last executing test programs: 21.172368495s ago: executing program 3 (id=2215): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000bc0)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(r0, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f00000000c0)={0x28, r1, 0x1, 0x0, 0x1000000, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}, @NL802154_ATTR_SEC_DEVKEY={0xc, 0x2f, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8}]}]}, 0x28}}, 0x0) 21.172289275s ago: executing program 3 (id=2216): r0 = socket$inet6(0xa, 0x800000000000002, 0x0) sendmmsg$inet6(r0, &(0x7f0000000d40)=[{{&(0x7f00000000c0)={0xa, 0x4e24, 0x4, @mcast2, 0x2}, 0x1c, 0x0}}, {{&(0x7f00000006c0)={0xa, 0x4e22, 0xc, @dev={0xfe, 0x80, '\x00', 0x32}, 0xf0}, 0x1c, 0x0, 0x0, &(0x7f0000000c40)=[@rthdr={{0x14, 0x29, 0x39, {0x2c, 0x0, 0x3, 0x9}}}], 0x14}}], 0x2, 0x0) 21.159667226s ago: executing program 3 (id=2218): r0 = socket$inet6(0xa, 0x0, 0x0) recvmmsg(r0, 0x0, 0x0, 0x0, 0x0) syz_emit_ethernet(0x0, 0x0, 0x0) listen(0xffffffffffffffff, 0x3fffff) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000000)=0xa) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c00000010000114b4d8170200000000000000ee", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000500)=@newqdisc={0x78, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x48, 0x2, {{0x0, 0x8}, [@TCA_NETEM_LATENCY64={0xc, 0xa, 0xfffffffb}, @TCA_NETEM_RATE64={0xc, 0x8, 0x654534bf5327d02e}, @TCA_NETEM_RATE={0x14, 0x6, {0x0, 0x0, 0x2}}]}}}]}, 0x78}}, 0x0) r4 = socket$packet(0x11, 0x3, 0x300) r5 = socket(0x10, 0x2, 0x6) sendmsg$nl_route_sched(r5, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={0x0, 0x128}}, 0x0) getsockname$packet(r5, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0xa3) bind$packet(r4, &(0x7f00000000c0)={0x11, 0x0, r6, 0x1, 0x0, 0x6, @multicast}, 0x14) sendto$inet6(r4, &(0x7f0000000100)="0503460008003e00000002008100", 0x36, 0x0, 0x0, 0x0) 21.103977291s ago: executing program 3 (id=2220): r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r0) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x2000000, 0x0) r1 = inotify_init1(0x0) fcntl$setown(r1, 0x8, 0xffffffffffffffff) fcntl$getownex(r1, 0x10, &(0x7f0000000140)={0x0, 0x0}) r3 = syz_open_procfs(r2, &(0x7f0000000600)='fd/4\x00') ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000280)=0x20) 21.071445364s ago: executing program 3 (id=2225): r0 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000240)={'vcan0\x00', 0x0}) connect$can_bcm(r0, &(0x7f0000000280)={0x1d, r1}, 0x10) sendmsg$can_bcm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="05"], 0x48}}, 0x0) close(r0) 20.918543216s ago: executing program 3 (id=2232): setresuid(0x0, 0x0, 0xee00) mount$9p_tcp(&(0x7f0000000280), &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x10, &(0x7f00000008c0)={'trans=tcp,', {'port', 0x3d, 0x4e22}, 0x2c, {[{@aname={'aname', 0x3d, '/dev/bus/usb/00#/00#\x00'}}, {@mmap}, {@access_client}, {@dfltgid}, {@mmap}, {@nodevmap}, {@aname={'aname', 0x3d, 'syzkaller0\x00'}}, {@version_L}, {@cache_mmap}]}}) r0 = syz_open_dev$usbmon(&(0x7f00000001c0), 0x0, 0x0) ioctl$MON_IOCX_GET(r0, 0x400c9206, &(0x7f00000003c0)={0x0, 0x0}) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0xe6d85) syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x0) sendmsg$TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16, @ANYBLOB="01000000000000000000030000005800018044000400018000000a00000000000000004800000000000000000000000000000100000000200002000a000000004285e57040a041e93fd8000000fe8000000000000000000000000000bb000000000d0001007564"], 0x6c}}, 0x0) timer_settime(0x0, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_KEY_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES32, @ANYBLOB="0100000000000000000017000000400006803c0004"], 0x54}}, 0x0) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000001c0)={'syzkaller0\x00', 0xd132}) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000580)='kmem_cache_free\x00'}, 0x10) 12.061678082s ago: executing program 1 (id=2271): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5) syz_open_procfs(0x0, &(0x7f0000000bc0)='environ\x00') r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10080}, 0x2000001) r3 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_MCAST_MSFILTER(r3, 0x29, 0x30, &(0x7f0000000200)=ANY=[], 0x210) bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0xb, 0x5, 0x0, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4, 0xffffffff}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000380)=0x3) ioprio_set$pid(0x2, 0x0, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r5 = openat$cgroup_int(r4, &(0x7f00000000c0)='notify_on_release\x00', 0x2, 0x0) sendfile(r5, r5, 0x0, 0xff) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r6 = socket$netlink(0x10, 0x3, 0x0) mkdir(0x0, 0x0) syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x4, 0xc, &(0x7f0000000100)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r7, 0x0, 0x0, 