last executing test programs: 5m4.729441094s ago: executing program 32 (id=289): r0 = socket$netlink(0x10, 0x3, 0xc) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="a800000000010904000500000000000002000000240001801400018008000100e000000108000200ac1e01010c00028005000100000009002400028014000180080001000000010908000200ac1e00010c000280050001000000000044000f800800014000000006080003400000002b080003400000000808000240000000400800014000000000fb0001400000000708000140000044f10800034000000003080007"], 0xa8}}, 0x0) 4m38.041174873s ago: executing program 33 (id=412): r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000007, 0x38011, r0, 0x0) r1 = io_uring_setup(0x5ba8, &(0x7f0000000000)={0x0, 0xfca0, 0x2, 0x0, 0x1e}) io_uring_register$IORING_REGISTER_RING_FDS(r1, 0x13, &(0x7f0000001bc0), 0x2) 4m37.624479147s ago: executing program 34 (id=414): syz_mount_image$jfs(&(0x7f00000002c0), &(0x7f0000000040)='./bus\x00', 0xa, &(0x7f0000000340)=ANY=[@ANYRES8=0x0], 0xfa, 0x6158, &(0x7f000000c680)="$eJzs3c1vHGcdB/DfvvolNLV6qEqEkJuWl1KaxEkJgQJtD3Dg0gPKFSVy3SoiBZQElFYWceULB078BSAkjghxRBz4A3rgyo0TJyLZSKCeGDT288Szk93aqe2dtefzkZyZ3zyz9jP73dmXzMw+AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADE97/3g5VORNz4eVqwFPGZ6EV0IxbKejkiFpaX8vr9iHgudprj2YgYzEWUt9/55+mIVyPio7MRW9vrq+Xiywfsx3f/+Pff/fDMW3/7w+Dif/90r/fapPXu3//Vf/784HDbDAAAAG1TFEXRSR/zz6XP992mOwUATEV+/S+SvPzU17/+51t/maX+qNVqtVo9hbqqGO9BtYiIjeptyvcMDscDwAmzER833QUaJP9W60fEmaY7Acy0TtMd4Fhsba+vdlK+nerrwfJuez4XZCT/jc6j6zsmTfdTP8dkWo+vzejFMxP6szClPsySnH+3nv+N3fZhWu+485+WSfkPdy99ap2cf6+ef83pyb87Nv+2yvn3nyj/nvwBAAAAAGCG5f//X2r4+O/c4TflQD7p+O/ylPoAAAAAAAAAAEftsOP/PWL8PwAAAJhZ5Wf10m/O7i2b9F1s5fLrnYinausDLZMulllsuh8AAAAAAAAAAAAA0Cb93XN4r3ciBhHx1OJiURTlT1W9flKHvf1J1/bthzZr+kkeAAB2fXS2di1/J2I+Iq6n7/obLC4uFsX8wmKxWCzM5fezw7n5YqHyuTZPy2VzwwO8Ie4Pi/KXzVduV7Xf5+X92uu/r/xbw6J3gI4dkUG6Nyc0NxQ2ACS7r0ZbXpFOmaJ4etKbDxhh/z+FlmKp6ccVs6/phykAAABw/IqiKDrp67zPpWP+3aY7BQBMRX79rx8XOFTdndAecTS/X61Wq9Vq9aeqq4rxHlSLiNio3qZ8z2A4fgA4YTbi46a7QIPk32r9iHiu6U4AM63TdAc4Flvb66udlG+n+nqQxnfP54KM5L/R2bldvv246X7q55hM6/G1Gb14ZkJ/np1SH2ZJzr9bz//GbvswrXfc+U/LpPyHO5fMtU/Ov1fPv+b05N8dm39b5fz7T5R/T/4AAAAAADDD8v//Lzn+mzcZAAAAAAAAAE6cre311Xzdaz7+/7kx67n+83TK+XeeNP+FNC//Ey3n363l/+Xaer3K/MM39/b/f2+vr/7+3r8+m6cHzX8uz3TSI6uTHhGd9Jc6/TQ9zNY9bnPQG5Z/adDp9vrpnJ9i8E7cituxFpdG1u2m+2OvfWWkvezpYKT98kh7/7H2KyPtg/S9A8VCbr8Qq/GTuB1v77QPR+/2seb3uX+Kfdpz/j3P/62U8+9Xfsr8F1N7pzYtPfyw+9h+X52O+ztv3Pr8Ly8d/+bsazN6j7atqty+8w30Z+c+OTOMn91du3Ph/s179+6sRJqMLL0caXLEcv6DnZ+5vef/F3bb8xNQdX99+OHwifOfFZvRn5j/C5X5cntfmnLfmpDzH6afnP/bqX38/n+S85+8/7/cQH8AAAAAAAAAAAAAAADgkxRFsXOJ6BsRcTVd/9PUtZkAwHTl1/8iycvVarVarVafvrqqGO/1ahERf63epnzP8ItxvwwAmGX/i4h/NN0JGiP/Fsvf91dOX2y6M8BU3X3/gx/dvH177c7dpnsCAAAAAAAAAHxaefzP5cr4zy9GxFJtvZHxX9+M5cOO/9nPM48GGD3igb4n2OwOe93KcOPPx8743Bcmjf99Ph4f/zuPidurbscEg33ah/u0z+3TPj926V5aYy/0qMj5P18Z77zM/1xt+PU2jP9aH/O+DXL+5yuP5zL/L9XWq+Zf/Hbm8t846Iqb0R3J/+K993568e77H7xy672b7669u/bjKysrl65cvXrt2rWL79y6vXZp99/j6fUMyPnnsa+dB9ouOf+cufzbJef/hVTLv11y/l9MtfzbJeef3+/Jv11y/vmzj/zbJef/Uqrl3y45/6+kWv7tsrW9Plfm/3Kq5d8uef//aqrl3y45/1dSLf92yflfSLX82yXnfzHVB8jf18OfIjn/fITL/t8uOf+VVMu/XXL+l1Mt/3bJ+V9JtfzbJef/aqrl3y45/6+lWv7tkvO/mmr5t0vO/+upln+75PyvpVr+7ZLz/0aq5d8uOf9vplr+7ZLzfy3V8m+XnP+3Ui3/dsn5fzvV8m+XnP93Ui3/dsn5v55q+bfL3vf/mzFjxkyeafqZCQAAAAAAAAAAAACom8bpxE1vIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2cHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKO3AgAAAAAADk/9oIVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVdi7txi57voO4Gf2Yq8dQgyE4KQG1o4xxlmy60t8oXUx4doApUBCoRds17s2C77htUugSDYNlEgYFVVUTR/aAkJtpKrCqnigFaV5qHp5atoH+lJRVUJqVIUooCK1Fc1WM+f//3tmdnZm1ztez57/5yPZv92ZM3POnDkzu9+1v3sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAZlvfPPP5WlEU9T+NvzYVxYvqH28Y39S47A23egsBAACAlfq/xt/P35EuOLKEGzUt83ev+sdvzs/PzxcfHP7d0S/Pz6crxotidH1RNK6Lrv37h2rNywSPFWO1oabPh3qsfrjH9SM9rh/tcf26Htev73H9WI/rF+yABTaUP49p3Nn2xoebyl1a3FmMNq7b3uFWj9XWDw3Fn+U01Bq3mR89WcwWp4uZYqpl+XLZWmP5b2+tr+sdRVzXUNO6ttSPkB9++kTchlrYx9tb1nX9PqMfvKkY/9EPP33ijy8+e3en2XM3tNxfuZ07t9W387PhknJba8X6tE/idg41beeWDs/JcMt21hq3q3/cvp3PL3E7h69v5qpqf87HiqHGx0839tNI84/10n7aEi7773uLorhyfbPbl1mwrmKo2NhyydD152esPCLr91E/lF5ajCzrON26hOO0Pqe3tx6n7a+J+PxvDbcbWWQbmp+mH3xm3YLnfbnHaVR/1Iu9VtqPwX6/VgblGIzHxdONB/14x2Nwe3j8n96x+DHY8djpcAymx910DG7rdQwOrRtubHN6EmqN21w/Bne3LD/cWFOtMZ/Z0f0YnLx45vzk3Cc/9frZM8dPzZyaObt39+6pvfv3Hzx4cPLk7OmZqfLvG9zbg29jMZReA9vCvouvgde2Ldt8qM5/tX+vw7Eur8NNbcv2+3U40v7gaqvzglx4TJevjYfrO33s6lCxyGus8fzsWvnrMD3uptfhSNPrsOPXlA6vw5ElvA7ry5zftbTvWUaa/nTahpv1tWBT0zHY/v1I+zHY7+9HBuUYHAvHxb/uWvxrwZawvY9PLPf7keEFx2B6uOG9p35J+n5/7GBjdDou76lfcdu64tLczIX7Hz1+8eKF3UUYq+JlTcdK+/G6sekxFQuO16FlH69HZl/1+D0dLt8U9tXY6+t/jS36XNWX2Xd/9+eq8dWt8/5suXRPEUafrfb+7PTVvL4/U5bssj/ry3x2cuXfi6dc2vT+O7rI+2/M/S+U60t39djw6Ej5+h1Oe2e05f249akaabx31Rrrfn5yae/Ho+HPar8f39nl/Xhz27L9fj8ebX9w8f241uunHSvT/nyOhePk9FT39+P6Mpv3LPeYHOn6fnxvmLWw/18XkkLKRU3HzmLHbVrXyMhoeFwjcQ2tx+neluVHQzarr+vJPTd2nO68t7yv4fTorlut43S8bdl+H6fp/Wqx47TW66dvN6b9+RwLx8Wde7sfp/Vlntq38vfODfHDpvfOdb2OwdHhdfVtHk0HYfl+P78hHoP3FyeKc8XpYrpx7brG8VRrrGvigaUdg+vCn9V+r9zc5Rjc2bZsv4/B9HVssWOvNrLwwfdB+/M5Fo6LJx7ofgzWl3nLgf5+77ozXJKWafretf3na4v9zOuett10M3/mVd/OvznQ/Wez9WVOH1xuzuy+n+4Ll9zWYT+1v34Xe01NF6uznzaH7Xz24OL7qb499WW+fGiJx9ORoiguf/zBxs97w7+v/Pml736z5d9dOv2bzuWPP/jc7Sf/djnbD8Da90I5NpZf65r+ZWop//4PAAAArAkx9w+Fmcj/AAAAUBkx98f/FZ7I/wAAAFAZMfePhJlkkv83v+XZ2RcuF6mZPx/E69NueKhcLnZcp8Ln4/PX1S9/8OszP/7Ly0tb91BRFD956Dc6Lr/5obhdpfGwndfe2nr5whteXtL6jz1yfbnm/vpXwv3Hx7PUw6BTBXeqKIpv3/HFxnrGP3S1MZ966Fhjvu/K44/Vl3n+UPl5vP0zLyuX/4NQ/j1y8njL7Z8J++H7YU69s/P+iLf7xtXXbTnwgevri7erbXtx42E/8eHyfuPvyfnSY+XycT8vtv1/9YUnv1Ff/tHXdN7+y0Odt//JcL9fD/N/Xlku3/wc1D+Pt/tc2P64vni7+7/2nY7bf+3z5fLn31YudyzMuP6d4fPtb3t2tnl/PVo73vK4ireXy8X1T333txvXx/uL99++/WNHr7bsj/bj46l/Lu9nsm35eHlcT/QXbeuv30/z8RnX/+RvHWvZz73Wf+19z7yyfr/t67+vbbnhttu3/8amP/zcFzuuL27PkT873/J4jrw3vI7D+p/4cDgew/X/e+2LLeuNjr239f0nLv+VTZdbHk/0jh+V67/2xlON+R/jP/792150+4uvvLq+74ri6feX99dr/af+6FzL9n/1rl2N5yNeHzv67etfTFz/hU9MnD03d2l2ummvNn53zrvK7Vk/tmFjfXvvCO+t7Z8fPXfxIzMXxqfGp4pivLq/Qu+GfS3M58pxZbm33/VIeD7v+b1vb9zxT1+Il//Lw+XlV99Zft16bVjuS+HyTeXzN19b4fqf2HpX4/Vde6r8vKXH3gdbtv/nwSUtGB5/+/cF8Xg///KPNPZD/brG1434ul7h9n9vuryfb4X9Oh9+M/O2u66vr3n5+LsRrr6/fL2veP+Ft7n4vP5JeL7f/f3y/uN2xcf7vfB9zHc2t77fxePjW5eH2u+/8Vs8roT3k+JKeX1cKu7vq8/f1XHz4u8hKa7c3fj8d9L93L2sh7mYuU/OTZ6ePXvp0cmLM3MXJ+c++amjZ85dOnvxaON3eR79aK/bX39/2th4f5qe2b+vmNpQFMW5YmoV3rBuzvbXP1ra9p9/5MT0gakd0zMnj186efGR8zMXTp2YmzsxMz234/jJkzOf6HX72enDu/cc2ntgz8Sp2enDBw8d2ntoYvbsufpmlBvVw/6pj02cvXC0cZO5w/sO7X7ggX1TE2fOTc8cPjA1NXGp1+0bX5sm6rf+9YkLM6ePX5w9MzMxN/upmcO7D+3fv6fnbwM8c/7k3PjkhUtnJy/NzVyYLB/L+MXGxfWvfb1uTzXN/Vv5/Wy7WvmL+Ir33Lc//X7Wuq9/ZtG7Khdp+wWiz4bfRfMPLzl/cCmfx9w/GmaSSf4HAACAHMTcvy7MRP4HAACAyoi5f32YifwPAAAAlRFz/1iYSSb5X/9f/39p/f/yev3/vPr/5z9e9krXev8/9uf1//Nwi/v/K16//r/+f/X6/0vvz6/17df/1/9noUHr/8fcv6Eossz/AAAAkIOY+zeGmcj/AAAAUBkx998WZiL/AwAAQGXE3P+iMJNM8r/+/5L6/3t6Fa6q3/93/n/9/2Jt9v/jk6P/n41l9+8/8HDLp/r/gf6//r/+v/6//j8rNrroNbeq/x9z/+1hJpnkfwAAAMhBzP0vDjOR/wEAAKAyYu6/I8xE/gcAAIDKiLl/U5hJJvlf/9/5//X/9f8r3f9f6fn/mzZG/39tcP7/7pbd/1+v/7+0/v+Y/v9a7P+P9nf7B7v/33Pz9f+5KQbt/P8x978kzCST/A8AAAA5iLn/pWEm8j8AAABURsz9Lwszkf8BAACgMmLuvzPMJJP8r/+v/6//r/+v/995/b3P/19+pP8/WPT/u3P+/x6c/z+v/n+ft3+w+//9Pv//6Fvbb6//TyeD1v+Puf/lYSaZ5H8AAADIQcz9d4WZyP8AAABQGTH3vyLMRP4HAACAyoi5f3OYSSb5X/9f/1//X/9f/7/z+nv3/0v6/4NF/787/f8e9P/1//X/l9b/7/DNr/4/nQxa/z/m/rvDTDLJ/wAAAJCDmPvvCTOR/wEAAKAyYu7/qTAT+R8AAAAqI+b+LWEmmeR//X/9f/3/vPr/963T/9f/rzb9/+70/3vQ/9f/1/9f4vn/F1pO/399rzujMgat/x9z/yvDTDLJ/wAAAJCDmPtfFWYi/wMAAEBlxNz/6jAT+R8AAAAqI+b+8TCTTPK//n+1+v9/+tdPvLrQ/9f/77H+ivb/42Gg/585/f/u9P970P/X/9f/X5X+P/kYtP5/zP1bw0wyyf8AAACQg5j7t4WZyP8AAABQGTH33xtmIv8DAABAZcTcvz3MJJP8r/9frf5/pP+v/99t/RXt/yf6/3nT/++g6UWq/9+D/r/+f/b9//jdr/4//TFo/f+Y+18TZpJJ/gcAAIAcxNy/I8xE/gcAAIDKiLn/tWEm8j8AAABURsz9O8NMMsn/+v/6//r/+v/6/53Xr/+/Nun/d7fc/v86/X/9f/3/zPr/zv9Pfw1a/z/m/teFmWSS/wEAACAHMffvCjOR/wEAAKAy4v/fLP/fq/wPAAAAVRRz/0SYSSb5X/9f/z+n/n9N/1//X/+/8vT/u3P+/x70//X/9f/1/+mrQev/x9z/+jCTTPI/AAAA5CDm/vvDTOR/AAAAqIyY+yfDTOR/AAAAqIyY+6fCTDLJ//r/+v859f+d/1//X/+/+vT/u9P/70H/X/+/av3/otD/55YatP5/zP27w0wyyf8AAACQg5j794SZyP8AAABQGTH37w0zkf8BAACgMmLu3xdmkkn+1/+vav9/vtD/1/9fbP36//r/Vab/353+fw/6//r/Vev/O/8/t9ig9f9j7n8gzCST/A8AAAA5iLl/f5iJ/A8AAACVEXP/gTCTkP87/b9uAAAAYG2Juf9gmEkm//6v/1+R/v9v/n3Lup3/X/+/2/r70//foP8fpv7/YKlo/7/9ZXHD9P970P/X/9f/1/+nrwat/x9z/6Ewk0zyPwAAAOQg5v43hJnI/wAAAFAZMff/dJiJ/A8AAACVEXP/z4SZZJL/9f8r0v9vo/+v/99t/c7/r/9fZRXt//dNpfr/Q/r/+v+Dtf36//r/LHTz+//xo6X1/2PuPxxmkkn+BwAAgBzE3P+zYSbyPwAAAFRGzP1vDDOR/wEAAKAyYu4/EmaSSf7X/9f/1//X/785/f83Fu0Gsf9fP3j0/6tF/7+7SvX/nf9f/3/Atl//X/+fhQbt/P8x978pzCST/A8AAAA5iLn/wTAT+R8AAAAqI+b+N4eZyP8AAABQGTH3vyXMJJP8r/+v/6//r//v/P+d16//vzbp/3en/9+D/r/+v/6//j99NWj9/5j73xpmkkn+BwAAgBzE3P+2MBP5HwAAACoj5v63h5nI/wAAAFAZMfe/I8wkk/yv/6//r/+v/6//33n9+v9rk/5/d/r/Pej/6//r/+v/01eD1v+Puf/nwkwyyf8AAACQg5j7Hwozkf8BAACgMmLuf2eYifwPAAAAlRFz/7vCTDLJ//r/+v/6//r/+v+d16//vzbp/3en/9+D/r/+v/6//j99NWj9/5j73x1mkkn+BwAAgBzE3P/zYSbyPwAAAFRGzP3vCTOR/wEAAKAyYu7/hTCTTPK//r/+/2D1/+cvN99O/1//v+hX/79+I/3/LOj/d6f/30OH/v96/X/9f/1//X9u2KD1/2Puf2+YSSb5HwAAAHIQc//7wkzkfwAAAKiMmPvfH2Yi/wMAAEBlxNz/cJhJJvlf/z/L/n96yIPX/3f+f/1/5//X/18Z/f/u9P97cP5//X/9f/1/+mrQ+v8x9z8SZpJJ/gcAAIAcxNz/gTAT+R8AAAAqI+b+Xwwzkf8BAACgMmLu/2CYSSb5X/8/y/7/AJ//v2r9/5GW4yOn/v9Y0/OZjkv9f/3/VaD/353+fw/6//r/g9z/D0fzhkVur//PIBq0/n/M/R8KM8kk/wMAAEAOYu7/pTAT+R8AAAAqI+b+Xw4zkf8BAACgMmLu/5Uwk0zyv/6//r/+v/P/O/9/5/Xr/69N+v/d6f/3oP+v/z/I/f8e9P8ZRIPW/4+5/1fDTBYNfs/91xIeJgAAADBAYu7/cJhJJv/+DwAAADmIuf9omIn8DwAAAJURc/+xMJNM8r/+f3v/P55RVf9f/1//X/9f/38t6l///xW3F4X+v/6//r/+/2r2/4f0/6mcQev/x9x/PMwkk/wPAAAAOYi5/9fCTOR/AAAAqIyY+0+Emcj/AAAAUBkx90+HmVQx/7eXam9t/390MPv/zv9/o/3/n+j/6/8H+v+d6f+vDuf/707/vwf9f/1/5//X/6evBq3/H3P/TJhJFfM/AAAA5CX9ODjm/pNhJvI/AAAAVEbM/afCTOR/AAAAqIyY+z8SZpJJ/nf+f/1/5/+/Ff3/kZbl9f9L+v/6//2g/9+d/n8P+v/6//r/+v/01aD1/2Punw0zyST/AwAAQA5i7v9omIn8DwAAAJURc//HwkzkfwAAAKiMmPtPh5lkkv/1//X/c+//14riivP/6/93Wr/+/9qk/9+d/n8P+v/6//r/+v/01aD1/2PuPxNmkkn+BwAAgBzE3H82zET+BwAAgMqIuf9cmIn8z/+zdx/Ncp3VHof7+toKo3s/wh3fEUMYmY/AlBlVjKkimBxskzOYnIPJOedkcs45m5yjiYYqUZLWWtLRae0+0mmd3vtdzzNZSCXRfayWqD+qnzcAAADDyN1/z7ilyf7X/+v/u/f/q508/3/vj9f/n6X/1/9vw77+/ur1P+5iUfhF+/873PG6u+n/9f/6/0n6f/2//p8Lza3/z91/r7ilyf4HAACADnL33ztusf8BAABgGLn77xO32P8AAAAwjNz918UtTfa//l//r//X/+/p/2/R/+v/l83z/6fp/zfQ/+v/9f/6f7Zqbv1/7v77xi1N9j8AAAB0kLv/fnGL/Q8AAADDyN1//7jF/gcAAIBh5O5/QNzSZP/r//X/+v+l9P/HPP//gq9H/6//X0f/P03/v4H+X/+v/9f/s1Vz6/9z9z8wbmmy/wEAAKCD3P0PilvsfwAAABhG7v4Hxy32PwAAAAwjd/9D4pYm+1//r//X/y+l/z+i5//r//X/C3fz6tyfCUfd/x/bwr9/QP8/7/5/tdL/TzlwP7/+y1vO+78I/b/+n/3m1v/n7n9o3HLn1erY5X6RAAAAwKzk7n9Y3NLk7/8BAACgg9z918ct9j8AAAAMI3f/DXFLk/2v/9f/6//1//r/9a+v/18mz/+fdvj+////9x5379v/e/7/NM//33b/f/qTof9n2ebW/+fuvzFuabL/AQAAoIPc/Q+PW+x/AAAAGEbu/kfELfY/AAAADCN3/yPjlib7X/8/Wv//33t+3nn9/5naRf+v/9f/6/9Hp/+f5vn/G5z5Y+5kfVP/r//3/H/9P4czt/4/d/+j4pYm+x8AAAA6yN3/6LjF/gcAAIBh5O5/TNxi/wMAAMAwcvc/Nm5psv/1/6P1/3t/nuf/6//Xvb7+X/8/Mv3/NP3/BqM8//8yPzW77ucPa9fvX/+v/2e/ufX/ufsfF7c02f8AAADQQe7+x8ct9j8AAAAMI3f/E+IW+x8AAACGkbv/iXFLk/2v/9f/L6P/z1fQ/+v/r3z/n/T/y6T/n6b/32CU/v8y7bqfX/r71//r/9lvbv1/7v4nxS1N9j8AAAB0kLv/yXGL/Q8AAADDyN3/lLjF/gcAAIBh5O5/atzSZP/r//X/y+j/Pf9f/+/5//r/g9H/T9P/b6D/1//r//X/bNXc+v/c/TfFLU32PwAAAHSQu/9pcYv9DwAAAMPI3f/0uMX+BwAAgGHk7n9G3NJk/+v/9f/6f/2//n/96+v/l0n/P03/v4H+X/+v/9f/s1Uz6v/P+1knVs+MW5rsfwAAAOggd/+z4hb7HwAAAIaRu//ZcYv9DwAAAMPI3f+cuKXJ/tf/z6b/P5PzjdX/n1ytVvr/VdP+/+R5v571udT/6/+PgP5/mv5/A/2//l//r/9nq462/z/9Z/70vw8gd/9z45Ym+x8AAAA6yN3/vLjF/gcAAIBh5O5/ftxi/wMAAMAwcve/IG5psv/1/7Pp/88Yq//3/P8LPx+d+n/P/99P/3809P/T9P8b6P/1//p//T9bdbT9/+Zv5+5/Ydx07JrL/hIBAACAmcnd/6K4pcnf/wMAAEAHuftfHLfY/wAAALBQN+37ntz9L4lbmux//f92+/9j532f/l//f+HnQ/+v/9f/X3n6/2n6/w30//p//b/+n62aW/+fu/+lcUuT/Q8AAAAd5O6/OW6x/wEAAGAYuftfFrfY/wAAADCM3P0vj1ua7H/9v+f/6//1//r/9a+v/18m/f80/f8G+n/9/277/+Pn/qP+nzFcQv9/6tSp6694/5+7/xVxS5P9DwAAAB3k7n9l3GL/AwAAwDBy978qbrH/AQAAYBi5+18dtzTZ//r/pv1/ftSX1f/fsFrp//X/+n/9/zT9/zT9/wb6f/2/5//r/9mquT3/P3f/a+KWJvsfAAAAOsjd/9q4xf4HAACAYeTuf13cYv8DAADAMHL3vz5uabL/9f9N+3/P/9f/6/+Puv+/faX/PxKL6P9PXvz1597/36j/1/9PaNf/3+VOe76p/9f/s9/c+v/c/W+IW5rsfwAAAOggd/8b4xb7HwAAAIaRu/9NcYv9DwAAAMPI3f/muOnqJvtf/6//1//r//X/61//iJ//f2y1Wun/t2AR/f+Euff/23n+/4W/y8/R/+v/l/z+9f/6f/abW/+fu/8tcUuT/Q8AAAAd5O5/a9xi/wMAAMAwcve/LW6x/wEAAGAYufvfHrc02f/6f/2//l//P3z/f+Mi+n/P/98S/f+0efT/F6f/1/8v+f3r//X/HNyu+v/c/e+IW5rsfwAAAOggd/874xb7HwAAAIaRu/9dcYv9DwAAAMPI3f/uuKXJ/tf/6/8vpf/P96n/H6v/Pz67/v/Env++Js//1/9vif5/mv5/A/2//l//f5P+n22a2/P/c/e/J25psv8BAACgg9z9741b/9et/Q8AAADDyN3/vrjF/gcAAIBh5O5/f9zSZP/r//X/nv+v/x/++f/6/1b0/9P0/xvo//X/+n/P/2er5tb/5+7/QNzSZP8DAABAB7n7Pxi32P8AAAAwjNz9H4pb7H8AAAAYRu7+W+KWJvtf/6//1//r//X/Z38N9f9j0P9PO5r+/6T+X/9f/fx/xe8C/b/+f9PPZ0xz6/9z9384bmmy/wEAAKCD3P0fiVvsfwAAABhG7v6Pxi32PwAAACzS1Wu+L3f/x+KWJvtf/6//1//r//X/619f/79MO+n/80Oh//f8/9Cn//+/Pd9a2vP/L/zfL/2//p/tm1v/n7v/43FLk/0PAAAAHeTu/0TcYv8DAADAMHL3fzJusf8BAABgGLn7PxW3NNn/+n/9v/5f/6//X//6+v9l8vz/afr/DfT/O31+/tLfv/5f/89+c+v/c/d/Om5psv8BAACgg9z9n4lb7H8AAAAYRu7+z8Yt9j8AAAAM48zuz7is4f7X/+v/9f/6f/3/+tfX/y+T/n+a/n8D/b/+X/+v/2er5tb/f+7Mzzqx+nzc0mT/AwAAQAe5+78Qt9j/AAAAMIzc/V+MW+x/AAAAGEbu/i/FLU32v/5f/7+M/v/UqVPX6//1/3u/nnP9/636f4r+f5r+fwP9v/5f/6//Z6vm1v/n7v9y3NJk/wMAAEAHufu/ErfY/wAAADCM3P1fjVvsfwAAABhG7v6vxS1N9r/+fwb9/wn9v+f/6/9Xnv+v/98S/f80/f8GI/b/Jw7+5e+6nz+sXb9//b/+n/3m1v/n7v963NJk/wMAAEAHufu/EbfY/wAAADCM3P3fjFvsfwAAABhG7v5vxS1N9r/+/+j6/9P/7Lo8///kav371//r//X/+v8rTf8/Tf+/wYj9/yXYdT+/9Pev/9f/s9/c+v/c/d+OW/YOv2su7asEAAAA5iR3/3filiZ//w8AAAAd5O7/btxi/wMAAMAwcvd/L25psv/1/zN4/v+A/b/n/6//fOj/Z93/X6X/H4P+f5r+fwP9v/5f/7+l/j8/zfr/7ubW/+fu/37c0mT/AwAAQAe5+38Qt9j/AAAAMIzc/T+MW+x/AAAAGEbu/lvjlvP2/7q2exT6f/2//l//r/9f//r6/2XS/087aP9/fHW4/j/p//X/+v+u/b/n/3PW3Pr/3P0/ilv8/T8AAAAszjUX+f7c/T+OW+x/AAAAGEbu/p/ELfY/AAAADCN3/0/jltuu2tVbOlL6f/2//l//r/9f//r6/2XS/0/z/P8N9P/b6Oev1f+P0f+vVvp/Dm9u/X/u/p/FLf7+HwAAAIaRu//ncYv9DwAAAMPI3f+LuMX+BwAAgGHk7v9l3NJk/+v/9f+H7P/PpJn6/7P0/2fp/9fT/x8N/f80/f8G+n/P/9f/e/4/WzW3/j93/6/ilib7HwAAADrI3f/ruMX+BwAAgGHk7v9N3GL/AwAAwDBy9/82bmmy/3fW/8c/av3/4vt/z/+/4v3/6a9O/6//1/8flP5/mv5/A/2//l//r/9nq+bW/+fu/13c0mT/AwAAQAe5+38ft9j/AAAAMIzc/X+IW+x/AAAAGEbu/j/GLU32v+f/6//1/3Pv/z3/X/+v/78U+v9p+v/16hdK/6//1//r/9mqufX/ufv/FLc02f8AAADQQe7+P8ct9j8AAAAMI3f/bXGL/Q8AAADDyN3/l7ilyf7X/+v/9f/6f/3/+tfX/y+T/n/aLvv/u/7P5pf1/P+d9//5FvT/+n/9P1sxt/4/d/9f45Ym+x8AAAA6yN3/t7jF/gcAAIBh5O7/e9xi/wMAAMAwcvf/I25psv839P/H6wfq/yfp//e+f/3/+s+H/l//r/+/8vT/06b7//N+Nzd7/n/R/3v+v/5f/89Wza3/z93/z7ilyf4HAACADnL33x632P8AAAAwjNz9/4pb7H8AAAAYRu7+f8ctTfa/5/8vqf+/Vv+v/9f/6//1/xvo/6ft8vn/B6H/1/8v+f3r//X/7De3/j93/38CAAD//7iNUc0=") rename(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00') setxattr$security_ima(0x0, &(0x7f00000000c0), 0x0, 0x0, 0x0) lremovexattr(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)=ANY=[]) 4m9.728589084s ago: executing program 35 (id=536): r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b52710aeee835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5bc6d3fd0500000022eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe326c2ed0a432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000280)=ANY=[@ANYRES32=r1, @ANYRES32=r0, @ANYBLOB='&'], 0x10) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000040)={@map=r1, 0x26, 0x0, 0x0, &(0x7f0000001440)=[0x0], 0x1, 0x0, 0x0, 0x0, 0x0}, 0x40) 4m9.105150525s ago: executing program 6 (id=540): r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth1_to_hsr\x00', 0x0}) sendmsg$ETHTOOL_MSG_LINKMODES_GET(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x34, r0, 0x333, 0x0, 0xfffffffe, {0x1c}, [@HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvtap0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000040}, 0x8880) 4m8.067656589s ago: executing program 6 (id=544): r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r0) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x42002, 0x180) sendfile(r1, r1, 0x0, 0x1200000000000) 4m7.532969023s ago: executing program 6 (id=547): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0xfffffffc, '\x00', 0x0, 0x0}, 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x11, &(0x7f0000000240)=@framed={{}, [@call={0x85, 0x0, 0x0, 0xbc}, @snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r1, 0x0, 0xe, 0x0, &(0x7f0000000340)="c1dfb080cd21d308098e00000000", 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 4m7.355494017s ago: executing program 6 (id=550): syz_mount_image$reiserfs(&(0x7f0000000140), &(0x7f0000001140)='./file6\x00', 0x98, &(0x7f0000000280), 0x1, 0x10ef, &(0x7f00000022c0)="$eJzs2DGLE0EYBuB3dg/kqshcvx5oYSHHHfEPXKGQxsLaLljZmUrJz/HnyFX2R3pTBOyVTQwJEhDJYuB4Hlh252Vmvp1yvgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDvLPlekosmqdusSVKSrrubLJJ02/zx17ZJydv3k9mrj+PXs8209FmT0q9aj+vN01rHdVxv6suL22d19unzh3avZEmX+9V8ev5mOehR+trtoDsCAADAw/DzaKMT1wcAAAD+ZrBGAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAA6vajSVKSrrubLJJ0p/0tAAAA4EglTd6NDuWbNsDOi3wblZRHu+RH6edc58uB9QAAAMC/KXv38ec5z5O9/DJnubrajH+/srxN2iTXf+xzv5pP18/lfFr+5wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgF/swLEAAAAAgDB/6zQ6NgAAAAAAAAAAAAAAAGCqAAAA//9TGNII") syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x20, 0x0, 0x0, 0x0, 0x0) syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) 4m5.924528683s ago: executing program 6 (id=554): sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x2000004) syz_mount_image$nilfs2(&(0x7f0000000ec0), &(0x7f0000000f00)='./file0\x00', 0x0, &(0x7f0000000f40)=ANY=[@ANYBLOB="00d77fbe9e57a434f929f74bee0c10f9cecfc3ead3b77b247312d0ad8ba2674f257f47c684e0aec5cb3009a5028bd4f70eef4b274a5c38fec4079e5f43b598a9e97e460422eae305e57ae786347345f1de885fa6957858a8b0377854b8190607303abd6aee330a8caac51797b7a15b53acc98e0d526b12f36eb277aead8d55f85523364369522d5f49efa95367a99d00d2c3049e41e7d9ffffffd7a5af9bb021ff2474356bb2c975e3e8f87f1064a983db4d47057c94053fbf53a474536fe59f83bfc1843bd6449160b0c4842dbbeef31ac9bd265bf70f693c8c0c0b783b82271433a5d3d3bcd4c7f801004830262a3c414bfbe76d431c2001567510239dd2f2bbc049000000000000000000000092675a0b4430360148a763030694149b66a254a61956fb1b6bcd6cfc49f4f84694e73ed9c4b4d6b47fc89f36d8e5fd41d863a5bdb87562aa6e346b0b210786e0ae945cf920870ccd9657e2d7639d2d2bc46706950fc40406f22ac773d5043bddfe88faba3a973a67a0a8c64c95ba285267c76a7a31636f1e09ea085c771b3aae335b25fcb6b11358349c0f04abad13df1d0a2f732b059707f13b539692c4fc930ccae68178bd95cfea76185a8146ff55219ed65edb3f89f2fd4112fa45eaaee3ad02b5f2ff9c85453a6af8f4a408bc729aec69f33404b61ad21da92b8c813ca3de184e899a596543ca6d9be9f93840870ccda17746cd6461ad770ab337102b891bcd84c1596a60db767d62f38f12b17636d1478ccb6dc3bf80474432a6123cdaf8a02bc6ac95c722c79aae41084a61bdc51f288b399f989893d302e48efd6bde23391c1867f9ae6c744f28ebe7027e1bc4e07a606691ccb47fe3ef3aa065b459734209ebacefaab29152ff79d6ed6b9bc9c638eab2c1a712053b50b19f6d1211483da44776df821c1f071af464fbc301e8282fd80dd61a80920b738a1c99fb4352a73c9e411b038d31ccf463a2d7edc5c339744e0f5052f275809bdba24f2a82b9f49101ed541031052095536b30"], 0x1, 0xf01, &(0x7f0000001e00)="$eJzs3U9oHNf9APA3q3+2pVirJL9flKSx1aSpE7eVXdmH9FQHTAshhFx6T3CsxFRJTZ0eEmIs9+RCDykhl5QeUpJbwT0UmlAooVDonxx67im0l5bigiGXGqwtkt9brZ413dVImtVqPx/46unNG833O16xnjfafRuAodVY+3r69GwRwrsfv3P221dWfr267Wh7j7m1r0XsNUMIYx39IjveZ3HD7ZtvnVttV7K2CAtrX9N4eO5G+2cnQwjLYS58Eprh6PHm59dGnl388L1Pj12++Mwru3T6AAAwVK7/aemvT/7jj1+duXX9yJkw0d6ers+bsT8Zr/tPxuv7dN3fCBv7RUd0Gs/2G4nRyPYbyfYbzfKMluQby44zVrLfeJd8Ix3bNjtPAAAAGESNOMdthqIx3zHPbYZGY37+zrx/1WfT48X8axeWFi/1sVgAAACgks+vrL3oVgghhBBiiONWq9Xqdw1CCCHE7kZrut93IAAAAIBhk9YdaK8PllvOVxbYnvbRmr3lv/F0Y/Ofhx1Q9++//IOV/4OrnnEAAKhuv15NpvNK19FpHYN8HcGR7Oe2ev3fyI4zusU6y9YVHJT1BsvqzP9d96qy+rf6OPZLWf35eph7VVn9+Tqde1VZ/RM111FVWf0Haq6jqrL6D9ZcR1Vl9R+quY6qyuqfrLmOqsrqn6q5jqrK6r+n5jqqKqv/cM11VFVW/6C8rLas/mbNdVRVVv9MzXVUVVb/vTXXUVVZ/ffVXEdVZfXfX3Md/fJIbNO/w5FsvHP+nM/pBmWOBwAAAMPuP31b/++bfV/7YNhi7W/Ce6AOIYTY9Vg1twfqEEIIsUnEFcj6XofYwbi6B2oQPcSVft58AAAAAPaE9L6A9K73VpTGR7qMj3YZH+syPt5lfKLLOAAAABDCb64tPvh2sf4+/+2uh5fWjUrrL211HaN8PcKt5t/uumfbzT8o65YBAAAwXIpvfbJy/Oz7r8/cun7kTMfsdyXOd9M6oKPx3sBHsZ9eFzCV9Ys0hz6zMU+jZL/8/sA9Zcd7fpsnCgAAAEMszd+boWjMd8y7m6HRmJ9fn4/PhrFi8cLS+ZOxnz6f5Q/TYxOr279ec90AAABA79bn+5vP/9Pn+M6G8WL+tQtLi5fu9Kfa28canfcFpte3F533BZrZ9oWS7adiP31+5yvTB9e2z5/73tJLO33yAAAAMCQuvfHmd19cWjr/fd/4xje+aX/T72cmAABgp33493f+/INTU7+98/7/9fXv0vv/52K/Gdf2+0vcIb1OIL0P4K7367+wMc902X4XN+7XzPYbiTGR1X2g4zihY73B9HMzG/oj6/s2Nx5nvCTfZJZvKsuXr1Mwmu2fzu9wtj1fnzDtN51tz9dhHM1yFFn+RwMAAACUO/H6qxdPXHrjza9dePXFl8+/fP61UycXvrHw1MLC6YUTa6/rP9H56n4AAABgEK2/6LfflQAAAAAAAAAAAAAAAAAAAMDwquPjxPp9jgAAADDs/n0lhLAshBBC1Bdrn3G6B+oQQgghxODHhOuKnqPVyj9pHgAAAGB33b751rnYXt10h+ViR/O1j9YM4UDH9pVYx+8f/9njq5G233h64/2SQztaDcOu4/f/3KY77PDvv/yDlf+Dqzubv/2c17zTpOe98ue/xsYDnKmW98s/+ecTnfkfGu0xf37+z1fLfyzLfyz0lr/1fpb/hWr5n8jyH+ox/13nf7Fa/idj/tlUz2O95t/4+E/ENp3HwR7zH8/O/6XQa/7s/Js9Jsx8JeYHgGHU6HcBuyRdJaTr6MnYT+cbLzdD/uqHrV7/N7LjjG678o3HTddBD8R+ul6ayvImW61/MjvePRXrzA3Kq0rK6t+px3G3ldU/VnMdVZXVP15zHVWV1T9Rcx1VldV/oOY6qiqrv9d5aL+V1T8o95XL6p+suY6qyuqfqrmOqsrq3+r/4/1SVv/hmuuoqqz+6ZrrqKqs/oq31WpXVv9MzXVUVVb/vTXXUVVZ/ffVXEdVZfXff/emQbkk2pKHY1s2H07zz+k4lvrNrD+xyb/lfr23AAAAAIPmX9b/E0IIIYQQQggh9n20Wv2+A0E/7e67mQHYqzz/DzeP/3Dz+A83jz//S3oNf5H1k5Eu46Ndxse6jI9n4/nv60SX8fuy47aiNH5/l/H/6zJ+uMv4A13GZ7uMP9hl/KEu4w93GQcAAGA4/H9szQ8BAABg/7r8i49+/KtjL9ycuXX9yJkwfte68ydjfyL+bf1a7Ofr3idj8W/+P4z9n8f2d7H9W7a/158AAADA7kufE+Pv/wAAALB/pc8pNf8HAACA/Wsmtub/AAAAsH/dG1vzfwAAANjHigObb45tui/waGx7XdcPANj7vhDbR2J7JLZHY/vF2KbrgMdi+6Wa6gMAds5Pv/Ojp94u1tf7P5WN347bU3uX5Tt3CorGxpX8D8b2UGwf77Ge/PMAes2fHO4xz27ln95mfgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABg/2isfT19erYI4d2P3zk7ffnsy6vbjrb3mFv7WsReM4Qw1v65NLre/2Xc8fbNt86ttiuxbcW2CAuhCEV7PDx3o51pMoSwHObCJ6EZjh5vfn5t5NnFD9/79Njli8+8sov/BAAAALDv/TcAAP//vcAp6A==") r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x81) open_by_handle_at(r0, &(0x7f0000000340)=ANY=[@ANYBLOB="2000000061000000000000000000000002"], 0x400200) 4m5.85167978s ago: executing program 5 (id=555): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000001c0), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000000c0)={0x24, r1, 0x1, 0x70bd28, 0x25dfdbfc, {}, [@NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @empty}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @empty}]}, 0x24}, 0x1, 0x0, 0x0, 0x8001}, 0x4000000) 4m5.60360264s ago: executing program 5 (id=557): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) getitimer(0x56445944653c29e4, 0x0) 4m4.702146813s ago: executing program 5 (id=560): r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) bind$inet6(r1, &(0x7f0000000500)={0xa, 0x5e20, 0xc8, @ipv4={'\x00', '\xff\xff', @empty}, 0x10001}, 0x1c) bind$inet6(r0, &(0x7f0000000500)={0xa, 0x5e20, 0xffffffff, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xe}}, 0x6}, 0x1c) 4m4.579088603s ago: executing program 5 (id=562): syz_mount_image$reiserfs(&(0x7f0000000140), &(0x7f0000001140)='./file6\x00', 0x98, &(0x7f0000000280), 0x1, 0x10ef, &(0x7f00000022c0)="$eJzs2DGLE0EYBuB3dg/kqshcvx5oYSHHHfEPXKGQxsLaLljZmUrJz/HnyFX2R3pTBOyVTQwJEhDJYuB4Hlh252Vmvp1yvgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDvLPlekosmqdusSVKSrrubLJJ02/zx17ZJydv3k9mrj+PXs8209FmT0q9aj+vN01rHdVxv6suL22d19unzh3avZEmX+9V8ev5mOehR+trtoDsCAADAw/DzaKMT1wcAAAD+ZrBGAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAA6vajSVKSrrubLJJ0p/0tAAAA4EglTd6NDuWbNsDOi3wblZRHu+RH6edc58uB9QAAAMC/KXv38ec5z5O9/DJnubrajH+/srxN2iTXf+xzv5pP18/lfFr+5wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgF/swLEAAAAAgDB/6zQ6NgAAAAAAAAAAAAAAAGCqAAAA//9TGNII") syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x20, 