl1MF5NqUk1386LpYXqaXqa36WNeMn1NX9PP9DP9TX8z0Aw0g8wgM9gMNkPMEDPMDDPDzXAz0ow0o81oM9aMNePMODPejDcTzAQzyUwyU8wUM81MM9PNdDPTzDSzzCwz28w2c81cM9/MNwvMArPILDKLzWKzxCw1S81ys9ysNCvNarParDVrzXqz3mw0G80Ss8VsMVvNVrPdbDc7zU6z2+w2e8wes9fsNfvMPrPf7DcHzAFz0Bw0h8whc9gcNkfMEXPUHDXHzDFz3Bw3J81Jc8qcMqfNaXPWnDXnzDlz3pw3F8yFi6d9kYpUZCITpYvSRSlRSpQhyhBljDJGmaJMUSJKRFmiLFHW6NooW5Q9yhHljHJFuaNUsBFFLuIojvJG+aJkdF2UP7o+KhAVjApFhSMfFYmKRjdExaIbo+LRTVGJ6OaoZHRLVCoqHZWJyka3RuWi26LyUYWoYnR7VCm6I6ocVYnujKpGd0XVoruj6tE9UY3o3qhmdF9UK7o/qh09ENWJHozqRg9F9aKHo/pRg6hh1Chq/G+tH8Lp7I/6LrarTbXdbHf7ou1he9petrftY1+yfe3Ltp99xfa3A+xA+6odZF+zg+3rdogdaofZN+xwO8KOtKPsaDvGjrVv2nH2LTvevm0n2Il2kp1sp9ipdpp9x063M+xM+66dZd+zs+0cO9fOs/Pt+3aBXWgX2Q/sYvuhXWKX2mV2uV1hV9pVdrVdY9fadXa93WA32k12s91iP7Jb7Ta73e6wO+0uu9t+bPfYT+xe+6ndZz+z++0f7AH7uT1ov7CH7Jf2sP3KHrFf26P2G3vMfmuP2xP2pP3OnrLf29P2jD1rf7Dn7I/2vP3JXrDh4sn9xZd3MmQoHaWjFEqhDJSBMlJGykSZKEEJykJZKCtlpWyUjXJQDspFuSgP5aGLmJjyUl5KUpLyU34qQAWoEBUiT56KUlEqRsWoOBWnElSCSlJJKkWlqAyVoVvpVrqNbqMKVIFup9vpDrqDqlAVqkpVqRpVo+pUnWpQDapJNakW1aLaVJvqUB2qS3WpHtWj+lSfGlJDakyNqQk1oabUlJpTc2pBLagltaRW1IpaU2tqQ22oLbWldtSO2lN76kAdqBN1os7UmbpQF0qlVOpO3akH9aBe1Iv6UB/qS32pH/Wj/tSfBtJAGkSDaDANpiE0lIbRGzScRtBIGkWjaQyNpbE0jsbReBpPE2gCTaJJNIWm0DSaRtNpOs2kmTSLZtFsmk1zaS7Np/m0gBbQIlpEi2kxLaEltIyW0QpaQatoFa2hNbSO1tEG2kCbaBNtoS20lbbSdtpOO2kn7abdtIf20F7aS/toH+2n/XSADtBBOkiH6BAdpsN0hI7QUTpKx+gYHafjdJJO0ik6RafpNJ2ls3SOfqTz9BNdoEApTkEGd6XL6K5ymVxml+LSu4txBAAX4xwup8vlcrs8zrpsLvufxeScK+AKukKusPOuiCvqbvhNXMqVdmVcWXerK+duc+V/E1d1d7lq7m5X3d3jqrg7/yyu4e51Nd1DrpZ72NV2DVwd18jVjR5y9dzDrr5r4Bq6Rq6Fe9y1dE+4Vu5J19o99Zt4gVvo1ri1bp1b7/a4T9xZ94M74r5259yProvr6vq4l1xf97Lr515x/d2A38TD3BtuuBvhRrpRbrQb85t4kpvspripbpp7x013M34Tz3fvu1lukZvt5ri5bt7P8cWeFrkP3GL3oVvilrplbrlb4Va6VW71//S63G10m9xmt9t97La6bW672+F2ul0/xxePY6/71O1zn7nD7it3wH3uDrqj7pD78uf44vEddd+4Y+5bd9ydcCfdd+6U+96ddmd+Pv6Lx/6d+8ldcMEBIyvWbDjidHwFp3B6zsBXcka+ijNxZk7w1ZyFr+GsfC1n4+ycg3NyLs7NedgysWPmmPNyPk7ydZyfr+cCXJALcWH2XISL8g1cjG/k4nwTl+CbuSTfwqW4NJfhsnwrl+PbuDxX4Ip8O1cKgStzFb6Tq/JdXI3v5up8D9fge7km38e1+H6uzQ9wHX6Q6/JDXI8f5vrcgBtyI27Mj3ATfpSbcjNuzo9xC36cW/IT3Iqf5Nb8FLfhp7ktP8Pt+Fluz89xB+7Infh57swvcBfuyqncjbvzi9yDe3Iv7s19+CXuyy9zP36F+/MAHsiv8iB+jQfz6zyEh/IwfoOH8wgeyaN4NI/hsfwmj+O3eDy/zRN4Ik/iyTyFp/I0foen8wyeye/yLH6PZ/McnsvzeD6/zwt4IS/iD3gxf8hLeCkv4+W8glfyKl7Na3gtr+P1vIE38ibezFv4I97K23g77+CdvIt388e8hz/hvfwp7+PPeD//gQ/w53yQv+BD/CUf5q/4CH/NR/kbPsbf8nE+wSf5Oz7F3/NpPsNn+Qc+xz/yef6JL3BgiDFWsY5NHMXp4ivilDh9nCG+Ms4YXxVnijPHifjqOEt8TZw1vjbOFmePc8Q541xx7jhPbGOKXcxxHOeN88XJ+Lo4f3x9XCAuGBeKC8c+LhIXjW+Ii8U3xsXjm+IS8c1xyfiWGFJLxw/dUza+NS4X3xaXjyvEFePb40rxHXHluEp8Z1w1viuuFt8dV4/viYvH98Y14/viWvH9ce34gbhO/GBcN34orhc/HNePG8QN40Zx4/iRuEn8aNw0bhY3jx+LW8SPxy3jJ+JW8ZNx6/ip392fGneLu8cvxi/GIdytfrlOTC5ILkwuSn6QXJz8MLkkuTS5LLk8uSK5MrkquTq5Jrk2uS65PrkhuTG5Kbk5GUKVK8CjV1574yOfzl/hU3x6n8Ff6TP6q3wmn9kn/NU+i7/GZ/XX+mw+u8/hc/pcPrfP460n7zz72Of1+XzSX+fz++t9AV/QF/KFvfdFfFHfyDf2jX0T/6hv6pv55v4x/5h/3D/un/BP+Cd9a/+Ub+Of9m39M76df9Y/65/zHXxH38k/7zv7F3wX39Wn+lTf3Xf3PXwP38v38n18H9/X9/X9fD/f3/f3A/1AP8gP8oP9YD/ED/HD/DA/3A/3I/1IP9qP9mP9WD/Oj/Pj/Xg/wU/wk/wkP8VP8dP8ND/dT/cz/Uw/q8AsP9vP9nP9XD/fz/cL/AK/yC/yi/1iv8Qv8cv8Mr/Cr/Cr/Cq/xq/x6/w6v8Fv8Jv8Jr/Fb/Fb/Va/3W/3O/1Ov9vv9nv8Hr/X7/X7/D6/3+/3B/wBf9B/4Q/5L/1h/5U/4r/2R/03/pj/1h/3J/xJ/50/5b/3p/0Zf9b/4M/5H/15/5O/4IMfm3gzMS7xVmJ84u3EhMTExKTE5MSUxNTEtMQ7iemJGYmZiXcTsxLvJWYn5iTmJuYl5ifeTyxILEwsSnyQWJz4MLEksTSxLLE8sSKxMhFC7q1xyBvyhWS4LuQP14cCoWAoFAoHH4qEouGGUCzcGIqHm0KJcHMoGW4JpULpUCY8HOqHBqFhaBQah0dCk/BoaBqahebhsdAiPB5ahidCq/BkaB2eCm3C06FteCa0C8+G9uG50CF0DJ3C86FzeCF0CV1DaugWuocXQ4/QM/QKvUOf8FLoG14O/cIroX8YEAaGV8Og8FoYHF4PQ8LQMCy8EYaHEWFkGBVGhzFhbHgzjAtvhfHh7TAhTAyTwuQwJUwN08I7YXqYEWaGd8Os8F6YHeaEuWFemB/eDwvCwrAofBAWhw/DkrA0LAvLw4qwMqwKq8OasDasC+vDhrAxbAqbw5bwUdgatoXtYUfYGXaF3eHjsCd8EvaGT8O+8FnYH/4QDoTPw8HwRTgUvgyHw1fhSPg6HA3fhGPh23A8nAgnw3fhVPg+nA5nwtnwQzgXfgznw0/hgvzPmhBCCCHEP0T/zv5uf+Vz6QDg10ui7gBw1bach/6y5oZsf1z3VLlaJADgya7tH/h1q1QpNTX1l8cu0RDlmwMAiT+v/2u8FJrD49AKmkGxv9pfT9XxHP9O/eTNABn+JCcFLsWX6t/4N+o/8tiwBSXjs1n+Tv05AAXyXcpJD5fiS/WL/4362Zv8Tv/pPx8L0PRPcjLCpfhS/aLwKDwFrf7skUIIIYQQQgghxB/1VGXa/u3rT/0/1+e5zKWcK+BS/HvX50IIIYQQQgghhLj8nunY6YlHWrVq1vYfW+Avf5f+57JkIYv/nkX6X350/q/08x9aXM7fSkIIIYQQQoj/hEsn/Ze7EyGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQIu3633g7sct9jEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIcTl9v8CAAD//5aUMno=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) sendfile(r0, r0, 0x0, 0xe3aa6ea) kernel console output (not intermixed with test programs): x700 [ 101.245558][ T6237] __submit_merged_write_cond+0x3c9/0x4e0 [ 101.245599][ T6237] ? __pfx___submit_merged_write_cond+0x10/0x10 [ 101.245654][ T6237] f2fs_write_data_pages+0x2975/0x35e0 [ 101.245713][ T6237] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 101.245748][ T6237] ? unwind_get_return_address+0x4d/0x90 [ 101.245779][ T6237] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 101.245827][ T6237] ? check_noncircular+0xda/0x150 [ 101.245864][ T6237] ? lockdep_unlock+0x5d/0xd0 [ 101.245886][ T6237] ? __lock_acquire+0x146e/0x2cf0 [ 101.245935][ T6237] ? do_raw_spin_lock+0x12b/0x2f0 [ 101.245971][ T6237] ? do_raw_spin_unlock+0xf5/0x210 [ 101.245993][ T6237] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 101.246016][ T6237] do_writepages+0x32e/0x550 [ 101.246056][ T6237] ? do_raw_spin_unlock+0xf5/0x210 [ 101.246082][ T6237] filemap_fdatawrite+0x1e9/0x2f0 [ 101.246115][ T6237] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 101.246190][ T6237] ? do_raw_spin_unlock+0xf5/0x210 [ 101.246216][ T6237] f2fs_sync_dirty_inodes+0x30e/0x860 [ 101.246252][ T6237] f2fs_write_checkpoint+0x9df/0x26a0 [ 101.246310][ T6237] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 101.246332][ T6237] ? do_file_open+0x23e/0x4a0 [ 101.246391][ T6237] ? down_write+0x16d/0x200 [ 101.246415][ T6237] ? __pfx_down_write+0x10/0x10 [ 101.246436][ T6237] ? uplift_priority+0xdb/0x730 [ 101.246465][ T6237] f2fs_issue_checkpoint+0x456/0x790 [ 101.246500][ T6237] ? __pfx_f2fs_issue_checkpoint+0x10/0x10 [ 101.246548][ T6237] ? is_bpf_text_address+0x26/0x2b0 [ 101.246593][ T6237] ? f2fs_sync_fs+0x1f0/0x400 [ 101.246619][ T6237] ? mnt_get_write_access+0x213/0x280 [ 101.246646][ T6237] f2fs_do_shutdown+0x111/0x5c0 [ 101.246674][ T6237] __f2fs_ioctl+0x45c7/0xbd20 [ 101.246697][ T6237] ? __pfx_stack_trace_save+0x10/0x10 [ 101.246716][ T6237] ? kasan_save_free_info+0x46/0x50 [ 101.246748][ T6237] ? stack_depot_save_flags+0x33/0x810 [ 101.246772][ T6237] ? __pfx_format_decode+0x10/0x10 [ 101.246801][ T6237] ? kasan_save_track+0x4f/0x80 [ 101.246819][ T6237] ? kasan_save_track+0x3e/0x80 [ 101.246837][ T6237] ? kasan_save_free_info+0x46/0x50 [ 101.246863][ T6237] ? __kasan_slab_free+0x5c/0x80 [ 101.246883][ T6237] ? kfree+0x1c1/0x630 [ 101.246898][ T6237] ? tomoyo_path_number_perm+0x501/0x630 [ 101.246916][ T6237] ? security_file_ioctl+0xc3/0x2a0 [ 101.246944][ T6237] ? __se_sys_ioctl+0x47/0x170 [ 101.246965][ T6237] ? do_syscall_64+0x14d/0xf80 [ 101.246984][ T6237] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 101.247025][ T6237] ? __pfx___f2fs_ioctl+0x10/0x10 [ 101.247067][ T6237] ? kasan_quarantine_put+0xbb/0x1f0 [ 101.247092][ T6237] ? tomoyo_path_number_perm+0x219/0x630 [ 101.247117][ T6237] ? tomoyo_path_number_perm+0x219/0x630 [ 101.247140][ T6237] ? do_vfs_ioctl+0x1166/0x1530 [ 101.247166][ T6237] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 101.247204][ T6237] ? do_futex+0x333/0x420 [ 101.247251][ T6237] ? __fget_files+0x2a/0x420 [ 101.247283][ T6237] ? __fget_files+0x2a/0x420 [ 101.247311][ T6237] ? __fget_files+0x3a0/0x420 [ 101.247336][ T6237] ? __fget_files+0x2a/0x420 [ 101.247367][ T6237] ? f2fs_ioctl+0x135/0x250 [ 101.247389][ T6237] ? __pfx_f2fs_ioctl+0x10/0x10 [ 101.247411][ T6237] __se_sys_ioctl+0xfc/0x170 [ 101.247438][ T6237] do_syscall_64+0x14d/0xf80 [ 101.247458][ T6237] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 101.247478][ T6237] ? clear_bhb_loop+0x40/0x90 [ 101.247502][ T6237] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 101.247521][ T6237] RIP: 0033:0x7f362699c799 [ 101.247548][ T6237] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 101.247565][ T6237] RSP: 002b:00007f3627917028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 101.247586][ T6237] RAX: ffffffffffffffda RBX: 00007f3626c15fa0 RCX: 00007f362699c799 [ 101.247600][ T6237] RDX: 0000200000000080 RSI: 000000008004587d RDI: 0000000000000006 [ 101.247613][ T6237] RBP: 00007f3626a32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 101.247625][ T6237] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 101.247637][ T6237] R13: 00007f3626c16038 R14: 00007f3626c15fa0 R15: 00007ffe78401f68 [ 101.247670][ T6237] [ 101.712438][ T6237] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 102.006504][ T6285] loop2: detected capacity change from 0 to 256 [ 102.008258][ T6279] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 102.346165][ T6285] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 102.591768][ T6285] exFAT-fs (loop2): Medium has reported failures. Some data may be lost. [ 102.692500][ T6285] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 103.040931][ T6292] loop1: detected capacity change from 0 to 512 [ 103.557381][ T6285] exFAT-fs (loop2): failed to load alloc-bitmap [ 103.563665][ T6285] exFAT-fs (loop2): failed to recognize exfat type [ 103.574104][ T6292] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 103.912894][ T6294] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 104.965989][ T6299] loop1: detected capacity change from 0 to 512 [ 105.055641][ T6299] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 105.130768][ T6299] ext4 filesystem being mounted at /20/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 105.217161][ T55] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 105.233096][ T6299] EXT4-fs (loop1): shut down requested (1) [ 105.356366][ T6304] loop2: detected capacity change from 0 to 512 [ 105.382063][ T6304] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 105.419171][ T55] usb 1-1: config 0 has an invalid interface number: 199 but max is 1 [ 105.449062][ T55] usb 1-1: config 0 has no interface number 1 [ 105.455246][ T55] usb 1-1: config 0 interface 199 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0 [ 105.471991][ T6304] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a84ee02c, mo2=0002] [ 105.495948][ T6304] System zones: 1-12 [ 105.525955][ T6304] EXT4-fs (loop2): orphan cleanup on readonly fs [ 105.537139][ T55] usb 1-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 105.569131][ T6304] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.104: invalid indirect mapped block 2 (level 2) [ 105.603418][ T5823] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 105.624205][ T6304] loop2: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 105.625333][ T55] usb 1-1: New USB device found, idVendor=0002, idProduct=0000, bcdDevice= 0.00 [ 105.634599][ C0] EXT4-fs (loop2): error count since last fsck: 1 [ 105.634621][ C0] EXT4-fs (loop2): initial error at time 1772367769: ext4_free_branches:1023: inode 11 [ 105.634654][ C0] EXT4-fs (loop2): last error at time 1772367769: ext4_free_branches:1023: inode 11 [ 105.693369][ T29] audit: type=1804 audit(1772367769.309:6): pid=6293 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.97" name="/newroot/18/file1/file1" dev="loop4" ino=15 res=1 errno=0 [ 105.721083][ T6304] EXT4-fs (loop2): Remounting filesystem read-only [ 105.729180][ T6304] EXT4-fs (loop2): 1 truncate cleaned up [ 105.743861][ T6304] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: writeback. [ 105.800322][ T55] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 105.801849][ T6304] EXT4-fs warning (device loop2): dx_probe:791: inode #2: lblock 0: comm syz.2.104: error -117 reading directory block [ 105.829800][ T55] usb 1-1: SerialNumber: syz [ 105.838345][ T55] usb 1-1: config 0 descriptor?? [ 105.848222][ T55] uvcvideo 1-1:0.199: Found UVC 0.00 device (0002:0000) [ 105.856115][ T55] uvcvideo 1-1:0.199: No valid video chain found. [ 105.944441][ T5834] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 105.944528][ T6309] loop1: detected capacity change from 0 to 256 [ 106.009052][ T5818] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 106.064075][ T6309] FAT-fs (loop1): Directory bread(block 64) failed [ 106.074948][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 106.084469][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 106.177353][ T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!! [ 106.360566][ T6312] netlink: 16 bytes leftover after parsing attributes in process `syz.0.103'. [ 106.382431][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 106.392413][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 106.539832][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 106.688966][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 106.697753][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 106.791406][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 106.800205][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 107.037762][ T6306] loop3: detected capacity change from 0 to 40427 [ 107.050113][ T6309] FAT-fs (loop1): Directory bread(block 65) failed [ 107.158078][ T6309] FAT-fs (loop1): Directory bread(block 66) failed [ 107.162552][ T6306] F2FS-fs (loop3): Invalid SB checksum offset: 0 [ 107.182150][ T6309] FAT-fs (loop1): Directory bread(block 67) failed [ 107.203167][ T6309] FAT-fs (loop1): Directory bread(block 68) failed [ 107.210513][ T6309] FAT-fs (loop1): Directory bread(block 69) failed [ 107.217602][ T6309] FAT-fs (loop1): Directory bread(block 70) failed [ 107.224231][ T6309] FAT-fs (loop1): Directory bread(block 71) failed [ 107.233694][ T6306] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock [ 107.237662][ T6309] FAT-fs (loop1): Directory bread(block 72) failed [ 107.252730][ T6309] FAT-fs (loop1): Directory bread(block 73) failed [ 107.260870][ T6318] loop4: detected capacity change from 0 to 128 [ 107.294290][ T6306] F2FS-fs (loop3): invalid crc value [ 107.349042][ T6318] FAT-fs (loop4): Directory bread(block 32) failed [ 107.378911][ T6318] FAT-fs (loop4): Directory bread(block 33) failed [ 107.415108][ T6318] FAT-fs (loop4): Directory bread(block 34) failed [ 107.445890][ T6318] FAT-fs (loop4): Directory bread(block 35) failed [ 107.472874][ T6318] FAT-fs (loop4): Directory bread(block 36) failed [ 107.515172][ T6318] FAT-fs (loop4): Directory bread(block 37) failed [ 107.543122][ T6325] loop1: detected capacity change from 0 to 256 [ 107.549652][ T6318] FAT-fs (loop4): Directory bread(block 38) failed [ 107.574280][ T6318] FAT-fs (loop4): Directory bread(block 39) failed [ 107.600134][ T6318] FAT-fs (loop4): Directory bread(block 40) failed [ 107.624209][ T6318] FAT-fs (loop4): Directory bread(block 41) failed [ 107.632906][ T6306] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 107.683706][ T6306] F2FS-fs (loop3): Try to recover 2th superblock, ret: 0 [ 107.707493][ T6306] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 107.822820][ T5824] syz-executor: attempt to access beyond end of device [ 107.822820][ T5824] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 107.841913][ T5824] CPU: 0 UID: 0 PID: 5824 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) [ 107.841938][ T5824] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 107.841948][ T5824] Call Trace: [ 107.841955][ T5824] [ 107.841963][ T5824] dump_stack_lvl+0xe8/0x150 [ 107.841992][ T5824] f2fs_handle_critical_error+0x37c/0x540 [ 