0x0, &(0x7f0000000400), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) sendmsg$nl_route(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000f40)=ANY=[@ANYBLOB="4000000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="81ffffff00000000180012800e0001007769726567756172640000000400028008000a00bca75fdc7accc038baafb8c2ab7a5293a3617fc6d0e1c4bf27815d1aac9532398f44b1eff1ab542be4f565be25e18ed496a00636417e9070defedfae05bc5ecb6a94f81f344e7dafaa368a62132d0a6aada1aa", @ANYBLOB="78729e49fd11833b6d76a8e78d95b0d51e7b905d0000001fa9f4ff0a2bc7d47eafe7ae7d54ecbcdf1815a96af82df49059e25854d9d9afccb8aae3896cdce1"], 0x40}}, 0x0) 10.646387808s ago: executing program 0 (id=2274): bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000040)='./bus\x00', 0x1808014, &(0x7f0000000600)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461002018bbdecde39739fcd1df176dde746ec834120600000000003b048000000000000072462abc30ef5b65c70f73ecea54b5e5bec5aca9836c319f653557e79a002208ceae6dda659bd5ba0f4ce5c2080002223dc60000000000000044cd0a1e36868736000000f6a55493b4b81d5b9fa9b40fe4d76afc3a989c6d60044e89eb96e44d01a1174e3797ffa86870b82939f41ffa0f3d726f085663c29cbdc4c766a7eb77cc369c71e57fafab52f325ca91e684160191acf5ae7469c82ab4145b595b987d75912afdcc1c061835294cc0c618aba204f8adaa20c80108d356cd887ba217c8f569e6d0caf75052a77056b06e7068c40f807d9e539f8f5b64a8ee0725aa8d00000000007cb6ac0d90ea79b8027cf75964dd86c2ed2b5e75779677a28c76b848dd03dab190b5f02ec52830f3ff01eaae1c3df076000000000000000000000000000083a48a6b926c668b9ba42490175018ea3619f9d80a0b894e212178e1a19909d764666264fa29e2c055fd7f8e67c2acfb75f0a8d41692f4542a575ee42ed94a0014fba44985cca9df12fe93bfaccf0122a6e7e593613ac011170182f99766e86fb125cc6799c43aa4dc708dc4a00a6decad26f0378072a571da000000aec3dfbae348b5b494f6fddb9f56142a47a40ef81690a7eca421bd0ad198afa58ce69d61c29deaa93c0efea0f1415e90fd0400bad5f796374bb196e60e537b8ffca80a5ec3c5c063aab2c87a7824c4fbfab7264185e1b2e59012acbf3732abe75b848de8ec4aaba2e3c8cd14dd9bf9499952815b9fb34057a585a9c18a11f3d496825b3fcb0c8aa89e079fd78997da864b302139b2b10597100846b55f7d0b050b7b0ef7e9c897c50b53404acdd701425323201b33465fddec69c37cb13fd441a830af5ea73f4ac82d7926eb0db1141003d148473077a76c3bee7e37dc799abb47bd67cde7958c50fb2d15c9cc196e4bff1d00"/716], 0x5, 0x558b, &(0x7f00000079c0)="$eJzs3EtvG2UXAOAzTtP71y9CLNh1pAopkWqrTi+CFQVacRGtKi4LVuDYruXW9kSx64auumCJWPBPEEisWPIbWMASdogFiB1SkWcmULdJC63jQPs80vjMHL8+874jK9KZiRzAU2sp/e2XJI7FoYhYiIijSeT7SblF3I44X4x9LiKOR0Tlri0p838m9kfE4Yg4Nile1EzKtz47OT5x9uc3f/362wP7jnz+1Xd7unBgTz0fEf31Yv9mv4hZJw93Fsp8Y9zNY//MuIzrUzX6WZG/2V7LK9xsbI1r5PF0pxifrd8YTuLVXqM5iZ3u1Ty/PihOOBx3tupMPpBea2zkx632Wh67wyyPnVvFeTdvFX/bbg1HRZ1WWe+jvHyMRluxyLc328V61q/nsTkYlfmibtZqb07iuIzl6aKZ9Vr5PNYe9Sr/+73VHdzYTMftjWE3G6Rna/UXavVz1fpG1mqP2meqjX7r3Jl0udObDKuO2o3++U6WdXrtWjPrr6TLnWazWq+nyxfaa93GIK3Xa6drp6pnV8q9k+lrl99Le610eRJf6Q5ujLq9YXo120iLT6ykq7XTL66kJ+rpO5eupFfevnjx0pV3P7jw/uWXL73xajnovmmly6unVler9VPV1frKU7T+j8tJ/4P1J9unf/j+8S4bFHb4ggGws/v6/7i3/w/9PzBzD+j/49pD+v/+9fJ4d/r/2Lb/r0z3/zHL/n/SUun/H97/Vvag/10M/f8urh8ey6P1//tnPg8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAObux8UvXs93lorjI2X+f2XqmfI4iYhKRNzZxkLsn6q5UNZZ3GH84j1z+CaJvMLkHAfK7XBEnC+33/+/21cBAAAAnlxf3j7+adGtFy9Lez0h5qm4aVM5+uGM6iURsbj004yqVSYvz86oWP793hebM6qW38A6OKNixS23fbOq9rcsTIWDd4WkCJW5TgcAAJiL6U5gvl0IAAAA8/TJA999aW7zYM6S2HqUufUsOP/P+78eCB6aeg8AAAD4D0r2egIAAADArsv7f7//BwAAAE+24vf/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YOd+ctMGojgAPxsM/auiqvtepTs4Ro/QZZeFA/QSHIGeoFIvwBmolEWOkIQIe4LkBKRIjHGCvk+ynRlHP88AmzeWBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAu/a9Wsz+/vv4+Mebv7fY0maYDAAAAHLCpVrP6j0nTfp/6P6auz6ldREQZEYdq90GMWpmDlFMd+f/q0Rj+RdQJu/5xOt5FxLd03Hzq+lMAAACAy7VeLKdNtd6c0hLAVb+j4kyaRZvyw/dMeUVEVJPrTGnl7vQlU1j9+x7Gz0xp9QLWm0xhzZLb8PC9Ua6HtA1al4eZzOsvsW6V3TwXAADoU7sSOFKFAAAAcAF+9D0AzuFpaV/sT/v3jOPmkl4Ivm21AAAAgFeo6HsAAAAAQOfq+v8l7f9X2P8PAAAAsmv2/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBLm2o1Wy+W02P358/MudueJt+MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB79ucdBUIgDMJg7/rOZO5/WGnQ0NikCoSPvzEYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN787i//J6bGmWTutbH0PJKsnRpbp8beuXH0h/H1awAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYn5cUCIEgiII5438nff/DSoKeQYQIaHhUUYsGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAL/rdL/8npsaZZO60sXQ8kqxdNbauGnsPGkcPxtu/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYt2PfNqowAOCffbbbFBAhoEgEUJE6wEJTt7R0RQgUMfAnIEWpUwIuhTYDrSJKFjaUuQuCESEkUNjyP3RupC5l65AhSEwMQXe+S8+JoVFp79zm95Oe3+fz9b3vna0qn98ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKCw9W682szjJH2YHMTFsdvbKwtpv7mnT22s3ZlJWxo3Ks77CfBa+cnx6foSAQAA4PBIivo+Iu621+fSvjmZ1f/t4py05v/huUFc1PN76/7N7ZWj+UszRf3/+2/3XtqdaDLJ5kkHXVzq907tT6X1mJY49p5/4Bmt7Mpn370k2RvS/HD1xa12dj0b39269X4nC49UkS0A8DBOFn0eFH8PpX23zsQAODRapcK7qP+TyXpzAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKjC1mo8U8SNiJhp3Y9Tm9srC6P6b9buzGzk7dzNm2vlMdMh2hGxuNTvnapwLeOruJrXP5vv93tXrl6rOjgeESNeunGwf57k6f/rOZ2IGDpy4uUR43x8gLn2jLMvyD+eUe01nEjX98CTG0NHGvsu+Hs7A3V8AKoKmvn7My75PMqg+Ow9+pEr/u8IAICnXjtvaSV6t70+lx5rTEXs/Dhc/79RimOo7t+5MTgyeL5Rqv/vfXLudnmucv3frWh9T4LZ5UtfzF69dv2tpUvzF3sXe5+/fbr7TvfM+bNnz89m35XMLkbTNyYAAAD8D528lev/5tT+/f9jpTj+Y/+/XP9/+X336/Jcifp/pPubfnVnAgAAcBh1dqMXXv/rz8aIMxqdTnw1v7x8pTt43H1+evBYaboP6UjeyvV/MlV3VgAAAEAVtlYbQ/v/F0pxHHD//9mfXvmlPGYSERMRlyOid3Lhcv9CdcsZa1X8UDmbqFP3SgEAAKjLRN7K+//t7P7/5u4tD82IePNExN/5b/jjgPV/8sG3P5fnKt//f6bSVY6f5vTgemT9dERruu6MAAAAeJodzVta7P/RXp/79NdjH3Xc/w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQtX8CAAD//4ztMoY=") openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x2008050, &(0x7f00000007c0)={[{@errors_remount}, {@nodiscard}, {@noquota}, {@init_itable}, {@stripe={'stripe', 