0x0, 0x0, 0x0, 0x0) syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) 4m3.720395253s ago: executing program 5 (id=564): r0 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r0, &(0x7f0000000300), 0x9) recvmmsg(r0, &(0x7f00000099c0)=[{{0x0, 0x0, 0x0}, 0xa89}, {{0x0, 0x0, 0x0}, 0x8}], 0x2, 0x40010020, 0x0) sendmsg$can_bcm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="050000007f0000000000010000000000", @ANYRES64=0x0, @ANYRES64=0x2710], 0x48}, 0x1, 0x0, 0x0, 0x11}, 0xc991) 4m2.27325151s ago: executing program 6 (id=566): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000100)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_SET_BACKOFF_EXPONENT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, r1, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x14080}, 0x0) 4m2.257809331s ago: executing program 5 (id=567): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001480), 0x42002, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x20000023896) ioctl$TIOCVHANGUP(r0, 0x5437, 0x0) 4m1.731559494s ago: executing program 36 (id=566): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000100)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_SET_BACKOFF_EXPONENT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, r1, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x14080}, 0x0) 4m1.617846074s ago: executing program 37 (id=567): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001480), 0x42002, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x20000023896) ioctl$TIOCVHANGUP(r0, 0x5437, 0x0) 2m30.833600132s ago: executing program 8 (id=1030): r0 = syz_open_dev$video4linux(&(0x7f0000000080), 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000840)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) ioctl$VIDIOC_UNSUBSCRIBE_EVENT(r0, 0x4020565b, &(0x7f0000000040)={0x8000000, 0x8000035, 0x2}) 2m30.569850213s ago: executing program 8 (id=1032): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x6, 0x7, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) setresuid(0x0, 0xee00, 0x0) 2m29.178092307s ago: executing program 8 (id=1046): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000100)='cpuset.cpus\x00', 0x2, 0x0) write$cgroup_subtree(r1, &(0x7f0000000280)=ANY=[@ANYBLOB='1-2:5/', @ANYRESOCT], 0x31) 2m28.894364559s ago: executing program 8 (id=1049): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=@newqdisc={0xf8, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x6}}, [@qdisc_kind_options=@q_netem={{0xa}, {0xc8, 0x2, {{}, [@TCA_NETEM_LOSS={0x8c, 0x5, 0x0, 0x1, [@NETEM_LOSS_GE={0x1b, 0x2, {0x101, 0xfffffffc, 0x2, 0x5}}, @NETEM_LOSS_GI={0x18, 0x1, {0x8, 0x80000001, 0x3, 0x1, 0x1ff}}, @NETEM_LOSS_GE={0x14, 0x2, {0x2, 0x3, 0x3, 0x7}}, @NETEM_LOSS_GI={0x18, 0x1, {0x7ff, 0x3, 0xfffeffff, 0xc5, 0x401}}, @NETEM_LOSS_GI={0x18, 0x1, {0xffff, 0xb1, 0x7fffffff, 0xde9, 0x42}}, @NETEM_LOSS_GI={0x18, 0x1, {0xc, 0x4, 0x1, 0x0, 0x1000}}]}, @TCA_NETEM_RATE={0x14, 0xd}, @TCA_NETEM_CORRUPT={0xc, 0x2}]}}}]}, 0xf8}}, 0x0) 2m28.564401616s ago: executing program 8 (id=1051): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000026c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34665c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbccbddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e712a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd13f4cec49669e443dcb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ef8dba2f23b01a9ae44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af40000000000000005f58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef07000000000000006da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405a07feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09c0e5a3bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea10d3cfb41b92ecbb422a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f74562adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b4412331d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd100fcffff007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711c6529ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a22c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29008000000000000005ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc030ea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efd936b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800001f00000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351b9332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a138d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fce43d8c53a8031e64026e0d36b6401064c49a729f11ab377f7132c5232bb80195dd5d43d29646a9378eea0761b7ed9d2172e33ed87c7413c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828b07f1dc7df9c8e5da22dfb9dacbf5529e4e994128d835f85465173ea7bbcc519a0c9798ce8b1b07567e3e07169c8c3e4da8bf725c050000000000000000000000000000000000000000004775abdf0c62728eb55a9e2849a1ce05bed60dfe4cc9fa43f9684297c02382c0a35829be7a86305792a9d2e80ca9e8fc50f31f6e0fa810303da03d8b74b42c1ebaf16bb343256405a3a07229a54de09a97b269cd29e8b2f0b0d46c51a6a93eec37f4bc6e29a8e19120ae050ab682662e9b2cc3263a4aba62b63ca9123a53c0f4bf3c4463b8144c89bf058a0af0ae9fc2b7cdfc4817703e267cddc193637d7fd97646090da37093657643daae3840c7f5c10f93524f7ae4791ec6e9d9722e5f670ccb358e051a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x5a}, 0x48) bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000580)={@fallback=r0, r0, 0x2f}, 0x20) r1 = socket$kcm(0x11, 0x3, 0x0) sendmsg$kcm(r1, &(0x7f0000000200)={&(0x7f0000001340)=@hci={0x1f, 0xdd86, 0x3}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000040)='b', 0x1}], 0x1}, 0x0) 2m28.352970384s ago: executing program 8 (id=1052): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0x4, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfeff0001}, [@call={0x85, 0x0, 0x0, 0x7d}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f05, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='block_bio_remap\x00', r0}, 0x18) bpf$ENABLE_STATS(0x20, 0x0, 0x0) sync() 2m24.415077583s ago: executing program 7 (id=1067): r0 = socket(0x40000000015, 0x5, 0x0) close(r0) socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r0, 0x84, 0x19, &(0x7f00000000c0)={0x0, 0x7f}, 0x8) 2m24.218151319s ago: executing program 7 (id=1069): write$binfmt_script(0xffffffffffffffff, 0x0, 0x0) syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000040)='./bus\x00', 0x1a00040, &(0x7f0000000f00)=ANY=[@ANYBLOB="757466383d312c726f6469722c756e695f786c6174653d302c696f636861727365743d63703737352c73686f72746e616d653d77696e39352c756e695f786c6174653d302c6e6f636173652c636f6465706167653d3733372c726f6469722c696f636861727365743d6d6163696e7569742c696f636861727365743d6d6163677265656b2c757466383d302c00f4f168e95dab38d0ec2bd96f7cdbaecb21e70292435ed8777cfa9b37331faa9394479a76a69348cc8f8d0f08d42aed344c00"/203], 0x3, 0x350, &(0x7f0000000580)="$eJzs3U9oW3UcAPBv9tKkHcz2IAwF4elN0LJWPOipZXQwzEUl+OcgBtepNHXQYLA7NKsX8Sh41JM3D3rwsLMIinjz4NUJMhUPutvA4ZMkL81Lk3adkM3i53MI331/329+v7c8mtfX5tdXV2LjwkxcvHHjeszOlqK8cnYlbpZiIZIYuBLjKhNyAMDxcDPL4s+s74gtpSkvCQCYst77/+unCpl3vz6sPvPuDwDHXv79/9xhNbMHDVyaypIAgCkbu///yMhwZfRH/eXCbwUAAMfV8y+9/MxqLeK5NJ2N2HyvXW/X4+nh+OrFeDOasR5nYj5uRfQvFLoPpd7jufO1tTNpmnbil4Wodzva9YjNTrvev1JYTXr91ViK+VjI+/OrjSzLknNf1NaW0p6IuNLpzR+bpXZ9Jk7m8/94MtZjOdK4f6w/4nxtbTnNn6C+OejvROwO71t0178Y8/H9a3EpmnEhur2Dy5ra2s5Smp7NaiP97Xq1V9d34B0QAAAAAAAAAAAAAAAAAAAAAAD4VxbTPQt7+99kw/17FhcnjPf2x+n35/sD7fb3B8qqWWTZH+88Xn8/iZH9gfbvz9Oul+PEvT10AAAAAAAAAAAAAAAAAAAA+M9obVei0Wyub7W2L28Ug85Wa/tERHQzb3372VdzMV5zm6Ccz1EYSvPU5Y1GlgyKs2SkJg+S7uSDzKdX91ZcrKnuHcXEZVQPHmo2Tz3880fDzEPJ4Jn/HtYkMfkAk33LKAab9/WXdCf/UXvB8m1qrmVZdlD7zivjXVGKKN/5C3d4kHWDb66/8cATrdNP9jJfZn2PPjb/wrUPP/lto9Hszhy9V7Cy1bqVbTTyf08+2Q4OksL5U4p+UCqeCeXD2ndHM43kh99ffPCD7442e1bMvD2hJukfzuf7hyr9oLvMfUNzk+aamXDyTyE4/fFK4+rOT78etavwRcJGHQAAAAAAAAAAAAAAAAAAcFcUPiueyz/sO3NY11PPTn9lAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHD3DP/+fyHYHcscJfirE+ND1fWtVkTlXh8mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/c/8EAAD//9HQbnk=") r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x20580, 0x0) getdents64(r0, &(0x7f0000000f00)=""/4094, 0xffe) 2m23.497021398s ago: executing program 7 (id=1073): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan1\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_CQM(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000003f00000008000300", @ANYRES32=r1, @ANYBLOB="44005e800800020000000001040001"], 0x60}}, 0x800) 2m23.161957565s ago: executing program 7 (id=1077): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x400e, &(0x7f0000000640), 0x1, 0x451, &(0x7f00000001c0)="$eJzs28tvG0UYAPBv7SQlfZBQlUcfQKAgyitp0lJ64AICiQNISHAox5CkVanboCZItKqgRagcUSVOvSAuSEj8BZzggoATEle4I6QK5dLCyWhtb2O7thOnjhfq30/adGZ30vk+7449uxMHMLAm0h9JxPaI+C0ixqrVxgYT1X9urFyY+3vlwlwS5fKbfyWVdtdXLsxlTbPf25ZVhiIKnySxt0W/S+fOn5otlRbO1upTy6ffm1o6d/7Zk6dnTyycWDgzc/To4UPTzx+Zea4neaZ5Xd/z4eK+3a++feX1uWNX3vnpmyTLvymPHpnodPDxcrnH3eVrR105GcoxELpSrA7TGK6M/7EoxurJG4tXPs41OGBTlcvl8n3tD18sA3ewJPKOAMhH9kGf3v9mW5+mHv8J116s3gCled+obdUjQ1GotRluur/tpYmIOHbxny/SLTbnOQQAQIPv0vnPM63mf4Wofy50d20NZTwi7omInRFxJCJ2RcS9EZW290fEA13237xIcuv8pzC8ocTWKZ3/vVBb22qc/2Wzvxgv1mo7KvkPJ8dPlhYO1l6TAzG8Ja1Pd+jj+5d//azdsfr5X7ql/WdzwUvVOP4c2tL4O/Ozy7O3m3fm2qWIPUOt8k9urgQkEbE7IvZssI+TT329r92xTvmvqQfrTOUvI56onv+L0ZR/Jum8Pjl1V5QWDk5lV8Wtfv7l8hvt+r+t/HsgPf9bW17/N/MfT+rXa5e6+d+vPpn+vPz7p23vadbOv/X1P5K81bDvg9nl5bPTESPJa9Wg6/fPNLWbWW2f5n9gf+vxvzNWX4m9EZFexA9GxEMR8XAt9kci4tGI2N/hVfjxpcfe3Xj+myvNf76r879aGInmPa0LxVM/fNvQ6Xg3+afn/3CldKC2Zz3vf+uJq9urGQAAAP6vChGxPZLC5M1yoTA5Wf0b/l2xtVBaXFp++vji+2fmq98RGI/hQvaka6zueeh07bY+q8801Q/Vnht/Xhyt1CfnFkvzeScPA25bm/Gf+qOYtbqaY4TApvJ9LRhcxj8MLuMfBtZXC3lHAORkZbTF5/9oHpEA/ddq/v9RDnEA/dc0/ot5xQH0n+d/MLg2Mv69Z8CdoeNYHulfHEBfLY3G2l+SVxigwmjEui6JKOQeqsImFvJ+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiNfwMAAP//0YXoCg==") syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x4008, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) listxattr(&(0x7f0000000240)='./file0\x00', 0x0, 0xf) 2m22.659242726s ago: executing program 7 (id=1081): r0 = inotify_init1(0x0) inotify_add_watch(r0, &(0x7f00000000c0)='.\x00', 0xa4000061) read(r0, &(0x7f0000000140)=""/68, 0x44) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.stat\x00', 0x275a, 0x0) 2m20.484308472s ago: executing program 7 (id=1091): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000340)={0x26, 'hash\x00', 0x0, 0x0, 'wp512-generic\x00'}, 0x58) r1 = accept$alg(r0, 0x0, 0x0) accept4(r1, 0x0, 0x0, 0x0) 2m20.043410368s ago: executing program 38 (id=1091): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000340)={0x26, 'hash\x00', 0x0, 0x0, 'wp512-generic\x00'}, 0x58) r1 = accept$alg(r0, 0x0, 0x0) accept4(r1, 0x0, 0x0, 0x0) 2m12.976487273s ago: executing program 39 (id=1052): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0x4, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfeff0001}, [@call={0x85, 0x0, 0x0, 0x7d}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f05, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='block_bio_remap\x00', r0}, 0x18) bpf$ENABLE_STATS(0x20, 0x0, 0x0) sync() 1m51.044309245s ago: executing program 0 (id=1247): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000380)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000003900000008000300", @ANYRES32=r2, @ANYBLOB="0c005a800400018004000290"], 0x28}, 0x1, 0x0, 0x0, 0x20008000}, 0x4040) 1m50.937951904s ago: executing program 0 (id=1248): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_GET_MSRS_cpu(r2, 0xc008ae88, &(0x7f00000001c0)={0x1, 0x0, [{0x400000ff, 0x0, 0x6}]}) 1m50.347535202s ago: executing program 0 (id=1253): r0 = syz_usb_connect$uac1(0x3, 0xa7, &(0x7f0000000000)=ANY=[@ANYBLOB="12015002000000206b1d01014000010203010902"], &(0x7f0000001c40)={0x0, 0x0, 0x0, 0x0}) syz_usb_connect$uac1(0x2, 0x96, &(0x7f0000000000)={{0x12, 0x1, 0x300, 0x0, 0x0, 0x0, 0x10, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x84, 0x3, 0x1, 0x56, 0xc0, 0x2, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0x101, 0xbb}, [@feature_unit={0x11, 0x24, 0x6, 0x1, 0x4, 0x5, [0x7, 0xa, 0x8, 0x3, 0x2], 0x5}, @selector_unit={0x5, 0x24, 0x5, 0x6, 0xf}, @feature_unit={0xf, 0x24, 0x6, 0x2, 0x5, 0x4, [0x2, 0x2, 0xa, 0xa], 0x4}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x20, 0x93, 0x1, 0x5, {0x7, 0x25, 0x1, 0x0, 0x3, 0xf48}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x20, 0xd, 0x2, 0x4, {0x7, 0x25, 0x1, 0x91e8570469aa5526, 0x8, 0x3}}}}}}}]}}, 0x0) syz_usb_disconnect(r0) syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000c4178c40ba0d0010"], 0x0) 1m47.399520802s ago: executing program 0 (id=1269): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f00000000c0)={[{@noinit_itable}, {@dax_inode}, {@nolazytime}, {@abort}, {@dax_inode}, {@lazytime}, {@noload}, {}, {@noauto_da_alloc}]}, 0xfe, 0x558, &(0x7f0000000c00)="$eJzs3U1rG0cfAPD/ynbenOeJAyG0PRRDDk1JI8d2X1LoIT2WNjTQ3lNhb0ywHAVLDrEbaHJoLr2UUCilgdIP0HuPoV+gnyLQBkIJpj30orLyylFsyZZtpVaq3w82mdldaXY0+x/PaCQUwMAaz/4pRLwcEV8nEcdajg1HfnB87bzVJ7dmsi2Jev2TP5JI8n3N85P8/9E881JE/PJlxJnC5nKryyvzpXI5XczzE7WF6xPV5ZWzVxdKc+lcem1qevr8W9NT777zds/q+vqlv777+MEH5786tfrtT4+O30viQhzNj7XWYw9ut2bGYzx/TUbiwoYTJ3tQWD9J9vsC2JWhPM5HIusDjsVQHvXAf98XEVEHBlQi/mFANccBzbl9j+bBL4zH769NgDbXf3jtvZE41JgbHVlNnpkZZfPdsR6Un5Xx8+/372Vb9O59CIBt3b4TEeeGhzf3f0ne/+3euS7O2VjGDvu/+g4vCWjxIBv/vNFu/FNYH/9Em/HPaJvY3Y3t47/wqAfFdJSN/95rO/5dX7QaG8pz/2uM+UaSK1fLada3/T8iTsfIwSy/1XrO+dWHHfup1vFftmXlN8eC+XU8Gj747GNmS7XSXurc6vGdiFfajn+T9fZP2rR/9npc6rKMk+n9Vzsd277+z1f9x4jX2rb/0xWtZOv1yYnG/TDRvCs2+/PuyV87lb/f9c/a/8jW9R9LWtdrqzsv44dDf6edju32/j+QfNpIH8j33SzVaouTEQeSjzbvn3r62Ga+eX5W/9Ontu7/2t3/hyPisy7rf/fE3Y6n9kP7z+6o/XeeePjh5993Kr+79n+zkTqd7+mm/+v2Avfy2gEAAAAAAEC/KUTE0UgKxfV0oVAsrn2+40QcKZQr1dqZK5Wla7PR+K7sWIwUmivdoy2fh5jMPw/bzE9tyE9HxPGI+GbocCNfnKmUZ/e78gAAAAAAAAAAAAAAAAAAANAnRjt8/z/z29B+Xx3w3PnJbxhc28Z/L37pCehL/v7D4BL/MLjEPwwu8Q+DS/zD4BL/MLjEPwwu8Q8AAAAAAAAAAAAAAAAAAAAAAAAAAAA9denixWyrrz65NZPlZ28sL81XbpydTavzxYWlmeJMZfF6ca5SmSunxZnKwnbPV65Urk9OxdLNiVparU1Ul1cuL1SWrtUuX10ozaWX05F/pVYAAAAAAAAAAAAAAAAAAADwYqkur8yXyuV0UUJiV4nh/rgMibVEM7D3/IT72y8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQKt/AgAA//+jgjYy") mount$overlay(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@userxattr}], [], 0x2c}) chdir(&(0x7f0000000000)='./file0\x00') open(&(0x7f0000000000)='./file1\x00', 0x48a7f, 0x156) 1m46.714707907s ago: executing program 0 (id=1271): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000040)={'vxcan1\x00', 0x0}) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vxcan0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@can_newroute={0x24, 0x18, 0x1, 0x0, 0x200, {0x1d, 0x1, 0x8}, [@CGW_DST_IF={0x8, 0xa, r1}, @CGW_SRC_IF={0x8, 0x9, r2}]}, 0x24}}, 0x0) 1m45.8211568s ago: executing program 0 (id=1274): r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0x19, &(0x7f0000000080)=0x1b, 0x4) sendto$inet6(r0, 0x0, 0x0, 0x40000, &(0x7f0000000180)={0xa, 0x4e20, 0x8001, @loopback, 0x627bcafb}, 0x1c) setsockopt$inet6_int(r0, 0x29, 0x19, &(0x7f00000000c0), 0x4) 1m45.219559459s ago: executing program 40 (id=1274): r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0x19, &(0x7f0000000080)=0x1b, 0x4) sendto$inet6(r0, 0x0, 0x0, 0x40000, &(0x7f0000000180)={0xa, 0x4e20, 0x8001, @loopback, 0x627bcafb}, 0x1c) setsockopt$inet6_int(r0, 0x29, 0x19, &(0x7f00000000c0), 0x4) 57.985018358s ago: executing program 2 (id=1558): syz_emit_ethernet(0x2a, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaa23ffffffffffff0806000108"], 0x0) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000080)={'batadv0\x00', 0x0}) sendto$packet(r0, &(0x7f0000000100)="f257a8ea7bc273dfaeab96850806", 0x2a, 0x0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local}, 0x14) 57.841415169s ago: executing program 2 (id=1560): syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000400)='./bus\x00', 0x800, &(0x7f0000000280)=ANY=[], 0x1, 0x385, &(0x7f0000000740)="$eJzs3c+LG2UYwPEn2/yYtHSTgygKsg960cuwu3pWg2yhGLBsG7EVhGl3oiFjssyESIq468mrePMfECw9FjwU1H9gL97qxYsn9yIIWkQcmV+bX5MfjVmard8PlDzJ+7wz7yST8rxZ5p3jd7/4qFn3zLrVkTVDJSMi8lCkLGuSyEQPeUlxKC9f+P3B81ev33irUq3u7Kpeqlx7ZVtV1ze++/iTYpx2vyBH5fePxfjl6OmjZ4//ufZhw9OGp612Ry292f65Y910bN1reE1T9YpjW56tjZZnu1F7O2qvO+39/Z5arb2L5/dd2/PUavW0afe009aO21PrA6vRUtM09eL5sbGeSzuAJ4axQJ/and1dq7LgDm8t2A/L9pfv+1OaXbdinRMxi2MttTunOi4AALCSRur/r5IaoSy5k5xMPBfIh/HwNCCo/0X8cIoQ1v+ZjEi//r/7wg+dC+/cW4/r//v5gfo/l9T/r/4UbWuo/g/K2SXX/yLfjDwfr4jOvIMkeGOO5P9U/2M1bAx/I3/tz9hjQf0ffBtOZvSfvXd3Mwyo/wEAAAAAAAAAAAAAAAAAAAAAOAse+n7J9/1S8pj8619CED8PFWTqhcY4cyZ9/oV4RYGT8wFPpKvXb4gRXriXXRdxPu/WurXoMW5PEjelJH+H50MsWnDiMGzUQFm+dw66teS6wWi1jYqIiiO2bElJykP9w/jS5erOlkai/uH+D7qFaCuVujTC/ttSkqfS+2+n9a/l5aUXB/qbUpIfb0lbHNkLz+t+/0+3VN98uzrSvxjmpXn9FD8PAAAAAABOg6lqxNPn8vD8N5q/m6ZqWnswl5fB+fno7wOSjRIuV3c2U+fn2dJz2cd44AAAAAAA/I94+dtNy3Fs1+tNDIoyKyf+Y72MNGVlxpaDIDtHzlDwIAxy03IG7/Qx75bz8R005h2G6/Vk8JVkf1N7/VEQud0ce6OayRKuQ8lG+rs6ZzDXeKLAeNSPwPXW5FHHEwQbwXh0ocMZCJKfjSblyJVFtzwpSFbOnZX8zJdf/7nYLjLxqr2DTa/dM2YcaRhkRl45nHHS/ub7M8eTS//f4ttFbjIDAAAAYEUkRX/RS16Z574xAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgmZa6TNqE4HEfIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALAq/g0AAP//lDjs/w==") r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x1, 0x5, 0x9, 0x84, 0x144}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000dc0)={0xffffffffffffffff, 0x0, &(0x7f00000000c0), &(0x7f0000000d40), 0x21800, r0}, 0x38) bpf$MAP_LOOKUP_BATCH(0x19, &(0x7f0000000800)={0x0, &(0x7f0000000840)=""/121, &(0x7f0000000680), &(0x7f0000000540), 0x6c, r0}, 0x38) 57.45512004s ago: executing program 2 (id=1563): r0 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000001440), 0x0, 0x0) ioctl$IMADDTIMER(r0, 0x80044940, &(0x7f0000000240)=0x14) ioctl$IMADDTIMER(r0, 0x80044940, &(0x7f00000000c0)=0x32) ioctl$IMDELTIMER(r0, 0x80044941, &(0x7f0000000140)=0x2) 57.196296782s ago: executing program 2 (id=1565): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x808003, &(0x7f0000000000), 0x3, 0x4fc, &(0x7f0000001500)="$eJzs3c9vG1kdAPDvOHFIdlOSBQ7LSuxGiFV3BbWTDbuNOLRFQnCqBJR7CIkTRXHiKHbaJqpQKs4ICSFAcIETFyT+ACTUPwEhVYJ7hRCogrYcOBSMxh63wdhJqtpx6nw+0uu8efPj+32uPPabmXgCOLdmIuJaRIxExPsRMZW157ISB82Srvf40Z3ltCRRr9/4exJJ1tbaV5JNX882G4+Ib34t4jtJ0mw4pLq3v7FULpd2svlibXO7WN3bv7S+ubRWWittzc/PfbRweeHDhdme9fXKV/7y4x/86qtXfveFWw8W//bed9N8J7Nlh/vRS83XJN94LVpGI2KnH8EGYCTrT/4kKyf9zwcAgKOl3/E/ERGfjYgnPxt0NgAAAEA/1K9OxtMkog4AAAAMrVzjHtgkV8juBZiMXK5QaN7D+6m4GuVKtfb51cru1krzXtnpyOdW18ul2exe4enIJ+n8XKP+fP6Dtvn5iHgjIn40NdGYLyxXyiuDPvkBAAAA50Q6zp/MNevp5J9TzfE/AAAAMGSmB50AAAAA0HfG/wAAADD8/n/8P9OcJKOnnwwAAADQa1+/fj0t9dbzr1du7u1uVG5eWilVNwqbu8uF5crOdmGtUllr/Gbf5nH7K1cq21+Mrd3bxVqpWitW9/YXNyu7W7XFxnO9F0snek40AAAA0FNvvHPvT0lEHHxpolFSY9kyY3UYbrkXWz3pVx7A6RsZdALAwLjBF84v73/guIH9+CnlAQAA9M/FTz+7/j8Rh67/X3jg+j8Muxe8/g8MEdf/4fxqu/73ixNt9LTen2SAU2WMDxx3HqDr9f/f9z4XAACgPyYbJckVsjHAZORyhULEhcZjAfLJ6nq5NBsRH4+IP07lP5bOzw06aQAAAAAAAAAAAAAAAAAAAAAAAAB4xdTrSdQBAACAoRaR+2sSEUmMR0x9brL9/MBY8q+pxjQibv38xk9uL9VqO3Np+z+etdd+mrV/MIgzGAAAAEC71ji9NY4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgF56/OjOcqscan6333EffjkipjvFH43xxnQ88hHx2pMkRg9tl0TESA/iH9yNiDc7xU/StGI6y6I9fi4iJgYc//UexIfz7F56/LnW6f2Xi5nGtPP7bzQrL+vhTLfjX+7Z8W+ky/HvwjH7Hsumb93/TbFr/LsRb412Pv604o+95PH329/a3++2rP7LiIsdP3+S/4lVrG1uF6t7+5fWN5fWSmulrfn5uY8WLi98uDBbXF0vl7J/O8b44Wd++5+j+v9al/jTWf+T9v4nzZzq9c77fKdt/t/3bz/6ZKcVk4iH38/qHf7/3+wWP3vt380+B9LlF1v1g2b9sLd//Ye3j+r/Spf+jx8RP217r9tO27z/je/9uVnLn3ALAKCfqnv7G0vlcmnnVa+knTkDafSwMnM20hj2SmsUdVbyOSuVwR6XAACA3nv+pX/QmQAAAAAAAAAAAAAAAAAAAMD51fr7/9ZvOffj58QOxxtvVZLk1PsKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCU/wYAAP//VsvQDw==") r0 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0) write$binfmt_register(r0, &(0x7f0000000000)={0x3a, 'syz2', 0x3a, 'E', 0x3a, 0x7, 0x3a, 'M', 0x3a, 'M', 0x3a, './file2', 0x3a, [0x46]}, 0x2a) syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x1a4a438, &(0x7f0000000f80)=ANY=[], 0xb, 0x0, &(0x7f0000000000)) 56.758230947s ago: executing program 2 (id=1569): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000780)={[{@errors_remount}, {@resuid}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@resgid}, {@nombcache}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV") lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000040)=ANY=[], 0xfe37, 0x0) creat(&(0x7f0000000140)='./file2\x00', 0x1ad) unlink(&(0x7f0000000180)='./file1\x00') 56.253049159s ago: executing program 2 (id=1573): r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = socket$pppl2tp(0x18, 0x1, 0x1) connect$pppl2tp(r1, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, r0, {}, 0xa}}, 0x26) getsockopt$sock_buf(r1, 0x1, 0x1c, 0x0, &(0x7f00000001c0)) 55.753760889s ago: executing program 41 (id=1573): r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = socket$pppl2tp(0x18, 0x1, 0x1) connect$pppl2tp(r1, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, r0, {}, 0xa}}, 0x26) getsockopt$sock_buf(r1, 0x1, 0x1c, 0x0, &(0x7f00000001c0)) 12.458795718s ago: executing program 9 (id=1845): r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x200, 0x0) ppoll(&(0x7f0000000000)=[{r0, 0x8108}], 0x1, 0x0, 0x0, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000040)=0x8) mmap$dsp(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x100000b, 0x8012, r0, 0x0) 11.390271915s ago: executing program 9 (id=1855): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x1, 0x3f, 0x40, 0x42}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000400)='signal_generate\x00'}, 0x18) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000aecd48d6494d614dcc6fab5335ec470db2c6161dba392176dd2963038e1d69ba7ea94c500dc4ef2fad94ed406f21caf5adcf920569c00cc1199684fa75814709fea019af247c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c1faca0f9d9924be41a9169bdfaf16da915b2e249ee1c6eee84309e7a23"], 0x0, 0x5}, 0x94) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000003c0), &(0x7f0000000080), 0x1003, r0}, 0x38) 10.884425056s ago: executing program 9 (id=1858): r0 = syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='kfree\x00', r1}, 0x18) ioctl$MON_IOCX_GETX(r0, 0x4018920a, &(0x7f0000000200)={0x0, 0x0}) 10.722503049s ago: executing program 9 (id=1860): syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000680)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x804071, 0x0, 0x0, 0x0, &(0x7f0000000140)) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x20) rmdir(&(0x7f0000000400)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 10.619221727s ago: executing program 9 (id=1861): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f00000000c0), 0xfc, 