107.842026][ T5824] f2fs_write_end_io+0xcdb/0xff0 [ 107.842064][ T5824] __submit_merged_bio+0x256/0x700 [ 107.842097][ T5824] __submit_merged_write_cond+0x3c9/0x4e0 [ 107.842130][ T5824] ? __pfx___submit_merged_write_cond+0x10/0x10 [ 107.842179][ T5824] f2fs_write_data_pages+0x2975/0x35e0 [ 107.842233][ T5824] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 107.842267][ T5824] ? css_rstat_updated+0x23a/0x530 [ 107.842311][ T5824] ? check_noncircular+0xda/0x150 [ 107.842344][ T5824] ? lockdep_unlock+0x5d/0xd0 [ 107.842368][ T5824] ? __lock_acquire+0x146e/0x2cf0 [ 107.842413][ T5824] ? do_raw_spin_lock+0x12b/0x2f0 [ 107.842442][ T5824] ? do_raw_spin_unlock+0xf5/0x210 [ 107.842462][ T5824] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 107.842483][ T5824] do_writepages+0x32e/0x550 [ 107.842517][ T5824] ? do_raw_spin_unlock+0xf5/0x210 [ 107.842540][ T5824] filemap_fdatawrite+0x1e9/0x2f0 [ 107.842568][ T5824] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 107.842637][ T5824] ? do_raw_spin_unlock+0xf5/0x210 [ 107.842660][ T5824] f2fs_sync_dirty_inodes+0x30e/0x860 [ 107.842698][ T5824] f2fs_write_checkpoint+0x9df/0x26a0 [ 107.842751][ T5824] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 107.842825][ T5824] kill_f2fs_super+0x314/0x720 [ 107.842851][ T5824] ? __pfx_kill_f2fs_super+0x10/0x10 [ 107.842885][ T5824] ? lockdep_hardirqs_on+0x7a/0x110 [ 107.842917][ T5824] deactivate_locked_super+0xbc/0x130 [ 107.842946][ T5824] cleanup_mnt+0x437/0x4d0 [ 107.842964][ T5824] ? _raw_spin_unlock_irq+0x23/0x50 [ 107.842993][ T5824] task_work_run+0x1d9/0x270 [ 107.843016][ T5824] ? __pfx_task_work_run+0x10/0x10 [ 107.843046][ T5824] exit_to_user_mode_loop+0xed/0x480 [ 107.843065][ T5824] ? rcu_is_watching+0x15/0xb0 [ 107.843093][ T5824] do_syscall_64+0x32d/0xf80 [ 107.843111][ T5824] ? trace_irq_disable+0x3b/0x150 [ 107.843126][ T5824] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 107.843145][ T5824] ? clear_bhb_loop+0x40/0x90 [ 107.843166][ T5824] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 107.843184][ T5824] RIP: 0033:0x7f362699d9d7 [ 107.843201][ T5824] Code: a2 c7 05 1c ed 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 107.843214][ T5824] RSP: 002b:00007ffe784011d8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 107.843233][ T5824] RAX: 0000000000000000 RBX: 00007f3626a31f90 RCX: 00007f362699d9d7 [ 107.843244][ T5824] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe78401290 [ 107.843254][ T5824] RBP: 00007ffe78401290 R08: 00007ffe78402290 R09: 00000000ffffffff [ 107.843266][ T5824] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffe78402320 [ 107.843276][ T5824] R13: 00007f3626a31f90 R14: 000000000001a4eb R15: 00007ffe78402360 [ 107.843306][ T5824] [ 107.844937][ T5824] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 108.073392][ T6319] loop2: detected capacity change from 0 to 40427 [ 108.202457][ T6319] F2FS-fs (loop2): invalid crc value [ 108.430832][ T55] usb 1-1: USB disconnect, device number 3 [ 108.547017][ T6319] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 108.602308][ T6319] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 109.407373][ T9] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 109.567449][ T9] usb 4-1: Using ep0 maxpacket: 8 [ 109.584628][ T9] usb 4-1: config 3 has an invalid interface number: 45 but max is 0 [ 109.607209][ T9] usb 4-1: config 3 contains an unexpected descriptor of type 0x1, skipping [ 109.636274][ T9] usb 4-1: config 3 has an invalid descriptor of length 10, skipping remainder of the config [ 109.678138][ T9] usb 4-1: config 3 has no interface number 0 [ 109.687249][ T9] usb 4-1: config 3 interface 45 altsetting 2 endpoint 0xA has invalid maxpacket 50695, setting to 1024 [ 109.727135][ T9] usb 4-1: config 3 interface 45 altsetting 2 bulk endpoint 0xA has invalid maxpacket 1024 [ 109.757276][ T9] usb 4-1: config 3 interface 45 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 109.797140][ T9] usb 4-1: config 3 interface 45 has no altsetting 0 [ 109.826475][ T9] usb 4-1: New USB device found, idVendor=0582, idProduct=e6ca, bcdDevice=d3.0b [ 109.846384][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 109.856489][ T9] usb 4-1: Product: syz [ 109.866590][ T9] usb 4-1: Manufacturer: syz [ 109.876689][ T9] usb 4-1: SerialNumber: syz [ 109.899808][ T6347] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 110.261727][ T9] usb 4-1: USB disconnect, device number 3 [ 110.309175][ T6012] udevd[6012]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:3.45/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 110.534959][ T6351] loop2: detected capacity change from 0 to 40427 [ 110.559966][ T6351] F2FS-fs (loop2): Invalid segment count (0) [ 110.571806][ T6351] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock [ 110.597314][ T6351] F2FS-fs (loop2): invalid crc value [ 110.778838][ T6351] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 1 [ 110.816502][ T6351] F2FS-fs (loop2): Start checkpoint disabled! [ 110.831749][ T6351] F2FS-fs (loop2): f2fs_disable_checkpoint() finish, err:0 [ 110.869728][ T6358] kvm: pic: single mode not supported [ 110.869833][ T6358] kvm: pic: non byte read [ 110.897494][ T6358] kvm: pic: single mode not supported [ 110.898293][ T6351] F2FS-fs (loop2): Try to recover 2th superblock, ret: 0 [ 110.937236][ T6351] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6 [ 111.054594][ T6353] loop4: detected capacity change from 0 to 40427 [ 111.090913][ T6353] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 111.118300][ T6353] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 111.140365][ T13] kworker/u8:1: attempt to access beyond end of device [ 111.140365][ T13] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 111.177310][ T6353] F2FS-fs (loop4): invalid crc value [ 111.185285][ T13] CPU: 1 UID: 0 PID: 13 Comm: kworker/u8:1 Not tainted syzkaller #0 PREEMPT(full) [ 111.185309][ T13] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 111.185320][ T13] Workqueue: writeback wb_workfn (flush-7:2) [ 111.185349][ T13] Call Trace: [ 111.185356][ T13] [ 111.185363][ T13] dump_stack_lvl+0xe8/0x150 [ 111.185389][ T13] f2fs_handle_critical_error+0x37c/0x540 [ 111.185422][ T13] f2fs_write_end_io+0xcdb/0xff0 [ 111.185463][ T13] __submit_merged_bio+0x256/0x700 [ 111.185497][ T13] __submit_merged_write_cond+0x3c9/0x4e0 [ 111.185533][ T13] ? __pfx___submit_merged_write_cond+0x10/0x10 [ 111.185583][ T13] f2fs_write_data_pages+0x2975/0x35e0 [ 111.185644][ T13] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 111.185662][ T13] ? cfg80211_inform_single_bss_data+0x13c6/0x1b70 [ 111.185699][ T13] ? __lock_acquire+0x6b5/0x2cf0 [ 111.185750][ T13] ? unwind_next_frame+0xa5/0x23c0 [ 111.185781][ T13] ? rcu_is_watching+0x15/0xb0 [ 111.185826][ T13] ? update_load_avg+0x1b0/0x1ec0 [ 111.185863][ T13] ? __lock_acquire+0x6b5/0x2cf0 [ 111.185887][ T13] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 111.185908][ T13] do_writepages+0x32e/0x550 [ 111.185945][ T13] ? reacquire_held_locks+0x104/0x190 [ 111.185972][ T13] ? writeback_sb_inodes+0x477/0x1a20 [ 111.186003][ T13] __writeback_single_inode+0x133/0x11a0 [ 111.186029][ T13] ? do_raw_spin_unlock+0xf5/0x210 [ 111.186053][ T13] writeback_sb_inodes+0x992/0x1a20 [ 111.186116][ T13] ? __pfx_writeback_sb_inodes+0x10/0x10 [ 111.186138][ T13] ? do_raw_spin_lock+0x12b/0x2f0 [ 111.186198][ T13] ? rcu_is_watching+0x15/0xb0 [ 111.186233][ T13] wb_writeback+0x456/0xb70 [ 111.186260][ T13] ? queue_io+0x261/0x4a0 [ 111.186294][ T13] ? __pfx_wb_writeback+0x10/0x10 [ 111.186314][ T13] ? do_raw_spin_lock+0x12b/0x2f0 [ 111.186351][ T13] wb_workfn+0x414/0xf50 [ 111.186375][ T13] ? look_up_lock_class+0x57/0x110 [ 111.186409][ T13] ? __pfx_wb_workfn+0x10/0x10 [ 111.186427][ T13] ? kasan_quarantine_put+0xbb/0x1f0 [ 111.186450][ T13] ? do_raw_spin_lock+0x12b/0x2f0 [ 111.186471][ T13] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 111.186513][ T13] ? process_one_work+0x87c/0x1650 [ 111.186534][ T13] process_one_work+0x949/0x1650 [ 111.186580][ T13] ? __pfx_process_one_work+0x10/0x10 [ 111.186600][ T13] ? do_raw_spin_lock+0x12b/0x2f0 [ 111.186638][ T13] worker_thread+0xb46/0x1140 [ 111.186691][ T13] kthread+0x388/0x470 [ 111.186710][ T13] ? __pfx_worker_thread+0x10/0x10 [ 111.186731][ T13] ? __pfx_kthread+0x10/0x10 [ 111.186750][ T13] ret_from_fork+0x51e/0xb90 [ 111.186775][ T13] ? __pfx_ret_from_fork+0x10/0x10 [ 111.186796][ T13] ? __switch_to+0xc7d/0x1450 [ 111.186822][ T13] ? __pfx_kthread+0x10/0x10 [ 111.186842][ T13] ret_from_fork_asm+0x1a/0x30 [ 111.186875][ T13] [ 111.186883][ T13] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 111.319233][ T6342] loop1: detected capacity change from 0 to 131072 [ 111.529095][ T6342] F2FS-fs (loop1): invalid crc value [ 111.715450][ T6353] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 111.727414][ T6353] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 111.734499][ T6353] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 111.875327][ T6372] loop3: detected capacity change from 0 to 512 [ 111.898150][ T6372] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 111.997755][ T6373] overlayfs: missing 'lowerdir' [ 112.393832][ T6372] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a84ee02c, mo2=0002] [ 112.400465][ T6342] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 112.453050][ T6342] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4 [ 112.461977][ T6372] System zones: 1-12 [ 112.476723][ T6372] EXT4-fs (loop3): orphan cleanup on readonly fs [ 112.557621][ T6372] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.119: invalid indirect mapped block 2 (level 2) [ 112.624456][ T6372] loop3: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 112.624888][ T6372] EXT4-fs (loop3): Remounting filesystem read-only [ 112.634115][ C1] EXT4-fs (loop3): error count since last fsck: 1 [ 112.634138][ C1] EXT4-fs (loop3): initial error at time 1772367776: ext4_free_branches:1023: inode 11 [ 112.634171][ C1] EXT4-fs (loop3): last error at time 1772367776: ext4_free_branches:1023: inode 11 [ 112.737485][ T6372] EXT4-fs (loop3): 1 truncate cleaned up [ 112.744891][ T6372] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: writeback. [ 112.759439][ T6379] loop0: detected capacity change from 0 to 1024 [ 112.766762][ T6379] EXT4-fs: inline encryption not supported [ 112.809376][ T6379] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 112.838190][ T6372] EXT4-fs warning (device loop3): dx_probe:791: inode #2: lblock 0: comm syz.3.119: error -117 reading directory block [ 112.878525][ T6379] EXT4-fs error (device loop0): ext4_free_blocks:6724: comm syz.0.121: Freeing blocks not in datazone - block = 0, count = 4096 [ 112.928834][ T6383] loop2: detected capacity change from 0 to 1024 [ 112.938778][ T6379] loop0: lost filesystem error report for type 5 error -117 [ 112.947105][ C1] EXT4-fs (loop0): error count since last fsck: 1 [ 112.960918][ C1] EXT4-fs (loop0): initial error at time 1772367776: ext4_free_blocks:6724 [ 112.969575][ C1] EXT4-fs (loop0): last error at time 1772367776: ext4_free_blocks:6724 [ 112.981105][ T6379] EXT4-fs (loop0): Remounting filesystem read-only [ 112.987911][ T6379] EXT4-fs (loop0): 1 orphan inode deleted [ 112.991464][ T6383] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 112.995253][ T6379] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 113.028344][ T6379] EXT4-fs (loop0): shut down requested (2) [ 113.040707][ T12] EXT4-fs (loop0): Quota write (off=2048, len=1024) cancelled because transaction is not started [ 113.060963][ T5824] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 113.184673][ T5817] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 113.225428][ T12] Quota error (device loop0): write_blk: dquota write failed [ 113.234168][ T12] Quota error (device loop0): remove_free_dqentry: Can't write block (2) with free entries [ 113.245728][ T12] EXT4-fs (loop0): Quota write (off=2048, len=1024) cancelled because transaction is not started [ 113.256416][ T12] Quota error (device loop0): write_blk: dquota write failed [ 113.263870][ T12] Quota error (device loop0): free_dqentry: Can't move quota data block (2) to free list [ 113.273988][ T12] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started [ 113.317803][ T12] Quota error (device loop0): v2_write_file_info: Can't write info structure [ 113.913366][ T5818] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 114.065504][ T6398] loop2: detected capacity change from 0 to 128 [ 114.277250][ T6400] loop2: detected capacity change from 0 to 512 [ 114.303538][ T6400] EXT4-fs: inline encryption not supported [ 114.332527][ T6400] EXT4-fs: Ignoring removed oldalloc option [ 114.398341][ T6400] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2 [ 114.416038][ T6400] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.127: invalid indirect mapped block 2683928664 (level 1) [ 114.448577][ T6400] loop2: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117 [ 114.452523][ T6400] EXT4-fs (loop2): 1 truncate cleaned up [ 114.461749][ C0] EXT4-fs (loop2): error count since last fsck: 1 [ 114.461771][ C0] EXT4-fs (loop2): initial error at time 1772367778: ext4_free_branches:1023: inode 13 [ 114.461801][ C0] EXT4-fs (loop2): last error at time 1772367778: ext4_free_branches:1023: inode 13 [ 114.499131][ T6400] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 114.565732][ T6404] loop1: detected capacity change from 0 to 8192 [ 114.615238][ T29] audit: type=1800 audit(1772367778.229:7): pid=6404 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.122" name="file2" dev="loop1" ino=1048622 res=0 errno=0 [ 114.620535][ T6404] FAT-fs (loop1): error, invalid access to FAT (entry 0x00008114) [ 114.686645][ T6404] FAT-fs (loop1): Filesystem has been set read-only [ 114.710566][ T6404] syz.1.122: attempt to access beyond end of device [ 114.710566][ T6404] loop1: rw=8388608, sector=33114, nr_sectors = 1 limit=8192 [ 114.740107][ T5818] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 115.195247][ T6417] kvm: pic: single mode not supported [ 115.195354][ T6417] kvm: pic: non byte read [ 115.227799][ T6417] kvm: pic: single mode not supported [ 116.307187][ T6425] loop0: detected capacity change from 0 to 512 [ 116.373697][ T6425] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 116.426396][ T6425] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a84ee02c, mo2=0002] [ 116.446226][ T6425] System zones: 1-12 [ 116.497520][ T6425] EXT4-fs (loop0): orphan cleanup on readonly fs [ 116.516806][ T6425] EXT4-fs error (device loop0): ext4_get_branch:178: inode #11: block 33619980: comm syz.0.133: invalid block [ 116.550183][ T6425] loop0: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 116.555590][ T6425] EXT4-fs (loop0): Remounting filesystem read-only [ 116.564805][ C0] EXT4-fs (loop0): error count since last fsck: 1 [ 116.564827][ C0] EXT4-fs (loop0): initial error at time 1772367780: ext4_get_branch:178: inode 11: block 33619980 [ 116.564867][ C0] EXT4-fs (loop0): last error at time 1772367780: ext4_get_branch:178: inode 11: block 33619980 [ 116.626683][ T6415] loop3: detected capacity change from 0 to 40427 [ 116.627248][ T5821] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 116.635077][ T6425] EXT4-fs (loop0): 1 truncate cleaned up [ 116.646574][ T6415] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 116.656078][ T6415] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 116.675741][ T6415] F2FS-fs (loop3): invalid crc