0x3d, 0x79}}, {@bh}, {@sysvgroups}, {@delalloc}, {@usrquota}]}, 0x10, 0x4d8, &(0x7f0000000b00)="$eJzs3d9rHFsdAPDvTLK3v3JNrvpwveBtsZW0aHeTxrbBh1pB7FPBWt9rTDYhZJMN2U3bhCIpviuIqOCTT74I/gGC9E8QoaDvUkURbfXBB3VlZ2drG3eblG52epPPB6Zzzpzd/X5Pw87MmTnsBHBknYmI6xExEhEXImI8357my412+63O6549fTDfXpJotW7/NYkk39b9rCRfn4qInYg4HhFfvxHxreT/4za2tlfmarXqRl6vNFfXK42t7YvLq3NL1aXq2szM9JXZq7OXZ6cG0s+JiLj2lT/+8Hs/++q1X33+3u/v/Pn8t9tpjeXtL/ZjkDpdL2X/F12jEbFxEMEKMJKvS33avzsyxGQAANhT+xz/4xHxmez8fzxGsrNTAAAA4DBpfWks/pVEtAAAAIBDK83mwCZpOZ8LMBZpWi535vB+Mk6mtXqj+bnF+ubaQmeu7ESU0sXlWnUqnys8EaWkXZ/O59h265d21Wci4r2I+MH4iaxenq/XFoq++AEAAABHxKld4/9/jGfj/2NF5wUAAAAM2ETRCQAAAAAHzvgfAAAADj/jfwAAADjUvnbzZntpdZ9/vXB3a3OlfvfiQrWxUl7dnC/P1zfWy0v1+lL2m32re31erV5f/0Ksbd6vNKuNZqWxtX1ntb651ryz/NIjsAEAAIAheu/0o98lEbHzxRPZ0vZO0UkBQ5Hs0Z49JORJXvnDEBIChmbkdV585eDyAIZvtOgEgMKUik4AKNxe1wH6Tt759eBzAQAADsbkp/rf/3dtAA63tOgEAIChc/8fjq7SyzMALxeXCVCUj+3R/ub3/1ut10oIAAAYuLFsSdJyfi9wLNK0XI54N3ssQClZXK5Vp/LxwW/HS8fa9ensncmec4YBAAAAAAAAAAAAAAAAAAAAAAAAgI5WK4kWAAAAcKhFpH9Ksl/zj5gcPze2+/rAO8k/x7N1RNz7ye0f3Z9rNjem29v/9nx788f59ktFXMEAAAAAduuO07vjeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYpGdPH8x3l2HG/cuXI2KiZ/zTx7PV8ShFxMm/JzH6wvuSiBgZQPydhxHxfq/4STutmIhOFr3inygwfhoRpwYQH46yR+39z/Ve3780zmTr3t+/0Xx5U/33f2l0938jffY/7+4zxgePf1HpG/9hxAejvfc/3fhJn/hn9xn/m9/Y3u7X1vppxGTP40/yUqxKc3W90tjavri8OrdUXaquzcxMX5m9Ont5dqqyuFyr5v/2jPH9T//yP6/q/8k+8Sf26P+5ffb/34/vP/1Ep1jqFf/82d7H3/f7xE/zY99n83K7fbJb3umUX/Thz3/z4av6v9Cn/8///j0OtO2Y5/fZ/wu3vvNkny8FAIagsbW9MlerVTc+ioU03oo0FAZSOPZ2pKHQKRS9ZwIAAAbtfyf9RWcCAAAAAAAAAAAAAAAAAAAAR9cwfk5sd8ydYroKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBK/w0AAP//o0jZsA==") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) setsockopt$MRT_INIT(0xffffffffffffffff, 0x0, 0xc8, &(0x7f0000000ac0), 0x4) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x19) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) bind$unix(0xffffffffffffffff, 0x0, 0x0) getpid() sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) fsopen(&(0x7f0000000900)='virtiofs\x00', 0x0) creat(0x0, 0x0) open(&(0x7f0000000080)='./bus\x00', 0x1d30c0, 0x0) socket$nl_generic(0x11, 0x3, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) 10.645580648s ago: executing program 1 (id=2275): bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000a40)=ANY=[@ANYBLOB], 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec8500000075000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e23}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$ext4(&(0x7f0000000ac0)='ext4\x00', &(0x7f0000000180)='./file0\x00', 0x3810744, &(0x7f0000000740)={[{@usrquota}, {@user_xattr}, {@data_writeback}, {@prjquota}, {@jqfmt_vfsv0}, {@delalloc}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x400000}}, {@noauto_da_alloc}, {@test_dummy_encryption}, {@journal_path={'journal_path', 0x3d, './file0'}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x3}}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x4d7}}]}, 0x1, 0x451, &(0x7f0000000d00)="$eJzs281vVFUbAPDn3pkCL/DSivgBglbR2PjR0oLKwo1GExeamOgCl7UtBBmooTUR0mg1BpeGxL1xaeJf4MqVUVcmbnVvSIg2JqAbx9yZe9vOdKb0Y8pU5vdLBs6Ze+ae8+Tcc+fMOb0B9KzB7J8kYm9E/BIR/fVsY4HB+n83F+Ym/lqYm0iiWn3j96RW7sbC3ERRtPjcnjwzlEaknyR5JY1mLl0+N16pTF3M8yOz598dmbl0+emz58fPTJ2ZujB28uSJ46PPPTv2TEfizNp049AH04cPvvLW1dcmTl19+4evs/bee6R+fHkcnTKYBf5Htab52GOdrqzL/qkuxZmUu90a1qoUEVl39dXGf3+UYqnz+uPlj7vaOGBLZffsne0Pz1eBO1gS3W4B0B3FF332+7d43aapx7Zw/YX6D6As7pv5q36kHGlepm8L6x+MiFPzf3+RvaJpHaLaYt0AAGCzvs3mP0+tnP/V9kaWlUvyvaGBiLgrIvZHxN0RcSAi7snL3hcR96+z/uatoZXzz/TaBkNbk2z+93y+t9U4/ytmfzFQynP/r8Xfl5w+W5k6FhH7ImIo+nZm+dFWJy9O8dLPn7Wrf/n8L3tl9Rdzwfwk18pNC3ST47PjnZqUXv8o4lC5VfzJ4k5A1vcHI+LQ+k69r0icfeKrw+0K3Tr+VXRgn6n6ZcTj9f6fj6b4C8nq+5Mju6IydWykuCpW+vGnK6+3q39T8XdA1v+7G6//phL9fybL92tn1l/HlV8/bfubsrzB639H8mZtz3pH/t7747OzF0cjdiSv1vIN748tfbbIF+Wz+IeOth7/+/PPZPE/EBHZRXwkIh6MiIfyvns4Ih6JiKOrxP/9i4++0+7Yduj/yZb3v8Xrf6Cx/9efKJ377pt29a/t/neilhrK36nd/26hfXN25SU2ejUDAADAf08aEXsjSYcX02k6PFz/e/kDsTutTM/MPnl6+r0Lk/VnBAaiLy1WuvqXrYeOJvP5Gev5sXytuDh+PF83/rz0v1p+eGK6Mtnl2KHX7Wkz/jO/lbrdOmDLeV4Lelfz+E+71A7g9vP9D73L+IfeZfxD72o1/j9sytsLgDuT73/oXcY/9C7jH3qX8Q89aTPP9W9VorzK0/sS2yUR6bZohkSLRLkDo7vLNyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAO+TcAAP//uZjx6g==") 9.072953487s ago: executing program 0 (id=2279): open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) mount$fuse(0x0, &(0x7f0000002540)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000002380)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000020000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000080)='./file1\x00', 