0x58c, &(0x7f0000000280)="$eJzs3c9rHOUbAPBnNkmb/vh+k0Ip6kECPVip3TSJPyp4qCcRLRb0XpdkG0o23ZLdlCYWbA/24kWKIGJB9O7dY/Hqwb+ioIUiJejBS2Q2s+ma7KSbdNNsu58PTPu+M7N532dnnnff2dllA+hbY+k/hYgXI+KrJGKkZdtgZBvH1vZbeXh9Ol2SWF39+M8kkmxdc/8k+/9QVnkhIn75IuJkYXO7taXluVKlUl7I6uP1+SvjtaXlU5fmS7Pl2fLlyampM29MTb791ptdi/XV839/+9Hd9898eXzlm5/uH7mdxNk4nG1rjeMJ3GitjMVY9pwMxdkNO050obFekux1B9iRgSzPhyIdA0ZiIMv6tlZHnmbXgF32eZrWQJ9K5D/0qeY8oHlt36Xr4GfGg3fXLoA2xz+49t5IDDeujQ6uJP+5Mkqvd0e70H7axs9/3LmdLpH3PsT+LjQEsMGNmxFxenBw8/iXZOPfzp3uYJ+NbfTb6w/spbvp/Oe1dvOfwvr8J9rMfw61yd2deHz+F+53oZlc6fzvnbbz3/WbVqMDWe1/jTnfUHLxUqWcjm3/j4gTMbQ/rU9ExHvtb4J8Wli5t5rXfuv8L13S9ptzwawf9wc3zP9mSvXSk0e+5sHNiJfazn+T9eOftDn+6fNxvsM2jpXvvJy37fHx767VHyJeaXv8Hx3MZOv7k+ON82G8eVZs9tetY7/ltb/X8afH/2Aa/4Hc+EeT1vu1te238f3wP+W8bTs9//clnzTK+7J110r1+sJExL7kw83rJx89tllv7p/Gf+L41uNfu/P/QJrYHcZ/6+it1l2Htxf/7krjn9n6/N9w/LdfuPfBZ9/ltd/Z8X+9UTqRrelk/Ou0g0/y3AEAAAAAAECvKUTE4UgKxfVyoVAsrn2+42gcLFSqtfrJi9XFyzPR+K7saAwVmne6R1o+DzGRfR62WZ/cUJ+KiCMR8fXAgUa9OF2tzOx18AAAAAAAAAAAAAAAAAAAANAjDkUMt/v+f+r3gfaPyVkNPIu2+Mlv4DmXn//Zlm780hPQk7z+Q/+S/9C/5D/0L/kP/Uv+Q/+S/9C/5D/0r+3k/4/ndrEjAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Hw4f+5cuqyuPLw+ndZnri4tzlWvnpop1+aK84vTxenqwpXibLU6WykXp6vzj/t7lWr1ysRkLF4br5dr9fHa0vKF+eri5fqFS/Ol2fKF8tBTiQoAAAAAAAAAAAAAAAAAAACeLbWl5blSpVJeUOhuIUkieqAbu18Y7I1u9GCh0BvdyC/sj4jcfVpHiV9P790IBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAR/wYAAP//SNM3tA==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000840)='./file1\x00', 0x66042, 0x113) pwritev2(r0, &(0x7f0000000100)=[{&(0x7f0000000240)="1228", 0x2}], 0x1, 0xcfbc, 0x3, 0x0) sendfile(r0, r0, 0x0, 0x7a680003) 10.137208797s ago: executing program 9 (id=1862): syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x800040, &(0x7f00000001c0), 0x1, 0x597, &(0x7f0000000b80)="$eJzs3U1sG2UaAOB3xvH2L9t0pV1pd9VDtYtUpKpO0h8onNorolKlHpC4lMhxoyhOHMUONFEO6b1C9IAA9VJucOAI4sABcUHiwpULiDNSRSOQmh7AyH9pm9jBKXWdxs8jjT3ffON5v2/G73hmNCMHMLCO1V7SiP9ExKUkYuShuqFoVh5rzLe+tpK/v7aST6JavfxzEklE3FtbybfmT5rvhyJiNSL+HRFfZSNOpFvjlpeWZyaKxcJCszxamZ0fLS8tn5yenZgqTBXmTr/40tlzZ86Onxrv3Pjszvp644ebb9/49pXbNz/+5Ohq/t2JJM7HcLPu4X48SY11ko3zm6af6UWwPkr63QAeS6aZ57VU+leMRKaZ9e1UR55q04Aeq+6LqO5Esrqj2YHdLNlZ/gN7Rus4oHb+2xoeOUDI9Pb4486FxglILe56c2jUDDWuTcT++rnJwV+SR85MauebR3rbNAbA6vWIGBsa2vr9T5rfv8c39iQaSE99eaGxobZu/3Rj/xNt9j/DrWunf1Fr/7e+Zf/3IH6mw/7vUpcxfnv9xw86xr8e8d+28ZON+Emb+GlEvNFl/FuvfX6uU131w4jj0T5+S7L99eHRq9PFwljjtW2ML44ffXm7/h/sEL9xzXZ//Wem3fqf77L/n3396f9Wt4n//P+33/7t1v+BiHiny/j/uPfRq53q7lxP7taOAna6/WvTbncZ/4Xzx77vUHWgy0UAAAAAAAAAAABtpPV72ZI0tzGeprlc4xnef8bBtFgqV05cLS3OTTbueTsS2bR1p9VIo5zUyuPN+3Fb5VObyqdb9xFnDtTLuXypONnnvgMAAAAAAAAAAAAAAAAAAMBucWjT8/+/ZurP/2/+u2pgr+r8l9/AXif/YXA9mv9JxL6+NQV4yvz+w8Cqyn8YXPIfBpf8h8El/2FwyX8YXPIfBpf8BwAAAAAAAAAAAAAAAAAAAAAAAACAnrh08WJtqN5fW8nXypNDS4szpTdPThbKM7nZxXwuX1qYz02VSlPFQi5fmv2z5RVLpfmxmFu8NloplCuj5aXlK7OlxbnKlenZianClUL2qfQKAAAAAAAAAAAAAAAAAAAAni3D9SFJcxGR1sfTNJeL+HtEHIlscnW6WBiLiMMR8V0mu69WHu93owEAAAAAAAAAAAAAAAAAAGCPKS8tz0wUi4WFARkZ2jLlm84zR8Tqk21GbYk7/lS2ua12yzp81kYObz9PJvrewt040ucdEwAAAAAAAAAAAAAAAAAADKAHD/12+4nfe9sgAAAAAAAAAAAAAAAAAAAAGEjpT0lE1IbjI88Nb679W7Keqb9HxFu3Lr93baJSWRivTb+7Mb3yfnP6qX60H+hWK09beQwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8UF5anpkoFgsLPRzpdx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHscfAQAA//+aXtbd") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x802, 0xa3) pwrite64(r0, &(0x7f0000000180)="f7", 0x1, 0x200980) ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611) 9.60012981s ago: executing program 42 (id=1862): syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x800040, &(0x7f00000001c0), 0x1, 0x597, &(0x7f0000000b80)="$eJzs3U1sG2UaAOB3xvH2L9t0pV1pd9VDtYtUpKpO0h8onNorolKlHpC4lMhxoyhOHMUONFEO6b1C9IAA9VJucOAI4sABcUHiwpULiDNSRSOQmh7AyH9pm9jBKXWdxs8jjT3ffON5v2/G73hmNCMHMLCO1V7SiP9ExKUkYuShuqFoVh5rzLe+tpK/v7aST6JavfxzEklE3FtbybfmT5rvhyJiNSL+HRFfZSNOpFvjlpeWZyaKxcJCszxamZ0fLS8tn5yenZgqTBXmTr/40tlzZ86Onxrv3Pjszvp644ebb9/49pXbNz/+5Ohq/t2JJM7HcLPu4X48SY11ko3zm6af6UWwPkr63QAeS6aZ57VU+leMRKaZ9e1UR55q04Aeq+6LqO5Esrqj2YHdLNlZ/gN7Rus4oHb+2xoeOUDI9Pb4486FxglILe56c2jUDDWuTcT++rnJwV+SR85MauebR3rbNAbA6vWIGBsa2vr9T5rfv8c39iQaSE99eaGxobZu/3Rj/xNt9j/DrWunf1Fr/7e+Zf/3IH6mw/7vUpcxfnv9xw86xr8e8d+28ZON+Emb+GlEvNFl/FuvfX6uU131w4jj0T5+S7L99eHRq9PFwljjtW2ML44ffXm7/h/sEL9xzXZ//Wem3fqf77L/n3396f9Wt4n//P+33/7t1v+BiHiny/j/uPfRq53q7lxP7taOAna6/WvTbncZ/4Xzx77vUHWgy0UAAAAAAAAAAABtpPV72ZI0tzGeprlc4xnef8bBtFgqV05cLS3OTTbueTsS2bR1p9VIo5zUyuPN+3Fb5VObyqdb9xFnDtTLuXypONnnvgMAAAAAAAAAAAAAAAAAAMBucWjT8/+/ZurP/2/+u2pgr+r8l9/AXif/YXA9mv9JxL6+NQV4yvz+w8Cqyn8YXPIfBpf8h8El/2FwyX8YXPIfBpf8BwAAAAAAAAAAAAAAAAAAAAAAAACAnrh08WJtqN5fW8nXypNDS4szpTdPThbKM7nZxXwuX1qYz02VSlPFQi5fmv2z5RVLpfmxmFu8NloplCuj5aXlK7OlxbnKlenZianClUL2qfQKAAAAAAAAAAAAAAAAAAAAni3D9SFJcxGR1sfTNJeL+HtEHIlscnW6WBiLiMMR8V0mu69WHu93owEAAAAAAAAAAAAAAAAAAGCPKS8tz0wUi4WFARkZ2jLlm84zR8Tqk21GbYk7/lS2ua12yzp81kYObz9PJvrewt040ucdEwAAAAAAAAAAAAAAAAAADKAHD/12+4nfe9sgAAAAAAAAAAAAAAAAAAAAGEjpT0lE1IbjI88Nb679W7Keqb9HxFu3Lr93baJSWRivTb+7Mb3yfnP6qX60H+hWK09beQwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8UF5anpkoFgsLPRzpdx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHscfAQAA//+aXtbd") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x802, 0xa3) pwrite64(r0, &(0x7f0000000180)="f7", 0x1, 0x200980) ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611) 1.807939963s ago: executing program 3 (id=1882): socketpair$unix(0x1, 0x2, 0x0, 0x0) keyctl$clear(0x5, 0xfffffffffffffffd) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/keys\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000000580)=""/4096, 0x1000}], 0x1, 0x7fff, 0x0) 1.750283848s ago: executing program 1 (id=1884): socket$inet6_mptcp(0xa, 0x1, 0x106) syz_open_procfs(0x0, &(0x7f0000000240)='mountinfo\x00') unshare(0x22020400) pselect6(0x40, &(0x7f0000000100)={0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, &(0x7f0000000240)={0x1f, 0xfffffffffffffffe, 0x0, 0x0, 0x7, 0x4, 0x0, 0xfffffffffffffffc}, &(0x7f0000000280)={0x0, 0x3938700}, 0x0) 1.59934026s ago: executing program 3 (id=1885): io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, &(0x7f0000000100)={0xffffffff, "421ae3753785251500e9e29b00", 0xffffffffffffffff}) io_submit(r0, 0x1, &(0x7f0000000800)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0x0, r2, 0x0}]) 1.386770307s ago: executing program 1 (id=1886): bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e"], 0x0}, 0x94) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000880)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0902000000000000000001000000050002000a00000014000700ff00000000000000000000000000000108000b00"], 0x38}, 0x1, 0x0, 0x0, 0xc00}, 0x0) 1.313004593s ago: executing program 4 (id=1887): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) connect$bt_l2cap(r1, &(0x7f0000000700)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x1}, 0xe) 1.275040627s ago: executing program 3 (id=1888): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000240)={'veth0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000980)=@newqdisc={0x64, 0x24, 0x4ee4e6a52ff56561, 0x2, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0x1}, {0xffff, 0xffff}, {0xfff3}}, [@qdisc_kind_options=@q_pfifo_head_drop={{0x14}, {0x8, 0x2, 0x7}}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x0, 0x4, 0xff, 0x8, 0x0, 0x5, 0x8}}, {0x4}}]}]}, 0x64}, 0x1, 0x0, 0x0, 0x40000}, 0x4040010) 1.168946336s ago: executing program 1 (id=1889): setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000005c0)=@mangle={'mangle\x00', 0x1f, 0x6, 0x3a0, 0x2e8, 0xa0, 0x138, 0x228, 0x138, 0x3e8, 0x3e8, 0x3e8, 0x3e8, 0x3e8, 0x6, 0x0, {[{{@ip={@multicast1, @initdev={0xac, 0x1e, 0x0, 0x0}, 0xffffffff, 0xffffff00, 'caif0\x00', 'veth0_vlan\x00', {}, {0xff}, 0x6, 0x1, 0x20}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x7, 0x9, @dev={0xac, 0x14, 0x14, 0x2a}, 0x4e24}}}, {{@uncond, 0x0, 0x70, 0x98}, @inet=@TOS={0x28, 'TOS\x00', 0x0, {0x2, 0x61}}}, {{@ip={@remote, @rand_addr=0x64010100, 0xffffff00, 0xff, 'bridge0\x00', 'wg0\x00', {}, {}, 0x1, 0x1, 0x40}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x7, 0x1ff, @empty, 0x4e22}}}, {{@uncond, 0x0, 0x70, 0x98}, @inet=@TOS={0x28, 'TOS\x00', 0x0, {0x5, 0x2}}}, {{@uncond, 0x0, 0x70, 0x98}, @TTL={0x28, 'TTL\x00', 0x0, {0x0, 0xf}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x400) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x9, 0x9, 0x8, 0x40, 0x42, 0x1}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240), &(0x7f0000000000), 0x86, r0}, 0x38) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000001600)={r0, &(0x7f0000000580), &(0x7f0000000540)=""/96}, 0x20) 1.067706273s ago: executing program 4 (id=1890): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00'}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10) r1 = syz_open_dev$sndpcmc(&(0x7f0000000480), 0x1, 0x0) ioctl$SNDRV_PCM_IOCTL_PREPARE(r1, 0x4140, 0x0) 1.029123197s ago: executing program 1 (id=1891): r0 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc) write$binfmt_elf32(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="7f454c4604"], 0x58) close(r0) execve(&(0x7f0000000400)='./file0\x00', 0x0, 0x0) 958.247233ms ago: executing program 3 (id=1892): r0 = socket$kcm(0x2, 0x922000000001, 0x106) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x10) setsockopt$sock_attach_bpf(r0, 0x1, 0x22, 0x0, 0x0) 891.476117ms ago: executing program 4 (id=1893): fsopen(&(0x7f0000000080)='cgroup2\x00', 0x0) syz_mount_image$udf(&(0x7f0000000080), &(0x7f00000000c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x4040, &(0x7f00000015c0)=ANY=[], 0x2, 0xc2d, &(0x7f00000001c0)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIhRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2KEmV9Pjb13Z19b+a9eesZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSwWwEAPEhXRr96+qz7PwA8Vq76/38AAAAAAAAAAAAAADjoUhTxZKSYu7KWxqv3HfXL7b5bt8eGhrevdiRVNQ9V5cuf+pmz585/6YXBC9283J75gPr322fjtdGrlxovz96cm59aWJiabIzNtCdmJ6d2vYe91t/qZHUCGjdfvzV5/fpC4+zz5zZ9fHvg/f4njg9cHHz21DPdsmNDw8OjG0XqveVr99yQjp1meByOIk5Fiue+99PUiogi9n4u6g927Lc6UnXiZNWJsaHhqiPT7dbMYvnhSPdEFBGNnkrN7jnafiyi1vdA+7CzZsRS2fyywSfL7o3OteZb16anGiOt+cX2Ynt2ZiR1Wlv2pxFFXEgRyxGx2n/37vqiiFqk+M6xtXQtIg51z8MXq4nBO7ej2Mc+7kLZzkZfxHLxCIzZAdYfRbwaKX72zomYyNeZ6lrzhYhXy/xBxFtlvhSRyi/G+Yj3tvke8WiqRRF/WY7/xbU0WV0PuteVy19rfGXm+mxP2e515SPeH+66Ujyk+8ORLflgHPBrUz2KaFVX/LV077/ZAQAAAAAAAAAAAAAAAOB+OxJFfCZSvPIff1LNK45qXvqxi4N/OPCrvXPGn/6Q/ZRln4+IpWJ3c3IP54mBI2kkpYc8l/hxVo8i/jTP//vWw24MAAAAAAAAAAAAAAAAAADAY62In0SKF989kZajd03x9syNxtXWtenOqrDdtX+7a6avr6+vN1InmznHcy7lXM65knM1ZxS5fs5mzvGcSzmXc67kXM0Zh3L9nM2c4zmXci7nXMm5mjNquX7OZs7xnEs5l3Ou5FzNGQdk7V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgI+TIor4RaT49jfWUqSIaEaMRydX+h926wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAUn8q4vuRovFHzTvbahGRqn87TpS/nI/m4TI/Gc3BMl+K5qWcrSprzW89hPazN32piB9Hiv7623cGPI9/X+fdna9BvPXNjXefrXXyUPfDgff7nzh+7OLg8G88vdPrtF0DTl5uz9y63RgbGh4e7dlcy0f/ZM+2gXzc4v50nYhYeOPN11vT01Pz9/6i/Arsofoj9CLVHpeeelG9iNqBaMbD6TuPgfL+/16k+N13/7N7w+/c/+vxK513d+7w8fM/27j/v7h1R7u8/9e21sv3//Kevt39/8mebS/m34301SLqizfn+o5H1BfeePNU+2brxtSNqZnzp09/eXDwy+dO9x2OqF9vT0/1vLovpwsAAAAAAAAAAAAAAADgwUlF/H6kaP14LTUi4nY1X2vg4uCzp545FIeq+Vab5m2/Nnr1UuPl2Ztz81MLC1OTjbGZ9sTs5NRuD1evpnuNDQ3vS2c+1JF9bv+R+suzc2/Mt2/88eK2nx+tX7q2sDjfmtj+4zgSRUSzd8vJqsFjQ8NVo6fbrZmq6si2k+k/ur5UxH9FionzjfT5vC3P/986w3/T/P+lrTvap/n/n+jZVh4zpSJ+Hil+56+ejs9X7Twad52zXO7vIsXJC5/L5eJwWa7bhs5zBTozA8uy/xcp/ukXm8t250M+uVH2zK5P7COiHP9jkeL7f/Hd+M28bfPzH7Yf/6Nbd7RP4/9Uz7ajm55XsOeuk8f/VKR46cm347fytg96/kf32RsncuE7z+fYp/H/VM+2gXzc374/XQcAAAAAAAAAAHik9aUi/j5S/HC4ll7I23bz9/8mt+5on/7+16d7tk3en/WKPvTFnk8qAAAAABwQfamIn0SKG4tv35lDvXn+d8/8z9/bmP85lLZ8Wv05369Vzw24n3/+12sgH3d8790GAAAAAAAAAAAAAAAAAACAAyWlIl7I66mPV/P5J3dcT30lUrzyP8/lcul4Wa67DvxA9Wv9yuzMqUvT07MTrcXWtempxuhca2KqrPtUpFj728/lukW1vnp3vfnOGu8ba7HPR4rhf+iW7azF3l2b/KmNsmfKsp+IFP/9j5vLdtex/tRG2bNl2b+JFF//l+3LHt8oe64s+91I8aOvN7plj5Zlu89H/fRG2ecnZot9GBUAAAAAAAAAAAAAAAAAAAAeN32piD+PFP97c/nOXP68/n9fz9vKW9/sWe9/i9vVOv8D1fr/O72+l/X/q+cKLO10VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HhKUcSbkWLuylpa6S/fd9Qvt2du3R4bGt6+2pFU1TxUlS9/6mfOnjv/pRcGL3Tzg+vfb5+J10avXmq8PHtzbn5qYWFqsjE2056YnZza9R72Wn+rk9UJaNx8/dbk9esLjbPPn9v08e2B9/ufOD5wcfDZU890y44NDQ+P9pSp9d3z0e+Sdth+OIr460jx3Pd+mn7YH1HE3s/Fh3x39tuRqhMnq06MDQ1XHZlut2YWyw9HuieiiGj0VGp2z9EDGIs9aUYslc0vG3yy7N7oXGu+dW16qjHSml9sL7ZnZ0ZSp7VlfxpRxIUUsRwRq/13764ving9Unzn2Fr61/6IQ93z8MUro189fXbndhT72MddKNvZ6ItYLh6BMTvA+qOIf44UP3vnRPxbf0QtOj/xhYhXy/xBxFvRGe9UfjHOR7y3zfeIR1Mtivj/cvwvrqV3+svrQfe6cvlrja/MXJ/tKdu9rjzy94cH6YBfm+pRxI+qK/5a+nf/XQMAAAAAAAAAAAAAAAAcIEX8eqR48d0TqZoffGdOcXvmRuNq69p0Z1pfd+5fd870+vr6eiN1splzPOdSzuWcKzlXc0aR6+dslllfXx/P75dyLudcybmaMw7l+jmbOcdzLuVczrmSczVn1HL9nM2c4zmXci7nXMm5mjMOyNw9AAAAAAAAAAAAAAAAAADg46Wo/knx7W+spfX+zvrS49HJFeuBfuz9MgAA//8hX/ir") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='blkio.throttle.io_serviced\x00', 0x275a, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0xc0086c43, &(0x7f0000000080)=0x700) 821.522543ms ago: executing program 3 (id=1894): timer_create(0x8, &(0x7f00000002c0)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) prctl$PR_SET_IO_FLUSHER(0x43, 0x1) mremap(&(0x7f000071a000/0x3000)=nil, 0x3000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil) 763.302538ms ago: executing program 1 (id=1895): sendmsg$GTP_CMD_DELPDP(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4040090}, 0x2400c8c1) r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', 0x0, 0x83) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r0, 0x40086602, &(0x7f0000000000)) syz_read_part_table(0x1057, &(0x7f0000001080)="$eJzsz72JQkEUBeBz387APjbZWhY2sgkT+9F2rMLIVgQzK3jy/EuMRYTvY2AOw9wDN7zVYj8mX8/vy2qnVOonqUqmJN+ZpjHrMf1//tFadvPdD+mV5Pc2ucm9sB5tbT7tmnv+jpcwZFhtX74gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHyAcwAAAP//n28Ksw==") 475.264622ms ago: executing program 4 (id=1896): r0 = socket$igmp(0x2, 0x3, 0x2) r1 = socket$inet(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) sendmmsg$inet(r0, &(0x7f0000004380)=[{{&(0x7f0000000000)={0x2, 0x4e20, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000240)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r2, @local, @rand_addr=0x64010100}}}], 0x20}}], 0x1, 0x40000c4) 266.079298ms ago: executing program 4 (id=1897): openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r0 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mount$9p_fd(0x0, &(0x7f00000001c0)='.\x00', &(0x7f0000000180), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) 210.210893ms ago: executing program 1 (id=1898): r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_int(r0, 0x0, 0xb, &(0x7f0000000040)=0x3, 0x4) setsockopt$IP_VS_SO_SET_STARTDAEMON(r0, 0x0, 0x1a, &(0x7f0000000240)={0x1, 'hsr0\x00', 0x2}, 0x18) syz_emit_ethernet(0x46, &(0x7f00000000c0)={@broadcast, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0xfe, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x1, 0x0, 0x3, 0x24, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x7, @local, @rand_addr=0x64010102}, "d83ca00100693f95"}}}}}, 0x0) 54.724666ms ago: executing program 3 (id=1899): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x7) capset(&(0x7f00000004c0)={0x20080522}, &(0x7f0000000500)={0x0, 0x2000, 0x0, 0x0, 0x0, 0x3cd}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000003c0)=0x1) 0s ago: executing program 4 (id=1900): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000013c0)="d080", 0xfdef}], 0x1, 0x0, 0x0, 0x800300}, 0x20000801) recvmsg(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x40002002) recvmsg(r1, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0xa3) kernel console output (not intermixed with test programs): capacity change from 0 to 40427 [ 322.440555][T10794] F2FS-fs (loop9): Invalid Fs Meta Ino: node(3) meta(0) root(3) [ 322.448285][T10794] F2FS-fs (loop9): Can't find valid F2FS filesystem in 2th superblock [ 322.485515][T10794] F2FS-fs (loop9): heap/no_heap options were deprecated [ 322.497150][T10794] F2FS-fs (loop9): invalid crc value [ 322.518134][T10794] F2FS-fs (loop9): Found nat_bits in checkpoint [ 322.634858][T10794] F2FS-fs (loop9): Start checkpoint disabled! [ 322.651503][T10794] F2FS-fs (loop9): Try to recover 2th superblock, ret: 0 [ 322.671489][T10794] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e6 [ 323.013917][T10835] loop0: detected capacity change from 0 to 1024 [ 323.084727][T10835] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 323.257343][ T11] kworker/u4:0: attempt to access beyond end of device [ 323.257343][ T11] loop9: rw=2049, sector=40960, nr_sectors = 24 limit=40427 [ 323.307007][ T11] F2FS-fs (loop9): Stopped filesystem due to reason: 3 [ 323.319038][ T11] F2FS-fs (loop9): Stopped filesystem due to reason: 3 [ 323.328785][ T11] F2FS-fs (loop9): Stopped filesystem due to reason: 3 [ 323.661103][T10143] EXT4-fs error (device loop0): ext4_lookup:1862: inode #2: comm syz-executor: deleted inode referenced: 11 [ 323.701950][T10143] EXT4-fs error (device loop0): ext4_lookup:1862: inode #2: comm syz-executor: deleted inode referenced: 11 [ 323.968248][ T9518] hid-generic 0005:0B57:FFF9.000C: item fetching failed at offset 0/1 [ 324.068375][ T9518] hid-generic: probe of 0005:0B57:FFF9.000C failed with error -22 [ 324.211173][T10143] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 324.347735][ T59] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 324.596726][T10861] block nbd1: Unsupported socket: shutdown callout must be supported. [ 324.627318][ T59] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 324.789971][ T59] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 325.085010][ T59] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 325.136514][T10869] loop9: detected capacity change from 0 to 512 [ 325.151387][T10869] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 325.257876][T10869] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 325.288929][T10869] ext4 filesystem being mounted at /216/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 325.478019][T10819] syz.4.1265 (10819): drop_caches: 1 [ 325.621014][ T7829] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 326.006506][ T5101] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 326.019057][ T5101] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 326.028070][ T5101] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 326.059037][ T5101] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 326.071366][ T5101] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 326.080807][ T5101] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 326.273223][T10870] loop2: detected capacity change from 0 to 40427 [ 326.286126][T10889] hsr0: entered promiscuous mode [ 326.294085][T10870] F2FS-fs (loop2): Invalid Fs Meta Ino: node(0) meta(2) root(0) [ 326.308162][T10889] macsec1: entered allmulticast mode [ 326.318892][T10889] hsr0: entered allmulticast mode [ 326.329972][T10870] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 326.342687][T10889] hsr0: left allmulticast mode [ 326.348162][T10889] hsr0: left promiscuous mode [ 326.357148][T10870] F2FS-fs (loop2): invalid crc value [ 326.384640][T10870] F2FS-fs (loop2): Found nat_bits in checkpoint [ 326.525326][T10870] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 326.532584][T10870] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4 [ 327.044331][T10894] loop9: detected capacity change from 0 to 32768 [ 327.074510][T10894] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop9 scanned by syz.9.1283 (10894) [ 327.183162][T10894] BTRFS info (device loop9): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 327.238950][T10894] BTRFS info (device loop9): using crc32c (crc32c-intel) checksum algorithm [ 327.247772][T10894] BTRFS info (device loop9): metadata ratio 2 [ 327.318034][T10894] BTRFS info (device loop9): allowing degraded mounts [ 327.325078][T10894] BTRFS info (device loop9): force zlib compression, level 3 [ 327.332577][T10894] BTRFS info (device loop9): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 327.367156][T10894] BTRFS info (device loop9): use zstd compression, level 3 [ 327.388780][T10894] BTRFS info (device loop9): force clearing of disk cache [ 327.406256][T10894] BTRFS info (device loop9): max_inline at 0 [ 327.418775][T10894] BTRFS info (device loop9): using free space tree [ 327.575950][T10894] BTRFS info (device loop9): enabling ssd optimizations [ 327.589167][ T5829] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 327.623311][T10894] BTRFS info (device loop9): rebuilding free space tree [ 327.780075][ T5829] usb 3-1: Using ep0 maxpacket: 8 [ 327.792098][ T5829] usb 3-1: New USB device found, idVendor=0458, idProduct=7003, bcdDevice=7a.1a [ 327.818507][ T5829] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 327.849150][ T5829] usb 3-1: Product: syz [ 327.853408][ T5829] usb 3-1: Manufacturer: syz [ 327.888783][ T5829] usb 3-1: SerialNumber: syz [ 327.929898][ T5829] usb 3-1: config 0 descriptor?? [ 327.938654][ T5829] gspca_main: sn9c2028-2.14.0 probing 0458:7003 [ 327.984596][T10882] chnl_net:caif_netlink_parms(): no params data found [ 328.148973][ T5793] Bluetooth: hci3: command tx timeout [ 328.166548][ T59] hsr_slave_0: left promiscuous mode [ 328.172151][ T5829] gspca_sn9c2028: read1 error -32 [ 328.179606][ T5829] gspca_sn9c2028: read1 error -32 [ 328.220128][ T59] hsr_slave_1: left promiscuous mode [ 328.226494][ T59] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 328.245426][ T59] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 328.269934][ T59] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 328.287659][ T59] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 328.295840][ T59] bridge_slave_1: left allmulticast mode [ 328.308900][ T59] bridge_slave_1: left promiscuous mode [ 328.323205][ T59] bridge0: port 2(bridge_slave_1) entered disabled state [ 328.363123][ T59] bridge_slave_0: left allmulticast mode [ 328.388182][ T59] bridge_slave_0: left promiscuous mode [ 328.419067][ T59] bridge0: port 1(bridge_slave_0) entered disabled state [ 328.455810][ T5829] usb 3-1: USB disconnect, device number 18 [ 328.466154][ T7829] BTRFS info (device loop9): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 328.555179][ T59] veth1_macvtap: left promiscuous mode [ 328.577224][ T59] veth0_macvtap: left promiscuous mode [ 328.588613][ T59] veth1_vlan: left promiscuous mode [ 328.605194][ T59] veth0_vlan: left promiscuous mode [ 328.877363][T10933] loop4: detected capacity change from 0 to 40427 [ 328.931015][T10933] F2FS-fs (loop4): heap/no_heap options were deprecated [ 328.938058][T10933] F2FS-fs (loop4): build fault injection attr: rate: 0, type: 0x3 [ 328.978758][T10933] F2FS-fs (loop4): heap/no_heap options were deprecated [ 329.029031][T10933] F2FS-fs (loop4): invalid crc value [ 329.109745][T10933] F2FS-fs (loop4): Found nat_bits in checkpoint [ 329.300358][T10933] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 329.411369][T10222] syz-executor: attempt to access beyond end of device [ 329.411369][T10222] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 329.441886][T10222] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 330.244423][ T5793] Bluetooth: hci3: command tx timeout [ 330.375722][ T59] team0 (unregistering): Port device team_slave_1 removed [ 330.520468][ T59] team0 (unregistering): Port device team_slave_0 removed [ 330.611334][ T59] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 330.688251][ T59] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 331.727441][T10989] loop4: detected capacity change from 0 to 32768 [ 331.748091][T10989] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by syz.4.1300 (10989) [ 331.806150][T10989] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 331.816680][T10989] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 331.825767][T10989] BTRFS info (device loop4): setting nodatacow, compression disabled [ 331.837515][T10989] BTRFS info (device loop4): max_inline at 0 [ 331.843861][T10989] BTRFS info (device loop4): enabling disk space caching [ 331.851039][T10989] BTRFS info (device loop4): turning off barriers [ 331.857511][T10989] BTRFS info (device loop4): turning on flush-on-commit [ 331.864627][T10989] BTRFS info (device loop4): doing ref verification [ 331.871487][T10989] BTRFS info (device loop4): force clearing of disk cache [ 331.878998][T10989] BTRFS info (device loop4): enabling ssd optimizations [ 331.888195][T10989] BTRFS info (device loop4): max_inline at 4096 [ 331.894642][T10989] BTRFS info (device loop4): disk space caching is enabled [ 331.934793][ T59] bond0 (unregistering): Released all slaves [ 331.992458][T10989] BTRFS info (device loop4): auto enabling async discard [ 332.002326][T10989] BTRFS info (device loop4): rebuilding free space tree [ 332.019385][T10989] BTRFS info (device loop4): disabling free space tree [ 332.026666][T10989] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 332.039125][T10989] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 332.104079][T10962] netlink: 45 bytes leftover after parsing attributes in process `syz.9.1291'. [ 332.184743][T10222] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 332.320637][ T5793] Bluetooth: hci3: command tx timeout [ 332.390176][T10882] bridge0: port 1(bridge_slave_0) entered blocking state [ 332.413569][T10882] bridge0: port 1(bridge_slave_0) entered disabled state [ 332.421067][T10882] bridge_slave_0: entered allmulticast mode [ 332.428627][T10882] bridge_slave_0: entered promiscuous mode [ 332.437855][T10882] bridge0: port 2(bridge_slave_1) entered blocking state [ 332.445294][T10882] bridge0: port 2(bridge_slave_1) entered disabled state [ 332.452645][T10882] bridge_slave_1: entered allmulticast mode [ 332.461088][T10882] bridge_slave_1: entered promiscuous mode [ 332.711104][T10882] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 332.752942][T10882] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 333.011359][T11030] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1301'. [ 333.064146][T10882] team0: Port device team_slave_0 added [ 333.120453][T10882] team0: Port device team_slave_1 added [ 333.396089][T10882] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 333.403406][ T8215] usb 10-1: new high-speed USB device number 11 using dummy_hcd [ 333.428036][T10882] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 333.519076][T10882] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 333.569229][T10882] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 333.576242][T10882] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 333.653534][ T8215] usb 10-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 333.663098][ T8215] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 333.688751][ T8215] usb 10-1: Product: syz [ 333.694809][T10882] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 333.705580][ T8215] usb 10-1: Manufacturer: syz [ 333.736006][ T8215] usb 10-1: SerialNumber: syz [ 333.777114][ T8215] usb 10-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 334.094216][ T5855] usb 10-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 334.105080][T10882] hsr_slave_0: entered promiscuous mode [ 334.169335][T10882] hsr_slave_1: entered promiscuous mode [ 334.388920][ T5793] Bluetooth: hci3: command tx timeout [ 334.412576][ T788] usb 10-1: USB disconnect, device number 11 [ 334.693599][T11041] loop2: detected capacity change from 0 to 40427 [ 334.714848][T11041] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504) [ 334.723442][T11041] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 334.747504][T11041] F2FS-fs (loop2): build fault injection attr: rate: 17008, type: 0x7ffff [ 334.767160][T11041] F2FS-fs (loop2): invalid crc value [ 334.805262][T11041] F2FS-fs (loop2): Found nat_bits in checkpoint [ 334.936379][T11041] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 334.948919][T11041] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 335.003217][T11041] syz.2.1310: attempt to access beyond end of device [ 335.003217][T11041] loop2: rw=2049, sector=40960, nr_sectors = 8 limit=40427 [ 335.057571][T11041] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 335.090562][T11041] syz.2.1310: attempt to access beyond end of device [ 335.090562][T11041] loop2: rw=2049, sector=40992, nr_sectors = 8 limit=40427 [ 335.133307][T11044] loop4: detected capacity change from 0 to 40427 [ 335.147481][T11041] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 335.161637][T11044] F2FS-fs (loop4): Invalid Fs Meta Ino: node(3) meta(0) root(3) [ 335.181534][T11044] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock [ 335.193565][ T5855] ath9k_htc 10-1:1.0: ath9k_htc: Target is unresponsive [ 335.233787][ T5855] ath9k_htc: Failed to initialize the device [ 335.247281][T11044] F2FS-fs (loop4): heap/no_heap options were deprecated [ 335.259350][ T788] usb 10-1: ath9k_htc: USB layer deinitialized [ 335.278942][T11044] F2FS-fs (loop4): invalid crc value [ 335.312049][T11044] F2FS-fs (loop4): Found nat_bits in checkpoint [ 335.402204][T11063] loop9: detected capacity change from 0 to 4096 [ 335.418313][T11063] __ntfs_warning: 10 callbacks suppressed [ 335.418333][T11063] ntfs: (device loop9): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 335.483606][T11063] ntfs: (device loop9): ntfs_read_locked_inode(): Corrupt standard information attribute in inode. [ 335.489139][T11044] F2FS-fs (loop4): Start checkpoint disabled! [ 335.531600][T11063] ntfs: (device loop9): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 335.554987][T11063] ntfs: (device loop9): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 335.578100][T11044] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0 [ 335.600230][T11063] ntfs: volume version 3.1. [ 335.615645][T11044] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6 [ 336.085164][ T11] ntfs: (device loop9): ntfs_write_block(): Writing beyond initialized size is not supported yet. Sorry. [ 336.090795][ T42] kworker/u4:2: attempt to access beyond end of device [ 336.090795][ T42] loop4: rw=2049, sector=40960, nr_sectors = 24 limit=40427 [ 336.107727][ T7829] ntfs: (device loop9): ntfs_put_super(): Volume has errors. Leaving volume marked dirty. Run chkdsk. [ 336.179590][ T42] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 336.186577][ T42] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 336.218822][ T42] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 336.425943][T10882] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 336.502753][T10882] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 336.520337][T10882] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 336.562624][T10882] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 336.883712][T10882] 8021q: adding VLAN 0 to HW filter on device bond0 [ 336.944443][T10882] 8021q: adding VLAN 0 to HW filter on device team0 [ 337.010278][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 337.017489][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 337.086791][ T59] bridge0: port 2(bridge_slave_1) entered blocking state [ 337.094039][ T59] bridge0: port 2(bridge_slave_1) entered forwarding state [ 337.219674][T11100] input: syz1 as /devices/virtual/input/input21 [ 337.256443][T10882] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 337.571738][T11110] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1319'. [ 337.596438][T11084] loop9: detected capacity change from 0 to 32768 [ 337.891459][T10882] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 338.121702][T10882] veth0_vlan: entered promiscuous mode [ 338.231750][T10882] veth1_vlan: entered promiscuous mode [ 338.437607][T10882] veth0_macvtap: entered promiscuous mode [ 338.530822][T10882] veth1_macvtap: entered promiscuous mode [ 338.638048][T10882] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 338.717425][T10882] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 338.759599][T10882] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 338.808858][T10882] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 338.848853][T10882] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 338.865352][T10882] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 338.960961][T10882] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 339.007638][T10882] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 339.047474][T10882] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 339.102075][T11121] loop2: detected capacity change from 0 to 131072 [ 339.117923][T11121] F2FS-fs (loop2): invalid crc value [ 339.132882][T10882] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 339.153630][T11121] F2FS-fs (loop2): Found nat_bits in checkpoint [ 339.197284][T10882] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 339.199496][T11121] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 339.261098][T10882] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 339.297266][ T96] block nbd0: Possible stuck request ffff888021ac8000: control (read@0,1024B). Runtime 60 seconds [ 339.327847][T10882] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 339.339138][T10882] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 339.360069][T10882] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 339.378781][T10882] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 339.398908][T10882] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 339.422447][T10882] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 339.467812][T10882] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 339.485142][T10882] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 339.494580][T10882] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 339.512156][T10882] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 339.789175][ T2933] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 339.797074][ T2933] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 339.839194][ T5836] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 339.910182][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 339.918071][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 340.050059][ T5836] usb 5-1: Using ep0 maxpacket: 32 [ 340.070933][ T5836] usb 5-1: config 0 has an invalid interface number: 51 but max is 0 [ 340.089364][ T5836] usb 5-1: config 0 has no interface number 0 [ 340.111383][ T5836] usb 5-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 340.120919][ T5836] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 340.157941][ T5836] usb 5-1: Product: syz [ 340.162406][ T5836] usb 5-1: Manufacturer: syz [ 340.177232][ T5836] usb 5-1: SerialNumber: syz [ 340.191366][ T5836] usb 5-1: config 0 descriptor?? [ 340.217072][ T5836] quatech2 5-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 340.617642][T11163] loop9: detected capacity change from 0 to 128 [ 340.630449][T11161] loop3: detected capacity change from 0 to 1024 [ 340.667268][T11163] UDF-fs: error (device loop9): udf_read_tagged: read failed, block=256, location=256 [ 340.738526][T11163] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 340.816466][ T5836] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 340.857807][ T28] audit: type=1800 audit(1754055445.145:70): pid=11163 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.1330" name="file1" dev="loop9" ino=104 res=0 errno=0 [ 340.893839][ T5836] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 341.108330][ C0] usb 5-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 341.109436][ T9518] usb 5-1: USB disconnect, device number 5 [ 341.153508][ T9518] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 341.210536][ T9518] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 341.217858][T11176] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 341.240704][ T9518] quatech2 5-1:0.51: device disconnected [ 341.735090][T11196] loop2: detected capacity change from 0 to 1024 [ 341.827239][ T28] audit: type=1800 audit(1754055446.115:71): pid=11196 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1339" name="file1" dev="loop2" ino=20 res=0 errno=0 [ 341.878965][ T5836] usb 10-1: new high-speed USB device number 12 using dummy_hcd [ 341.960428][ T59] Bluetooth: hci5: Frame reassembly failed (-84) [ 342.074567][ T5836] usb 10-1: Using ep0 maxpacket: 32 [ 342.090900][ T5836] usb 10-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 342.114441][ T5836] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 342.146984][ T5836] usb 10-1: config 0 descriptor?? [ 342.372283][ T5836] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 342.381803][T11218] nbd: nbd2 already in use [ 342.397757][ T5836] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 342.417173][ T5836] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 342.442686][ T5836] usb 10-1: media controller created [ 342.482571][ T5836] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 342.575674][ T5836] az6027: usb out operation failed. (-71) [ 342.597257][ T5836] az6027: usb out operation failed. (-71) [ 342.618776][ T5836] stb0899_attach: Driver disabled by Kconfig [ 342.624838][ T5836] az6027: no front-end attached [ 342.624838][ T5836] [ 342.675669][ T5836] az6027: usb out operation failed. (-71) [ 342.682610][ T5836] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 342.708134][ T5836] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.9/usb10/10-1/input/input22 [ 342.735769][ T5836] dvb-usb: schedule remote query interval to 400 msecs. [ 342.751920][ T5836] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 342.763640][T11229] loop2: detected capacity change from 0 to 64 [ 342.775128][ T5836] usb 10-1: USB disconnect, device number 12 [ 342.847253][ T5836] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 343.452634][T11249] can0: slcan on ttyS3. [ 343.610370][T11249] can0 (unregistered): slcan off ttyS3. [ 343.636402][T11257] can0: slcan on ttyS3. [ 343.799284][T11248] can0 (unregistered): slcan off ttyS3. [ 343.988116][T11266] Non-string source [ 343.989253][ T5793] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 343.999226][ T5101] Bluetooth: hci5: command 0x1003 tx timeout [ 344.264939][T11273] netlink: 156 bytes leftover after parsing attributes in process `syz.2.1358'. [ 344.277852][T11252] loop3: detected capacity change from 0 to 32768 [ 344.306663][T11273] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1358'. [ 344.356523][T11252] JBD2: Ignoring recovery information on journal [ 344.499207][T11252] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 344.720489][T11286] loop2: detected capacity change from 0 to 4096 [ 344.917580][T10882] ocfs2: Unmounting device (7,3) on (node local) [ 345.537248][T11291] loop4: detected capacity change from 0 to 32768 [ 345.580498][T11291] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.1365 (11291) [ 345.638028][T11291] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 345.669938][T11291] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 345.698930][T11291] BTRFS info (device loop4): using free space tree [ 345.874400][T11291] BTRFS info (device loop4): enabling ssd optimizations [ 345.888757][T11291] BTRFS info (device loop4): auto enabling async discard [ 346.170431][T10222] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 346.543255][T11317] loop3: detected capacity change from 0 to 40427 [ 346.669850][T11317] F2FS-fs (loop3): Found nat_bits in checkpoint [ 346.813090][T11361] loop4: detected capacity change from 0 to 256 [ 346.838499][T11361] exfat: Deprecated parameter 'utf8' [ 346.839106][T11317] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 346.858853][T11361] exfat: Deprecated parameter 'utf8' [ 346.979878][T11361] exFAT-fs (loop4): failed to load upcase table (idx : 0x00011f41, chksum : 0x3150c3aa, utbl_chksum : 0xe619d30d) [ 347.511589][T10882] syz-executor: attempt to access beyond end of device [ 347.511589][T10882] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 347.549030][T10882] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 347.765793][T11380] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1383'. [ 348.555459][T11405] can0: slcan on ttyS3. [ 348.690544][T11405] can0 (unregistered): slcan off ttyS3. [ 348.716095][T11412] can0: slcan on ttyS3. [ 348.885780][T11418] loop2: detected capacity change from 0 to 4096 [ 348.909114][T11403] can0 (unregistered): slcan off ttyS3. [ 348.914960][T11418] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024) [ 348.953935][T11422] loop9: detected capacity change from 0 to 2048 [ 348.970189][T11418] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 4096) [ 348.996823][T11422] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 349.024654][T11424] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 349.069111][T11428] netlink: 'syz.4.1398': attribute type 32 has an invalid length. [ 349.320078][T11429] loop3: detected capacity change from 0 to 8192 [ 349.369927][T11429] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 349.706300][T11445] loop9: detected capacity change from 0 to 2048 [ 349.745724][T11445] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 349.760641][ T6595] kernel read not supported for file /dsp (pid: 6595 comm: kworker/1:4) [ 350.079901][T11462] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1409'. [ 350.287353][T11472] loop2: detected capacity change from 0 to 512 [ 350.371904][T11472] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 350.466424][T11472] ext4 filesystem being mounted at /382/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 350.718014][ T5787] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 351.033889][T11492] loop4: detected capacity change from 0 to 2048 [ 351.179168][T11492] Alternate GPT is invalid, using primary GPT. [ 351.200031][T11492] loop4: p1 p2 p3 [ 351.411857][T11483] loop3: detected capacity change from 0 to 32768 [ 351.422846][T11483] XFS: noikeep mount option is deprecated. [ 351.484627][T11483] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 351.579014][ T9516] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 351.647550][T11483] XFS (loop3): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51. [ 351.701976][T11483] XFS (loop3): Starting recovery (logdev: internal) [ 351.779440][T11483] XFS (loop3): Ending recovery (logdev: internal) [ 351.788776][ T9516] usb 3-1: Using ep0 maxpacket: 32 [ 351.810812][ T9516] usb 3-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 351.830818][ T9516] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 351.852492][ T9516] usb 3-1: config 0 descriptor?? [ 351.946957][T11504] loop9: detected capacity change from 0 to 32768 [ 352.026253][T10882] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 352.067720][ T9516] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 352.096658][ T9516] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 352.153158][ T9516] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 352.160618][ T9516] usb 3-1: media controller created [ 352.239881][ T9516] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 352.290180][T11506] az6027: more than 2 i2c messages at a time is not handled yet. TODO. [ 352.318262][ T9516] az6027: usb out operation failed. (-71) [ 352.351002][ T9516] az6027: usb out operation failed. (-71) [ 352.356992][ T9516] stb0899_attach: Driver disabled by Kconfig [ 352.385269][ T9516] az6027: no front-end attached [ 352.385269][ T9516] [ 352.415096][ T9516] az6027: usb out operation failed. (-71) [ 352.439072][ T9516] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 352.448104][ T9516] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb3/3-1/input/input24 [ 352.505459][ T9516] dvb-usb: schedule remote query interval to 400 msecs. [ 352.523328][ T9516] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 352.569071][ T9516] usb 3-1: USB disconnect, device number 19 [ 352.712729][ T9516] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 353.145213][T11554] loop3: detected capacity change from 0 to 128 [ 353.629397][T11567] loop2: detected capacity change from 0 to 128 [ 353.653002][T11567] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 353.669333][T11567] ext4 filesystem being mounted at /387/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 353.729143][T11567] EXT4-fs warning (device loop2): verify_group_input:151: Cannot add at group 156237825 (only 1 groups) [ 353.841216][ T5787] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 354.266162][T11587] netlink: 68 bytes leftover after parsing attributes in process `syz.9.1442'. [ 354.337863][T11591] tap0: tun_chr_ioctl cmd 1074025677 [ 354.344918][T11591] tap0: linktype set to 769 [ 354.728780][ T5775] usb 10-1: new high-speed USB device number 13 using dummy_hcd [ 354.798939][ T5829] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 354.924284][ T5775] usb 10-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 354.951380][ T5775] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 354.985272][ T5775] usb 10-1: config 0 descriptor?? [ 355.003434][ T5829] usb 4-1: Using ep0 maxpacket: 8 [ 355.013530][ T5775] cp210x 10-1:0.0: cp210x converter detected [ 355.034555][ T5829] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 355.095598][ T5829] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 355.116400][ T5829] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 355.143817][ T5829] usb 4-1: New USB device found, idVendor=046d, idProduct=c29c, bcdDevice= 0.00 [ 355.158350][ T5829] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 355.186030][ T5829] usb 4-1: config 0 descriptor?? [ 355.424945][ T5775] cp210x 10-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 355.485836][ T5775] usb 10-1: cp210x converter now attached to ttyUSB0 [ 355.629230][ T5829] logitech 0003:046D:C29C.000D: unknown main item tag 0x1 [ 355.656020][ T5829] logitech 0003:046D:C29C.000D: hidraw0: USB HID v0.01 Device [HID 046d:c29c] on usb-dummy_hcd.3-1/input0 [ 355.732728][ T9516] usb 10-1: USB disconnect, device number 13 [ 355.746276][ T9516] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 355.827352][ T9516] cp210x 10-1:0.0: device disconnected [ 356.028286][ T5829] logitech 0003:046D:C29C.000D: no inputs found [ 356.047986][ T5829] usb 4-1: USB disconnect, device number 6 [ 356.460480][ T28] audit: type=1326 audit(1754055460.745:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11645 comm="syz.9.1455" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f2d3938eb69 code=0x0 [ 356.486436][T11648] loop4: detected capacity