value [ 116.686730][ T6425] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: writeback. [ 116.738153][ T6425] EXT4-fs warning (device loop0): dx_probe:791: inode #2: lblock 0: comm syz.0.133: error -117 reading directory block [ 116.803206][ T5817] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 116.851256][ T5821] usb 2-1: config 220 has an invalid interface number: 76 but max is 2 [ 116.859977][ T5904] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 116.873872][ T5821] usb 2-1: config 220 contains an unexpected descriptor of type 0x2, skipping [ 116.895765][ T6415] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 116.905549][ T5821] usb 2-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 116.917831][ T5821] usb 2-1: config 220 has no interface number 2 [ 116.924136][ T5821] usb 2-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 116.949417][ T5821] usb 2-1: config 220 interface 0 has no altsetting 0 [ 116.956219][ T5821] usb 2-1: config 220 interface 76 has no altsetting 0 [ 116.963803][ T6415] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 116.976084][ T6438] loop0: detected capacity change from 0 to 1024 [ 116.982547][ T6415] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 117.000796][ T5821] usb 2-1: config 220 interface 1 has no altsetting 0 [ 117.020817][ T6438] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 117.037650][ T5821] usb 2-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 117.047837][ T5821] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 117.057989][ T5904] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 117.077475][ T5904] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 117.087403][ T5821] usb 2-1: Product: syz [ 117.091569][ T5821] usb 2-1: Manufacturer: syz [ 117.096332][ T5821] usb 2-1: SerialNumber: syz [ 117.103948][ T5904] usb 5-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice=d6.af [ 117.116094][ T5904] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 117.131117][ T6441] overlayfs: missing 'lowerdir' [ 117.143115][ T5904] usb 5-1: config 0 descriptor?? [ 117.343535][ T5821] uvcvideo 2-1:220.0: Found UVC 7.01 device syz (8086:0b07) [ 117.361087][ T5821] uvcvideo 2-1:220.0: No valid video chain found. [ 117.377874][ T5821] usb 2-1: selecting invalid altsetting 0 [ 117.406821][ T5821] usb 2-1: selecting invalid altsetting 0 [ 117.422990][ T5821] usbtest 2-1:220.1: probe with driver usbtest failed with error -22 [ 117.486813][ T5821] usb 2-1: USB disconnect, device number 2 [ 117.571700][ T5904] playstation 0003:054C:0DF2.0004: unknown main item tag 0x0 [ 117.597166][ T5904] playstation 0003:054C:0DF2.0004: unknown main item tag 0x0 [ 117.604591][ T5904] playstation 0003:054C:0DF2.0004: unknown main item tag 0x0 [ 117.612609][ T6435] loop2: detected capacity change from 0 to 40427 [ 117.630869][ T5904] playstation 0003:054C:0DF2.0004: unknown main item tag 0x0 [ 117.639852][ T6435] F2FS-fs (loop2): build fault injection rate: 174 [ 117.655339][ T5904] playstation 0003:054C:0DF2.0004: unknown main item tag 0x0 [ 117.665468][ T6435] F2FS-fs (loop2): build fault injection type: 0x3bfe8c [ 117.688793][ T6435] F2FS-fs (loop2): invalid crc value [ 117.696660][ T5904] playstation 0003:054C:0DF2.0004: hidraw0: USB HID v1.01 Device [HID 054c:0df2] on usb-dummy_hcd.4-1/input0 [ 117.817370][ T5904] playstation 0003:054C:0DF2.0004: Invalid byte count transferred, expected 20 got 0 [ 117.826886][ T5904] playstation 0003:054C:0DF2.0004: Failed to retrieve DualSense pairing info: -22 [ 117.868314][ T5904] playstation 0003:054C:0DF2.0004: Failed to get MAC address from DualSense [ 117.878447][ T6435] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 117.894670][ T5904] playstation 0003:054C:0DF2.0004: Failed to create dualsense. [ 117.906825][ T6435] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 117.928104][ T5904] playstation 0003:054C:0DF2.0004: probe with driver playstation failed with error -22 [ 118.023511][ T5904] usb 5-1: USB disconnect, device number 2 [ 118.282375][ T6455] loop2: detected capacity change from 0 to 512 [ 118.294161][ T6455] ext4: Bad value for 'data' [ 118.315539][ T5817] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 118.637164][ T55] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 119.317167][ T55] usb 1-1: Using ep0 maxpacket: 16 [ 119.332715][ T55] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 119.364221][ T55] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 119.389845][ T55] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 119.424791][ T6470] kvm: pic: single mode not supported [ 119.424895][ T6470] kvm: pic: non byte read [ 119.447558][ T6470] kvm: pic: single mode not supported [ 119.607167][ T55] usb 1-1: New USB device found, idVendor=045e, idProduct=17da, bcdDevice= 0.00 [ 119.628498][ T55] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 119.641064][ T55] usb 1-1: config 0 descriptor?? [ 120.057900][ T55] hid-generic 0003:045E:17DA.0005: unknown main item tag 0x0 [ 120.081540][ T55] hid-generic 0003:045E:17DA.0005: unknown main item tag 0x0 [ 120.105673][ T55] hid-generic 0003:045E:17DA.0005: unknown main item tag 0x0 [ 120.128263][ T55] hid-generic 0003:045E:17DA.0005: unknown main item tag 0x0 [ 120.153905][ T55] hid-generic 0003:045E:17DA.0005: unknown main item tag 0x0 [ 120.179420][ T55] hid-generic 0003:045E:17DA.0005: unbalanced collection at end of report description [ 120.211880][ T55] hid-generic 0003:045E:17DA.0005: probe with driver hid-generic failed with error -22 [ 120.263833][ T5904] usb 1-1: USB disconnect, device number 4 [ 120.444401][ T6483] loop1: detected capacity change from 0 to 512 [ 120.478106][ T6483] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 120.514915][ T6483] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a84ee02c, mo2=0002] [ 120.539857][ T6477] loop3: detected capacity change from 0 to 40427 [ 120.547148][ T6483] System zones: 1-12 [ 120.556046][ T6477] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 120.567377][ T6477] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 120.586114][ T6483] EXT4-fs (loop1): orphan cleanup on readonly fs [ 120.597802][ T6477] F2FS-fs (loop3): invalid crc value [ 120.603377][ T6483] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.149: invalid indirect mapped block 2 (level 2) [ 120.621643][ T6483] loop1: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 120.627119][ C0] EXT4-fs (loop1): error count since last fsck: 1 [ 120.642711][ C0] EXT4-fs (loop1): initial error at time 1772367784: ext4_free_branches:1023: inode 11 [ 120.652830][ C0] EXT4-fs (loop1): last error at time 1772367784: ext4_free_branches:1023: inode 11 [ 120.662820][ T6483] EXT4-fs (loop1): Remounting filesystem read-only [ 120.669608][ T6483] EXT4-fs (loop1): 1 truncate cleaned up [ 120.677038][ T6483] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: writeback. [ 120.716625][ T6483] EXT4-fs warning (device loop1): dx_probe:791: inode #2: lblock 0: comm syz.1.149: error -117 reading directory block [ 120.783489][ T5823] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 120.819288][ T6477] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 120.857306][ T6477] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 120.875668][ T6477] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 120.971744][ T6494] overlayfs: missing 'lowerdir' [ 120.994257][ T6493] loop0: detected capacity change from 0 to 1024 [ 121.038721][ T6493] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 121.157636][ T6499] loop4: detected capacity change from 0 to 128 [ 121.221292][ T6499] syz.4.152: attempt to access beyond end of device [ 121.221292][ T6499] loop4: rw=2049, sector=154, nr_sectors = 6 limit=128 [ 121.282360][ T6499] syz.4.152: attempt to access beyond end of device [ 121.282360][ T6499] loop4: rw=8390657, sector=158, nr_sectors = 2 limit=128 [ 121.342052][ T6499] Buffer I/O error on dev loop4, logical block 79, lost async page write [ 121.378184][ T6499] syz.4.152: attempt to access beyond end of device [ 121.378184][ T6499] loop4: rw=8390657, sector=160, nr_sectors = 2 limit=128 [ 121.447178][ T6499] Buffer I/O error on dev loop4, logical block 80, lost async page write [ 121.521279][ T6507] loop1: detected capacity change from 0 to 1024 [ 121.544693][ T6507] EXT4-fs (loop1): stripe (4) is not aligned with cluster size (4096), stripe is disabled [ 121.581851][ T6507] EXT4-fs error (device loop1): ext4_map_blocks:776: inode #3: block 2: comm syz.1.156: lblock 2 mapped to illegal pblock 2 (length 1) [ 121.598835][ T6507] loop1: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 121.607127][ C1] EXT4-fs (loop1): error count since last fsck: 1 [ 121.617247][ T6507] Quota error (device loop1): qtree_write_dquot: dquota write failed [ 121.622671][ C1] EXT4-fs (loop1): initial error at time 1772367785: ext4_map_blocks:776: inode 3: block 2 [ 121.637481][ T6507] EXT4-fs error (device loop1): ext4_map_blocks:776: inode #3: block 48: comm syz.1.156: lblock 0 mapped to illegal pblock 48 (length 1) [ 121.640769][ C1] EXT4-fs (loop1): last error at time 1772367785: ext4_map_blocks:776: inode 3: block 2 [ 121.678862][ T6507] loop1: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 121.687154][ T6507] Quota error (device loop1): v2_write_file_info: Can't write info structure [ 121.706154][ T6507] EXT4-fs error (device loop1): ext4_acquire_dquot:7001: comm syz.1.156: Failed to acquire dquot type 0 [ 121.711521][ T6512] netlink: 4 bytes leftover after parsing attributes in process `syz.3.154'. [ 121.719621][ T6507] loop1: lost filesystem error report for type 5 error -117 [ 121.726773][ T6507] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6246: Corrupt filesystem [ 121.757396][ T6507] loop1: lost filesystem error report for type 5 error -117 [ 121.759016][ T6507] EXT4-fs error (device loop1): ext4_evict_inode:255: inode #11: comm syz.1.156: mark_inode_dirty error [ 121.787129][ T6507] loop1: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 121.787438][ T5904] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 121.804469][ T6507] EXT4-fs warning (device loop1): ext4_evict_inode:258: couldn't mark inode dirty (err -117) [ 121.831678][ T6507] EXT4-fs (loop1): 1 orphan inode deleted [ 121.846629][ T6507] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 121.859011][ T72] EXT4-fs error (device loop1): ext4_map_blocks:776: inode #3: block 1: comm kworker/u8:4: lblock 1 mapped to illegal pblock 1 (length 1) [ 121.890449][ T72] Quota error (device loop1): remove_tree: Can't read quota data block 1 [ 121.901754][ T72] EXT4-fs error (device loop1): ext4_release_dquot:7037: comm kworker/u8:4: Failed to release dquot type 0 [ 121.954809][ T5823] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 121.978474][ T5904] usb 5-1: Using ep0 maxpacket: 32 [ 121.987713][ T5904] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 59, changing to 9 [ 121.997385][ T72] EXT4-fs error (device loop1): ext4_map_blocks:776: inode #3: block 1: comm kworker/u8:4: lblock 1 mapped to illegal pblock 1 (length 1) [ 122.006794][ T5904] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 2000, setting to 1024 [ 122.027176][ T72] loop1: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 122.028102][ T72] Quota error (device loop1): remove_tree: Can't read quota data block 1 [ 122.040736][ T5904] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 122.066217][ T72] EXT4-fs error (device loop1): ext4_release_dquot:7037: comm kworker/u8:4: Failed to release dquot type 0 [ 122.071168][ T5904] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 122.087140][ T72] loop1: lost filesystem error report for type 5 error -117 [ 122.089818][ T5823] EXT4-fs error (device loop1): __ext4_get_inode_loc:4782: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 122.118237][ T5823] loop1: lost filesystem error report for type 5 error -117 [ 122.119554][ T5823] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6246: Corrupt filesystem [ 122.137399][ T5904] usb 5-1: config 0 descriptor?? [ 122.143693][ T6503] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 122.168099][ T5823] loop1: lost filesystem error report for type 5 error -117 [ 122.168374][ T5823] EXT4-fs error (device loop1): ext4_quota_off:7285: inode #3: comm syz-executor: mark_inode_dirty error [ 122.171852][ T5904] hub 5-1:0.0: USB hub found [ 122.184535][ T5823] loop1: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 122.258696][ T6516] loop3: detected capacity change from 0 to 128 [ 122.370604][ T5904] hub 5-1:0.0: 1 port detected [ 122.478045][ T6520] loop2: detected capacity change from 0 to 2048 [ 122.580904][ T6520] [EXT4 FS bs=2048, gc=1, bpg=262144, ipg=32, mo=a842c128, mo2=0003] [ 122.591117][ T6520] System zones: 0-7 [ 122.601665][ T6520] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 122.748449][ T5817] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 122.974981][ T6527] EXT4-fs error (device loop2): ext4_find_extent:939: inode #2: comm syz.2.159: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 123.109104][ T6527] EXT4-fs (loop2): Remounting filesystem read-only [ 123.484845][ T5818] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 123.616205][ T6530] loop0: detected capacity change from 0 to 1024 [ 123.653511][ T6530] EXT4-fs: Ignoring removed bh option [ 123.673550][ T6533] loop2: detected capacity change from 0 to 256 [ 123.718343][ T6525] loop3: detected capacity change from 0 to 40427 [ 123.764355][ T6533] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x99a53fd9, utbl_chksum : 0xe619d30d) [ 123.779017][ T6525] F2FS-fs (loop3): invalid crc value [ 123.911409][ T6540] loop1: detected capacity change from 0 to 512 [ 123.974728][ T6540] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 124.044995][ T6530] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 124.076160][ T5904] hub 5-1:0.0: hub_ext_port_status failed (err = -32) [ 124.252602][ T6530] ext4 filesystem being mounted at /31/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 124.304774][ T5902] usb 5-1: USB disconnect, device number 3 [ 124.317375][ T6530] EXT4-fs error (device loop0): ext4_map_blocks:818: inode #15: comm syz.0.161: lblock 0 mapped to illegal pblock 0 (length 1) [ 124.422957][ T6530] EXT4-fs error (device loop0): ext4_map_blocks:776: inode #15: comm syz.0.161: lblock 0 mapped to illegal pblock 0 (length 1) [ 124.485752][ T6525] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 124.506777][ T6530] EXT4-fs error (device loop0): ext4_ext_remove_space:2954: inode #15: comm syz.0.161: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0) [ 124.555223][ T6525] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 124.624738][ T6528] EXT4-fs error (device loop0): ext4_map_blocks:776: inode #15: comm syz.0.161: lblock 0 mapped to illegal pblock 0 (length 1) [ 124.639839][ T6543] EXT4-fs error (device loop0): ext4_free_blocks:6724: comm syz.0.161: Freeing blocks not in datazone - block = 0, count = 1 [ 124.656338][ T6528] EXT4-fs error (device loop0): ext4_map_blocks:818: inode #15: comm syz.0.161: lblock 0 mapped to illegal pblock 0 (length 1) [ 124.946622][ T6553] loop2: detected capacity change from 0 to 512 [ 125.034169][ T6499] syz.4.152: attempt to access beyond end of device [ 125.034169][ T6499] loop4: rw=8390657, sector=154, nr_sectors = 2 limit=128 [ 125.175446][ T6553] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.164: bg 0: block 393: padding at end of block bitmap is not set [ 125.189761][ T6553] loop2: lost filesystem error report for type 5 error -117 [ 125.197111][ C1] EXT4-fs (loop2): error count since last fsck: 1 [ 125.210885][ C1] EXT4-fs (loop2): initial error at time 1772367788: ext4_validate_block_bitmap:441 [ 125.220288][ C1] EXT4-fs (loop2): last error at time 1772367788: ext4_validate_block_bitmap:441 [ 125.242169][ T6553] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6685: Corrupt filesystem [ 125.251039][ T6553] loop2: lost filesystem error report for type 5 error -117 [ 125.254574][ T6553] EXT4-fs (loop2): 2 truncates cleaned up [ 125.278603][ T6553] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 125.568022][ T6499] Buffer I/O error on dev loop4, logical block 77, lost async page write [ 125.607233][ T6499] syz.4.152: attempt to access beyond end of device [ 125.607233][ T6499] loop4: rw=8390657, sector=156, nr_sectors = 2 limit=128 [ 125.674114][ T6499] Buffer I/O error on dev loop4, logical block 78, lost async page write [ 125.717260][ T6499] syz.4.152: attempt to access beyond end of device [ 125.717260][ T6499] loop4: rw=8390657, sector=158, nr_sectors = 2 limit=128 [ 125.751211][ T6499] Buffer I/O error on dev loop4, logical block 79, lost async page write [ 125.778289][ T6499] syz.4.152: attempt to access beyond end of device [ 125.778289][ T6499] loop4: rw=8390657, sector=160, nr_sectors = 2 limit=128 [ 125.792051][ T6499] Buffer I/O error on dev loop4, logical block 80, lost async page write [ 125.829513][ T5817] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 126.040717][ T6556] loop4: detected capacity change from 0 to 256 [ 126.129574][ T6556] FAT-fs (loop4): Directory bread(block 64) failed [ 126.136136][ T6556] FAT-fs (loop4): Directory bread(block 65) failed [ 126.157291][ T6556] FAT-fs (loop4): Directory bread(block 66) failed [ 126.165547][ T6546] loop1: detected capacity change from 0 to 40427 [ 126.172419][ T6556] FAT-fs (loop4): Directory bread(block 67) failed [ 126.200766][ T6546] F2FS-fs (loop1): invalid crc value [ 126.207662][ T6556] FAT-fs (loop4): Directory bread(block 68) failed [ 126.230310][ T6556] FAT-fs (loop4): Directory bread(block 69) failed [ 126.259079][ T6556] FAT-fs (loop4): Directory bread(block 70) failed [ 126.280539][ T6556] FAT-fs (loop4): Directory bread(block 71) failed [ 126.310141][ T6556] FAT-fs (loop4): Directory bread(block 72) failed [ 126.316696][ T6556] FAT-fs (loop4): Directory bread(block 73) failed [ 126.360117][ T5818] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 126.526441][ T6546] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 126.540798][ T6546] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 128.237402][ T6566] netlink: 5 bytes leftover after parsing attributes in process `syz.2.168'. [ 128.309517][ T6566] gretap0: entered promiscuous mode [ 128.342754][ T6566] netlink: 'syz.2.168': attribute type 1 has an invalid length. [ 128.359397][ T6566] netlink: 3 bytes leftover after parsing attributes in process `syz.2.168'. [ 128.613811][ T6587] kvm: pic: single mode not supported [ 128.613923][ T6587] kvm: pic: non byte read [ 128.637324][ T6587] kvm: pic: single mode not supported [ 128.708180][ T6577] loop0: detected capacity change from 0 to 40427 [ 128.795589][ T6577] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 128.834690][ T6577] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 128.885061][ T6577] F2FS-fs (loop0): invalid crc value [ 129.116128][ T6577] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 129.154645][ T6577] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 129.182784][ T6577] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 129.308974][ T6599] overlayfs: missing 'lowerdir' [ 129.495475][ T6602] loop4: detected capacity change from 0 to 512 [ 129.621590][ T6602] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 129.969629][ T6603] loop2: detected capacity change from 0 to 1024 [ 130.133855][ T6603] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 130.278868][ T6607] loop3: detected capacity change from 0 to 1024 [ 130.286206][ T6607] EXT4-fs: Ignoring removed bh option [ 130.358457][ T6609] loop4: detected capacity change from 0 to 2048 [ 130.370507][ T6607] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 130.438626][ T6609] [EXT4 FS bs=2048, gc=1, bpg=262144, ipg=32, mo=a842c128, mo2=0003] [ 130.457598][ T6607] ext4 filesystem being mounted at /33/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 130.468212][ T6609] System zones: 0-7 [ 130.474379][ T6609] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 130.508675][ T6607] EXT4-fs error (device loop3): ext4_map_blocks:818: inode #15: comm syz.3.178: lblock 0 mapped to illegal pblock 0 (length 1) [ 130.604538][ T6607] EXT4-fs error (device loop3): ext4_map_blocks:776: inode #15: comm syz.3.178: lblock 0 mapped to illegal pblock 0 (length 1) [ 130.661372][ T6607] EXT4-fs error (device loop3): ext4_ext_remove_space:2954: inode #15: comm syz.3.178: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0) [ 130.730455][ T6606] EXT4-fs error (device loop3): ext4_map_blocks:776: inode #15: comm syz.3.178: lblock 0 mapped to illegal pblock 0 (length 1) [ 130.854677][ T6619] EXT4-fs error (device loop4): ext4_find_extent:939: inode #2: comm syz.4.179: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 130.879633][ T6606] EXT4-fs error (device loop3): ext4_map_blocks:776: inode #15: comm syz.3.178: lblock 0 mapped to illegal pblock 0 (length 1) [ 130.929753][ T6619] EXT4-fs (loop4): Remounting filesystem read-only [ 131.314016][ T5834] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 131.420756][ T5824] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 132.723077][ T6637] loop3: detected capacity change from 0 to 512 [ 132.761145][ T6637] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 132.782652][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.790864][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.808482][ T6637] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a84ee02c, mo2=0002] [ 132.841355][ T6637] System zones: 1-12 [ 132.845536][ T6637] EXT4-fs (loop3): orphan cleanup on readonly fs [ 132.907007][ T6637] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.184: invalid indirect mapped block 2 (level 2) [ 132.987195][ T6637] loop3: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 132.987606][ T6637] EXT4-fs (loop3): Remounting filesystem read-only [ 133.003423][ C1] EXT4-fs (loop3): error count since last fsck: 1 [ 133.003448][ C1] EXT4-fs (loop3): initial error at time 1772367796: ext4_free_branches:1023: inode 11 [ 133.003480][ C1] EXT4-fs (loop3): last error at time 1772367796: ext4_free_branches:1023: inode 11 [ 133.053539][ T6626] loop4: detected capacity change from 0 to 40427 [ 133.079586][ T6637] EXT4-fs (loop3): 1 truncate cleaned up [ 133.087418][ T6637] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: writeback. [ 133.120162][ T5818] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 133.138601][ T6637] EXT4-fs warning (device loop3): dx_probe:791: inode #2: lblock 0: comm syz.3.184: error -117 reading directory block [ 133.140057][ T6626] F2FS-fs (loop4): invalid crc value [ 133.275137][ T5824] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 133.323914][ T6626] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 133.374465][ T6626] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 134.224059][ T6635] loop1: detected capacity change from 0 to 40427 [ 134.309672][ T6635] F2FS-fs (loop1): invalid crc value [ 134.722838][ T6663] loop0: detected capacity change from 0 to 512 [ 134.783580][ T6663] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 134.858428][ T6664] loop2: detected capacity change from 0 to 512 [ 134.936105][ T6664] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.188: bg 0: block 393: padding at end of block bitmap is not set [ 134.950960][ T6664] loop2: lost filesystem error report for type 5 error -117 [ 134.957114][ C0] EXT4-fs (loop2): error count since last fsck: 1 [ 134.970901][ C0] EXT4-fs (loop2): initial error at time 1772367798: ext4_validate_block_bitmap:441 [ 134.980315][ C0] EXT4-fs (loop2): last error at time 1772367798: ext4_validate_block_bitmap:441 [ 135.001026][ T6664] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6685: Corrupt filesystem [ 135.010047][ T6664] loop2: lost filesystem error report for type 5 error -117 [ 135.013240][ T6664] EXT4-fs (loop2): 2 truncates cleaned up [ 135.041538][ T6664] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 135.123717][ T6635] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 135.140992][ T6651] loop3: detected capacity change from 0 to 40427 [ 135.176235][ T6651] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 135.184266][ T6635] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 135.192640][ T6651] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 135.202271][ T5818] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 135.280497][ T6651] F2FS-fs (loop3): invalid crc value [ 135.485852][ T6674] kvm: pic: single mode not supported [ 135.485956][ T6674] kvm: pic: non byte read [ 135.520991][ T6674] kvm: pic: single mode not supported [ 135.644234][ T6651] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 135.704244][ T6651] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 135.731663][ T6651] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 135.918368][ T6680] overlayfs: missing 'lowerdir' [ 135.998611][ T6682] loop0: detected capacity change from 0 to 1024 [ 136.014894][ T6682] EXT4-fs: Ignoring removed bh option [ 136.065782][ T6682] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 136.183861][ T6682] ext4 filesystem being mounted at /38/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 136.245314][ T6682] EXT4-fs error (device loop0): ext4_map_blocks:818: inode #15: comm syz.0.193: lblock 0 mapped to illegal pblock 0 (length 1) [ 136.307164][ T6682] EXT4-fs error (device loop0): ext4_map_blocks:776: inode #15: comm syz.0.193: lblock 0 mapped to illegal pblock 0 (length 1) [ 136.398028][ T6682] EXT4-fs error (device loop0): ext4_ext_remove_space:2954: inode #15: comm syz.0.193: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0) [ 136.510714][ T6687] loop2: detected capacity change from 0 to 1024 [ 136.525343][ T6689] loop4: detected capacity change from 0 to 2048 [ 136.566801][ T5817] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 136.593627][ T6687] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 136.609060][ T6689] [EXT4 FS bs=2048, gc=1, bpg=262144, ipg=32, mo=a842c128, mo2=0003] [ 136.621103][ T6689] System zones: 0-7 [ 136.626804][ T6689] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 136.936889][ T6697] EXT4-fs error (device loop4): ext4_find_extent:939: inode #2: comm syz.4.192: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 136.961132][ T6697] EXT4-fs (loop4): Remounting filesystem read-only [ 137.455972][ T5834] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 138.015166][ T5818] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 138.320388][ T6709] loop1: detected capacity change from 0 to 512 [ 138.345699][ T6709] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 139.059544][ T6709] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a84ee02c, mo2=0002] [ 139.245302][ T6717] loop3: detected capacity change from 0 to 512 [ 139.313154][ T6717] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.200: bg 0: block 393: padding at end of block bitmap is not set [ 139.327540][ T6717] loop3: lost filesystem error report for type 5 error -117 [ 139.331450][ T6717] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6685: Corrupt filesystem [ 139.339968][ C1] EXT4-fs (loop3): error count since last fsck: 1 [ 139.339988][ C1] EXT4-fs (loop3): initial error at time 1772367802: ext4_validate_block_bitmap:441 [ 139.340014][ C1] EXT4-fs (loop3): last error at time 1772367802: ext4_validate_block_bitmap:441 [ 139.374871][ T6717] loop3: lost filesystem error report for type 5 error -117 [ 139.401777][ T6717] EXT4-fs (loop3): 2 truncates cleaned up [ 139.437414][ T6717] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 139.819411][ T6709] System zones: 1-12 [ 139.850227][ T6709] EXT4-fs (loop1): orphan cleanup on readonly fs [ 139.893078][ T6709] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.197: invalid indirect mapped block 2 (level 2) [ 140.014645][ T6709] loop1: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 140.017120][ C1] EXT4-fs (loop1): error count since last fsck: 1 [ 140.032731][ C1] EXT4-fs (loop1): initial error at time 1772367803: ext4_free_branches:1023: inode 11 [ 140.042399][ C1] EXT4-fs (loop1): last error at time 1772367803: ext4_free_branches:1023: inode 11 [ 140.059368][ T6709] EXT4-fs (loop1): Remounting filesystem read-only [ 140.276987][ T6709] EXT4-fs (loop1): 1 truncate cleaned up [ 140.384191][ T6726] loop2: detected capacity change from 0 to 512 [ 140.829467][ T6709] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: writeback. [ 140.990483][ T6726] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 141.081453][ T6709] EXT4-fs warning (device loop1): dx_probe:791: inode #2: lblock 0: comm syz.1.197: error -117 reading directory block [ 141.119923][ T5824] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 141.303202][ T5823] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 141.673288][ T6733] loop1: detected capacity change from 0 to 256 [ 141.763353][ T6733] FAT-fs (loop1): Directory bread(block 64) failed [ 141.824422][ T6733] FAT-fs (loop1): Directory bread(block 65) failed [ 141.867335][ T6733] FAT-fs (loop1): Directory bread(block 66) failed [ 141.875694][ T6733] FAT-fs (loop1): Directory bread(block 67) failed [ 141.885940][ T6733] FAT-fs (loop1): Directory bread(block 68) failed [ 141.911891][ T6733] FAT-fs (loop1): Directory bread(block 69) failed [ 141.937285][ T6733] FAT-fs (loop1): Directory bread(block 70) failed [ 141.943839][ T6733] FAT-fs (loop1): Directory bread(block 71) failed [ 141.973085][ T6735] loop0: detected capacity change from 0 to 1024 [ 141.977297][ T6733] FAT-fs (loop1): Directory bread(block 72) failed [ 141.985952][ T6733] FAT-fs (loop1): Directory bread(block 73) failed [ 141.986992][ T6725] loop4: detected capacity change from 0 to 40427 [ 142.002830][ T6735] EXT4-fs: Ignoring removed bh option [ 142.038048][ T6728] loop2: detected capacity change from 0 to 40427 [ 142.075354][ T6725] F2FS-fs (loop4): invalid crc value [ 142.083968][ T6735] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 142.096687][ T6728] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 142.158024][ T6728] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 142.187755][ T6735] ext4 filesystem being mounted at /40/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 142.217507][ T6728] F2FS-fs (loop2): invalid crc value [ 142.288749][ T6735] EXT4-fs error (device loop0): ext4_map_blocks:818: inode #15: comm syz.0.206: lblock 0 mapped to illegal pblock 0 (length 1) [ 142.319189][ T6735] EXT4-fs error (device loop0): ext4_map_blocks:776: inode #15: comm syz.0.206: lblock 0 mapped to illegal pblock 0 (length 1) [ 142.424581][ T6735] EXT4-fs error (device loop0): ext4_ext_remove_space:2954: inode #15: comm syz.0.206: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0) [ 142.430270][ T6725] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 142.459897][ T6725] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 142.487816][ T6728] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 142.570731][ T5817] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 142.597761][ T6728] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 142.608522][ T6750] loop1: detected capacity change from 0 to 2048 [ 142.626649][ T6728] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 142.655419][ T6737] loop3: detected capacity change from 0 to 40427 [ 142.713532][ T6750] [EXT4 FS bs=2048, gc=1, bpg=262144, ipg=32, mo=a842c128, mo2=0003] [ 142.727356][ T6750] System zones: 0-7 [ 142.735807][ T6737] F2FS-fs (loop3): invalid crc value [ 142.902134][ T6755] overlayfs: missing 'lowerdir' [ 143.053216][ T6750] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 143.185837][ T6762] loop0: detected capacity change from 0 to 1024 [ 143.501249][ T6765] EXT4-fs error (device loop1): ext4_find_extent:939: inode #2: comm syz.1.208: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 143.520557][ T6765] EXT4-fs (loop1): Remounting filesystem read-only [ 143.552361][ T6762] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 144.011964][ T6737] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 144.039125][ T5823] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 144.099811][ T6737] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 146.623546][ T6786] loop4: detected capacity change from 0 to 512 [ 146.737972][ T6789] loop2: detected capacity change from 0 to 512 [ 146.950755][ T6786] EXT4-fs: Ignoring removed i_version option [ 146.975833][ T6789] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 146.979392][ T6786] EXT4-fs: Ignoring removed bh option [ 147.375571][ T6786] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 147.436384][ T6786] ext4 filesystem being mounted at /39/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 147.810377][ T5834] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 148.012923][ T6797] loop1: detected capacity change from 0 to 1024 [ 148.038020][ T6797] EXT4-fs: Ignoring removed bh option [ 148.079393][ T6797] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 148.088798][ T5817] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 148.097972][ T6797] ext4 filesystem being mounted at /45/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 148.131881][ T6797] EXT4-fs error (device loop1): ext4_map_blocks:818: inode #15: comm syz.1.219: lblock 0 mapped to illegal pblock 0 (length 1) [ 148.198228][ T6797] EXT4-fs error (device loop1): ext4_map_blocks:776: inode #15: comm syz.1.219: lblock 0 mapped to illegal pblock 0 (length 1) [ 148.282545][ T6797] EXT4-fs error (device loop1): ext4_ext_remove_space:2954: inode #15: comm syz.1.219: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0) [ 148.509232][ T5823] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 149.229574][ T6808] loop0: detected capacity change from 0 to 40427 [ 149.244770][ T6808] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 149.357236][ T6808] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 150.274200][ T6808] F2FS-fs (loop0): invalid crc value [ 151.765106][ T6808] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 152.370235][ T6837] loop1: detected capacity change from 0 to 512 [ 152.821737][ T6837] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 153.272357][ T6841] loop1: detected capacity change from 0 to 256 [ 153.311625][ T6841] exfat: Deprecated parameter 'utf8' [ 153.337255][ T6841] exfat: Deprecated parameter 'namecase' [ 153.343027][ T6841] exfat: Deprecated parameter 'namecase' [ 153.377391][ T6841] exfat: Deprecated parameter 'utf8' [ 153.457998][ T6841] exFAT-fs (loop1): failed to load upcase table (idx : 0x00012153, chksum : 0xf17e4aaa, utbl_chksum : 0xe619d30d) [ 153.500902][ T6841] exFAT-fs (loop1): failed to test first cluster bit of root dir(5) [ 153.548430][ T6841] netlink: 28 bytes leftover after parsing attributes in process `syz.1.228'. [ 154.419628][ T6847] tipc: Started in network mode [ 154.447964][ T6847] tipc: Node identity 6e18a9cf1082, cluster identity 4711 [ 154.460900][ T6850] loop0: detected capacity change from 0 to 1024 [ 154.478907][ T6847] tipc: Enabled bearer , priority 0 [ 154.533793][ T6850] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 154.717338][ T5821] usb 2-1: new full-speed USB device number 3 using dummy_hcd [ 154.746068][ T6852] syzkaller0: entered promiscuous mode [ 154.755550][ T6852] syzkaller0: entered allmulticast mode [ 154.776984][ T6852] tipc: Resetting bearer [ 154.899515][ T5821] usb 2-1: unable to get BOS descriptor or descriptor too short [ 154.908206][ T5821] usb 2-1: not running at top speed; connect to a high speed hub [ 154.935941][ T5821] usb 2-1: New USB device found, idVendor=0582, idProduct=0016, bcdDevice= 0.40 [ 154.964498][ T5821] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 154.985484][ T5821] usb 2-1: Product: syz [ 155.003175][ T5821] usb 2-1: Manufacturer: syz [ 155.015477][ T5821] usb 2-1: SerialNumber: syz [ 155.202697][ T6846] tipc: Resetting bearer [ 155.300063][ T6851] netlink: 16 bytes leftover after parsing attributes in process `syz.1.232'. [ 156.683450][ T5817] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 157.327678][ T5903] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 157.594868][ T5903] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 157.792746][ T6880] loop2: detected capacity change from 0 to 512 [ 157.823081][ T6880] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 158.256369][ T5903] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 158.267551][ T5903] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 158.280708][ T5903] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 158.290009][ T5903] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 158.438222][ T5903] usb 4-1: config 0 descriptor?? [ 158.928898][ T5903] plantronics 0003:047F:FFFF.0006: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 159.084081][ T6884] loop2: detected capacity change from 0 to 40427 [ 159.092419][ T6884] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 159.127763][ T6884] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 159.166219][ T6884] F2FS-fs (loop2): invalid crc value [ 159.312868][ T6884] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 159.345715][ T6884] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 159.364014][ T6884] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 159.650296][ T6894] loop0: detected capacity change from 0 to 128 [ 159.671568][ T6894] EXT4-fs (loop0): Test dummy encryption mode enabled [ 159.694356][ T6894] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 159.720713][ T6894] ext4 filesystem being mounted at /47/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 159.771433][ T6894] fscrypt: AES-256-XTS using implementation "xts-aes-aesni-avx" [ 159.881600][ T5817] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 159.984476][ T6846] tipc: Disabling bearer [ 160.181655][ T5902] tipc: Node number set to 2124065231 [ 160.193432][ T5821] usb 2-1: 1:1 : UAC_AS_GENERAL descriptor not found [ 160.393933][ C1] plantronics 0003:047F:FFFF.0006: usb_submit_urb(ctrl) failed: -1 [ 160.405038][ T5821] usb 2-1: Quirk or no altset; falling back to MIDI 1.0 [ 160.412932][ T5821] snd-usb-audio 2-1:1.0: probe with driver snd-usb-audio failed with error -2 [ 160.419707][ T55] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 160.437270][ T5821] usb 2-1: 1:1 : UAC_AS_GENERAL descriptor not found [ 160.444352][ T5821] usb 2-1: Quirk or no altset; falling back to MIDI 1.0 [ 160.465040][ T5821] snd-usb-audio 2-1:1.1: probe with driver snd-usb-audio failed with error -2 [ 160.486203][ T5821] usb 2-1: 1:1 : UAC_AS_GENERAL descriptor not found [ 160.505526][ T5821] usb 2-1: Quirk or no altset; falling back to MIDI 1.0 [ 160.592009][ T55] usb 3-1: unable to get BOS descriptor or descriptor too short [ 160.616940][ T6912] loop4: detected capacity change from 0 to 1024 [ 160.627951][ T55] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 160.659460][ T55] usb 3-1: New USB device found, idVendor=04b8, idProduct=0202, bcdDevice= 0.40 [ 160.687627][ T55] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 160.705790][ T55] usb 3-1: Product: syz [ 160.741802][ T55] usb 3-1: Manufacturer: syz [ 160.753811][ T55] usb 3-1: SerialNumber: syz [ 160.753944][ T6912] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 160.841268][ T5821] snd-usb-audio 2-1:1.2: probe with driver snd-usb-audio failed with error -2 [ 160.887544][ T5821] usb 2-1: USB disconnect, device number 3 [ 161.033102][ T6002] udevd[6002]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.2/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 161.113040][ T55] usb 3-1: USB disconnect, device number 4 [ 161.344665][ T5903] usb 4-1: USB disconnect, device number 4 [ 163.327457][ T6932] loop2: detected capacity change from 0 to 4096 [ 163.335174][ T6932] EXT4-fs: inline encryption not supported [ 163.365409][ T5834] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 163.379973][ T6932] ext4: Unknown parameter 'nouser_xattr' [ 164.179376][ T6940] loop1: detected capacity change from 0 to 512 [ 164.591050][ T6940] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 165.767965][ T6956] loop0: detected capacity change from 0 to 16 [ 165.781277][ T6957] loop4: detected capacity change from 0 to 512 [ 165.799476][ T6956] erofs (device loop0): invalid ishare xattr prefix id 0 [ 165.828408][ T6957] ext4: Unknown parameter 'noacl' [ 167.179179][ T6979] loop0: detected capacity change from 0 to 256 [ 167.376960][ T6981] loop4: detected capacity change from 0 to 512 [ 168.192482][ T6975] loop3: detected capacity change from 0 to 1024 [ 168.615676][ T6981] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 168.632304][ T6983] FAT-fs (loop0): error, corrupted directory (invalid entries) [ 168.640030][ T6983] FAT-fs (loop0): Filesystem has been set read-only [ 168.665274][ T6975] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 169.181436][ T6996] loop0: detected capacity change from 0 to 512 [ 169.233039][ T6996] EXT4-fs error (device loop0): ext4_iget_extra_inode:5025: inode #15: comm syz.0.269: corrupted in-inode xattr: invalid ea_ino [ 169.277070][ T6996] loop0: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 169.282137][ T6996] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.269: couldn't read orphan inode 15 (err -117) [ 169.291388][ C0] EXT4-fs (loop0): error count since last fsck: 1 [ 169.291406][ C0] EXT4-fs (loop0): initial error at time 1772367832: ext4_iget_extra_inode:5025: inode 15 [ 169.291436][ C0] EXT4-fs (loop0): last error at time 1772367832: ext4_iget_extra_inode:5025: inode 15 [ 169.341187][ T5932] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 169.349236][ T6996] loop0: lost filesystem error report for type 5 error -117 [ 169.389141][ T6996] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 169.408605][ T55] usb 2-1: new full-speed USB device number 4 using dummy_hcd [ 169.919829][ T6996] EXT4-fs error (device loop0): ext4_find_dest_de:2050: inode #2: block 13: comm syz.0.269: bad entry in directory: directory entry overrun - offset=76, inode=0, rec_len=1024, size=1024 fake=0 [ 169.988829][ T5932] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 169.999151][ T5932] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 170.029595][ T5932] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 170.065702][ T5932] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 170.078020][ T55] usb 2-1: unable to get BOS descriptor or descriptor too short [ 170.087461][ T55] usb 2-1: not running at top speed; connect to a high speed hub [ 170.106153][ T5932] usb 3-1: SerialNumber: syz [ 170.113779][ T55] usb 2-1: New USB device found, idVendor=0d8c, idProduct=0103, bcdDevice= 0.40 [ 170.128887][ T55] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 170.147499][ T55] usb 2-1: Product: syz [ 170.152657][ T55] usb 2-1: Manufacturer: syz [ 170.167150][ T55] usb 2-1: SerialNumber: syz [ 170.797504][ T5932] usb 3-1: 0:2 : does not exist [ 170.961568][ T5932] usb 3-1: USB disconnect, device number 5 [ 171.104200][ T55] usb 2-1: Audio class v2/v3 interfaces need an interface association [ 171.141576][ T6012] udevd[6012]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 171.245907][ T55] snd-usb-audio 2-1:1.0: probe with driver snd-usb-audio failed with error -22 [ 171.265841][ T55] usb 2-1: USB disconnect, device number 4 [ 171.389429][ T6012] udevd[6012]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 171.463056][ T5817] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 171.522836][ T5824] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 172.332138][ T7028] loop1: detected capacity change from 0 to 512 [ 172.868585][ T7028] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 173.080693][ T7020] loop4: detected capacity change from 0 to 40427 [ 173.109586][ T7036] loop3: detected capacity change from 0 to 256 [ 173.138012][ T7036] vfat: Unknown parameter 'nonq˜r")ûyô [ 173.138012][ T7036] ÓWÛ¥umtail' [ 173.167193][ T7020] F2FS-fs (loop4): Invalid SB checksum offset: 0 [ 173.189313][ T7020] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock [ 173.226999][ T7020] F2FS-fs (loop4): invalid crc value [ 173.350603][ T7040] loop1: detected capacity change from 0 to 256 [ 173.482397][ T7040] FAT-fs (loop1): Directory bread(block 64) failed [ 173.508219][ T7040] FAT-fs (loop1): Directory bread(block 65) failed [ 173.531676][ T7040] FAT-fs (loop1): Directory bread(block 66) failed [ 173.553027][ T7040] FAT-fs (loop1): Directory bread(block 67) failed [ 173.585621][ T7040] FAT-fs (loop1): Directory bread(block 68) failed [ 173.616551][ T7040] FAT-fs (loop1): Directory bread(block 69) failed [ 173.637703][ T7040] FAT-fs (loop1): Directory bread(block 70) failed [ 173.649763][ T7020] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 173.668295][ T7040] FAT-fs (loop1): Directory bread(block 71) failed [ 173.675478][ T7020] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0 [ 173.682695][ T7020] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 173.683784][ T7040] FAT-fs (loop1): Directory bread(block 72) failed [ 173.719199][ T7040] FAT-fs (loop1): Directory bread(block 73) failed [ 173.764714][ T5834] syz-executor: attempt to access beyond end of device [ 173.764714][ T5834] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 173.799258][ T5834] CPU: 1 UID: 0 PID: 5834 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) [ 173.799284][ T5834] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 173.799295][ T5834] Call Trace: [ 173.799303][ T5834] [ 173.799311][ T5834] dump_stack_lvl+0xe8/0x150 [ 173.799342][ T5834] f2fs_handle_critical_error+0x37c/0x540 [ 173.799379][ T5834] f2fs_write_end_io+0xcdb/0xff0 [ 173.799421][ T5834] __submit_merged_bio+0x256/0x700 [ 173.799456][ T5834] __submit_merged_write_cond+0x3c9/0x4e0 [ 173.799494][ T5834] ? __pfx___submit_merged_write_cond+0x10/0x10 [ 173.799547][ T5834] f2fs_write_data_pages+0x2975/0x35e0 [ 173.799609][ T5834] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 173.799646][ T5834] ? css_rstat_updated+0x23a/0x530 [ 173.799696][ T5834] ? rcu_is_watching+0x15/0xb0 [ 173.799722][ T5834] ? mod_memcg_lruvec_state+0x1b8/0x360 [ 173.799752][ T5834] ? lru_gen_update_size+0x7c9/0xd10 [ 173.799799][ T5834] ? __lock_acquire+0x6b5/0x2cf0 [ 173.799848][ T5834] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 173.799870][ T5834] do_writepages+0x32e/0x550 [ 173.799907][ T5834] ? do_raw_spin_unlock+0xf5/0x210 [ 173.799932][ T5834] filemap_fdatawrite+0x1e9/0x2f0 [ 173.799961][ T5834] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 173.800037][ T5834] ? do_raw_spin_unlock+0xf5/0x210 [ 173.800062][ T5834] f2fs_sync_dirty_inodes+0x30e/0x860 [ 173.800101][ T5834] f2fs_write_checkpoint+0x9df/0x26a0 [ 173.800160][ T5834] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 173.800244][ T5834] kill_f2fs_super+0x314/0x720 [ 173.800270][ T5834] ? __pfx_kill_f2fs_super+0x10/0x10 [ 173.800304][ T5834] ? lockdep_hardirqs_on+0x7a/0x110 [ 173.800341][ T5834] deactivate_locked_super+0xbc/0x130 [ 173.800370][ T5834] cleanup_mnt+0x437/0x4d0 [ 173.800390][ T5834] ? _raw_spin_unlock_irq+0x23/0x50 [ 173.800420][ T5834] task_work_run+0x1d9/0x270 [ 173.800444][ T5834] ? __pfx_task_work_run+0x10/0x10 [ 173.800477][ T5834] exit_to_user_mode_loop+0xed/0x480 [ 173.800496][ T5834] ? rcu_is_watching+0x15/0xb0 [ 173.800525][ T5834] do_syscall_64+0x32d/0xf80 [ 173.800543][ T5834] ? trace_irq_disable+0x3b/0x150 [ 173.800558][ T5834] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 173.800576][ T5834] ? clear_bhb_loop+0x40/0x90 [ 173.800599][ T5834] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 173.800617][ T5834] RIP: 0033:0x7f884f79d9d7 [ 173.800639][ T5834] Code: a2 c7 05 1c ed 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 173.800654][ T5834] RSP: 002b:00007ffd2fe59c18 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 173.800672][ T5834] RAX: 0000000000000000 RBX: 00007f884f831f90 RCX: 00007f884f79d9d7 [ 173.800685][ T5834] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd2fe59cd0 [ 173.800696][ T5834] RBP: 00007ffd2fe59cd0 R08: 00007ffd2fe5acd0 R09: 00000000ffffffff [ 173.800708][ T5834] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffd2fe5ad60 [ 173.800719][ T5834] R13: 00007f884f831f90 R14: 000000000002a67a R15: 00007ffd2fe5ada0 [ 173.800753][ T5834] [ 173.800760][ T5834] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 173.937960][ T7046] syz.1.283: attempt to access beyond end of device [ 173.937960][ T7046] loop1: rw=8912896, sector=1192, nr_sectors = 4 limit=256 [ 174.250753][ T7046] syz.1.283: attempt to access beyond end of device [ 174.250753][ T7046] loop1: rw=8388608, sector=1192, nr_sectors = 4 limit=256 [ 174.318278][ T29] audit: type=1800 audit(1772367837.919:8): pid=7046 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.283" name="file1" dev="loop1" ino=1048628 res=0 errno=0 [ 174.338836][ T7051] loop0: detected capacity change from 0 to 1024 [ 174.347468][ T7053] loop3: detected capacity change from 0 to 256 [ 174.414814][ T7053] FAT-fs (loop3): Directory bread(block 64) failed [ 174.423207][ T7051] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 174.467275][ T7053] FAT-fs (loop3): Directory bread(block 65) failed [ 174.473901][ T7053] FAT-fs (loop3): Directory bread(block 66) failed [ 174.715522][ T7053] FAT-fs (loop3): Directory bread(block 67) failed [ 174.764574][ T7053] FAT-fs (loop3): Directory bread(block 68) failed [ 174.782915][ T7053] FAT-fs (loop3): Directory bread(block 69) failed [ 174.817874][ T7053] FAT-fs (loop3): Directory bread(block 70) failed [ 174.867900][ T7053] FAT-fs (loop3): Directory bread(block 71) failed [ 174.884786][ T7053] FAT-fs (loop3): Directory bread(block 72) failed [ 174.913663][ T7053] FAT-fs (loop3): Directory bread(block 73) failed [ 174.939858][ T7064] input: syz1 as /devices/virtual/input/input5 [ 175.058316][ T7053] syz.3.286: attempt to access beyond end of device [ 175.058316][ T7053] loop3: rw=8912896, sector=1192, nr_sectors = 4 limit=256 [ 175.096030][ T7053] syz.3.286: attempt to access beyond end of device [ 175.096030][ T7053] loop3: rw=8388608, sector=1192, nr_sectors = 4 limit=256 [ 175.137174][ T29] audit: type=1800 audit(1772367838.749:9): pid=7053 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.286" name="file1" dev="loop3" ino=1048630 res=0 errno=0 [ 176.624206][ T5817] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 176.899577][ T29] audit: type=1800 audit(1772367840.519:10): pid=7053 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.286" name="file1" dev="loop3" ino=1048630 res=0 errno=0 [ 179.105253][ T7118] loop3: detected capacity change from 0 to 1024 [ 179.212432][ T7118] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 179.247368][ T7124] loop2: detected capacity change from 0 to 512 [ 179.394300][ T7124] ext4: Unknown parameter 'noacl' [ 179.583383][ T5824] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 179.789314][ T7094] loop4: detected capacity change from 0 to 131072 [ 179.815581][ T7094] F2FS-fs (loop4): invalid crc value [ 180.031421][ T7094] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 180.153186][ T7102] loop1: detected capacity change from 0 to 131072 [ 180.190511][ T7102] F2FS-fs (loop1): invalid crc value [ 180.431746][ T7102] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 181.996995][ T7150] loop2: detected capacity change from 0 to 512 [ 182.558537][ T7150] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 182.612491][ T7150] EXT4-fs (loop2): Online resizing not supported with sparse_super2 [ 182.804173][ T5818] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 182.918580][ T7159] loop2: detected capacity change from 0 to 512 [ 182.935042][ T7159] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 182.965328][ T7159] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 183.017526][ T7159] ext4 filesystem being mounted at /73/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 183.244392][ T5818] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 183.422496][ T7164] loop2: detected capacity change from 0 to 256 [ 183.460253][ T7164] exFAT-fs (loop2): failed to test first cluster bit of root dir(5) [ 183.726312][ T7171] loop2: detected capacity change from 0 to 1024 [ 183.731433][ T7169] loop1: detected capacity change from 0 to 256 [ 183.844387][ T7171] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 183.855938][ T7169] FAT-fs (loop1): Directory bread(block 64) failed [ 183.873181][ T7169] FAT-fs (loop1): Directory bread(block 65) failed [ 183.880455][ T7169] FAT-fs (loop1): Directory bread(block 66) failed [ 183.886984][ T7169] FAT-fs (loop1): Directory bread(block 67) failed [ 183.894134][ T7169] FAT-fs (loop1): Directory bread(block 68) failed [ 183.902321][ T7169] FAT-fs (loop1): Directory bread(block 69) failed [ 183.909348][ T7169] FAT-fs (loop1): Directory bread(block 70) failed [ 183.915872][ T7169] FAT-fs (loop1): Directory bread(block 71) failed [ 183.922929][ T7169] FAT-fs (loop1): Directory bread(block 72) failed [ 183.929709][ T7169] FAT-fs (loop1): Directory bread(block 73) failed [ 184.153738][ T7183] loop3: detected capacity change from 0 to 512 [ 184.217203][ T7183] EXT4-fs error (device loop3): ext4_iget_extra_inode:5025: inode #15: comm syz.3.326: corrupted in-inode xattr: invalid ea_ino [ 184.230631][ T7183] loop3: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 184.237117][ C0] EXT4-fs (loop3): error count since last fsck: 1 [ 184.252730][ C0] EXT4-fs (loop3): initial error at time 1772367847: ext4_iget_extra_inode:5025: inode 15 [ 184.262774][ C0] EXT4-fs (loop3): last error at time 1772367847: ext4_iget_extra_inode:5025: inode 15 [ 184.285148][ T7183] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.326: couldn't read orphan inode 15 (err -117) [ 184.297055][ T7183] loop3: lost filesystem error report for type 5 error -117 [ 184.309724][ T7183] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 184.464082][ T5818] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 184.894453][ T5824] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 185.107239][ T10] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 185.214069][ T7197] loop3: detected capacity change from 0 to 512 [ 185.269713][ T10] usb 3-1: Using ep0 maxpacket: 16 [ 185.376411][ T7197] EXT4-fs error (device loop3): ext4_iget_extra_inode:5025: inode #15: comm syz.3.330: corrupted in-inode xattr: invalid ea_ino [ 185.391276][ T7197] loop3: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 185.395206][ T7197] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.330: couldn't read orphan inode 15 (err -117) [ 185.404429][ C0] EXT4-fs (loop3): error count since last fsck: 1 [ 185.404450][ C0] EXT4-fs (loop3): initial error at time 1772367849: ext4_iget_extra_inode:5025: inode 15 [ 185.404483][ C0] EXT4-fs (loop3): last error at time 1772367849: ext4_iget_extra_inode:5025: inode 15 [ 185.443634][ T7197] loop3: lost filesystem error report for type 5 error -117 [ 185.470571][ T10] usb 3-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 185.553422][ T7197] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 185.582566][ T7197] EXT4-fs error (device loop3): ext4_lookup:1789: inode #2: comm syz.3.330: deleted inode referenced: 15 [ 185.632873][ T7197] EXT4-fs error (device loop3): ext4_find_dest_de:2050: inode #2: block 13: comm syz.3.330: bad entry in directory: directory entry overrun - offset=76, inode=0, rec_len=1024, size=1024 fake=0 [ 185.815900][ T10] usb 3-1: config 0 interface 0 altsetting 9 endpoint 0x81 has invalid wMaxPacketSize 0 [ 185.833903][ T10] usb 3-1: config 0 interface 0 has no altsetting 0 [ 185.909287][ T5824] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 185.928791][ T10] usb 3-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00 [ 185.942966][ T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 185.986239][ T10] usb 3-1: config 0 descriptor?? [ 186.030806][ T7186] loop1: detected capacity change from 0 to 40427 [ 186.098485][ T7186] F2FS-fs (loop1): invalid crc value [ 186.312845][ T7186] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 186.374495][ T7186] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 186.500439][ T10] nzxt-smart2 0003:1E71:2009.0007: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.2-1/input0 [ 186.683201][ T10] usb 3-1: USB disconnect, device number 6 [ 187.347945][ T7211] loop3: detected capacity change from 0 to 40427 [ 187.410726][ T7211] F2FS-fs (loop3): invalid crc value [ 187.494877][ T7226] loop2: detected capacity change from 0 to 1024 [ 187.553745][ T7226] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 187.618190][ T7211] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 187.754258][ T7231] loop4: detected capacity change from 0 to 256 [ 188.001788][ T5818] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 188.012009][ T7211] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 188.961786][ T7237] FAT-fs (loop4): error, corrupted directory (invalid entries) [ 188.969430][ T7237] FAT-fs (loop4): Filesystem has been set read-only [ 190.337172][ T5821] usb 3-1: new full-speed USB device number 7 using dummy_hcd [ 190.509752][ T5821] usb 3-1: unable to get BOS descriptor or descriptor too short [ 190.536750][ T5821] usb 3-1: not running at top speed; connect to a high speed hub [ 190.583988][ T5821] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 127, changing to 4 [ 190.634667][ T5821] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid maxpacket 1024, setting to 1023 [ 190.684038][ T5821] usb 3-1: New USB device found, idVendor=0499, idProduct=150a, bcdDevice= 0.40 [ 190.720722][ T5821] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 190.795913][ T5821] usb 3-1: Product: syz [ 190.807165][ T5821] usb 3-1: Manufacturer: syz [ 190.827175][ T5821] usb 3-1: SerialNumber: syz [ 190.980486][ T5824] syz-executor: attempt to access beyond end of device [ 190.980486][ T5824] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 191.061226][ T5824] CPU: 0 UID: 0 PID: 5824 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) [ 191.061251][ T5824] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 191.061261][ T5824] Call Trace: [ 191.061268][ T5824] [ 191.061275][ T5824] dump_stack_lvl+0xe8/0x150 [ 191.061302][ T5824] f2fs_handle_critical_error+0x37c/0x540 [ 191.061328][ T5824] f2fs_write_end_io+0xcdb/0xff0 [ 191.061356][ T5824] __submit_merged_bio+0x256/0x700 [ 191.061380][ T5824] __submit_merged_write_cond+0x3c9/0x4e0 [ 191.061405][ T5824] ? __pfx___submit_merged_write_cond+0x10/0x10 [ 191.061441][ T5824] f2fs_write_data_pages+0x2975/0x35e0 [ 191.061482][ T5824] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 191.061506][ T5824] ? css_rstat_updated+0x23a/0x530 [ 191.061540][ T5824] ? rcu_is_watching+0x15/0xb0 [ 191.061558][ T5824] ? mod_memcg_lruvec_state+0x1b8/0x360 [ 191.061587][ T5824] ? __lock_acquire+0x6b5/0x2cf0 [ 191.061613][ T5824] ? __lock_acquire+0x6b5/0x2cf0 [ 191.061633][ T5824] ? do_raw_spin_lock+0x12b/0x2f0 [ 191.061654][ T5824] ? do_raw_spin_unlock+0xf5/0x210 [ 191.061668][ T5824] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 191.061683][ T5824] do_writepages+0x32e/0x550 [ 191.061709][ T5824] ? do_raw_spin_unlock+0xf5/0x210 [ 191.061726][ T5824] filemap_fdatawrite+0x1e9/0x2f0 [ 191.061747][ T5824] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 191.061800][ T5824] ? do_raw_spin_unlock+0xf5/0x210 [ 191.061818][ T5824] f2fs_sync_dirty_inodes+0x30e/0x860 [ 191.061849][ T5824] f2fs_write_checkpoint+0x9df/0x26a0 [ 191.061890][ T5824] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 191.061946][ T5824] kill_f2fs_super+0x314/0x720 [ 191.061968][ T5824] ? __pfx_kill_f2fs_super+0x10/0x10 [ 191.061993][ T5824] ? lockdep_hardirqs_on+0x7a/0x110 [ 191.062019][ T5824] deactivate_locked_super+0xbc/0x130 [ 191.062045][ T5824] cleanup_mnt+0x437/0x4d0 [ 191.062063][ T5824] ? _raw_spin_unlock_irq+0x23/0x50 [ 191.062088][ T5824] task_work_run+0x1d9/0x270 [ 191.062110][ T5824] ? __pfx_task_work_run+0x10/0x10 [ 191.062139][ T5824] exit_to_user_mode_loop+0xed/0x480 [ 191.062159][ T5824] ? rcu_is_watching+0x15/0xb0 [ 191.062185][ T5824] do_syscall_64+0x32d/0xf80 [ 191.062201][ T5824] ? trace_irq_disable+0x3b/0x150 [ 191.062216][ T5824] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 191.062233][ T5824] ? clear_bhb_loop+0x40/0x90 [ 191.062254][ T5824] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 191.062270][ T5824] RIP: 0033:0x7f362699d9d7 [ 191.062286][ T5824] Code: a2 c7 05 1c ed 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 191.062300][ T5824] RSP: 002b:00007ffe784011d8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 191.062318][ T5824] RAX: 0000000000000000 RBX: 00007f3626a31f90 RCX: 00007f362699d9d7 [ 191.062329][ T5824] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe78401290 [ 191.062339][ T5824] RBP: 00007ffe78401290 R08: 00007ffe78402290 R09: 00000000ffffffff [ 191.062351][ T5824] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffe78402320 [ 191.062362][ T5824] R13: 00007f3626a31f90 R14: 000000000002e562 R15: 00007ffe78402360 [ 191.062393][ T5824] [ 191.062401][ T5824] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 191.075494][ T5821] usb 3-1: 1:1 : UAC_AS_GENERAL descriptor not found [ 191.202294][ T7244] Bluetooth: hci1: command 0x0406 tx timeout [ 191.239719][ T5830] Bluetooth: hci4: command 0x0406 tx timeout [ 191.242121][ T5835] Bluetooth: hci2: command 0x0406 tx timeout [ 191.245916][ T5830] Bluetooth: hci0: command 0x0406 tx timeout [ 191.252436][ T5835] Bluetooth: hci3: command 0x0406 tx timeout [ 191.366470][ T7265] loop0: detected capacity change from 0 to 1024 [ 191.604028][ T5821] usb 3-1: 2:1 : UAC_AS_GENERAL descriptor not found [ 191.733633][ T7265] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 191.972867][ T5821] usb 3-1: USB disconnect, device number 7 [ 192.300786][ T5817] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 