0x0, &(0x7f00000069c0)=ANY=[@ANYBLOB="6c617a7974696d652c6e6f696e6c696e655f78617474722c6c617a7974696d652c6e6f626172726965722c6163746976655f6c6f67733d342c757365725f78617474722c6d6f64653d6c66732c616c6c6f635f6d6f64653d64656661756c742c00be9ee044c45511e65887f6fac9eba6d787c3684a836f23dbf8ad3dd5931c08b4d8bde7e8acbbf3bf3326f2faa5952a332ad2ced40c98a2affa2dad4d623f9ff3ffa81e45095548ab6200f069d0f63d20fd71d3043b0dd5c4cf9785f3f531abc19bc1678f5e0b33006bd1049ca45fd8500d67a5aa6e1c23d900000000007867738729e703bb122283fb2fae9813a0cfefcdf3dc968af1cf80e96649d943198a96d9b1af9c91506b30922be8537f54e65cf60c6b6a5798955796aea325770d6ccc93a95fad93b2c7bad114fcbc55036a301c23b07073c71555791db8919235022bb0ee4294211ab9b43f3fbedecd223722d937aa22b31e2e9c97e5ea94e4ab83d4e5811c7556813c334aec856af0a0c12b3c93ba5aa906c6e2268a0c6cbbb13f496d87c608604eb02b2c031d5ae40c75"], 0x1, 0x5511, &(0x7f0000006b80)="$eJzs3E1rY9UfB/CTPs7Tf/5FXLibC4PQwiQ0fRh0V3UGH7BD8WHhStMkDZlJckuTprUrFy7Fhe9EFFy59DW4cO1OXCjuhJHccypTH0Bp2tjp5wO333tPTn73nEtpOfeGBODSWsh++akUboarIYTpEMKNEIr9UtoKGzGeCyHcCiFMPbGVUvvvDXMhhGshhJuj4rFmKb302Z3h7fUf3/j562/nZ65//tV3k5s1MGnPhxC6u3H/oBszb8V8mNprw3aR3bVhyvhC91E6zmMeNLeLCge14361IldbsX++u98f5U6nVh9lq71TtO/24gn7w9ZxneIND2t7xXGjuV1ku58X2TqK4zo8in/bjvqDWKeR6n1YlA+DwXHG9uZhM85n91GR9d4gtce6eaN5OMphynS6UM87jWIc26e50v9tb7Z7+4fZsLnXb+e9bL1SfaFSvVuu7uWN5qC5Vq51G3fXssVWZ9StPGjWuhutPG91mpV63l3KFlv1erlazRbvNbfbtV5WrVZWK8vl9aW0dyd79cG7WaeRLY7y5XZvf9Du9LOdfC+L71jKViqrLy5lt6vZ25tb2dZb9+9vbr3z/r33Hry0+forqdOfhpUtriyvrJSry+WV6tLFnf/of/2/mv/HadBjnD+cSmnSAwC4eKz/gUm46Ov/YP0/Ftb/l3b+j5PTXUAuN+t/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBL6/vZL14rdhbi8fXU/r/U9Ew6LoUQpkIIj//CdJg7UXM61Zn9m/6zfxjDN6VQVBidYz5t10IIG2n79f9nfRUAAADg6fXlR7c+jav1+GNh0gPiPMWbNlM3PhhTvVIIYXbhhzFUCelmU3j29KOKRr/fM+FwTNWKG1hXxlQs3nKbGVe1f2T6RFx5Ikoxpo57zp3ruAAAgLN0ciVwvqsQAAAAztMnkx4Ak1E8aU2fxU+P+eZjpAeCV08cAQAAABdQadIDAAAAAM5csf73/X8AAADwdIvf/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAbO3eTkzoUBQD4tND3eD9GYpy7FWewDJfg0KFhKywBt+AGWAPOXIIBQ3tRMRhM+hfJ9yXt5TbN4ZTQwTm3KQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG16KhbTh/urUd046009zVwNAAAAcMiqWEzLD+Nq/i8dP0uHLtI8i4g8Ig7V7oP4tRdzkOIUX5xffMrhMaKMsP2O32n7GxHXaXs5b/tXAAAAgNO1nM0nVbVe7cZ9J0SXqqZN/v+moXhZRBTj54ai5dvd5bdO3RzvD23/38O4q59WqWxg1X5kZqdsuQ2binbcIN3ub8Pow5BVQ95dOgAAQFf2K4EOqxAAAAA6dtt3AvQji91S5m4tuHzy/n1B8M/eDAAAAPiBsr4TAAAAAFpX1v/e/wcAAACnrXr/HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG1aFYvpcjaf1I2z3tTTzNUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvLI/7ygMw2AQBjeJ8uqELuD739Is2K1bNzMg+Pi3EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAlcfx8jzj1ZjJNnqdSd49rySfTo1vp8avc+OfZKy7fwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwsz8vKRACQRAFc8b/Tvr+h5UEPYMIEdDwqKIWDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfNHvfvk/MTXOJHOnjaXjkWTtqrF11dh70Dh6MN7+DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwsXP/vnFTcQDAv2efr7SACAFlCEJUYoCFptfS0pUBFDHwJyBF6bUErvxoM9CqQsrChjJ3QTAihAQKW/+Hzq3UpWwdMhSJiQFkn528HpU4WtW+Np+P9Py+thy/73OiKF8/5wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo7L67H+flZmESZ/Wxm/eurpf9ram+dH379nLZyrjXZtJPhlfTnd5Sd4kAAABwcORNfR8xiGJntQyyhar+L5pzypr/++cncVPPT9f9Td/U/mX77de7L+8NtDAZp7zouY3x6Pi/U+k/xmnOtRf+84x+deerZy959Q3JPth6abeo7mfv2xs33htU4aE2sgUAHsaxpq+D5u+hsh92mRgAB0Y/Kbzv1PV/vtBtTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABtGGzFs03ci4jl/n5cunXv6nrVT+1f37693LTT165tp9csL1FExLmN8eh4WxN5Aly6fOXTtfF4dLH94LWI6G70OvhohnMiusxQ8KhBVv+sz/ZVRyOi+5y7Dzr+xQQAwFOnqFtZ198pdlbLY73FiL9/uL/+fyOJI63/p/q0/r/78emb6Vhp/T9sbYbzb2Xzwhcrly5feWvjwtr50fnRZ2+fGL4zPHnm1KkzK9WzkhVPTAAAAHg0g7ql9X+2GLE7tf5/JIljxvr/y++GX6dj5er/B9pf9Os6EwAAgIPtxaN//tF7wPHeYBBfrW1uXhxOtnv7JybbDlL93w7VLa3/88WuswIAAADasLvVu2/9/2wSx4zr/8/9+MrP6TXziDhcr/8fW/98fLa96XTkr5nOauPfiR/7VAEAAJhrh+uWrv8X1fv/2d4rD1lEvPn6JK4/BnCm+j9//5uf0rHS9/9PtjfFuZQtTe5H1S9F9Je6zggAAICn2TN1K4v934ud1U9+OfLhwPv/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG37JwAA//9VakSc") pwritev2(0xffffffffffffffff, &(0x7f00000006c0)=[{0x0}], 0x1, 0x0, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x103042, 0x0) syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f0000000c40)={[{@grpquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x88}}, {@resuid}, {@max_batch_time}, {@lazytime}, {@usrquota}, {@data_err_abort}, {@data_err_abort}], [{@obj_user={'obj_user', 0x3d, 'resuid'}}]}, 0x1, 0x5f0, &(0x7f0000000640)="$eJzs3c9vVNUeAPDvnWlLf/BeC3l57+FCmhgDidDSAoYYF7A1pMEfcePGSgsiBRpao0UTSoIbE+PGGBNXLsT/QolsWenKhRtXhoSoYWnimDu9t3TaO6WddjrI/XySoffeM7fne5l+e86cnnMngNIaTv+pROyLiNkkYjBZXC7riqxweOl5D/748Gz6SKJWe/W3JJLsWP78JPs6kJ3cGxE/fJ/E3uraeucWrl2cnJmZvprtj85fmh2dW7h2+MKlyfPT56cvjz8/fuL4seMnxo60dF3XC46dvvnOe4MfT7zx9Zd/JmPf/DyRxMl4KXviyuvYLsMxXP8/SdYWDZzY7so6pJr9nKx8iZOuDgbEpuSvX3dE/C8GoxoPX7zB+OjljgYHtFUtiagBJZXIfyipvB+Qv7df/T64UtBnONS/I10ToM3un1oaAFib/11LY4PRWx8b6H+QxMphnSQiWhuZa7Q7Iu7embh57s7EzWgchysYNQS20+KNiPh/Uf4n9fwfit4Yqud/pSH/037BmexrevyVFutfPVTcjnF4oNhS/veum//RJP/fXJH/b7VY//DDzbf7GvK/r9VLAgAAAAAAgNK6fSoiDhX9/b+yPP8nCub/DETEyW2of3jV/tq//1fubUM1QIH7pyJeLJz/W8ln/w5Vs61/1ecDdCfnLsxMH4mIf0fEwejele6PrVPH4U/2ftGsbDib/5c/0vrvZnMBszjude1qPGdqcn5yq9cNRNy/EfFU4fzfZLn9Twra//T3wewG69j77K0zzcoenf9Au9S+ijhQ2P4/vGtFsv79OUbr/YHRvFew1tMffPpts/pbzX+3mICtS9v//vXzfyhZeb+euc3XcXShq9asrNX+f0/yWn19UE927P3J+fmrYxE9yelqerTh+PjmY4YnUZ4Peb6k+X/wmfXH/4r6/30Rsbjqeye/N64pzv33r4FfmsWj/w+dk+b/1Kba/81vjN8a+q5Z/Rtr/4/V2/qD2RHjf7Dk8zxNexqPF6RjV1HRTscLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE+CSkTsjqQysrxdqYyMRAxExH+ivzJzZW7+uXNX3r08lZbVP/+/kn/S7+DSfpJ//v/Qiv3xVftHI2JPRHxW7avvj5y9MjPV6YsHAAAAAAAAAAAAAAAAAACAx8RAk/X/qV+rnY4OaLuuTgcAdExB/v/YiTiAnaf9h/KS/1Be8h/KS/5Decl/KC/5D+W10fzvbXMcwM7T/gMAAAAAwBNlz/7bPyURsfhCX/2R6snKujsaGdBulU4HAHSMW/xAeZn6A+XlPT6QPKK8cOp/spEz1zN7dgsnAwAAAAAAAAAAAEDpHNhn/T+UlfX/UF7W/0N55ev/93c4DmDneY8PxCNW8jf/6L+trP8HAAAAAAAAAAAAADZjbuHaxcmZmemrNl5/PMLYyY1arXY9/Sl4XOL5h2/kU+G3+n2q0ZYI87V+Gzurc7+TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACARn8HAAD//9zcJCQ=") quotactl$Q_SETQUOTA(0x0, &(0x7f00000000c0)=@loop={'/dev/loop', 0x0}, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70200001400894fb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x2d) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='mounts\x00') mkdir(0x0, 0x0) mkdir(&(0x7f00000004c0)='./bus\x00', 0x0) pwritev2(r1, &(0x7f00000001c0)=[{&(0x7f00000002c0)='y', 0x1}], 0x1, 0x7fff, 0x0, 0x0) r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0, 0x0) sendfile(r1, r6, 0x0, 0x100001) read$FUSE(r0, &(0x7f000000af00)={0x2020}, 0x2020) syz_fuse_handle_req(r0, &(0x7f0000002580)="5536182daefa2fc6ee10a1b2d4e27cff3c3e628d4656f7b27979e371b15b420c01ae674ddb8fff7b2bc41e7c5927065cd32f2ff7908ef7dd74cdc82f3799ab12edbbfd0b8f6d2194d7f72aec3a136e25c7bf733436bf6cbfc94431ad053a2ec4ccac5aaada8a41ac38c0e1849e599dce84e431ac501db105b4484146b338c0ae9124877ccb8273c7fbb32603251e2d66c71398a7a715bcbe5c9d87e41af55f837e2931c4c1b6b7bbc30dfedfe6e61a39e28f66bbe56496745fbe03f6035183257edac4b0fe3087e7f3e79c2152a07341f3ae9ec68e78875b6e12b5a2a1abbcca4d7963be818a7a31290cad5a025ccd05b609c7ac49ea85d49f354c1e76091a917966665e77471005a46a195b290c01bb7ddf4709e94543471d87a0a5047d3631b00862e1e9a00c60b83371cc16ba087463122a892a1b21786fe3d450c7ba97799d88126f09a698a421242e9c67c981ebc576f57ba3df22e0071db74fa22e97b0fbe589894931a4c4e0eda8bb9533c4ce503fba218d0ae43ab4b4d0c705e04442d093ca5299ae8499c6db904bda6c68105bc2a1cd8e16067215476e573745d1e99daa73400567a9978dd7bffb21429479ace30c95afdfaebd7faf74343cd58e14ce6d2fada5a1c665049eeaa717ee681666c8b63c6d54e66df86144f85d80dcaa3ae7a13b58d5f2b607029efbbf8593afc75e0ce0a875a5fbedecb425a22624a0bb8e2fd06212a1fdafb92430d309f8f68504484fb1246f3d7b0893d3dc9d0b6c8d7476b6aea871eb4f32c283e22435fccb221484409cc28a6609dd869b99547fc81b2e517809a5b77783f9fc11b5fe584b9f64c0fec35d3db21ae30d0b8b88d722dea4a376d2a610f0a9d08b311e2ed3ef5d72d0e040e41d3dc45e5a17d740c67db88d95b18c8610fed3302aef0c3c1871ff8a5ae1908bf9668f0bc8e5867f56cc59cd303bafabde6a4034a96ba66b98a910dfaaff712673dcbf84c5354f066126068de620f08be67e6034138dd9a312f9ff197fca56a77bad46e59edfd79dfa3aee4582bfe01ce2201f6569178be7a4bdd28e495114944e538ee7b8f11e0812d9f822cd9760316809eccb9b0bbc5f0630224a1534f88600bbb2af2882562e76d149b44780380b62241829e5734fdfff1a2b3a052f3504dffe04d4632e9fef82762fe1950fbaceeb961464dfe2699f0a898fc8783cfdde45ecc3a16f052c4777beb1fddb080fc802a8cc760d1a0d4606b669e78ee9ba1ac398914ed5096850dedc513e5c71eca19d51af9075151f4ca3d8a841b7b1d205f5f3d223f7e48685daa0836f93017935ad1d942c7392667145ccc1d4700f5d8fb2fc218fd6d70357667d339a28dba3360761857b19f9f91e56a0e0281af1042a409a4e2839f3d21b73a5c352b22e4ff06e563e92c00b48e7f8bcdbbbd398c65331298f779dafe875854e301394b0faac2126138908fa8598b4f5e58ed1ac451eb0187e20077099d12d745fcff0b7fb5e8b9fa65ac617ea6c953e8786229b67a604c46810876650f919e6bc6792db22ec0be29cff94e9c24eb6e1830f890bb4b6bcd74b39060506095b99b95f2a8addfb8dfe11f47479fd23cc7c0701ae00774c430b3b9f52ab2579d47a2c2095365aa569f55a1431f93e651c01f0d67ff9337708a72e352c0e699f14bf07f9b9c056897c78edcf34ade3dfd17a04446d565fb6e7c701a237fe1a3d932371654a43b56e7f5ccdadc0f506d746c3f0047b69c0c174cbbfe092f139c09c0e2e76d9a777142813cb78174630ea8d73301e3343b94856fe610777468a9fb4518a0cf68243a4bd715e38e3431a811f962edb1306d76d89e0aad9be5800e7bebb82ccaec2382c9c114c91aee013acca2d8ddf99465e760bd185453a9eb4e5a78383094603b749c6242ad227124ef4b7ec7506b8a76f714099c954f0b2f2d427af0451a7ea3d1dbfa8a3e644c3640d397de3ce942311deb73fad3a76cba773f416314e81e70bda715b342113a18a249300b43250cb3b3aa46ecabe42d0e8c1dc4be286e539c71f0d1c0b0e1795ae7428a3887f36b79e9c76401a5dd460f45b9d8277e04c7c1e615fb33d0fbc444421f3fd0bff4e045d790610aaa2b62945e4b398024c75680b5e12235c35f5b23ddd99454fe527acad6d08fb37c35d9ecc0a8b10e2c31fac786666eb2ad499ddb7d06c7526fb1c5412f6a0df003410e69b81fe523057b6b73cdecf0e5bc4d3b87757889fe49dbdb3ec79c7eb3a868480fc87528e80400de837cccd4a6345508386ada1833f57a20c56e973569bc7821088d343e80009b7b35390975323d24e764aa6c90d3dd5fdec08ed363dc9ab57de949282994cd3858f829c7e5e9a745261383db27c9c53e9e98e109fda6cbb88649ba40b5067470d73b7471d406e5ea8041f9fa25f5b6c919aef84f7595511141e9f090ee103b20a13b22c9a88348ed6d284c0d7a58326e0c4c9626d9a5390bae2be199b201ea136a9aac76e6125db9bf58f61e6a46f8145a9df1305415989435f51529da03f09a67e3629e6f6cb6b70407d9d848f554f1a7e63602e678e62d3b41b4bf4ddda713ed2c291536d8cc12a16bde144ef56acc17778b1aa8eeeeeb60c781365b615be4435c7158d926351cdb46b89fa82acb384c7318dcb2e51db8bdb223aff2c8f36d9e6b1135ad18f7e0b9d91a