change from 0 to 128 [ 356.517738][T11648] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 356.547688][T11648] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 357.119745][ T28] audit: type=1326 audit(1754055461.415:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11665 comm="syz.3.1459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe445b8eb69 code=0x7ffc0000 [ 357.142163][ C0] vkms_vblank_simulate: vblank timer overrun [ 357.214961][ T28] audit: type=1326 audit(1754055461.445:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11665 comm="syz.3.1459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe445b8eb69 code=0x7ffc0000 [ 357.302684][ T28] audit: type=1326 audit(1754055461.465:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11665 comm="syz.3.1459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe445b8eb69 code=0x7ffc0000 [ 357.409075][ T28] audit: type=1326 audit(1754055461.465:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11665 comm="syz.3.1459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe445b8eb69 code=0x7ffc0000 [ 357.515030][ T28] audit: type=1326 audit(1754055461.465:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11665 comm="syz.3.1459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe445b8eb69 code=0x7ffc0000 [ 357.578387][ T28] audit: type=1326 audit(1754055461.465:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11665 comm="syz.3.1459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7fe445b8eb69 code=0x7ffc0000 [ 357.638783][ T28] audit: type=1326 audit(1754055461.465:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11665 comm="syz.3.1459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe445b8eb69 code=0x7ffc0000 [ 357.711892][T11672] loop9: detected capacity change from 0 to 4096 [ 357.725950][ T28] audit: type=1326 audit(1754055461.465:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11665 comm="syz.3.1459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe445b8eb69 code=0x7ffc0000 [ 357.752532][T11672] ntfs: (device loop9): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 357.874435][T11672] ntfs: volume version 3.1. [ 358.030658][T11687] loop3: detected capacity change from 0 to 64 [ 358.261765][T10882] hfs: node 4:3 still has 2 user(s)! [ 358.273332][T11693] loop2: detected capacity change from 0 to 2048 [ 358.332801][T11693] EXT4-fs (loop2): mounted filesystem 00000000-0700-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 358.485584][T11693] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters [ 358.556206][T11701] loop9: detected capacity change from 0 to 4096 [ 358.626188][T11701] ntfs3: loop9: Mark volume as dirty due to NTFS errors [ 358.670082][T11701] ntfs3: loop9: Failed to load $Extend (-22). [ 358.676348][T11701] ntfs3: loop9: Failed to initialize $Extend. [ 358.679876][ T5787] EXT4-fs (loop2): unmounting filesystem 00000000-0700-0000-0000-000000000000. [ 358.933141][T11717] ntfs3: loop9: ino=1e, "file1" attr_set_size [ 359.309208][ T9516] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 359.528898][ T9516] usb 5-1: Using ep0 maxpacket: 32 [ 359.561123][ T9516] usb 5-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 359.610199][ T9516] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 359.623518][T11735] loop3: detected capacity change from 0 to 128 [ 359.653369][ T9516] usb 5-1: config 0 descriptor?? [ 359.678545][T11735] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 359.768909][T11735] ext4 filesystem being mounted at /35/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 359.929230][ T9516] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 359.969458][ T9516] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 360.019574][ T9516] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 360.063807][ T9516] usb 5-1: media controller created [ 360.077584][T10882] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 360.174975][ T9516] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 360.245405][ T9516] az6027: usb out operation failed. (-71) [ 360.259120][ T9516] az6027: usb out operation failed. (-71) [ 360.264917][ T9516] stb0899_attach: Driver disabled by Kconfig [ 360.291783][ T9516] az6027: no front-end attached [ 360.291783][ T9516] [ 360.305067][T11752] loop2: detected capacity change from 0 to 512 [ 360.320347][ T9516] az6027: usb out operation failed. (-71) [ 360.326168][ T9516] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 360.332097][T11752] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 360.367786][ T9516] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb5/5-1/input/input25 [ 360.388368][T11752] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002] [ 360.409816][ T9516] dvb-usb: schedule remote query interval to 400 msecs. [ 360.416846][ T9516] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 360.417860][T11752] System zones: 1-12 [ 360.456159][T11752] EXT4-fs (loop2): 1 truncate cleaned up [ 360.468581][T11752] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 360.471111][ T9516] usb 5-1: USB disconnect, device number 6 [ 360.595452][ T5787] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 360.700011][ T9516] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 361.107514][T11763] loop2: detected capacity change from 0 to 4096 [ 361.199927][T11763] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 361.223344][T11763] ntfs3: loop2: Failed to load $Extend (-22). [ 361.240482][T11763] ntfs3: loop2: Failed to initialize $Extend. [ 361.312081][T11751] loop9: detected capacity change from 0 to 32768 [ 361.383148][T11763] ntfs3: loop2: ino=1e, "file1" attr_set_size [ 361.419848][T11751] XFS (loop9): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 361.526199][T11749] loop3: detected capacity change from 0 to 40427 [ 361.540343][T11749] F2FS-fs (loop3): invalid crc value [ 361.548502][T11749] F2FS-fs (loop3): Found nat_bits in checkpoint [ 361.559747][T11751] XFS (loop9): Ending clean mount [ 361.613151][T11751] XFS (loop9): Quotacheck needed: Please wait. [ 361.652849][T11749] F2FS-fs (loop3): Start checkpoint disabled! [ 361.693107][T11749] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6 [ 361.755051][T11751] XFS (loop9): Quotacheck: Done. [ 361.930338][ T7829] XFS (loop9): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 362.049328][T11765] loop4: detected capacity change from 0 to 32768 [ 362.089077][T11765] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.1487 (11765) [ 362.148611][T11765] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 362.168243][T11765] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 362.178067][ T59] kworker/u4:4: attempt to access beyond end of device [ 362.178067][ T59] loop3: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 362.199359][T11765] BTRFS info (device loop4): using free space tree [ 362.207613][ T59] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 362.215815][ T59] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 362.267892][T11798] loop2: detected capacity change from 0 to 2048 [ 362.275932][T11798] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=3932051, location=3932051 [ 362.314999][T11798] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 362.315517][T11765] BTRFS info (device loop4): enabling ssd optimizations [ 362.337655][T11765] BTRFS info (device loop4): auto enabling async discard [ 362.736505][T11822] syz.2.1495 uses obsolete (PF_INET,SOCK_PACKET) [ 362.939786][T10222] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 362.950704][T11830] loop2: detected capacity change from 0 to 512 [ 362.987301][T11830] EXT4-fs error (device loop2): ext4_get_branch:178: inode #13: block 2: comm syz.2.1497: invalid block [ 363.031896][T11830] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.1497: invalid indirect mapped block 10 (level 1) [ 363.083101][T11830] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.1497: invalid indirect mapped block 8 (level 1) [ 363.103662][T11830] EXT4-fs (loop2): 1 truncate cleaned up [ 363.115039][T11830] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 363.145542][T11830] EXT4-fs error (device loop2): ext4_lookup:1858: inode #12: comm syz.2.1497: unexpected EA_INODE flag [ 363.242845][ T5787] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 363.897366][T11856] loop9: detected capacity change from 0 to 1024 [ 364.281920][ T59] hfsplus: b-tree write err: -5, ino 4 [ 364.886755][T11852] loop4: detected capacity change from 0 to 32768 [ 364.973849][T11852] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 365.099813][T11852] XFS (loop4): Ending clean mount [ 365.210125][T11852] XFS (loop4): Quotacheck needed: Please wait. [ 365.304727][T11852] XFS (loop4): Quotacheck: Done. [ 365.542925][T10222] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 367.067504][T11959] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1529'. [ 367.098811][T11959] netlink: 4 bytes leftover after parsing attributes in process `syz.9.1529'. [ 367.107917][T11959] netlink: 'syz.9.1529': attribute type 6 has an invalid length. [ 367.152011][T11936] loop4: detected capacity change from 0 to 32768 [ 367.176069][T11936] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz.4.1524 (11936) [ 367.241109][T11936] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 367.253887][T11936] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 367.255266][T11944] loop2: detected capacity change from 0 to 32768 [ 367.271380][T11936] BTRFS info (device loop4): setting nodatacow, compression disabled [ 367.287305][T11944] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop2 scanned by syz.2.1526 (11944) [ 367.292622][T11936] BTRFS info (device loop4): enabling ssd optimizations [ 367.318223][T11936] BTRFS info (device loop4): setting datacow [ 367.324640][T11944] BTRFS info (device loop2): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 367.336166][T11936] BTRFS info (device loop4): doing ref verification [ 367.336395][T11963] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1530'. [ 367.343095][T11944] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm [ 367.343155][T11944] BTRFS info (device loop2): force zlib compression, level 3 [ 367.343178][T11944] BTRFS info (device loop2): force clearing of disk cache [ 367.343196][T11944] BTRFS info (device loop2): turning off barriers [ 367.343217][T11944] BTRFS info (device loop2): doing ref verification [ 367.343237][T11944] BTRFS info (device loop2): enabling disk space caching [ 367.343253][T11944] BTRFS info (device loop2): disk space caching is enabled [ 367.343630][T11936] BTRFS info (device loop4): force clearing of disk cache [ 367.414261][T11936] BTRFS info (device loop4): turning off barriers [ 367.426999][T11936] BTRFS info (device loop4): using spread ssd allocation scheme [ 367.437227][T11936] BTRFS info (device loop4): using free space tree [ 367.539219][T11944] BTRFS info (device loop2): enabling ssd optimizations [ 367.546262][T11944] BTRFS info (device loop2): auto enabling async discard [ 367.576162][T11936] BTRFS info (device loop4): auto enabling async discard [ 367.601510][T11944] BTRFS info (device loop2): rebuilding free space tree [ 367.625658][T11936] BTRFS info (device loop4): rebuilding free space tree [ 367.667963][T11944] BTRFS info (device loop2): disabling free space tree [ 367.688478][T11944] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 367.707653][T11944] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 367.922070][T11944] BTRFS info (device loop2): balance: start -d -m [ 367.954777][T11944] BTRFS info (device loop2): balance: paused [ 368.097437][ T5787] BTRFS info (device loop2): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 368.175393][ T6595] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 368.401786][ T6595] usb 4-1: Using ep0 maxpacket: 32 [ 368.409405][ T6595] usb 4-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 368.418526][ T6595] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 368.421309][ C0] vkms_vblank_simulate: vblank timer overrun [ 368.440709][T10222] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 368.476457][ T6595] usb 4-1: config 0 descriptor?? [ 368.730997][ T6595] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 368.762051][ T6595] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 368.790008][ T6595] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 368.797381][ T6595] usb 4-1: media controller created [ 368.824842][ T6595] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 368.933728][ T6595] az6027: usb out operation failed. (-71) [ 368.959233][ T6595] az6027: usb out operation failed. (-71) [ 368.978856][ T6595] stb0899_attach: Driver disabled by Kconfig [ 368.992794][ T6595] az6027: no front-end attached [ 368.992794][ T6595] [ 369.028382][ T6595] az6027: usb out operation failed. (-71) [ 369.035086][ T6595] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 369.080806][ T6595] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input26 [ 369.105888][ T6595] dvb-usb: schedule remote query interval to 400 msecs. [ 369.116663][ T6595] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 369.148121][ T6595] usb 4-1: USB disconnect, device number 7 [ 369.196008][T12013] loop9: detected capacity change from 0 to 40427 [ 369.277161][ T6595] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 369.321992][T12013] F2FS-fs (loop9): invalid crc value [ 369.355379][ T96] block nbd0: Possible stuck request ffff888021ac8000: control (read@0,1024B). Runtime 90 seconds [ 369.389473][T12013] F2FS-fs (loop9): Found nat_bits in checkpoint [ 369.604681][T12013] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e4 [ 369.618894][ T5775] usb 3-1: new high-speed USB device number 20 using dummy_hcd [ 369.838011][ C0] vkms_vblank_simulate: vblank timer overrun [ 369.844648][ T5775] usb 3-1: Using ep0 maxpacket: 32 [ 369.852139][ T5775] usb 3-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 369.861404][ T5775] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 369.889219][ T5775] usb 3-1: config 0 descriptor?? [ 369.908845][ T6595] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 370.129426][ T5775] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 370.135477][ T6595] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 370.146261][ T5775] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 370.168067][ T5775] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 370.178972][ T6595] usb 4-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 370.187679][ T5775] usb 3-1: media controller created [ 370.199855][ T6595] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 370.221320][ T6595] usb 4-1: config 0 descriptor?? [ 370.230742][ T6595] pwc: Askey VC010 type 2 USB webcam detected. [ 370.258259][ T5775] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 370.342218][ T5775] az6027: usb out operation failed. (-71) [ 370.364273][ T5775] az6027: usb out operation failed. (-71) [ 370.383295][ T5775] stb0899_attach: Driver disabled by Kconfig [ 370.401440][ T5775] az6027: no front-end attached [ 370.401440][ T5775] [ 370.429103][ T5775] az6027: usb out operation failed. (-71) [ 370.434922][ T5775] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 370.461409][ T5775] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb3/3-1/input/input27 [ 370.490786][ T5775] dvb-usb: schedule remote query interval to 400 msecs. [ 370.517703][ T5775] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 370.547102][ T5775] usb 3-1: USB disconnect, device number 20 [ 370.651244][ T6595] pwc: recv_control_msg error -32 req 02 val 2b00 [ 370.745775][ T5775] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 370.880146][ T6595] pwc: recv_control_msg error -71 req 02 val 2c00 [ 370.901768][ T6595] pwc: recv_control_msg error -71 req 04 val 1000 [ 370.923974][ T6595] pwc: recv_control_msg error -71 req 04 val 1300 [ 370.946081][ T6595] pwc: recv_control_msg error -71 req 04 val 1400 [ 370.963627][ T6595] pwc: recv_control_msg error -71 req 02 val 2000 [ 370.979786][ T6595] pwc: recv_control_msg error -71 req 02 val 2100 [ 371.001883][ T6595] pwc: recv_control_msg error -71 req 04 val 1500 [ 371.016763][ T6595] pwc: recv_control_msg error -71 req 02 val 2500 [ 371.038972][ T6595] pwc: recv_control_msg error -71 req 02 val 2400 [ 371.056177][ T6595] pwc: recv_control_msg error -71 req 02 val 2600 [ 371.079210][ T6595] pwc: recv_control_msg error -71 req 02 val 2900 [ 371.086254][ T6595] pwc: recv_control_msg error -71 req 02 val 2800 [ 371.100967][ T6595] pwc: recv_control_msg error -71 req 04 val 1100 [ 371.127789][ T6595] pwc: recv_control_msg error -71 req 04 val 1200 [ 371.157870][ T6595] pwc: Registered as video103. [ 371.170884][ T6595] input: PWC snapshot button as /devices/platform/dummy_hcd.3/usb4/4-1/input/input28 [ 371.216179][ T6595] usb 4-1: USB disconnect, device number 8 [ 371.610107][T12060] loop4: detected capacity change from 0 to 32768 [ 371.647366][T12060] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 371.665148][T12089] loop9: detected capacity change from 0 to 64 [ 371.912445][T12098] Illegal XDP return value 1975073792 on prog (id 161) dev N/A, expect packet loss! [ 371.926016][T12060] XFS (loop4): Ending clean mount [ 371.946165][T12060] XFS (loop4): Quotacheck needed: Please wait. [ 372.087508][T12060] XFS (loop4): Quotacheck: Done. [ 372.219159][ T6595] usb 10-1: new high-speed USB device number 14 using dummy_hcd [ 372.414617][T10222] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 372.421557][ T6595] usb 10-1: too many configurations: 9, using maximum allowed: 8 [ 372.453923][ T6595] usb 10-1: config 0 has no interfaces? [ 372.470798][ T6595] usb 10-1: config 0 has no interfaces? [ 372.479956][ T6595] usb 10-1: config 0 has no interfaces? [ 372.499685][ T6595] usb 10-1: config 0 has no interfaces? [ 372.513411][ T6595] usb 10-1: config 0 has no interfaces? [ 372.523471][ T6595] usb 10-1: config 0 has no interfaces? [ 372.534677][ T6595] usb 10-1: config 0 has no interfaces? [ 372.541270][T12121] loop2: detected capacity change from 0 to 128 [ 372.549682][ T6595] usb 10-1: config 0 has no interfaces? [ 372.560914][ T6595] usb 10-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 372.585714][ T6595] usb 10-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 372.640524][ T6595] usb 10-1: Product: syz [ 372.644973][ T6595] usb 10-1: Manufacturer: syz [ 372.689804][ T6595] usb 10-1: SerialNumber: syz [ 372.727867][ T6595] usb 10-1: config 0 descriptor?? [ 373.025762][ T5775] usb 10-1: USB disconnect, device number 14 [ 373.105059][T12134] loop2: detected capacity change from 0 to 512 [ 373.143609][T12134] EXT4-fs (loop2): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 373.249329][T12134] __quota_error: 7 callbacks suppressed [ 373.249348][T12134] Quota error (device loop2): find_tree_dqentry: Cycle in quota tree detected: block 4 index 0 [ 373.307661][T12134] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0 [ 373.334581][T12134] EXT4-fs error (device loop2): ext4_acquire_dquot:6938: comm syz.2.1565: Failed to acquire dquot type 0 [ 373.355876][T12134] EXT4-fs warning (device loop2): ext4_enable_quotas:7173: Failed to enable quota tracking (type=0, err=-5, ino=3). Please run e2fsck to fix. [ 373.445530][ T5787] EXT4-fs error (device loop2): ext4_readdir:263: inode #2: block 3: comm syz-executor: path /427/file0: bad entry in directory: rec_len is too small for name_len - offset=24, inode=11, rec_len=20, size=4096 fake=0 [ 373.559209][ T9518] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 373.602703][T12153] loop3: detected capacity change from 0 to 128 [ 373.711790][T12153] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 373.760665][T12153] ext4 filesystem being mounted at /59/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 373.789031][ T9518] usb 5-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08 [ 373.798167][ T9518] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 373.855409][ T9518] usb 5-1: config 0 descriptor?? [ 373.865477][ T9518] gspca_main: cpia1-2.14.0 probing 0813:0001 [ 373.885592][T10882] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 374.095101][ T3458] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 374.280681][ T3458] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 374.295322][ T9518] cpia1 5-1:0.0: unexpected state after lo power cmd: 00 [ 374.425710][ T3458] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 374.637458][ T3458] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 374.698240][ T9518] gspca_cpia1: usb_control_msg 02, error -71 [ 374.727582][ T9518] gspca_cpia1: usb_control_msg 05, error -71 [ 374.740108][ T9518] cpia1 5-1:0.0: unexpected systemstate: 00 [ 374.771448][ T9518] usb 5-1: USB disconnect, device number 7 [ 375.309049][T12186] netlink: 152 bytes leftover after parsing attributes in process `syz.9.1583'. [ 375.318290][T12186] tipc: Started in network mode [ 375.334457][T12186] tipc: Node identity fe80000000000000000000000000002a, cluster identity 4711 [ 375.366429][T12186] tipc: Enabled bearer , priority 10 [ 375.459552][ T5101] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 375.480305][ T5101] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 375.493849][ T5101] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 375.514110][ T5101] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 375.525214][T12194] loop3: detected capacity change from 0 to 256 [ 375.533342][ T5101] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 375.542412][ T5101] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 375.585449][T12194] FAT-fs (loop3): Directory bread(block 1285) failed [ 375.651579][T12194] FAT-fs (loop3): Directory bread(block 1285) failed [ 376.374136][T12191] loop4: detected capacity change from 0 to 40427 [ 376.427414][T12215] loop6: detected capacity change from 0 to 524287999 [ 376.431703][T12191] F2FS-fs (loop4): invalid crc value [ 376.487798][ T9518] tipc: Node number set to 4269801514 [ 376.532317][T12191] F2FS-fs (loop4): Found nat_bits in checkpoint [ 376.686862][T12191] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4 [ 377.065239][T12190] chnl_net:caif_netlink_parms(): no params data found [ 377.209937][ T3458] hsr_slave_0: left promiscuous mode [ 377.248966][ T3458] hsr_slave_1: left promiscuous mode [ 377.255398][ T3458] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 377.284815][ T3458] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 377.304276][ T3458] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 377.312013][ T3458] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 377.320496][ T3458] bridge_slave_1: left allmulticast mode [ 377.326191][ T3458] bridge_slave_1: left promiscuous mode [ 377.333185][ T3458] bridge0: port 2(bridge_slave_1) entered disabled state [ 377.379868][ T3458] bridge_slave_0: left allmulticast mode [ 377.385755][ T3458] bridge_slave_0: left promiscuous mode [ 377.386045][T12217] loop9: detected capacity change