192.406450][ T7278] loop0: detected capacity change from 0 to 256 [ 192.557589][ T5821] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 193.788511][ T7284] FAT-fs (loop0): error, corrupted directory (invalid entries) [ 193.796152][ T7284] FAT-fs (loop0): Filesystem has been set read-only [ 193.804336][ T5821] usb 3-1: Using ep0 maxpacket: 16 [ 193.822899][ T5821] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 193.938617][ T5821] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0 [ 193.948911][ T5821] usb 3-1: config 0 interface 0 has no altsetting 0 [ 193.955615][ T5821] usb 3-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00 [ 193.964858][ T5821] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 194.022233][ T5821] usb 3-1: config 0 descriptor?? [ 194.166944][ T7287] loop0: detected capacity change from 0 to 512 [ 194.234384][ T7287] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 194.247386][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.253758][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.298444][ T7287] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a84ee02c, mo2=0002] [ 194.306469][ T7287] System zones: 1-12 [ 194.331092][ T7272] loop2: detected capacity change from 0 to 256 [ 194.353545][ T7287] EXT4-fs (loop0): orphan cleanup on readonly fs [ 194.398889][ T7287] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.356: invalid indirect mapped block 2 (level 2) [ 194.478285][ T7287] loop0: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 194.487131][ C0] EXT4-fs (loop0): error count since last fsck: 1 [ 194.502745][ C0] EXT4-fs (loop0): initial error at time 1772367858: ext4_free_branches:1023: inode 11 [ 194.512450][ C0] EXT4-fs (loop0): last error at time 1772367858: ext4_free_branches:1023: inode 11 [ 194.522044][ T7287] EXT4-fs (loop0): Remounting filesystem read-only [ 194.531385][ T7287] EXT4-fs (loop0): 1 truncate cleaned up [ 194.550425][ T7287] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: writeback. [ 194.598528][ T7287] EXT4-fs warning (device loop0): dx_probe:791: inode #2: lblock 0: comm syz.0.356: error -117 reading directory block [ 194.632367][ T5821] hid (null): invalid report_count 37377 [ 194.648895][ T5821] hid (null): unknown global tag 0x17 [ 194.667773][ T5821] hid (null): global environment stack underflow [ 194.678854][ T5817] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 194.697174][ T5821] hid (null): unknown global tag 0xe [ 194.702599][ T5821] hid (null): invalid report_count -335543129 [ 194.830658][ T5821] usb 3-1: USB disconnect, device number 8 [ 194.874061][ T7290] loop1: detected capacity change from 0 to 40427 [ 194.916803][ T7290] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 194.949805][ T7290] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 194.990246][ T7290] F2FS-fs (loop1): invalid crc value [ 195.191818][ T7290] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 195.219963][ T7290] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 195.227044][ T7290] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 195.275738][ T7292] loop3: detected capacity change from 0 to 40427 [ 195.298415][ T7292] F2FS-fs (loop3): invalid crc value [ 195.533413][ T7294] loop0: detected capacity change from 0 to 40427 [ 195.533594][ T7292] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 195.575736][ T7292] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 195.583526][ T7294] F2FS-fs (loop0): invalid crc value [ 195.851728][ T7294] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 195.895530][ T7294] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 196.193734][ T7312] loop4: detected capacity change from 0 to 32768 [ 196.284521][ T6012] loop4: p1 p2 p3 < p5 p6 > [ 196.836450][ T6012] loop4: p1 size 242222080 extends beyond EOD, truncated [ 196.848342][ T6012] loop4: p2 start 4294967295 is beyond EOD, truncated [ 197.118338][ T7312] loop4: p1 p2 p3 < > [ 197.132691][ T7312] loop4: p1 size 242222080 extends beyond EOD, truncated [ 197.176006][ T7323] loop1: detected capacity change from 0 to 1024 [ 197.199395][ T7312] loop4: p2 start 4294967295 is beyond EOD, truncated [ 197.220170][ T7323] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 197.271219][ T5817] syz-executor: attempt to access beyond end of device [ 197.271219][ T5817] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 197.297903][ T5817] CPU: 0 UID: 0 PID: 5817 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) [ 197.297928][ T5817] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 197.297939][ T5817] Call Trace: [ 197.297946][ T5817] [ 197.297954][ T5817] dump_stack_lvl+0xe8/0x150 [ 197.297984][ T5817] f2fs_handle_critical_error+0x37c/0x540 [ 197.298017][ T5817] f2fs_write_end_io+0xcdb/0xff0 [ 197.298056][ T5817] __submit_merged_bio+0x256/0x700 [ 197.298089][ T5817] __submit_merged_write_cond+0x3c9/0x4e0 [ 197.298123][ T5817] ? __pfx___submit_merged_write_cond+0x10/0x10 [ 197.298172][ T5817] f2fs_write_data_pages+0x2975/0x35e0 [ 197.298230][ T5817] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 197.298266][ T5817] ? css_rstat_updated+0x23a/0x530 [ 197.298313][ T5817] ? rcu_is_watching+0x15/0xb0 [ 197.298339][ T5817] ? mod_memcg_lruvec_state+0x1b8/0x360 [ 197.298366][ T5817] ? __lock_acquire+0x6b5/0x2cf0 [ 197.298404][ T5817] ? __lock_acquire+0x6b5/0x2cf0 [ 197.298432][ T5817] ? do_raw_spin_lock+0x12b/0x2f0 [ 197.298464][ T5817] ? do_raw_spin_unlock+0xf5/0x210 [ 197.298483][ T5817] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 197.298505][ T5817] do_writepages+0x32e/0x550 [ 197.298540][ T5817] ? do_raw_spin_unlock+0xf5/0x210 [ 197.298563][ T5817] filemap_fdatawrite+0x1e9/0x2f0 [ 197.298591][ T5817] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 197.298661][ T5817] ? do_raw_spin_unlock+0xf5/0x210 [ 197.298685][ T5817] f2fs_sync_dirty_inodes+0x30e/0x860 [ 197.298722][ T5817] f2fs_write_checkpoint+0x9df/0x26a0 [ 197.298778][ T5817] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 197.298858][ T5817] kill_f2fs_super+0x314/0x720 [ 197.298969][ T5817] ? __pfx_kill_f2fs_super+0x10/0x10 [ 197.299014][ T5817] ? lockdep_hardirqs_on+0x7a/0x110 [ 197.299049][ T5817] deactivate_locked_super+0xbc/0x130 [ 197.299079][ T5817] cleanup_mnt+0x437/0x4d0 [ 197.299099][ T5817] ? _raw_spin_unlock_irq+0x23/0x50 [ 197.299125][ T5817] task_work_run+0x1d9/0x270 [ 197.299146][ T5817] ? __pfx_task_work_run+0x10/0x10 [ 197.299175][ T5817] exit_to_user_mode_loop+0xed/0x480 [ 197.299193][ T5817] ? rcu_is_watching+0x15/0xb0 [ 197.299219][ T5817] do_syscall_64+0x32d/0xf80 [ 197.299235][ T5817] ? trace_irq_disable+0x3b/0x150 [ 197.299250][ T5817] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 197.299267][ T5817] ? clear_bhb_loop+0x40/0x90 [ 197.299286][ T5817] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 197.299302][ T5817] RIP: 0033:0x7f384779d9d7 [ 197.299318][ T5817] Code: a2 c7 05 1c ed 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 197.299330][ T5817] RSP: 002b:00007ffc8e5450f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 197.299347][ T5817] RAX: 0000000000000000 RBX: 00007f3847831f90 RCX: 00007f384779d9d7 [ 197.299358][ T5817] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc8e5451b0 [ 197.299368][ T5817] RBP: 00007ffc8e5451b0 R08: 00007ffc8e5461b0 R09: 00000000ffffffff [ 197.299378][ T5817] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffc8e546240 [ 197.299389][ T5817] R13: 00007f3847831f90 R14: 000000000003016d R15: 00007ffc8e546280 [ 197.299419][ T5817] [ 197.299426][ T5817] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 197.947976][ T5823] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 198.761243][ T6011] udevd[6011]: inotify_add_watch(7, /dev/loop4p5, 10) failed: No such file or directory [ 198.773285][ T6002] udevd[6002]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory [ 198.774168][ T6012] udevd[6012]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 198.799254][ T5875] udevd[5875]: inotify_add_watch(7, /dev/loop4p6, 10) failed: No such file or directory [ 198.980448][ T7341] loop4: detected capacity change from 0 to 128 [ 199.010195][ T6012] udevd[6012]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 199.010338][ T6002] udevd[6002]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory [ 199.090232][ T7341] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 199.199612][ T7341] ext4 filesystem being mounted at /67/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 199.249458][ T7346] loop3: detected capacity change from 0 to 512 [ 199.288791][ T7346] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 199.309793][ T7346] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a84ee02c, mo2=0002] [ 199.328305][ T7346] System zones: 1-12 [ 199.357439][ T7346] EXT4-fs (loop3): orphan cleanup on readonly fs [ 199.377172][ T7346] EXT4-fs error (device loop3): ext4_get_branch:178: inode #11: block 33619980: comm syz.3.369: invalid block [ 199.396925][ T7346] loop3: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 199.397123][ C0] EXT4-fs (loop3): error count since last fsck: 1 [ 199.412727][ C0] EXT4-fs (loop3): initial error at time 1772367863: ext4_get_branch:178: inode 11: block 33619980 [ 199.416903][ T7351] loop2: detected capacity change from 0 to 16 [ 199.423467][ C0] EXT4-fs (loop3): last error at time 1772367863: ext4_get_branch:178: inode 11: block 33619980 [ 199.441156][ T7350] loop0: detected capacity change from 0 to 256 [ 199.457422][ T7346] EXT4-fs (loop3): Remounting filesystem read-only [ 199.464052][ T5834] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 199.483417][ T7351] erofs (device loop2): invalid ishare xattr prefix id 0 [ 199.708609][ T7346] EXT4-fs (loop3): 1 truncate cleaned up [ 200.656976][ T7346] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: writeback. [ 200.717479][ T7346] EXT4-fs warning (device loop3): dx_probe:791: inode #2: lblock 0: comm syz.3.369: error -117 reading directory block [ 200.822046][ T7356] FAT-fs (loop0): error, corrupted directory (invalid entries) [ 200.829676][ T7356] FAT-fs (loop0): Filesystem has been set read-only [ 200.871351][ T7357] loop1: detected capacity change from 0 to 512 [ 201.005540][ T5824] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 201.053985][ T7357] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 201.656558][ T7375] loop2: detected capacity change from 0 to 1024 [ 201.666656][ T7367] loop0: detected capacity change from 0 to 8192 [ 201.768008][ T7375] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 202.348912][ T5818] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 202.416374][ T7388] loop3: detected capacity change from 0 to 128 [ 202.510651][ T7388] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 202.637224][ T7397] loop4: detected capacity change from 0 to 512 [ 202.647640][ T7388] ext4 filesystem being mounted at /69/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 202.712513][ T7397] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 202.759900][ T7397] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a84ee02c, mo2=0002] [ 202.829056][ T7397] System zones: 1-12 [ 202.833223][ T7397] EXT4-fs (loop4): orphan cleanup on readonly fs [ 202.840001][ T7397] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.387: invalid indirect mapped block 2 (level 2) [ 202.855293][ T7397] loop4: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 202.857112][ C1] EXT4-fs (loop4): error count since last fsck: 1 [ 202.872680][ C1] EXT4-fs (loop4): initial error at time 1772367866: ext4_free_branches:1023: inode 11 [ 202.882382][ C1] EXT4-fs (loop4): last error at time 1772367866: ext4_free_branches:1023: inode 11 [ 202.892884][ T7397] EXT4-fs (loop4): Remounting filesystem read-only [ 202.903557][ T5824] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 202.907407][ T7397] EXT4-fs (loop4): 1 truncate cleaned up [ 202.919918][ T7397] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: writeback. [ 203.003376][ T7397] EXT4-fs warning (device loop4): dx_probe:791: inode #2: lblock 0: comm syz.4.387: error -117 reading directory block [ 203.132640][ T5834] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 203.156083][ T7403] loop3: detected capacity change from 0 to 256 [ 204.371978][ T7389] loop1: detected capacity change from 0 to 40427 [ 204.430038][ T7389] F2FS-fs (loop1): invalid crc value [ 204.522417][ T7411] loop4: detected capacity change from 0 to 512 [ 204.537617][ T7408] FAT-fs (loop3): error, corrupted directory (invalid entries) [ 204.545237][ T7408] FAT-fs (loop3): Filesystem has been set read-only [ 204.720671][ T7411] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 204.913974][ T7414] loop2: detected capacity change from 0 to 256 [ 204.953045][ T7414] exfat: Deprecated parameter 'namecase' [ 205.068549][ T7414] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe3865569, utbl_chksum : 0xe619d30d) [ 205.143589][ T7389] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 1 [ 205.240178][ T7389] F2FS-fs (loop1): Start checkpoint disabled! [ 205.279878][ T7389] F2FS-fs (loop1): f2fs_disable_checkpoint() finish, err:0 [ 205.318712][ T7389] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6 [ 205.387175][ T29] audit: type=1804 audit(1772367868.999:11): pid=7389 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.385" name="/newroot/76/file0/file1" dev="loop1" ino=10 res=1 errno=0 [ 205.534530][ T12] kworker/u8:0: attempt to access beyond end of device [ 205.534530][ T12] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 205.593294][ T12] CPU: 0 UID: 0 PID: 12 Comm: kworker/u8:0 Not tainted syzkaller #0 PREEMPT(full) [ 205.593319][ T12] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 205.593330][ T12] Workqueue: writeback wb_workfn (flush-7:1) [ 205.593360][ T12] Call Trace: [ 205.593367][ T12] [ 205.593374][ T12] dump_stack_lvl+0xe8/0x150 [ 205.593401][ T12] f2fs_handle_critical_error+0x37c/0x540 [ 205.593435][ T12] f2fs_write_end_io+0xcdb/0xff0 [ 205.593474][ T12] __submit_merged_bio+0x256/0x700 [ 205.593507][ T12] __submit_merged_write_cond+0x3c9/0x4e0 [ 205.593542][ T12] ? __pfx___submit_merged_write_cond+0x10/0x10 [ 205.593598][ T12] f2fs_write_data_pages+0x2975/0x35e0 [ 205.593654][ T12] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 205.593688][ T12] ? __pfx_f2fs_available_free_memory+0x10/0x10 [ 205.593743][ T12] ? __pfx_f2fs_balance_fs_bg+0x10/0x10 [ 205.593785][ T12] ? __lock_acquire+0x6b5/0x2cf0 [ 205.593825][ T12] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 205.593847][ T12] do_writepages+0x32e/0x550 [ 205.593879][ T12] ? reacquire_held_locks+0x104/0x190 [ 205.593903][ T12] ? writeback_sb_inodes+0x477/0x1a20 [ 205.593933][ T12] __writeback_single_inode+0x133/0x11a0 [ 205.593959][ T12] ? do_raw_spin_unlock+0xf5/0x210 [ 205.593982][ T12] writeback_sb_inodes+0x992/0x1a20 [ 205.594027][ T12] ? __lock_acquire+0x6b5/0x2cf0 [ 205.594055][ T12] ? __pfx_writeback_sb_inodes+0x10/0x10 [ 205.594077][ T12] ? do_raw_spin_lock+0x12b/0x2f0 [ 205.594136][ T12] ? rcu_is_watching+0x15/0xb0 [ 205.594170][ T12] wb_writeback+0x456/0xb70 [ 205.594197][ T12] ? queue_io+0x261/0x4a0 [ 205.594229][ T12] ? __pfx_wb_writeback+0x10/0x10 [ 205.594250][ T12] ? do_raw_spin_lock+0x12b/0x2f0 [ 205.594288][ T12] wb_workfn+0x414/0xf50 [ 205.594309][ T12] ? look_up_lock_class+0x57/0x110 [ 205.594337][ T12] ? __pfx_wb_workfn+0x10/0x10 [ 205.594359][ T12] ? do_raw_spin_lock+0x12b/0x2f0 [ 205.594379][ T12] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 