76972c3140f8e21dc71422de12a4f5d08624bdaeb983619a5ff82cf788c6b8a5fbf0f78e61ae4058d6e03a3d5130646dfc13686e356a1325434caac94ced659529181561fee7ce4f7e1e7945f119ad8474ea6b00257ceb7af2d9b3f9ad5782cd986f1b097d61bf26a6c48c3ab597e4678d609f3050eec9f3bbea1bc67314407521950526e6d71e34e35392067ac84b66badc82a54bb0dc8ed2f1050711ef2d47af5252075c0441aad6900539fcc649c1b1ffc70a1cc39e0c2136c764ba718d50f4800dc29769c4bc9a2fd0f43eb6ffb717a473ccb14ccd58bd506c4e4a0f4ea1158b59b3d6bf1a2d010c456c1f099bff69add46cc60fd2d9779f603ebb943ab8eb02627ac8aebdd52f25b069f64a61e90fa9ac979cb4c6cf0ebcd070099a1a6e6a747e8989e84afe090390953f988f2dcee405086ce51b1d2d8d249f45899b4e862008d28efad8aa5abd0912fa456aa9d3a918a0dd3420d7c4b04b9e3d65c41a1548b7caeef5fbcededf64697786a0bae73d2c5352658b871c806bd150c91bbf8f4735dddee9cfd3e152b5d44cbcce912a2809760e225b9018fa498c86ccb2359cb0834bcefab92c0468522648fbefbe25cf8d82b897371b5369e8f2972502574c0a3235066969c4d5d67fc312d6631702f66a113d22063ba2ac7d9ab387ad1e115e9c98275f3e0dacd2e8f0843f24687b297bf42bca11b89c6db2fc7026d364486ef2d614bc45d5cff0758d69fd48ea06b8a97667e4d7d30bf7f1c30b62287637f50468bf144fd177fdabcbd0d12b50c9cbd052dcd66993c72f48bd6086412ed5f9af3d44dffdf7c012aadd5cf7bd3b314f236660fa1c0e4773a4e9ccc36fd130ffda59a9bf41f7fbf79e5e3333365a3ed2e7714e50805bc70bc6fd20203cacbbeecb8e01a2ce626756cdbd01c53717c2e7b56b47e21f13209c2bf2b1b251e7a93f8a085dcc61d9ae82303a962441372ff7c0b8b8ba75bbf5b861ff7ddbc9781d40c90ae467bdeddfdf949e9a8b8c9fb7db3a9323d05d15bef19ce2e7634b84ac082d50e84b66f99f34b2f852fefe67faa403e848f3de110eb1d9faefa176c3cacd20c7f87d74e858a1a7bfc2c9e895541f691f99a2b8771c8755300ee74e3d6a048b30d02ca16202ecfc207a0b29302aabc1c5b57c7d0d31d43be5cb1f7230dc238fb701e7037aa00c9b57c6fc85baccaa56754d27b975872051566187b0983d93b9ec052edf3b33f7ddab343eac6f7aed97771e708e40a4cc6797f85d91a0debd5c6169895e895f67a10685af5e0b80b0e728731cbffbff8be603469d03bd47dbca4456108c79c029af16482c5c2590c1e0673c7e943699ea107d906a3e667fe7b2afaeb489548b6a11d9862e86a0b549a42b607ffeda6e3ba0f567b63b0be6edb9098cf3a44e6864c5e99fa5f475acb57e2b7343eb7fe3e8c139b515348b188defd2d3021fd27950d822f6df5f9c93584fd95f3f88c85231943ed4d511249f96447f7903779e4d8c4a680661fe5133d415b862e668441e8077bfb827293a9eb733e914f37a19e01ad4b014ef87ed5a5817ab8123af9fd863090b8e9a50ce29cf706b2182fd79660cbdbb53ba71b750e71a21d0ed01db3335cad91d5cb4d4648f46468b6e51f63e4088386913ae6b6cbf103947c32d25a8a825118cd6ce23f53ffe3c087114700e9a5932faf3d844fc6b323b3e722ed3ed75037bd9a7fd9d256b2b9a168e66802e284853a0d6b47d39675900f02f005050425731f9c2cb329f70d7a5ce2ee256212bf8b2ba9ece0df39c58f0fbac06c4da946787abf19dadb536bddbf7e51d89f22413575e064c6482d936a89d48be159aeb5055feb0577ced6c5334411d1d58a7e6d02eca6164d90fda39685fd619269fea7f21db51f6aa6961250e03c9e00788c178dabeb68f13dea29f8cdcf30478dbca15c4519bb342ba8b201019061bf8317022dbc5673fb4ed92ef1a1dea0a1a00cb3cbca291f7ebcbec27ea5e824f04b82f5644d4368cdf8026550bc2f86b83da6a265357eb548a9eec6622204b3dcd22440fec0e12819ade4ba53b53b1e6ab906fe0cacabb9c15e8b657475a0dad62dbcb1037aa8617787abce24a0aa4cf1b5c85c030a14277832a95d8b29a4ea86fb80148ece147ce4bf386995ac28e1ad1e2072f3f4fce5c05d9bdd0af118815d6ee89aabfa3f8173e6fa59dfa4a8c1ba7641291b3c18c6ccc4c3588d56d169d397facb4e67485610cc68197b3a43fe78b9458dc47e5057d5bc6b8e3b65bf414818b65d41ed7cfd7a35fe79c9851ef39c3e059fb3dffe331a791ce75728efcd58dd9b3ed1c93b128469afa648f4f91de6e39d5bef7a0e69bdf5b2202682d857847a64b33432ea0f33bbfd1948ad0b6c66d853fef1e6c0d712b86c40f79ff4d125baebf2a4b32dfc8bed2a697f745cfeb16303b4f8e866ee0bb6a5eb6c6ce513b5cb84e2b44854c72ed0cf2e838245be8d098a6943d845f5a8c07c1036da86cab0d5be4ce29545fade4323acf2085b7645107dd12d5b3af7bb37be1b291cbd6fe297c4b4a2a23280358711be91f21305c035bf1f57467a1853c999b3fb478b11c49cfac66429a76099633a54689047d66fd8bd6eebea94fc8007d9e2765e2969608a78d0b96d6b30360e81fb9df5262c8ff15f2fd7000756d8cda1db3847d6f793bf803b159344c57b480c87702cb3d1260692a19ebdceb2e05a2fe2eb5ac5cfa76551a04795915bfaba9849a623e46ac1832157d0ea5255b5cacd4efa844b0ce5f2f0e1a9dc4fb115fce2640ec6d03c5fe15b4837bd6e6127349f2b6b0fd61c82c96531714f5b623ce4e4978c4a0c86b3c17f50acdd67d283ec934ed36ba7360a10ffeeb7864113eeaa25cccc66613e0757782381614b8da3cd0a85cef7bc384969517c920e8454a5a0f112d1653b2828e895d0614e5bf4dec0ec863432cce9337ce7c29affa7f29fff97bd54a6947cc68df8fed17850209242c1c67d0d7aced2efec4b3c006678bcb8716e8e9e40d78781fd6cc5b5522b8ed2ec8cecb677849b778c0a2a17817a3dd2278080e109906dd4e99b772d5911893fa09ade4296876921d1e009e714df7e4973ab1d2e593d88ecf2151e97ec66176549d3af66652c8377e162454ce7cc8ab34397d31978e84aea92a3c0a8106a2a31e33a8dfe942819fa1f2c1272d0f3cbd7dae820642cbc00202455ab7fb81857ef050a1965a291001874b38397ed9a8e8106dcfcdfd80d0f5d0ef0d5775e53cc5aeb1d6bc13886f8f3491cd6af5dd77ace3689fa2bf56e9b4d1e4964f8fd8f0a4a8b5d7fb678f0f3adcb4a19b5168ac5aeee6f087af15af3bde52a9be0f550b21b10ce98da70445284d9db9416732e63b6efb3ced984c0df50c11aa677f822af7ad39b8b4c0d236e4b36a00ff73587b39f917d7effbb37b95a96e350a430d544d68623c80bf2cd2d689b4dc41e8ef374c393092a2619055f268fbdcb9de494e6582be90a4798bac801bcac8389c823759860e7c9d692f41ee2a6b9624da3c09a2c8e7cdeaa100ba8ca25a737046d8bb237b9546641cfbb2eac9bbee9e125b14dfabac642e634d32151c06ceb3ddbb3d3f038ab2efdd063152270449ed