from 0 to 40427 [ 377.396138][ T3458] bridge0: port 1(bridge_slave_0) entered disabled state [ 377.456965][T12217] F2FS-fs (loop9): Found nat_bits in checkpoint [ 377.546940][ T3458] veth1_macvtap: left promiscuous mode [ 377.559250][ T3458] veth0_macvtap: left promiscuous mode [ 377.565002][ T3458] veth1_vlan: left promiscuous mode [ 377.599943][ T3458] veth0_vlan: left promiscuous mode [ 377.606553][T12217] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5 [ 377.669194][ T5101] Bluetooth: hci2: command tx timeout [ 377.809507][ T7829] syz-executor: attempt to access beyond end of device [ 377.809507][ T7829] loop9: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 377.834101][ T7829] F2FS-fs (loop9): Stopped filesystem due to reason: 3 [ 378.090352][ T3458] team0 (unregistering): Port device batadv1 removed [ 378.962572][ T1288] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.970443][ T1288] ieee802154 phy1 wpan1: encryption failed: -22 [ 379.115363][ T3458] team0 (unregistering): Port device team_slave_1 removed [ 379.212707][ T3458] team0 (unregistering): Port device team_slave_0 removed [ 379.322129][ T3458] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 379.420871][ T3458] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 379.467536][T12257] loop4: detected capacity change from 0 to 32768 [ 379.475084][T12257] XFS: attr2 mount option is deprecated. [ 379.555375][T12257] XFS (loop4): DAX unsupported by block device. Turning off DAX. [ 379.568210][T12257] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 379.644005][T12257] XFS (loop4): Ending clean mount [ 379.680673][T12257] XFS (loop4): Quotacheck needed: Please wait. [ 379.749294][ T5101] Bluetooth: hci2: command tx timeout [ 379.828835][T12257] XFS (loop4): Quotacheck: Done. [ 380.153146][T10222] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 380.546999][ T3458] bond0 (unregistering): Released all slaves [ 380.853853][T12190] bridge0: port 1(bridge_slave_0) entered blocking state [ 380.865069][T12190] bridge0: port 1(bridge_slave_0) entered disabled state [ 380.873163][T12190] bridge_slave_0: entered allmulticast mode [ 380.881460][T12190] bridge_slave_0: entered promiscuous mode [ 380.900366][T12190] bridge0: port 2(bridge_slave_1) entered blocking state [ 380.918454][T12190] bridge0: port 2(bridge_slave_1) entered disabled state [ 380.957287][T12190] bridge_slave_1: entered allmulticast mode [ 380.965012][T12190] bridge_slave_1: entered promiscuous mode [ 381.064016][T12190] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 381.112492][T12190] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 381.284650][T12190] team0: Port device team_slave_0 added [ 381.312714][T12190] team0: Port device team_slave_1 added [ 381.475265][T12190] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 381.487301][T12190] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 381.549389][T12190] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 381.582931][T12190] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 381.598982][T12190] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 381.678868][T12190] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 381.745017][T12287] loop9: detected capacity change from 0 to 1024 [ 381.829261][ T5101] Bluetooth: hci2: command tx timeout [ 381.846482][T12287] EXT4-fs (loop9): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 381.860080][T12287] ext4 filesystem being mounted at /307/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 381.887070][T12190] hsr_slave_0: entered promiscuous mode [ 381.901532][T12190] hsr_slave_1: entered promiscuous mode [ 381.912773][T12287] EXT4-fs error (device loop9): ext4_map_blocks:718: inode #15: block 3: comm syz.9.1614: lblock 3 mapped to illegal pblock 3 (length 3) [ 381.918933][T12190] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 381.934716][T12190] Cannot create hsr debugfs directory [ 381.978083][T12287] EXT4-fs (loop9): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117 [ 381.999681][T12287] EXT4-fs (loop9): This should not happen!! Data will be lost [ 381.999681][T12287] [ 382.020934][T12294] EXT4-fs error (device loop9): ext4_map_blocks:718: inode #15: comm syz.9.1614: lblock 0 mapped to illegal pblock 0 (length 3) [ 382.074385][ T28] audit: type=1326 audit(1754055486.365:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12295 comm="syz.3.1615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe445b8eb69 code=0x7ffc0000 [ 382.128740][T12294] EXT4-fs (loop9): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 3 with error 117 [ 382.164923][ T28] audit: type=1326 audit(1754055486.395:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12295 comm="syz.3.1615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fe445b8eb69 code=0x7ffc0000 [ 382.188339][T12294] EXT4-fs (loop9): This should not happen!! Data will be lost [ 382.188339][T12294] [ 382.248769][ T28] audit: type=1326 audit(1754055486.395:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12295 comm="syz.3.1615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe445b8eb69 code=0x7ffc0000 [ 382.311835][ T28] audit: type=1326 audit(1754055486.395:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12295 comm="syz.3.1615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe445b8eb69 code=0x7ffc0000 [ 382.356734][ T2933] EXT4-fs error (device loop9): ext4_map_blocks:718: inode #15: block 7: comm kworker/u4:7: lblock 7 mapped to illegal pblock 7 (length 9) [ 382.390679][ T28] audit: type=1326 audit(1754055486.405:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12295 comm="syz.3.1615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=292 compat=0 ip=0x7fe445b8eb69 code=0x7ffc0000 [ 382.401949][ T2933] EXT4-fs (loop9): Delayed block allocation failed for inode 15 at logical offset 7 with max blocks 9 with error 117 [ 382.480268][ T28] audit: type=1326 audit(1754055486.405:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12295 comm="syz.3.1615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe445b8eb69 code=0x7ffc0000 [ 382.485540][ T2933] EXT4-fs (loop9): This should not happen!! Data will be lost [ 382.485540][ T2933] [ 382.566357][ T7829] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 382.571090][T12304] netlink: 'syz.3.1618': attribute type 12 has an invalid length. [ 382.883237][T12314] loop3: detected capacity change from 0 to 4096 [ 382.892911][T12314] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512). [ 383.013098][T12314] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 383.037828][T12314] ntfs3: loop3: Failed to initialize $Extend/$Reparse. [ 383.482432][T12312] loop9: detected capacity change from 0 to 32768 [ 383.491235][T12312] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop9 scanned by syz.9.1619 (12312) [ 383.531496][T12312] BTRFS info (device loop9): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 383.544569][T12312] BTRFS info (device loop9): using xxhash64 (xxhash64-generic) checksum algorithm [ 383.568917][T12312] BTRFS info (device loop9): force zlib compression, level 3 [ 383.578741][T12312] BTRFS info (device loop9): force clearing of disk cache [ 383.596874][T12312] BTRFS info (device loop9): turning off barriers [ 383.618816][T12312] BTRFS info (device loop9): doing ref verification [ 383.625504][T12312] BTRFS info (device loop9): enabling disk space caching [ 383.658255][T12312] BTRFS info (device loop9): disk space caching is enabled [ 383.817925][T12190] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 383.830954][T12190] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 383.858814][T12312] BTRFS info (device loop9): enabling ssd optimizations [ 383.869347][T12190] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 383.879392][T12312] BTRFS info (device loop9): auto enabling async discard [ 383.899549][T12312] BTRFS info (device loop9): rebuilding free space tree [ 383.901617][T12190] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 383.917742][ T5101] Bluetooth: hci2: command tx timeout [ 383.941309][T12312] BTRFS info (device loop9): disabling free space tree [ 383.961166][T12312] BTRFS info (device loop9): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 383.996203][T12312] BTRFS info (device loop9): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 384.185591][T12341] loop3: detected capacity change from 0 to 4096 [ 384.256812][T12190] 8021q: adding VLAN 0 to HW filter on device bond0 [ 384.277828][T12312] BTRFS info (device loop9): balance: start -d -m [ 384.288956][T12352] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 384.332053][T12190] 8021q: adding VLAN 0 to HW filter on device team0 [ 384.340586][T12312] BTRFS info (device loop9): relocating block group 6881280 flags data|metadata [ 384.428085][ T2933] bridge0: port 1(bridge_slave_0) entered blocking state [ 384.435392][ T2933] bridge0: port 1(bridge_slave_0) entered forwarding state [ 384.464711][ T2933] bridge0: port 2(bridge_slave_1) entered blocking state [ 384.471966][ T2933] bridge0: port 2(bridge_slave_1) entered forwarding state [ 384.537198][T12190] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 384.598964][T12190] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 384.657529][T12312] BTRFS info (device loop9): balance: paused [ 384.816892][ T7829] BTRFS info (device loop9): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 385.346630][T12190] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 385.512957][T12190] veth0_vlan: entered promiscuous mode [ 385.576472][T12190] veth1_vlan: entered promiscuous mode [ 385.582403][ T28] audit: type=1326 audit(1754055489.855:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12374 comm="syz.3.1626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe445b8eb69 code=0x7ffc0000 [ 385.650281][T12378] netlink: 'syz.9.1625': attribute type 2 has an invalid length. [ 385.661398][ T28] audit: type=1326 audit(1754055489.855:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12374 comm="syz.3.1626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe445b8eb69 code=0x7ffc0000 [ 385.745254][T12190] veth0_macvtap: entered promiscuous mode [ 385.754220][ T28] audit: type=1326 audit(1754055489.895:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12374 comm="syz.3.1626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe445b8eb69 code=0x7ffc0000 [ 385.787108][T12190] veth1_macvtap: entered promiscuous mode [ 385.825626][ T28] audit: type=1326 audit(1754055489.895:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12374 comm="syz.3.1626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe445b8eb69 code=0x7ffc0000 [ 385.862404][T12190] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 385.886530][T12190] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 385.904745][T12190] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 385.948859][T12190] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 385.987381][T12190] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 386.008924][T12190] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 386.028766][T12190] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 386.048811][T12190] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 386.068477][T12362] loop4: detected capacity change from 0 to 32768 [ 386.080795][T12190] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 386.126861][T12190] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 386.156691][T12190] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 386.175391][T12190] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 386.188121][T12190] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 386.219874][T12190] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 386.257721][T12190] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 386.289427][T12190] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 386.302246][T12190] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 386.341007][T12190] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 386.376428][T12190] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 386.405498][T12190] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 386.432396][T12190] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 386.458883][T12190] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 386.681599][ T43] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 386.709871][ T43] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 386.809165][ T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 386.817150][ T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 387.298622][T12420] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 387.306120][T12420] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 387.559316][ T6595] usb 10-1: new high-speed USB device number 15 using dummy_hcd [ 387.772317][ T6595] usb 10-1: unable to get BOS descriptor or descriptor too short [ 387.798213][ T6595] usb 10-1: config 6 has an invalid interface number: 200 but max is 0 [ 387.814670][T12409] loop3: detected capacity change from 0 to 40427 [ 387.821397][ T6595] usb 10-1: config 6 has no interface number 0 [ 387.830733][T12409] F2FS-fs (loop3): build fault injection attr: rate: 771, type: 0x7ffff [ 387.839585][ T6595] usb 10-1: config 6 interface 200 has no altsetting 0 [ 387.855164][T12409] F2FS-fs (loop3): invalid crc value [ 387.864448][ T6595] usb 10-1: New USB device found, idVendor=05d8, idProduct=810c, bcdDevice=18.5f [ 387.889345][ T6595] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 387.901928][ T6595] usb 10-1: Product: syz [ 387.909372][ T6595] usb 10-1: Manufacturer: syz [ 387.914136][ T6595] usb 10-1: SerialNumber: syz [ 387.923249][T12409] F2FS-fs (loop3): Found nat_bits in checkpoint [ 388.065503][T12409] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 388.224475][T12435] f2fs_ckpt-7:3: attempt to access beyond end of device [ 388.224475][T12435] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 388.253749][T12435] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 388.742744][ T6595] dvb-usb: found a 'Artec T14 - USB2.0 DVB-T' in warm state. [ 388.769785][ T6595] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 388.809698][ T6595] dvbdev: DVB: registering new adapter (Artec T14 - USB2.0 DVB-T) [ 388.828796][ T6595] usb 10-1: media controller created [ 388.910845][ T6595] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 388.979365][ T6595] dvb-usb: bulk message failed: -71 (6/0) [ 388.999274][ T6595] dvb-usb: bulk message failed: -71 (6/0) [ 389.005325][ T6595] dvb-usb: no frontend was attached by 'Artec T14 - USB2.0 DVB-T' [ 389.026910][ T6595] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.9/usb10/10-1/input/input29 [ 389.070282][ T6595] dvb-usb: schedule remote query interval to 150 msecs. [ 389.077312][ T6595] dvb-usb: Artec T14 - USB2.0 DVB-T successfully initialized and connected. [ 389.127164][ T6595] usb 10-1: USB disconnect, device number 15 [ 389.161925][T12470] loop4: detected capacity change from 0 to 128 [ 389.218514][ T6595] dvb-usb: Artec T14 - USB2.0 DVB-T successfully deinitialized and disconnected. [ 389.227213][T12470] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 389.346712][T12470] UDF-fs: error (device loop4): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40) [ 389.398398][T12474] loop1: detected capacity change from 0 to 1024 [ 389.417276][T12477] loop3: detected capacity change from 0 to 1024 [ 389.640651][ T59] hfsplus: b-tree write err: -5, ino 4 [ 389.814336][ T2933] hfsplus: b-tree write err: -5, ino 3 [ 389.847799][T12502] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1657'. [ 390.175869][T12508] loop1: detected capacity change from 0 to 4096 [ 390.195009][T12508] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [ 390.575598][T12524] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1668'. [ 390.603255][T12526] loop1: detected capacity change from 0 to 256 [ 390.698945][ T5836] usb 10-1: new high-speed USB device number 16 using dummy_hcd [ 390.720523][ T8] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 390.918880][ T5836] usb 10-1: Using ep0 maxpacket: 32 [ 390.924320][ T8] usb 5-1: Using ep0 maxpacket: 16 [ 390.948121][ T8] usb 5-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 390.960176][ T5836] usb 10-1: config 0 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 390.982379][ T5836] usb 10-1: config 0 interface 0 altsetting 1 endpoint 0x81 has invalid wMaxPacketSize 0 [ 390.992563][ T8] usb 5-1: config 0 interface 0 has no altsetting 0 [ 391.005131][ T8] usb 5-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00 [ 391.014505][ T5836] usb 10-1: config 0 interface 0 has no altsetting 0 [ 391.024667][ T5836] usb 10-1: New USB device found, idVendor=28de, idProduct=1205, bcdDevice= 0.00 [ 391.034078][ T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 391.043187][T12536] loop3: detected capacity change from 0 to 128 [ 391.049329][ T5836] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 391.059082][ T8] usb 5-1: config 0 descriptor?? [ 391.066908][T12536] EXT4-fs: Ignoring removed nobh option [ 391.091692][ T5836] usb 10-1: config 0 descriptor?? [ 391.114664][T12536] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 391.139739][T12536] ext4 filesystem being mounted at /97/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 391.155463][T12534] loop1: detected capacity change from 0 to 4096 [ 391.221640][T12534] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 391.254767][T10882] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 391.320273][ T28] kauditd_printk_skb: 10 callbacks suppressed [ 391.320325][ T28] audit: type=1800 audit(1754055495.615:103): pid=12534 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1673" name="file1" dev="loop1" ino=30 res=0 errno=0 [ 391.539807][ T8] nzxt-smart2 0003:1E71:2009.000E: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.4-1/input0 [ 391.560821][ T5836] hid-steam 0003:28DE:1205.000F: unknown main item tag 0x0 [ 391.578542][ T5836] hid-steam 0003:28DE:1205.000F: unknown main item tag 0x0 [ 391.610443][ T5836] hid-steam 0003:28DE:1205.000F: : USB HID v0.00 Device [HID 28de:1205] on usb-dummy_hcd.9-1/input0 [ 391.719602][ T5836] hid-steam 0003:28DE:1205.000F: Steam Controller 'XXXXXXXXXX' connected [ 391.753915][ T5836] input: Steam Deck as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:0.0/0003:28DE:1205.000F/input/input30 [ 391.776617][T12548] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1677'. [ 391.805232][ T5836] input: Steam Deck Motion Sensors as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:0.0/0003:28DE:1205.000F/input/input31 [ 391.849197][ T5836] hid-steam 0003:28DE:1205.0010: unknown main item tag 0x0 [ 391.860749][ T5836] hid-steam 0003:28DE:1205.0010: unknown main item tag 0x0 [ 391.927278][ T5836] hid-steam 0003:28DE:1205.0010: hidraw1: USB HID v0.00 Device [HID 28de:1205] on usb-dummy_hcd.9-1/input0 [ 391.999394][ T5836] usb 10-1: USB disconnect, device number 16 [ 392.042570][ T9] usb 5-1: USB disconnect, device number 8 [ 392.176733][ T5836] hid-steam 0003:28DE:1205.000F: Steam Controller 'XXXXXXXXXX' disconnected [ 392.319153][T12564] binder: 12563:12564 ioctl c00c620f 200000000040 returned -22 [ 393.509077][ T9] usb 10-1: new high-speed USB device number 17 using dummy_hcd [ 393.591550][T12580] loop3: detected capacity change from 0 to 32768 [ 393.610518][T12580] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop3 scanned by syz.3.1686 (12580) [ 393.632950][T12580] BTRFS info (device loop3): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 393.658949][T12580] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm [ 393.672030][T12580] BTRFS info (device loop3): force zlib compression, level 3 [ 393.679842][T12580] BTRFS info (device loop3): force clearing of disk cache [ 393.687157][T12580] BTRFS info (device loop3): turning off barriers [ 393.698439][T12580] BTRFS info (device loop3): doing ref verification [ 393.705481][T12580] BTRFS info (device loop3): enabling disk space caching [ 393.712755][T12580] BTRFS info (device loop3): disk space caching is enabled [ 393.728821][ T9] usb 10-1: Using ep0 maxpacket: 8 [ 393.741817][ T9] usb 10-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b [ 393.753586][T12606] loop1: detected capacity change from 0 to 2048 [ 393.769315][T12606] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 393.770454][ T9] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 393.812145][ T9] pvrusb2: Hardware description: Terratec Grabster AV400 [ 393.819359][T12620] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 393.851471][ T9] pvrusb2: ********** [ 393.855584][ T9] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 393.886403][ T9] pvrusb2: Important functionality might not be entirely working. [ 393.888920][T12580] BTRFS info (device loop3): enabling ssd optimizations [ 393.898703][ T9] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 393.918791][T12580] BTRFS info (device loop3): auto enabling async discard [ 393.937262][ T9] pvrusb2: ********** [ 393.950916][T12580] BTRFS info (device loop3): rebuilding free space tree [ 394.028254][T12580] BTRFS info (device loop3): disabling free space tree [ 394.052149][T12591] loop4: detected capacity change from 0 to 32768 [ 394.053719][T12580] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 394.059900][ T2317] pvrusb2: Invalid write control endpoint [ 394.086511][T12580] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 394.280809][ T2317] pvrusb2: Invalid write control endpoint [ 394.299128][ T2317] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 394.328931][ T2317] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 394.353010][T12580] BTRFS info (device loop3): balance: start -d -m [ 394.369001][ T2317] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 394.379796][ T9] usb 10-1: USB disconnect, device number 17 [ 394.400094][T12580] BTRFS info (device loop3): relocating block group 6881280 flags data|metadata [ 394.419593][ T2317] pvrusb2: Device being rendered inoperable [ 394.426870][ T2317] cx25840 1-0044: Unable to detect h/w, assuming cx23887 [ 394.474026][ T2317] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a) [ 394.525118][ T2317] pvrusb2: Attached sub-driver cx25840 [ 394.540564][ T2317] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 394.575832][T12580] BTRFS info (device loop3): balance: paused [ 394.598877][ T2317] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 394.810784][T10882] BTRFS info (device loop3): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 394.922879][T12640] loop4: detected capacity change from 0 to 256 [ 395.090513][ T28] audit: type=1800 audit(1754055499.375:104): pid=12640 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1697" name="file1" dev="loop4" ino=1048709 res=0 errno=0 [ 395.114208][T12640] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 395.185850][T12640] FAT-fs (loop4): Filesystem has been set read-only [ 