205.594414][ T12] ? process_one_work+0x87c/0x1650 [ 205.594434][ T12] process_one_work+0x949/0x1650 [ 205.594474][ T12] ? __pfx_process_one_work+0x10/0x10 [ 205.594494][ T12] ? do_raw_spin_lock+0x12b/0x2f0 [ 205.594527][ T12] worker_thread+0xb46/0x1140 [ 205.594568][ T12] kthread+0x388/0x470 [ 205.594591][ T12] ? __pfx_worker_thread+0x10/0x10 [ 205.594612][ T12] ? __pfx_kthread+0x10/0x10 [ 205.594631][ T12] ret_from_fork+0x51e/0xb90 [ 205.594657][ T12] ? __pfx_ret_from_fork+0x10/0x10 [ 205.594678][ T12] ? __switch_to+0xc7d/0x1450 [ 205.594702][ T12] ? __pfx_kthread+0x10/0x10 [ 205.594720][ T12] ret_from_fork_asm+0x1a/0x30 [ 205.594752][ T12] [ 205.861851][ T12] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 206.438204][ T7438] loop1: detected capacity change from 0 to 1024 [ 206.500809][ T7440] loop2: detected capacity change from 0 to 512 [ 206.526435][ T7440] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 206.610195][ T7438] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 206.630545][ T7440] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.398: Invalid block bitmap block 0 in block_group 0 [ 206.675951][ T7440] loop2: lost filesystem error report for type 5 error -117 [ 206.676406][ T7440] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6685: Corrupt filesystem [ 206.683823][ C0] EXT4-fs (loop2): error count since last fsck: 1 [ 206.683844][ C0] EXT4-fs (loop2): initial error at time 1772367870: ext4_read_block_bitmap_nowait:483 [ 206.683870][ C0] EXT4-fs (loop2): last error at time 1772367870: ext4_read_block_bitmap_nowait:483 [ 206.959451][ T7440] loop2: lost filesystem error report for type 5 error -117 [ 206.960271][ T7440] EXT4-fs error (device loop2): ext4_clear_blocks:876: inode #11: comm syz.2.398: attempt to clear invalid blocks 983261 len 1 [ 207.030031][ T7447] loop4: detected capacity change from 0 to 512 [ 207.036544][ T7440] loop2: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 207.038368][ T7440] EXT4-fs error (device loop2): __ext4_get_inode_loc:4782: comm syz.2.398: Invalid inode table block 0 in block_group 0 [ 207.067600][ T7447] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 207.100703][ T7447] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a84ee02c, mo2=0002] [ 207.123669][ T7447] System zones: 1-12 [ 207.141072][ T7440] loop2: lost filesystem error report for type 5 error -117 [ 207.146712][ T7447] EXT4-fs (loop4): orphan cleanup on readonly fs [ 207.162676][ T7440] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6246: Corrupt filesystem [ 207.192944][ T7440] loop2: lost filesystem error report for type 5 error -117 [ 207.193349][ T7440] EXT4-fs error (device loop2) in ext4_orphan_del:303: Corrupt filesystem [ 207.220807][ T7447] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.399: invalid indirect mapped block 2 (level 2) [ 207.343783][ T5823] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 207.381089][ T7440] loop2: lost filesystem error report for type 5 error -117 [ 207.382151][ T7440] EXT4-fs error (device loop2): __ext4_get_inode_loc:4782: comm syz.2.398: Invalid inode table block 0 in block_group 0 [ 207.397215][ T7447] loop4: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 207.402513][ T7447] EXT4-fs (loop4): Remounting filesystem read-only [ 207.403426][ T7440] loop2: lost filesystem error report for type 5 error -117 [ 207.411701][ C0] EXT4-fs (loop4): error count since last fsck: 1 [ 207.411721][ C0] EXT4-fs (loop4): initial error at time 1772367871: ext4_free_branches:1023: inode 11 [ 207.411749][ C0] EXT4-fs (loop4): last error at time 1772367871: ext4_free_branches:1023: inode 11 [ 207.442458][ T7447] EXT4-fs (loop4): 1 truncate cleaned up [ 207.482958][ T7447] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: writeback. [ 207.496148][ T7440] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6246: Corrupt filesystem [ 207.509084][ T7450] loop3: detected capacity change from 0 to 512 [ 207.529955][ T7440] loop2: lost filesystem error report for type 5 error -117 [ 207.723031][ T7450] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 207.737999][ T7440] EXT4-fs error (device loop2): ext4_truncate:4587: inode #11: comm syz.2.398: mark_inode_dirty error [ 207.761566][ T7440] loop2: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 207.768427][ T7440] EXT4-fs error (device loop2) in ext4_process_orphan:345: Corrupt filesystem [ 207.783482][ T7447] EXT4-fs warning (device loop4): dx_probe:791: inode #2: lblock 0: comm syz.4.399: error -117 reading directory block [ 207.788512][ T7440] loop2: lost filesystem error report for type 5 error -117 [ 207.826491][ T7440] EXT4-fs error (device loop2): __ext4_get_inode_loc:4782: comm syz.2.398: Invalid inode table block 0 in block_group 0 [ 207.846934][ T7440] loop2: lost filesystem error report for type 5 error -117 [ 207.848174][ T7440] EXT4-fs (loop2): 1 truncate cleaned up [ 207.865203][ T7440] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 207.882296][ T5834] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 207.894936][ T7450] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 207.946616][ T5818] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 207.979050][ T7450] EXT4-fs error (device loop3): ext4_readdir:265: inode #2: block 3: comm syz.3.400: path /73/file0: bad entry in directory: directory entry overrun - offset=12, inode=514, rec_len=2048, size=2048 fake=0 [ 208.004262][ T7450] EXT4-fs error (device loop3): ext4_readdir:265: inode #2: block 12: comm syz.3.400: path /73/file0: bad entry in directory: directory entry overrun - offset=0, inode=5066064, rec_len=65536, size=2048 fake=0 [ 208.109573][ T7459] loop0: detected capacity change from 0 to 512 [ 208.130977][ T7459] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 209.443520][ T5824] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1142: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 209.680892][ T5824] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 210.437619][ T7484] loop0: detected capacity change from 0 to 1024 [ 210.518586][ T7488] loop3: detected capacity change from 0 to 512 [ 210.604454][ T7477] loop1: detected capacity change from 0 to 40427 [ 210.661140][ T7488] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 210.685660][ T7477] F2FS-fs (loop1): invalid crc value [ 210.696650][ T7484] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 210.718771][ T7488] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a84ee02c, mo2=0002] [ 210.728899][ T7488] System zones: 1-12 [ 210.733261][ T7488] EXT4-fs (loop3): orphan cleanup on readonly fs [ 210.750434][ T7488] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.413: invalid indirect mapped block 2 (level 2) [ 211.107290][ T7488] loop3: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 211.109655][ T7488] EXT4-fs (loop3): Remounting filesystem read-only [ 211.118890][ C0] EXT4-fs (loop3): error count since last fsck: 1 [ 211.118910][ C0] EXT4-fs (loop3): initial error at time 1772367874: ext4_free_branches:1023: inode 11 [ 211.118949][ C0] EXT4-fs (loop3): last error at time 1772367874: ext4_free_branches:1023: inode 11 [ 211.365478][ T5817] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 211.442662][ T7488] EXT4-fs (loop3): 1 truncate cleaned up [ 211.451150][ T7488] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: writeback. [ 211.525422][ T7477] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 1 [ 211.744501][ T7488] EXT4-fs warning (device loop3): dx_probe:791: inode #2: lblock 0: comm syz.3.413: error -117 reading directory block [ 211.778799][ T7477] F2FS-fs (loop1): Start checkpoint disabled! [ 212.346858][ T7477] F2FS-fs (loop1): f2fs_disable_checkpoint() finish, err:0 [ 212.455514][ T7477] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6 [ 212.516387][ T5824] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 212.550721][ T7504] loop5: detected capacity change from 0 to 7 [ 212.587484][ T6012] Dev loop5: unable to read RDB block 7 [ 212.688763][ T12] kworker/u8:0: attempt to access beyond end of device [ 212.688763][ T12] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 212.715481][ T6012] loop5: AHDI p1 p2 p3 [ 212.813589][ T6012] loop5: partition table partially beyond EOD, truncated [ 212.896649][ T12] CPU: 1 UID: 0 PID: 12 Comm: kworker/u8:0 Not tainted syzkaller #0 PREEMPT(full) [ 212.896676][ T12] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 212.896688][ T12] Workqueue: writeback wb_workfn (flush-7:1) [ 212.896718][ T12] Call Trace: [ 212.896725][ T12] [ 212.896733][ T12] dump_stack_lvl+0xe8/0x150 [ 212.896761][ T12] f2fs_handle_critical_error+0x37c/0x540 [ 212.896794][ T12] f2fs_write_end_io+0xcdb/0xff0 [ 212.896831][ T12] __submit_merged_bio+0x256/0x700 [ 212.896863][ T12] __submit_merged_write_cond+0x3c9/0x4e0 [ 212.896898][ T12] ? __pfx___submit_merged_write_cond+0x10/0x10 [ 212.896948][ T12] f2fs_write_data_pages+0x2975/0x35e0 [ 212.897004][ T12] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 212.897079][ T12] ? lockdep_hardirqs_on+0x7a/0x110 [ 212.897111][ T12] ? __schedule+0x15f3/0x52d0 [ 212.897148][ T12] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 212.897169][ T12] do_writepages+0x32e/0x550 [ 212.897201][ T12] ? reacquire_held_locks+0x104/0x190 [ 212.897224][ T12] ? writeback_sb_inodes+0x477/0x1a20 [ 212.897245][ T12] ? preempt_schedule_thunk+0x16/0x30 [ 212.897269][ T12] __writeback_single_inode+0x133/0x11a0 [ 212.897302][ T12] writeback_sb_inodes+0x992/0x1a20 [ 212.897347][ T12] ? lockdep_hardirqs_on+0x7a/0x110 [ 212.897372][ T12] ? __pfx_writeback_sb_inodes+0x10/0x10 [ 212.897394][ T12] ? do_raw_spin_lock+0x12b/0x2f0 [ 212.897453][ T12] ? rcu_is_watching+0x15/0xb0 [ 212.897486][ T12] wb_writeback+0x456/0xb70 [ 212.897513][ T12] ? queue_io+0x261/0x4a0 [ 212.897544][ T12] ? __pfx_wb_writeback+0x10/0x10 [ 212.897574][ T12] ? wb_workfn+0x400/0xf50 [ 212.897600][ T12] wb_workfn+0x414/0xf50 [ 212.897623][ T12] ? look_up_lock_class+0x57/0x110 [ 212.897655][ T12] ? __pfx_wb_workfn+0x10/0x10 [ 212.897678][ T12] ? __pfx___schedule+0x10/0x10 [ 212.897696][ T12] ? irqentry_exit+0x59e/0x620 [ 212.897713][ T12] ? rcu_is_watching+0x15/0xb0 [ 212.897750][ T12] ? preempt_schedule_thunk+0x16/0x30 [ 212.897776][ T12] ? process_one_work+0x87c/0x1650 [ 212.897798][ T12] process_one_work+0x949/0x1650 [ 212.897841][ T12] ? __pfx_process_one_work+0x10/0x10 [ 212.897860][ T12] ? move_linked_works+0x238/0x250 [ 212.897899][ T12] worker_thread+0xb46/0x1140 [ 212.897949][ T12] kthread+0x388/0x470 [ 212.897968][ T12] ? __pfx_worker_thread+0x10/0x10 [ 212.897989][ T12] ? __pfx_kthread+0x10/0x10 [ 212.898009][ T12] ret_from_fork+0x51e/0xb90 [ 212.898036][ T12] ? __pfx_ret_from_fork+0x10/0x10 [ 212.898057][ T12] ? __switch_to+0xc7d/0x1450 [ 212.898082][ T12] ? __pfx_kthread+0x10/0x10 [ 212.898106][ T12] ret_from_fork_asm+0x1a/0x30 [ 212.898139][ T12] [ 213.036624][ T6012] loop5: p1 start 1601398130 is beyond EOD, [ 213.186564][ T12] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 213.299018][ T6012] truncated [ 213.318671][ T6012] loop5: p2 start 1702059890 is beyond EOD, truncated [ 213.329643][ T7504] Dev loop5: unable to read RDB block 7 [ 213.335231][ T7504] loop5: AHDI p1 p2 p3 [ 213.340718][ T7504] loop5: partition table partially beyond EOD, truncated [ 213.350921][ T7504] loop5: p1 start 1601398130 is beyond EOD, truncated [ 213.360582][ T7504] loop5: p2 start 1702059890 is beyond EOD, truncated [ 213.972596][ T7532] loop0: detected capacity change from 0 to 1024 [ 214.002990][ T7532] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 214.622537][ T7546] loop2: detected capacity change from 0 to 16 [ 214.658172][ T7546] erofs (device loop2): mounted with root inode @ nid 36. [ 215.068891][ T5817] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 215.181934][ T7548] [ 215.184384][ T7548] ============================= [ 215.189330][ T7548] WARNING: suspicious RCU usage [ 215.194192][ T7548] syzkaller #0 Not tainted [ 215.198638][ T7548] ----------------------------- [ 215.203496][ T7548] kernel/events/callchain.c:163 suspicious rcu_dereference_check() usage! [ 215.212036][ T7548] [ 215.212036][ T7548] other info that might help us debug this: [ 215.212036][ T7548] [ 215.222301][ T7548] [ 215.222301][ T7548] rcu_scheduler_active = 2, debug_locks = 1 [ 215.230497][ T7548] 1 lock held by syz.2.428/7548: [ 215.236375][ T7548] #0: ffffffff8e760818 (rcu_tasks_trace_srcu_struct){....}-{0:0}, at: rcu_read_lock_trace+0x25/0x110 [ 215.248900][ T7548] [ 215.248900][ T7548] stack backtrace: [ 215.254821][ T7548] CPU: 1 UID: 0 PID: 7548 Comm: syz.2.428 Not tainted syzkaller #0 PREEMPT(full) [ 215.254849][ T7548] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 215.254863][ T7548] Call Trace: [ 215.254872][ T7548] [ 215.254881][ T7548] dump_stack_lvl+0xe8/0x150 [ 215.254915][ T7548] lockdep_rcu_suspicious+0x13f/0x1d0 [ 215.254950][ T7548] get_callchain_entry+0x2b6/0x3c0 [ 215.254985][ T7548] get_perf_callchain+0xd5/0x880 [ 215.255022][ T7548] ? __pfx_get_perf_callchain+0x10/0x10 [ 215.255056][ T7548] ? 0xffffffffa02019e4 [ 215.255081][ T7548] __bpf_get_stack+0x445/0xab0 [ 215.255120][ T7548] ? __pfx___bpf_get_stack+0x10/0x10 [ 215.255150][ T7548] ? 0xffffffffa02019e4 [ 215.255167][ T7548] ? bpf_get_stack+0x1c/0x50 [ 215.255200][ T7548] bpf_get_stack+0x33/0x50 [ 215.255228][ T7548] ? bpf_prog_42db8cfdf50901c9+0x46/0x4e [ 215.255247][ T7548] bpf_get_stack_raw_tp+0x1a9/0x220 [ 215.255281][ T7548] bpf_prog_42db8cfdf50901c9+0x46/0x4e [ 215.255300][ T7548] bpf_prog_run_pin_on_cpu+0x142/0x470 [ 215.255327][ T7548] bpf_prog_test_run_syscall+0x318/0x4c0 [ 215.255346][ T7548] ? __rcu_read_unlock+0x83/0xe0 [ 215.255371][ T7548] ? __pfx_bpf_prog_test_run_syscall+0x10/0x10 [ 215.255390][ T7548] ? __fget_files+0x2a/0x420 [ 215.255425][ T7548] ? __pfx_bpf_prog_test_run_syscall+0x10/0x10 [ 215.255446][ T7548] bpf_prog_test_run+0x2c7/0x340 [ 215.255471][ T7548] __sys_bpf+0x643/0x950 [ 215.255492][ T7548] ? __pfx___sys_bpf+0x10/0x10 [ 215.255530][ T7548] ? preempt_schedule_notrace_thunk+0x16/0x30 [ 215.255563][ T7548] __x64_sys_bpf+0x7c/0x90 [ 215.255592][ T7548] do_syscall_64+0x14d/0xf80 [ 215.255614][ T7548] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 215.255634][ T7548] ? clear_bhb_loop+0x40/0x90 [ 215.255699][ T7548] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 215.255719][ T7548] RIP: 0033:0x7f4e7459c799 [ 215.255738][ T7548] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 215.255754][ T7548] RSP: 002b:00007f4e7547c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 215.255776][ T7548] RAX: ffffffffffffffda RBX: 00007f4e74816180 RCX: 00007f4e7459c799 [ 215.255791][ T7548] RDX: 000000000000000c RSI: 00002000000004c0 RDI: 000000000000000a [ 215.255804][ T7548] RBP: 00007f4e74632bd9 R08: 0000000000000000 R09: 0000000000000000 [ 215.255817][ T7548] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 215.255829][ T7548] R13: 00007f4e74816218 R14: 00007f4e74816180 R15: 00007ffdd0759b08 [ 215.255860][ T7548] [ 215.795509][ T7552] loop0: detected capacity change from 0 to 256 [ 215.822694][ T7552] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 215.845039][ T7552] exFAT-fs (loop0): Medium has reported failures. Some data may be lost. [ 215.876190][ T7552] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c91aa, utbl_chksum : 0xe619d30d) [ 215.903385][ T7552] exFAT-fs (loop0): failed to load alloc-bitmap [ 215.918099][ T7552] exFAT-fs (loop0): failed to recognize exfat type