5eca2655cd0016147ebbd00003eb8cd25297350afbffae43cfd9867543b81da4510850b1afaa199d0477837017e9098bf5b3973efe218a88b3d2bb172fe77278088997758fdc1dbb0b1fb6af2ab9db1ddf3e3fbd8e8dd35f918779ccba75b3cdfa317fc6e3cbeaa8b11ce2a30cc53292bcb9dc2a18ca400c674360c041c97ee6aec1448a025c6b04ae9efb3a01d31e3f897cfd5dc94dac95c88b95a26676cc6153e203535891116a5f4ebf54c71cbbe3215a04c57c7ba874a1e203bc66d8161d5b556f661244d9d405a2e6baaedd0d0e4c7e093c2ac0e5ee83b7ddf91669dd59016f7cb53d19896fcc838dc008da4a5fdc0a4fac1a6d7f49b24bcc01467df04d8a3f3181cc4e811942a53daf784b59186a17756a8f3a41ad93035a893a4ff60dd8f54a533e94cf87864169287804df3aa38dc5ce6021a06c58d48985c562a0f51d8b32879f9fb7d4a1d3d442626810f151b161b7e35f9a0b3bec05979e381140f31c03ee6f5549e6e7f116be5e87e0a9ab71ee632f837e9a0f9ad1b4979304c26bad6e84eff0b5b79b667e3d74e354d04f5b2c237102e41a1a4dcac99cbb911d9484aebe6ab2cb539a1db3e3302fb833a44a2d725e858ea9a65d43bb7661842b655c51a1ff25207956e8c6c71667c79975d69f688dfa34c59771488028e3d7500ba0cb71ae5751a51b568e67bdf2abb63838aba5e5cfbbeaf02285f6cbe58428a92a6fc25abb01f8d55ecbd7cc0ea69cdfb188b79048dbea488493681b0e70234463ca3e425d24e2ae4d800ce3adb04ce69428b5f884f8dc83392c22e456a2e195b86d717ac45003a99ae9a59c94167eb04aba3612528f94dad3360b46bc456fbb78072eb7f96418c71bec09831b0a63e83816ffde0d9909c06e765a666c2c41b20c339e0d39107311830ae9ad912f0a85f2ec5ca66a79798a568dae14f76b6d59e6c0bc0f9ebdff29c0fce58367c9705bd4323d3c3e125cdb13da6e58f3fdb2751401014e393e3fc688f04080a90430e531767a7c4f3187ccb7b90880955e766aba6091c4e8fed36482bb5a63372350dd08fe84bf5afd1a30a0f8f4de7a640fa84b9c0447073a0b39bf875d0377c8a572adefec3e033fb3dad91b22bfe22c01f23f27ab0c6a1ce19d2f4f4235281cbca15dafe50f383ba89a8c46a666b106c1ac534955df71f4c560010934fd3eb68eebd55487defa1e024f75ac30139cd190bde1dc8684936bc23a1882ae469fc4af8730d29658f996f71c219526497918e359228b55849d952f4b2996fe5f45a6cfdf87da93bfada579479b18d05c4e964c85b88a7bfc6e4f2b5d6e98e00635e8bd2ebb9eb40b99a9e9db2f688b2d94b8cc8c5fb2a1928624fa5df1c228e6499d992453772084bcd33dda984d97e3857b6fee43c6666b3206ccfe3af52debe5659dc186edd194b90309213f5c4805f454c7e57bc759377aae9727e484391486be0849c5cdfa99c5a0d0687d6afdce97a32e01d45fef015e7c869ca190219a778b91d881a7b595313fb462e5bf78260c78285d6ccf5e4c50ed56ff28e3f49912773f0a58093f259b5cf4e7f607c51a81576fa95b97bf32d0e2e3511b5d784eba29a15246a97ccf608db456cd70adacc6c31913416f24f38dec3544ac2e88c409b5ff7771d873ea8d7a1868775c8b5502273c784cf945680fb14f143140b56462cd46874ffeacde7bf329fe8369df9c4b95a42535ea56ad6fa260f5c738eb9627f890f4a34f80bf3b8fe568d44c3895029b5f9557f17469a53fe4c0d581eb29029ff162ca906cd0e4bb81138be91a254752bf849232ed7042a82cda1e14dfbfdf74a09c17a9039749c789ab0242ed2d0249231c4ad70c23c805676968bdeb96c2d8886f784ecc3e42e6493e45aa20b6e8ede65c49136c9e9414a4371e3012bf596d55315be17ea9396b1df7f82db27f0d121f8aa66c40365fa686a46f430b4cd336da0d9937d5c26284bdcc6c4e0d5a6acc1be089e1a5d6ec422ad3961fb5c5c9836466c3366e6d3f2686b19b529549cacb6252b0d7a7f5df42ea2961ac59ba0b911311ccc4d83f8611f0c4b071544236037b2863d673303a4e3d428131b07f60eb2cd507dc43503456ce829aed8254bf0b51b38008d42e445acb0effc2ab7e4bc26ad76ffba1220f2e878fe9b5de39bf4f25a9ed468cdb100008ffac6bef401df4817b23463e771a3c834c32993274689c01004eb94b89bc44257b7d2b3936caab6d86937b5bb8f705d00fb6f091711222b6dc25eeaa0e350fe484337396162c86bf7d3a1ab82591ad35d393664617041142c0f8b528e947c092f28c3142493d056bd548910615e7300f041f5d01a2f00138ae5d7849244ef9215f5c9dd874e60ca4ad883f86e71690a510831e35c24de1e0d1261172bf4a8625af958febb7b109c5ca5bfffd4342c43ad02136c6eb117b4a6ea98c07a91279731c1228b01e6be755c1c1d095d3cdfe950ac32eee77327a0e7e342ccfc13c69ab6ab113b18c1abe72d39c03e351986cb3326b8b17ada5884aa7d0a553b0d35e32b8c09f1a4106f5d675a88a1508de4a0e9c598c082ae5b229b75579e39e297b225a852e3f6a7d0990a45fdf68771991acf9b7a5c04bc21a40c57817d500e8ebc6b5919219a4110395817c92bf9eb9c623606d4d98ed68dc0b51a0278b0addce8753f86316158bb4bd6a7a0c4c72b0d17b9545695e54826021a6ac44b4de1b4ea977b20af3c47b8860b0ed29a68c1a883777097d54b162cc58edc0f4de1afbbad7c340a5cd9f2f93133cb2a4babc2a688e2ddd580ef8d9d0846c269c265ce9d978aa233c73aa11eb78d3a67f4e7a3dd035ef5a1f832ada87c7dfa377b77215f8c23b1a78e4a7faa6d0c1a4a28a0ef7b32b36bd566d8c478d0133ab43f9c2a4829624eec535234eb89a177ca8d4e9d2d422f33a24d15044822e4a4c1bca5f470b8c8fde09fb69160297218398da27f4e80dbd480782ee75cecd20ad23fdbcc1d4a0acbc63241c1e2cf1a0b12949e42f707ba06b6fdbd8f336bd72d7f96ddf9ec2b5cfcc4c8da6e1ea573e97eeaea537511ac9fd2ae78eb18cb50c13b595f8b6d65ce8c08e9028fffff6b512080dbbd3fb5e5068538c05f73254969f9727db9bff0c6aeaaf83713812499308792a7fc8318e6b2996bcd1b072641be1eb8e028cbd6b0a5f1fa13bfe35b5cd0d2ca21d9cf8ed97f724ef73ab5a99d65befa38d636f2f827d229479377f25501f3a6ece12cb095549503b2299db7806d32751d4851d62b0c6a91e2e961d475d33a8874c96df52c75bb5a0569e892743937451f75345e0351bfa334d37aa43f01ad1ff984dec164faebc713de31470db5e536a0681a042ced0f9839d9ce89259349075961985171c27c410c99458d4c25614ea1d4252293c4f85b0d2ded9ac560cfd024c199d5f0f4bd47763690ba1bca88b8cc81059bb9fe82c955488523114db8c2caf8a63c0049e90ca524330b57edcf718f6a7aab0efe282079d198cc3c1294f35d1a1bf5f69a8838cfc5d4363f9ca9383f83e4f9576de3fac48866ddcde282e5e4ee3f852a063bd6423ac1fdc6201b1facd6c36609fa2faf96afc1c0b76fff27bce059ad6390fd