395.208762][T12640] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 395.225053][T12640] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 395.274976][T12640] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 395.320957][T12627] loop1: detected capacity change from 0 to 32768 [ 395.421916][T12627] JBD2: Ignoring recovery information on journal [ 395.552284][T12627] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 395.996735][T12190] ocfs2: Unmounting device (7,1) on (node local) [ 396.053709][T12670] sp0: Synchronizing with TNC [ 396.995112][T12697] loop1: detected capacity change from 0 to 4096 [ 397.017230][T12697] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 397.048574][T12697] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 397.304928][T12710] loop9: detected capacity change from 0 to 1024 [ 397.315042][T12710] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 397.396385][T12710] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 397.553481][T12710] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters [ 397.617387][T12710] EXT4-fs warning (device loop9): ext4_expand_extra_isize_ea:2867: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 397.754796][ T7829] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 398.918828][ T5836] usb 10-1: new high-speed USB device number 18 using dummy_hcd [ 398.924961][T12732] loop1: detected capacity change from 0 to 40427 [ 398.944608][T12732] F2FS-fs (loop1): build fault injection attr: rate: 690, type: 0x7ffff [ 398.963785][T12732] F2FS-fs (loop1): Image doesn't support compression [ 398.974551][T12732] F2FS-fs (loop1): Image doesn't support compression [ 398.999382][T12732] F2FS-fs (loop1): invalid crc value [ 399.031795][T12732] F2FS-fs (loop1): Found nat_bits in checkpoint [ 399.118723][ T5836] usb 10-1: Using ep0 maxpacket: 16 [ 399.132015][T12732] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 399.144623][ T5836] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 399.167085][ T5836] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 399.191281][ T5836] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 399.211153][ T5836] usb 10-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 399.224735][ T5836] usb 10-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 399.254016][ T5836] usb 10-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 399.275449][T12732] syz.1.1720: attempt to access beyond end of device [ 399.275449][T12732] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 399.277197][ T5836] usb 10-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 399.312979][T12732] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 399.322629][ T5836] usb 10-1: Manufacturer: syz [ 399.339169][ T5836] usb 10-1: config 0 descriptor?? [ 399.349043][ T5101] Bluetooth: hci2: command tx timeout [ 399.451219][ T96] block nbd0: Possible stuck request ffff888021ac8000: control (read@0,1024B). Runtime 120 seconds [ 399.588915][ T6595] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 399.675213][ T5836] rc_core: IR keymap rc-hauppauge not found [ 399.683746][ T5836] Registered IR keymap rc-empty [ 399.697985][ T5836] mceusb 10-1:0.0: Error: mce write submit urb error = -90 [ 399.729037][ T5836] mceusb 10-1:0.0: Error: mce write submit urb error = -90 [ 399.760771][ T5836] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:0.0/rc/rc0 [ 399.783575][ T5836] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:0.0/rc/rc0/input32 [ 399.805767][ T5836] mceusb 10-1:0.0: Error: mce write submit urb error = -90 [ 399.831792][ T6595] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 399.853577][ T5836] mceusb 10-1:0.0: Error: mce write submit urb error = -90 [ 399.855786][ T6595] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 399.900110][ T5836] mceusb 10-1:0.0: Error: mce write submit urb error = -90 [ 399.909135][ T6595] usb 4-1: New USB device found, idVendor=13e5, idProduct=0001, bcdDevice=4e.53 [ 399.918235][ T6595] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 399.938136][ T5836] mceusb 10-1:0.0: Error: mce write submit urb error = -90 [ 399.969714][ T5836] mceusb 10-1:0.0: Error: mce write submit urb error = -90 [ 399.982474][ T6595] usb 4-1: config 0 descriptor?? [ 400.022506][ T5836] mceusb 10-1:0.0: Error: mce write submit urb error = -90 [ 400.061142][ T5836] mceusb 10-1:0.0: Error: mce write submit urb error = -90 [ 400.128820][ T5836] mceusb 10-1:0.0: Error: mce write submit urb error = -90 [ 400.168838][ T5836] mceusb 10-1:0.0: Error: mce write submit urb error = -90 [ 400.210289][ T5836] mceusb 10-1:0.0: Error: mce write submit urb error = -90 [ 400.247883][ T6595] usb 4-1: USB disconnect, device number 9 [ 400.268878][ T5836] mceusb 10-1:0.0: Error: mce write submit urb error = -90 [ 400.313224][ T5836] mceusb 10-1:0.0: Registered with mce emulator interface version 1 [ 400.339588][ T5836] mceusb 10-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 400.379218][ T5836] usb 10-1: USB disconnect, device number 18 [ 401.011996][T12793] loop4: detected capacity change from 0 to 40427 [ 401.035924][T12793] F2FS-fs (loop4): Wrong secs_per_zone / total_sections (4285726721, 24) [ 401.050610][T12793] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 401.072676][T12793] F2FS-fs (loop4): heap/no_heap options were deprecated [ 401.109520][T12793] F2FS-fs (loop4): invalid crc value [ 401.119799][T12793] F2FS-fs (loop4): Found nat_bits in checkpoint [ 401.273664][T12793] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 401.292470][T12793] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 401.347691][T12803] loop1: detected capacity change from 0 to 32768 [ 401.395350][T12803] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 401.429405][ T5101] Bluetooth: hci2: command tx timeout [ 401.486418][T12803] XFS (loop1): Ending clean mount [ 401.508082][T12803] XFS (loop1): Quotacheck needed: Please wait. [ 401.645570][T12803] XFS (loop1): Quotacheck: Done. [ 401.751895][T12190] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 402.086903][T12837] loop3: detected capacity change from 0 to 4096 [ 403.394238][T12883] loop1: detected capacity change from 0 to 4096 [ 403.688856][ T788] usb 10-1: new high-speed USB device number 19 using dummy_hcd [ 403.784614][T12903] loop1: detected capacity change from 0 to 4096 [ 403.816232][T12907] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 403.909713][ T788] usb 10-1: Using ep0 maxpacket: 16 [ 403.926971][ T788] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 403.939521][ T788] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 403.949638][ T788] usb 10-1: New USB device found, idVendor=1770, idProduct=ff00, bcdDevice= 0.00 [ 403.958849][ T788] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 403.971225][ T788] usb 10-1: config 0 descriptor?? [ 404.404129][ T788] gt683r_led 0003:1770:FF00.0011: unknown main item tag 0x0 [ 404.419338][ T788] gt683r_led 0003:1770:FF00.0011: item fetching failed at offset 4/5 [ 404.428337][ T788] gt683r_led 0003:1770:FF00.0011: hid parsing failed [ 404.451567][ T788] gt683r_led: probe of 0003:1770:FF00.0011 failed with error -22 [ 404.500247][T12900] loop4: detected capacity change from 0 to 32768 [ 404.508354][T12900] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop4 scanned by syz.4.1762 (12900) [ 404.526018][T12900] BTRFS info (device loop4): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6 [ 404.542198][T12900] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm [ 404.553365][T12900] BTRFS info (device loop4): using free space tree [ 404.648470][T12906] loop3: detected capacity change from 0 to 40427 [ 404.661695][ T5836] usb 10-1: USB disconnect, device number 19 [ 404.675243][T12906] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 404.687992][T12906] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 404.704257][T12906] F2FS-fs (loop3): invalid crc value [ 404.721274][T12900] BTRFS info (device loop4): enabling ssd optimizations [ 404.728601][T12900] BTRFS info (device loop4): auto enabling async discard [ 404.741033][T12906] F2FS-fs (loop3): Found nat_bits in checkpoint [ 404.815392][ T28] audit: type=1800 audit(1754055509.105:105): pid=12900 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1762" name="file2" dev="loop4" ino=261 res=0 errno=0 [ 404.859467][T12906] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 404.875764][T12906] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 404.983360][ T28] audit: type=1800 audit(1754055509.275:106): pid=12906 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1764" name="file1" dev="loop3" ino=10 res=0 errno=0 [ 405.051607][T10222] BTRFS info (device loop4): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6 [ 405.398061][T12948] loop1: detected capacity change from 0 to 512 [ 405.456825][T12948] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 405.541298][T12948] EXT4-fs (loop1): 1 truncate cleaned up [ 405.548434][T12948] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 405.648879][T12948] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2244: inode #15: comm syz.1.1767: corrupted in-inode xattr: overlapping e_value [ 405.691756][T12948] EXT4-fs warning (device loop1): ext4_xattr_set_entry:1781: inode #15: comm syz.1.1767: unable to update i_inline_off [ 405.722157][T12957] EXT4-fs error (device loop1): ext4_xattr_ibody_get:653: inode #15: comm syz.1.1767: corrupted in-inode xattr: overlapping e_value [ 405.885691][T12190] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 406.628952][ T788] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 406.809918][ T788] usb 5-1: Using ep0 maxpacket: 32 [ 406.845869][ T788] usb 5-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 406.860604][ T788] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 406.887190][ T788] usb 5-1: config 0 descriptor?? [ 406.949405][T12963] loop1: detected capacity change from 0 to 40427 [ 406.968129][T12963] F2FS-fs (loop1): Wrong secs_per_zone / total_sections (4285726721, 24) [ 406.987056][T12963] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 407.006840][T12963] F2FS-fs (loop1): heap/no_heap options were deprecated [ 407.036080][T12963] F2FS-fs (loop1): invalid crc value [ 407.053272][T12963] F2FS-fs (loop1): Found nat_bits in checkpoint [ 407.134023][T12968] loop3: detected capacity change from 0 to 40427 [ 407.139083][ T788] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 407.144692][T12968] F2FS-fs (loop3): build fault injection attr: rate: 690, type: 0x7ffff [ 407.169840][ T788] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 407.176181][T12968] F2FS-fs (loop3): Image doesn't support compression [ 407.189658][ T788] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 407.197091][ T788] usb 5-1: media controller created [ 407.205695][T12968] F2FS-fs (loop3): Image doesn't support compression [ 407.230576][T12963] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 407.243786][T12963] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 407.244377][T12968] F2FS-fs (loop3): invalid crc value [ 407.256133][ T788] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 407.304118][T12968] F2FS-fs (loop3): Found nat_bits in checkpoint [ 407.342431][ T788] az6027: usb out operation failed. (-71) [ 407.359809][ T788] az6027: usb out operation failed. (-71) [ 407.372911][ T788] stb0899_attach: Driver disabled by Kconfig [ 407.398967][ T788] az6027: no front-end attached [ 407.398967][ T788] [ 407.407281][T12968] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 407.436680][ T788] az6027: usb out operation failed. (-71) [ 407.449065][ T788] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 407.476895][ T788] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb5/5-1/input/input33 [ 407.509315][ T788] dvb-usb: schedule remote query interval to 400 msecs. [ 407.518140][T12968] syz.3.1766: attempt to access beyond end of device [ 407.518140][T12968] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 407.534221][ T788] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 407.565860][T12968] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 407.575398][ T788] usb 5-1: USB disconnect, device number 9 [ 407.685258][ T788] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 408.692701][T12992] loop9: detected capacity change from 0 to 32768 [ 408.778505][T12992] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 408.807211][T12992] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 408.929555][ T788] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 408.959297][T12992] gfs2: fsid=syz:syz.s: journal 0 mapped with 5 extents in 0ms [ 409.001624][T13027] veth0_to_team: entered promiscuous mode [ 409.014482][T13027] veth0_to_team: entered allmulticast mode [ 409.087616][T12992] gfs2: fsid=syz:syz.s: first mount done, others may mount [ 409.138858][ T788] usb 4-1: Using ep0 maxpacket: 16 [ 409.158024][ T788] usb 4-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6 [ 409.188796][ T788] usb 4-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3 [ 409.197405][ T788] usb 4-1: Product: syz [ 409.221007][ T788] usb 4-1: Manufacturer: syz [ 409.225699][ T788] usb 4-1: SerialNumber: syz [ 409.240376][ T788] usb 4-1: config 0 descriptor?? [ 409.463410][T13032] loop1: detected capacity change from 0 to 4096 [ 409.527212][ T8215] usb 4-1: USB disconnect, device number 10 [ 410.406830][T13063] tap0: tun_chr_ioctl cmd 2147767519 [ 410.670650][T13055] loop9: detected capacity change from 0 to 32768 [ 410.705150][T13055] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop9 scanned by syz.9.1787 (13055) [ 410.742171][T13055] BTRFS info (device loop9): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 410.763808][T13055] BTRFS info (device loop9): using crc32c (crc32c-intel) checksum algorithm [ 410.808273][T13055] BTRFS info (device loop9): allowing degraded mounts [ 410.829089][T13055] BTRFS info (device loop9): turning on flush-on-commit [ 410.836461][T13055] BTRFS info (device loop9): max_inline at 0 [ 410.852869][T13055] BTRFS info (device loop9): setting nodatasum [ 410.872940][T13055] BTRFS info (device loop9): setting incompat feature flag for COMPRESS_LZO (0x8) [ 410.918090][T13055] BTRFS info (device loop9): use lzo compression, level 0 [ 410.931521][T13055] BTRFS warning (device loop9): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 410.963178][T13055] BTRFS info (device loop9): trying to use backup root at mount time [ 410.993576][T13055] BTRFS info (device loop9): turning on sync discard [ 411.026757][T13055] BTRFS info (device loop9): using free space tree [ 411.175509][T13091] loop4: detected capacity change from 0 to 1024 [ 411.192288][T13055] BTRFS info (device loop9): enabling ssd optimizations [ 411.309096][T13091] tmpfs: Bad value for 'nr_inodes' [ 411.396064][T13061] loop3: detected capacity change from 0 to 40427 [ 411.423102][T13061] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 411.436085][ T2921] hfsplus: b-tree write err: -5, ino 4 [ 411.452987][T13061] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 411.474596][T13068] loop1: detected capacity change from 0 to 32768 [ 411.494287][T13061] F2FS-fs (loop3): Found nat_bits in checkpoint [ 411.544534][ T7829] BTRFS info (device loop9): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 411.594382][T13103] batadv_slave_1: entered promiscuous mode [ 411.615882][T13061] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 411.637280][T13061] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 411.646639][T13102] batadv_slave_1: left promiscuous mode [ 412.217682][T13113] loop4: detected capacity change from 0 to 164 [ 412.615641][ T6595] kernel read not supported for file /dsp (pid: 6595 comm: kworker/1:4) [ 413.157130][T13116] loop1: detected capacity change from 0 to 32768 [ 413.259618][T13116] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 413.526661][T13116] XFS (loop1): Ending clean mount [ 413.539738][T13116] XFS (loop1): Quotacheck needed: Please wait. [ 413.665627][T13116] XFS (loop1): Quotacheck: Done. [ 413.718865][ T5836] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 413.812950][T13129] loop4: detected capacity change from 0 to 40427 [ 413.859454][T13129] F2FS-fs (loop4): invalid crc value [ 413.860349][T12190] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 413.889790][T13129] F2FS-fs (loop4): Found nat_bits in checkpoint [ 413.929225][ T5836] usb 4-1: Using ep0 maxpacket: 16 [ 413.946429][ T5836] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 413.974043][ T5836] usb 4-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 413.994951][ T5836] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 414.012809][ T5836] usb 4-1: config 0 descriptor?? [ 414.013749][T13129] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 414.126129][T13129] F2FS-fs (loop4): access invalid blkaddr:4043309056 [ 414.144416][T13129] CPU: 1 PID: 13129 Comm: syz.4.1804 Not tainted 6.6.101-syzkaller #0 [ 414.152664][T13129] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 414.162793][T13129] Call Trace: [ 414.166210][T13129] [ 414.169192][T13129] dump_stack_lvl+0x16c/0x230 [ 414.173938][T13129] ? show_regs_print_info+0x20/0x20 [ 414.179198][T13129] ? f2fs_get_next_page_offset+0x690/0x690 [ 414.185096][T13129] f2fs_is_valid_blkaddr+0xef8/0x1580 [ 414.190536][T13129] f2fs_map_blocks+0xcdd/0x3c00 [ 414.195577][T13129] ? f2fs_get_block_locked+0xe0/0xe0 [ 414.200935][T13129] ? __lock_acquire+0x7c80/0x7c80 [ 414.206196][T13129] ? xas_descend+0x3a4/0x490 [ 414.210845][T13129] ? xa_load+0x2c0/0x2e0 [ 414.215356][T13129] ? xa_load+0x64/0x2e0 [ 414.219572][T13129] ? page_index+0xe7/0x470 [ 414.224110][T13129] f2fs_mpage_readpages+0x9f5/0x1ec0 [ 414.229587][T13129] ? detach_page_private+0x4c0/0x4c0 [ 414.234939][T13129] ? __mod_lruvec_page_state+0xa5/0x420 [ 414.240588][T13129] ? f2fs_readahead+0x167/0x300 [ 414.245510][T13129] ? f2fs_dirty_data_folio+0x810/0x810 [ 414.251044][T13129] read_pages+0x177/0x840 [ 414.255457][T13129] ? folio_put+0xd0/0xd0 [ 414.259775][T13129] ? page_cache_ra_unbounded+0x770/0x770 [ 414.265572][T13129] ? filemap_add_folio+0x192/0x3c0 [ 414.270756][T13129] page_cache_ra_unbounded+0x692/0x770 [ 414.276302][T13129] f2fs_readdir+0x44c/0x8c0 [ 414.280895][T13129] ? f2fs_fill_dentries+0xbb0/0xbb0 [ 414.286164][T13129] ? mutex_lock_nested+0x20/0x20 [ 414.291299][T13129] ? end_current_label_crit_section+0x149/0x170 [ 414.297791][T13129] ? down_read_killable+0x1d0/0x340 [ 414.303061][T13129] ? fsnotify_perm+0x271/0x5e0 [ 414.307901][T13129] iterate_dir+0x1c2/0x580 [ 414.312483][T13129] __se_sys_getdents64+0xe9/0x260 [ 414.317573][T13129] ? __x64_sys_getdents64+0x80/0x80 [ 414.322944][T13129] ? filldir+0x680/0x680 [ 414.327258][T13129] ? lockdep_hardirqs_on+0x98/0x150 [ 414.332609][T13129] do_syscall_64+0x55/0xb0 [ 414.337099][T13129] ? clear_bhb_loop+0x40/0x90 [ 414.341841][T13129] ? clear_bhb_loop+0x40/0x90 [ 414.346579][T13129] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 414.352603][T13129] RIP: 0033:0x7f8734d8eb69 [ 414.357090][T13129] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 414.376754][T13129] RSP: 002b:00007f8735c7a038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9 [ 414.385232][T13129] RAX: ffffffffffffffda RBX: 00007f8734fb5fa0 RCX: 00007f8734d8eb69 [ 414.393259][T13129] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000005 [ 414.401284][T13129] RBP: 00007f8734e11df1 R08: 0000000000000000 R09: 0000000000000000 [ 414.409312][T13129] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 414.417341][T13129] R13: 0000000000000000 R14: 00007f8734fb5fa0 R15: 00007ffeb9417c98 [ 414.425477][T13129] [ 414.452639][ T5836] mcp2221 0003:04D8:00DD.0012: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.3-1/input0 [ 414.482288][T13129] syz.4.1804: attempt to access beyond end of device [ 414.482288][T13129] loop4: rw=524288, sector=45064, nr_sectors = 8 limit=40427 [ 414.505701][T13129] syz.4.1804: attempt to access beyond end of device [ 414.505701][T13129] loop4: rw=0, sector=45064, nr_sectors = 8 limit=40427 [ 414.589204][T10222] syz-executor: attempt to access beyond end of device [ 414.589204][T10222] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 414.646661][T10222] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 414.923785][ T5836] usb 4-1: USB disconnect, device number 11 [ 415.508922][ T5836] usb 10-1: new high-speed USB device number 20 using dummy_hcd [ 415.536279][T13202] loop1: detected capacity change from 0 to 512 [ 415.588210][T13202] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 415.654697][T13202] EXT4-fs (loop1): 1 truncate cleaned up [ 415.699022][T13202] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 415.726933][T13213] loop4: detected capacity change from 0 to 64 [ 415.752996][ T5836] usb 10-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 415.771720][ T5836] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 415.819325][ T5836] usb 10-1: config 0 descriptor?? [ 415.843029][ T5836] cp210x 10-1:0.0: cp210x converter detected [ 415.858731][ T28] audit: type=1800 audit(1754055520.125:107): pid=13213 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1823" name="file1" dev="loop4" ino=18 res=0 errno=0 [ 415.898343][T13202] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2244: inode #15: comm syz.1.1820: corrupted in-inode xattr: overlapping e_value [ 415.909706][ T28] audit: type=1800 audit(1754055520.155:108): pid=13202 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1820" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 415.959779][T13202] EXT4-fs warning (device loop1): ext4_xattr_set_entry:1781: inode #15: comm syz.1.1820: unable to update i_inline_off [ 415.972323][ T28] audit: type=1800 audit(1754055520.155:109): pid=13202 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1820" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 416.008197][T13219] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2244: inode #15: comm syz.1.1820: corrupted in-inode xattr: overlapping e_value [ 416.039255][T13219] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2244: inode #15: comm syz.1.1820: corrupted in-inode xattr: overlapping e_value [ 416.134139][T13223] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present [ 416.216167][T12190] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 416.263639][ T5836] cp210x 10-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 416.288072][ T5836] usb 10-1: cp210x converter now attached to ttyUSB0 [ 416.294477][T13227] loop4: detected capacity change from 0 to 128 [ 416.517916][ T5836] usb 10-1: USB disconnect, device number 20 [ 416.539389][ T5836] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 416.571607][ T5836] cp210x 10-1:0.0: device disconnected [ 416.634059][T13243] mkiss: ax0: crc mode is auto. [ 417.188926][ T6595] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 417.380914][ T6595] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024 [ 417.401934][ T6595] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 1023 [ 417.432925][ T6595] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 417.463005][ T6595] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 417.468427][T13266] loop4: detected capacity change from 0 to 4096 [ 417.479279][T13266] ntfs: (device loop4): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 417.481019][ T6595] usb 4-1: Product: syz [ 417.538775][ T6595] usb 4-1: Manufacturer: syz [ 417.543461][ T6595] usb 4-1: SerialNumber: syz [ 417.573667][T13266] ntfs: volume version 3.1. [ 417.819079][ T6595] cdc_ncm 4-1:1.0: bind() failure [ 417.832844][ T6595] cdc_ncm 4-1:1.1: CDC Union missing and no IAD found [ 417.868939][ T6595] cdc_ncm 4-1:1.1: bind() failure [ 417.917242][ T6595] usb 4-1: USB disconnect, device number 12 [ 418.164087][T13294] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0 [ 419.184095][T13302] loop1: detected capacity change from 0 to 32768 [ 419.656229][T13309] loop3: detected capacity change from 0 to 40427 [ 419.729189][T13309] F2FS-fs (loop3): Found nat_bits in checkpoint [ 419.883108][T13309] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 419.940635][T13309] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 420.134331][ T3458] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 420.229067][T10882] syz-executor: attempt to access beyond end of device [ 420.229067][T10882] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 420.257112][T10882] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 420.361793][ T3458] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 420.409032][ T5836] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 420.517561][ T3458] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 420.609761][ T5836] usb 2-1: Using ep0 maxpacket: 16 [ 420.625409][ T5836] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 420.638790][ T5836] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 420.663675][ T5836] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 420.688444][ T5836] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 420.708770][ T5836] usb 2-1: Product: syz [ 420.713028][ T5836] usb 2-1: Manufacturer: syz [ 420.738137][ T5836] usb 2-1: SerialNumber: syz [ 420.757188][ T5836] usb 2-1: selecting invalid altsetting 1 [ 420.780487][ T3458] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 421.166649][ T3458] tipc: Disabling bearer [ 421.194767][ T3458] tipc: Left network mode [ 421.207992][T13356] netlink: 46 bytes leftover after parsing attributes in process `syz.3.1864'. [ 421.487627][ T5793] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 421.504949][ T5793] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 421.514524][ T5793] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 421.534056][ T5793] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 421.543490][ T5793] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 421.551299][ T5793] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 421.603406][ T5836] cdc_ncm 2-1:1.0: SET_NTB_FORMAT failed [ 421.640479][ T5836] usb 2-1: selecting invalid altsetting 1 [ 421.660085][ T5836] cdc_ncm 2-1:1.0: bind() failure [ 421.718350][ T5836] usb 2-1: USB disconnect, device number 12 [ 421.806250][T13371] loop3: detected capacity change from 0 to 1024 [ 421.833882][T13371] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 421.875538][T13371] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 421.911080][T13371] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c800e02c, mo2=0000] [ 421.981201][T13371] EXT4-fs error (device loop3): ext4_map_blocks:608: inode #3: block 2: comm syz.3.1866: lblock 2 mapped to illegal pblock 2 (length 1) [ 422.046733][T13371] EXT4-fs (loop3): Remounting filesystem read-only [ 422.067537][T13371] Quota error (device loop3): qtree_write_dquot: dquota write failed [ 422.129254][T13371] Quota error (device loop3): v2_write_file_info: Can't write info structure [ 422.161925][T13371] EXT4-fs (loop3): 1 orphan inode deleted [ 422.187144][T13371] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 422.375670][T10882] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 422.639431][ T9518] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 422.767016][T13361] chnl_net:caif_netlink_parms(): no params data found [ 422.815150][T13399] loop1: detected capacity change from 0 to 4096 [ 422.848909][ T9518] usb 5-1: Using ep0 maxpacket: 32 [ 422.860068][ T9518] usb 5-1: config 0 has an invalid interface number: 51 but max is 0 [ 422.887322][ T9518] usb 5-1: config 0 has no interface number 0 [ 422.910275][ T9518] usb 5-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 422.938423][ T9518] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 422.956965][ T9518] usb 5-1: Product: syz [ 422.967119][ T9518] usb 5-1: Manufacturer: syz [ 422.977298][ T9518] usb 5-1: SerialNumber: syz [ 422.994364][ T9518] usb 5-1: config 0 descriptor?? [ 423.008875][T13402] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 423.024037][ T9518] quatech2 5-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 423.184773][ T3458] hsr_slave_0: left promiscuous mode [ 423.214764][ T3458] hsr_slave_1: left promiscuous mode [ 423.239772][ T9518] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 423.254657][ T3458] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 423.262697][ T9518] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 423.281623][ T3458] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 423.327992][ T3458] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 423.369110][ T3458] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 423.391813][ T3458] bridge_slave_1: left allmulticast mode [ 423.408821][ T3458] bridge_slave_1: left promiscuous mode [ 423.419128][ T3458] bridge0: port 2(bridge_slave_1) entered disabled state [ 423.452120][T13395] loop3: detected capacity change from 0 to 32768 [ 423.480255][ T3458] bridge_slave_0: left allmulticast mode [ 423.496227][ T3458] bridge_slave_0: left promiscuous mode [ 423.527051][T13395] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 423.537406][ T3458] bridge0: port 1(bridge_slave_0) entered disabled state [ 423.663616][T13395] XFS (loop3): Ending clean mount [ 423.663631][ C1] usb 5-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 423.678520][ T9518] usb 5-1: USB disconnect, device number 10 [ 423.678971][ T5793] Bluetooth: hci1: command tx timeout [ 423.689916][ T9518] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 423.711019][T13395] XFS (loop3): Quotacheck needed: Please wait. [ 423.723469][ T9518] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 423.735997][ T3458] veth1_macvtap: left promiscuous mode [ 423.744363][ T3458] veth0_macvtap: left promiscuous mode [ 423.753581][ T3458] veth1_vlan: left promiscuous mode [ 423.762890][ T9518] quatech2 5-1:0.51: device disconnected [ 423.769147][ T3458] veth0_vlan: left promiscuous mode [ 423.819815][T13395] XFS (loop3): Quotacheck: Done. [ 424.023785][T10882] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 425.403364][T13438] loop3: detected capacity change from 0 to 40427 [ 425.462272][T13438] F2FS-fs (loop3): Found nat_bits in checkpoint [ 425.588485][T13438] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 425.668555][ T3458] team0 (unregistering): Port device team_slave_1 removed [ 425.724516][T10882] syz-executor: attempt to access beyond end of device [ 425.724516][T10882] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 425.749017][T10882] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 425.759184][ T5793] Bluetooth: hci1: command tx timeout [ 425.807151][ T3458] team0 (unregistering): Port device team_slave_0 removed [ 425.895899][ T3458] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 425.993791][ T3458] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 426.751432][T13453] loop3: detected capacity change from 0 to 32768 [ 426.760009][T13453] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz.3.1876 (13453) [ 426.776489][T13453] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 426.786977][T13453] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 426.799075][T13453] BTRFS info (device loop3): enabling auto defrag [ 426.813303][T13453] BTRFS info (device loop3): doing ref verification [ 426.821261][T13453] BTRFS info (device loop3): max_inline at 0 [ 426.827318][T13453] BTRFS info (device loop3): force clearing of disk cache [ 426.835069][T13453] BTRFS info (device loop3): turning on sync discard [ 426.850603][T13453] BTRFS info (device loop3): disabling free space tree [ 426.989412][T13453] BTRFS info (device loop3): enabling ssd optimizations [ 426.998704][T13453] BTRFS info (device loop3): rebuilding free space tree [ 427.014462][ T3458] bond0 (unregistering): Released all slaves [ 427.028451][T13453] BTRFS info (device loop3): disabling free space tree [ 427.035943][T13453] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 427.046087][T13453] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 427.356698][T13361] bridge0: port 1(bridge_slave_0) entered blocking state [ 427.372528][T10882] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 427.389085][T13361] bridge0: port 1(bridge_slave_0) entered disabled state [ 427.396477][T13361] bridge_slave_0: entered allmulticast mode [ 427.433163][T13475] loop1: detected capacity change from 0 to 2048 [ 427.435929][T13361] bridge_slave_0: entered promiscuous mode [ 427.459226][T13361] bridge0: port 2(bridge_slave_1) entered blocking state [ 427.469669][T13361] bridge0: port 2(bridge_slave_1) entered disabled state [ 427.476987][T13361] bridge_slave_1: entered allmulticast mode [ 427.487395][ T28] audit: type=1326 audit(1754055531.785:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13477 comm="syz.4.1880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8734d8eb69 code=0x7ffc0000 [ 427.517975][T13361] bridge_slave_1: entered promiscuous mode [ 427.518836][T13479] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 427.579234][ T28] audit: type=1326 audit(1754055531.805:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13477 comm="syz.4.1880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8734d8eb69 code=0x7ffc0000 [ 427.754296][ T28] audit: type=1326 audit(1754055531.805:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13477 comm="syz.4.1880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8734d8eb69 code=0x7ffc0000 [ 427.797731][ T28] audit: type=1326 audit(1754055531.805:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13477 comm="syz.4.1880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8734d8eb69 code=0x7ffc0000 [ 427.829463][ T5793] Bluetooth: hci1: command tx timeout [ 427.832065][ T28] audit: type=1326 audit(1754055531.805:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13477 comm="syz.4.1880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8734d8eb69 code=0x7ffc0000 [ 427.933407][T13361] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 427.970558][ T28] audit: type=1326 audit(1754055531.815:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13477 comm="syz.4.1880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8734d8eb69 code=0x7ffc0000 [ 428.004912][T13361] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 428.064126][ T28] audit: type=1326 audit(1754055531.835:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13477 comm="syz.4.1880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8734d8eb69 code=0x7ffc0000 [ 428.104246][ T28] audit: type=1326 audit(1754055531.835:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13477 comm="syz.4.1880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8734d85b27 code=0x7ffc0000 [ 428.160883][ T28] audit: type=1326 audit(1754055531.835:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13477 comm="syz.4.1880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8734d2ad69 code=0x7ffc0000 [ 428.161097][T13475] NILFS (loop1): error -2 truncating bmap (ino=16) [ 428.241452][ T28] audit: type=1326 audit(1754055531.835:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13477 comm="syz.4.1880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8734d85b27 code=0x7ffc0000 [ 428.284911][T13361] team0: Port device team_slave_0 added [ 428.346081][T13361] team0: Port device team_slave_1 added [ 428.504172][ T3458] IPVS: stop unused estimator thread 0... [ 428.512068][T13361] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 428.558752][T13361] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 428.609018][T13361] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 428.661587][T13361] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 428.674743][T13361] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 428.705917][T13361] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 428.844844][T13361] hsr_slave_0: entered promiscuous mode [ 428.895083][T13361] hsr_slave_1: entered promiscuous mode [ 428.908887][T13361] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 428.917274][T13361] Cannot create hsr debugfs directory [ 429.527700][T13511] loop4: detected capacity change from 0 to 2048 [ 429.536919][ T96] block nbd0: Possible stuck request ffff888021ac8000: control (read@0,1024B). Runtime 150 seconds [ 429.547857][T13511] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 429.651725][T13515] loop1: detected capacity change from 0 to 8192 [ 429.699650][T13515] loop1: p1 < > p2 p3 p4 < p5 > [ 429.733519][T13515] loop1: p2 size 65536 extends beyond EOD, truncated [ 429.779781][T13515] loop1: p3 start 67108868 is beyond EOD, truncated [ 429.800387][T13515] loop1: p5 size 65536 extends beyond EOD, truncated [ 429.908915][ T5793] Bluetooth: hci1: command tx timeout [ 430.153651][ T29] INFO: task syz.8.1052:9933 blocked for more than 143 seconds. [ 430.167785][ T29] Not tainted 6.6.101-syzkaller #0 [ 430.189219][ T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 430.198276][ T29] task:syz.8.1052 state:D stack:25832 pid:9933 ppid:7822 flags:0x00004006 [ 430.254597][ T29] Call Trace: [ 430.257976][ T29] [ 430.261052][ T29] __schedule+0x14d2/0x44d0 [ 430.265644][ T29] ? asan.module_dtor+0x20/0x20 [ 430.288728][ T29] ? __mutex_lock+0x6b2/0xcc0 [ 430.293593][ T29] ? __mutex_trylock_common+0x84/0x250 [ 430.308803][ T29] ? trace_raw_output_contention_end+0xd0/0xd0 [ 430.312643][T13523] sp0: Synchronizing with TNC [ 430.318727][ T29] schedule+0xbd/0x170 [ 430.324025][ T29] schedule_preempt_disabled+0x13/0x20 [ 430.348776][ T29] __mutex_lock+0x6b7/0xcc0 [ 430.354572][ T29] ? __mutex_lock+0x4e8/0xcc0 [ 430.365410][ T29] ? sync_bdevs+0x1af/0x330 [ 430.374553][ T29] ? mutex_lock_nested+0x20/0x20 [ 430.385618][ T29] ? _atomic_dec_and_lock+0x93/0x120 [ 430.398782][ T29] ? do_raw_spin_unlock+0x121/0x230 [ 430.408689][ T29] sync_bdevs+0x1af/0x330 [ 430.417619][ T29] ksys_sync+0xba/0x150 [ 430.426435][ T29] ? sync_filesystem+0x220/0x220 [ 430.437297][ T29] ? syscall_enter_from_user_mode+0x25/0x80 [ 430.449841][ T29] ? lockdep_hardirqs_on+0x98/0x150 [ 430.460770][ T29] __ia32_sys_sync+0xe/0x20 [ 430.470068][ T29] do_syscall_64+0x55/0xb0 [ 430.479869][ T29] ? clear_bhb_loop+0x40/0x90 [ 430.490256][ T29] ? clear_bhb_loop+0x40/0x90 [ 430.499936][ T29] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 430.513127][ T29] RIP: 0033:0x7f6c14b8eb69 [ 430.522216][ T29] RSP: 002b:00007f6c1590e038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a2 [ 430.539838][ T29] RAX: ffffffffffffffda RBX: 00007f6c14db5fa0 RCX: 00007f6c14b8eb69 [ 430.558173][ T29] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 430.572905][ T29] RBP: 00007f6c14db5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 430.589811][ T29] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 430.608383][ T29] R13: 0000000000000000 R14: 00007f6c14db5fa0 R15: 00007ffcd8876e58 [ 430.623333][ T29] [ 430.642002][ T29] [ 430.642002][ T29] Showing all locks held in the system: [ 430.699974][T13525] Falling back ldisc for ptm0. [ 430.712103][ T29] 1 lock held by khungtaskd/29: [ 430.722686][ T29] #0: ffffffff8cd2fba0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x290 [ 430.767761][ T29] 3 locks held by kworker/u4:7/2933: [ 430.785960][ T29] #0: ffff8880b8f3c458 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140 [ 430.826240][ T29] #1: ffff8880b8f288c8 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x39c/0x6d0 [ 430.853526][ T29] #2: ffff8880b8f297d8 (&base->lock){-.-.}-{2:2}, at: __mod_timer+0x73b/0xdb0 [ 430.872207][ T29] 2 locks held by getty/5548: [ 430.877086][ T29] #0: ffff88802d6470a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 430.899710][ T29] #1: ffffc9000327b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x425/0x1380 [ 430.918701][ T29] 2 locks held by kworker/0:3/5775: [ 430.938902][ T29] #0: ffff888017872538 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0 [ 430.958753][ T29] #1: ffffc9000458fd00 ((work_completion)(&rew->rew_work)){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0 [ 430.982081][ T29] 1 lock held by udevd/7929: [ 430.986761][ T29] #0: ffff88814134c4c8 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_get_by_dev+0x121/0x600 [ 431.004815][ T29] 1 lock held by syz.8.1052/9933: [ 431.015843][ T29] #0: ffff88814134c4c8 (&disk->open_mutex){+.+.}-{3:3}, at: sync_bdevs+0x1af/0x330 [ 431.035789][ T29] 3 locks held by syz-executor/12190: [ 431.047139][ T29] 8 locks held by syz-executor/13361: [ 431.059665][ T29] #0: ffff88807f0b4418 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x20e/0x940 [ 431.078666][ T29] #1: ffff8881413c1088 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1e9/0x4d0 [ 431.088998][ T29] #2: ffff888141fa32f0 (kn->active#53){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20c/0x4d0 [ 431.109050][ T29] #3: ffffffff8d8983a8 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: del_device_store+0xd2/0x360 [ 431.128795][ T29] #4: ffff8881413fe0e8 (&dev->mutex){....}-{3:3}, at: device_release_driver_internal+0xb6/0x7a0 [ 431.145297][ T29] #5: ffff8881413fc250 (&devlink->lock_key#7){+.+.}-{3:3}, at: nsim_drv_remove+0x50/0x160 [ 431.165969][ T29] #6: ffffffff8dfbb888 (rtnl_mutex){+.+.}-{3:3}, at: nsim_destroy+0x3f/0x180 [ 431.184425][ T29] #7: ffffffff8cd35b78 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x448/0x830 [ 431.207704][ T29] 2 locks held by syz.4.1900/13522: [ 431.219049][ T29] [ 431.224910][ T29] ============================================= [ 431.224910][ T29] [ 431.274995][ T29] NMI backtrace for cpu 1 [ 431.279403][ T29] CPU: 1 PID: 29 Comm: khungtaskd Not tainted 6.6.101-syzkaller #0 [ 431.287337][ T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 431.297438][ T29] Call Trace: [ 431.300760][ T29] [ 431.303810][ T29] dump_stack_lvl+0x16c/0x230 [ 431.308532][ T29] ? preempt_count_add+0x91/0x1a0 [ 431.313610][ T29] ? show_regs_print_info+0x20/0x20 [ 431.318854][ T29] ? load_image+0x3b0/0x3b0 [ 431.323428][ T29] nmi_cpu_backtrace+0x39b/0x3d0 [ 431.328424][ T29] ? nmi_trigger_cpumask_backtrace+0x2f0/0x2f0 [ 431.334629][ T29] ? _printk+0xd0/0x110 [ 431.338836][ T29] ? load_image+0x3b0/0x3b0 [ 431.343394][ T29] ? load_image+0x3b0/0x3b0 [ 431.348044][ T29] ? arch_trigger_cpumask_backtrace+0x10/0x10 [ 431.354252][ T29] nmi_trigger_cpumask_backtrace+0x17a/0x2f0 [ 431.360303][ T29] watchdog+0xf41/0xf80 [ 431.364601][ T29] ? watchdog+0x1e1/0xf80 [ 431.368989][ T29] kthread+0x2fa/0x390 [ 431.373103][ T29] ? hungtask_pm_notify+0x90/0x90 [ 431.378195][ T29] ? kthread_blkcg+0xd0/0xd0 [ 431.382840][ T29] ret_from_fork+0x48/0x80 [ 431.387305][ T29] ? kthread_blkcg+0xd0/0xd0 [ 431.391938][ T29] ret_from_fork_asm+0x11/0x20 [ 431.396777][ T29] [ 431.400875][ T29] Sending NMI from CPU 1 to CPUs 0: [ 431.406327][ C0] NMI backtrace for cpu 0 [ 431.406344][ C0] CPU: 0 PID: 2933 Comm: kworker/u4:7 Not tainted 6.6.101-syzkaller #0 [ 431.406366][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 431.406376][ C0] Workqueue: events_unbound nsim_dev_trap_report_work [ 431.406400][ C0] RIP: 0010:__sanitizer_cov_trace_const_cmp4+0x30/0x90 [ 431.406425][ C0] Code: 04 24 65 48 8b 15 b0 20 7e 7e 65 8b 0d b1 20 7e 7e 81 e1 00 01 ff 00 74 11 81 f9 00 01 00 00 75 5b 83 ba 1c 16 00 00 00 74 52 <8b> 8a f8 15 00 00 83 f9 03 75 47 48 8b 8a 00 16 00 00 44 8b 8a fc [ 431.406439][ C0] RSP: 0018:ffffc9000b7c7878 EFLAGS: 00000046 [ 431.406451][ C0] RAX: ffffffff849e8669 RBX: ffff8880b8e39230 RCX: 0000000000000000 [ 431.406469][ C0] RDX: ffff88802c0e5a00 RSI: 0000000000000000 RDI: 0000000000000008 [ 431.406480][ C0] RBP: ffffc9000b7c7970 R08: ffffc9000b7c77ff R09: 0000000000000000 [ 431.406490][ C0] R10: ffffc9000b7c77c0 R11: fffff520016f8f00 R12: dffffc0000000000 [ 431.406502][ C0] R13: ffff8880b8e39210 R14: 0000000000000000 R15: 0000000000000000 [ 431.406512][ C0] FS: 0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 431.406526][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 431.406538][ C0] CR2: 00007f8734f84198 CR3: 0000000025a09000 CR4: 00000000003506f0 [ 431.406553][ C0] Call Trace: [ 431.406558][ C0] [ 431.406563][ C0] crng_make_state+0x269/0x700 [ 431.406590][ C0] ? crng_make_state+0x13b/0x700 [ 431.406613][ C0] ? urandom_read_iter+0x150/0x150 [ 431.406643][ C0] _get_random_bytes+0xd6/0x210 [ 431.406665][ C0] ? get_random_bytes+0x20/0x20 [ 431.406697][ C0] ? skb_put+0x11b/0x210 [ 431.406722][ C0] nsim_dev_trap_report_work+0x338/0xb00 [ 431.406750][ C0] ? process_scheduled_works+0x957/0x15b0 [ 431.406770][ C0] process_scheduled_works+0xa45/0x15b0 [ 431.406810][ C0] ? assign_work+0x400/0x400 [ 431.406833][ C0] ? assign_work+0x39e/0x400 [ 431.406859][ C0] worker_thread+0xa55/0xfc0 [ 431.406892][ C0] kthread+0x2fa/0x390 [ 431.406906][ C0] ? pr_cont_work+0x560/0x560 [ 431.406925][ C0] ? kthread_blkcg+0xd0/0xd0 [ 431.406940][ C0] ret_from_fork+0x48/0x80 [ 431.406959][ C0] ? kthread_blkcg+0xd0/0xd0 [ 431.406974][ C0] ret_from_fork_asm+0x11/0x20 [ 431.407004][ C0] [ 431.630750][ T29] Kernel panic - not syncing: hung_task: blocked tasks [ 431.637667][ T29] CPU: 1 PID: 29 Comm: khungtaskd Not tainted 6.6.101-syzkaller #0 [ 431.645598][ T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 431.655694][ T29] Call Trace: [ 431.659012][ T29] [ 431.661981][ T29] dump_stack_lvl+0x16c/0x230 [ 431.666713][ T29] ? show_regs_print_info+0x20/0x20 [ 431.671956][ T29] ? load_image+0x3b0/0x3b0 [ 431.676524][ T29] panic+0x2c0/0x710 [ 431.680471][ T29] ? schedule_preempt_disabled+0x20/0x20 [ 431.686149][ T29] ? bpf_jit_dump+0xd0/0xd0 [ 431.690700][ T29] ? __irq_work_queue_local+0x13a/0x3b0 [ 431.696299][ T29] ? nmi_trigger_cpumask_backtrace+0x2a4/0x2f0 [ 431.702501][ T29] watchdog+0xf80/0xf80 [ 431.706704][ T29] ? watchdog+0x1e1/0xf80 [ 431.711084][ T29] kthread+0x2fa/0x390 [ 431.715230][ T29] ? hungtask_pm_notify+0x90/0x90 [ 431.720307][ T29] ? kthread_blkcg+0xd0/0xd0 [ 431.724935][ T29] ret_from_fork+0x48/0x80 [ 431.729394][ T29] ? kthread_blkcg+0xd0/0xd0 [ 431.734018][ T29] ret_from_fork_asm+0x11/0x20 [ 431.738843][ T29] [ 431.742196][ T29] Kernel Offset: disabled [ 431.746542][ T29] Rebooting in 86400 seconds..