1e3f735806ce654ed555a78ea8e59fb16ff5ac5ad183aab9de37c3d033b3018d591e7ff1a896de969f561260f797603df5fc232076ccdc2e1fe9fc789253a54af151dd50f89e777c2541591101720c893647bd4b3e6257de85251c9bcd700154e85db2a9e2c4d9d2e531a18bfaa05d16ce75f823e60416b3afebce16555536120d5f554fd13e861d74c4947a62d2d09473d8d75f03d354572b371b02e16f3976b1b0b235582ee38d938fe843b107c77c2acd88f34e1669816eb3867134b1c5fce5afad3c70f9bca972ed494577f2ba6362a6ee6b4720bd86938bb49490982a1b5ce6dd54b79f093ce27051530e1233f03d6641392d4fe7a1f7dcec8ba86d8f32f00f0ad50a29b1e17de07bd0205c0d893532c198f23656f7f5d1d9c0745b7e0b7e8afdd29c8fa1639a06039980d9a5fba11801db4e7868a9b77925a03a770aae3430b1ccbddb8bd766f51fef71ba25cf9184c9cfa6f9921d69066d09a656080f3c5fe475ccab94cdfccd76f3c7dada9236d1be861eb5fe6247ae9f97b7705bb71c375e8b98203c5bd224202c1aa714da47e0daf98fd3eca617f9a255df5dbe98a7520a1e6db9b88af893521f2ecf7fd2b08a7f3c5aeb77ebe6f52739b473840889c41315407477b82242d9a805f9aa200a129c4701d1c88ccd34871f356caf02da9937a88612a9755315914f4e8e1bf471a46c00650457cc06db168e5457fb3f9662994d901a1f58306156979aa795afacc1a7d6111cbea53e97fb71c7bbe44558fb06f8d78ee08e3678b5d218e13f79cf06f1da9f7e128647884589c487147b3edbdaffa16f9388568d3c8caa34a6b944e4f171842cdbb293474fcd5201b7440e05ddcf9e0b476773119516ef45077705e8bab5f877657205bf9eaaa7c86734b1b6c3661dfd4b9eb8590f962e17ad51b44058d558744e5b44cf9db280bff1062b2431d298064f11e7700ba4c8ece6f4df659d4880c4983db0152f1f903023672f6234620134bd5d1d888022da128a527d82e8fa1a562827a4f1592efe3b0bb78060626e8688ef3d5162afe9f1060123dbb1f93b7bdb6ad4ad6e1772bf8705cca424d9c42e4992eb5bef1ec7961bd4260d1e55e863fa9c8e0cb6d28b495fa37b5f59fd18cfcec6319288dd7363821e47ec46664e1994157319eb0d466b42fd9b5fac5ba979a9baf4f699dc539bf77852e18014074f88108b654219e4f9396696c94eb9fb9b360e59920f187029608bed76d09dd006f4033d384cd109726d51850202ba564599dbff7808591f834cc4084db29111de86a70217defa490e39c6e281650d15b1e44bb55164be0f6da58e838bf5f4d7cc2a23b818557ab1fad0fb2253c4da6af41591940b2608f6fa6bc25939ede95317ff96050bbc1f389235caa78adc0d801a56b2fb4cc41e73d5131552985b5af241722e0637f3b88e46b09ea875e5cf66f534666368ff8e46413e5ab557236134afa63478e18328d33b1a235deb2034955cdbb2bfd0e55fd885f380ae8efca1feea985a946519a712df1384f9e024efec61c30a6989aa3b5bd486366f3fccadc0add175c1cf0d2730ab97370eb47bcda4226ee140edbcd9b38b8ee913587125cb185adb4df18e80df2b0ea6e3e87dc8755fe6823ab5ee1feaebb1e6208cf3dd5ad5581f2388be92", 0x2000, &(0x7f0000004dc0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000002280)={0x18}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 9.072251817s ago: executing program 1 (id=2280): bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0x0, 0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)='/proc/sys/\x00et/\x00\x00v4\x00\x00s/\x92ync_\x00le\xf44\x8cm\xa0\x8dN\xd4\xa2\x88\x00\xd1l,'}, 0x30) r0 = open(&(0x7f0000000100)='.\x00', 0x0, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10) bind$inet(r0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) ioctl$EVIOCGBITSND(r0, 0x80404532, 0x0) add_key(&(0x7f0000000140)='asymmetric\x00', &(0x7f00000003c0)={'syz', 0x1}, &(0x7f00000004c0)="b16ae8faac1aa02e3f800743a43b05a71ee2cb9521b864a8a67682a750ef319aa4897775", 0x24, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) capset(0x0, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0xfffffffb}) r2 = socket$inet(0x2, 0x1, 0x0) setsockopt$inet_mreqn(r2, 0x0, 0x27, &(0x7f0000000000)={@multicast1, @local}, 0xc) setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000140)=ANY=[@ANYBLOB="e0000001ac1414aa0000000003"], 0x1c) setsockopt$inet_mreqn(r2, 0x0, 0x25, &(0x7f0000000080)={@multicast1, @local}, 0xc) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x1a, 0x3, &(0x7f0000000400)=@framed, &(0x7f0000000340)='syzkaller\x00', 0x1, 0xc5, &(0x7f0000000180)=""/197, 0x0, 0x0, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x2600}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0, r3}, 0x10) 9.071827997s ago: executing program 2 (id=2281): bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000a40)=ANY=[], 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) creat(&(0x7f0000000000)='./bus\x00', 0x0) syz_open_dev$loop(0x0, 0x0, 0x21040) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec8500000075000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e23}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$ext4(&(0x7f0000000ac0)='ext4\x00', &(0x7f0000000180)='./file0\x00', 0x3810744, &(0x7f0000000740)={[{@usrquota}, {@user_xattr}, {@data_writeback}, {@prjquota}, {@jqfmt_vfsv0}, {@delalloc}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x400000}}, {@noauto_da_alloc}, {@test_dummy_encryption}, {@journal_path={'journal_path', 0x3d, './file0'}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x3}}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x4d7}}]}, 0x1, 0x451, &(0x7f0000000d00)="$eJzs281vVFUbAPDn3pkCL/DSivgBglbR2PjR0oLKwo1GExeamOgCl7UtBBmooTUR0mg1BpeGxL1xaeJf4MqVUVcmbnVvSIg2JqAbx9yZe9vOdKb0Y8pU5vdLBs6Ze+ae8+Tcc+fMOb0B9KzB7J8kYm9E/BIR/fVsY4HB+n83F+Ym/lqYm0iiWn3j96RW7sbC3ERRtPjcnjwzlEaknyR5JY1mLl0+N16pTF3M8yOz598dmbl0+emz58fPTJ2ZujB28uSJ46PPPTv2TEfizNp049AH04cPvvLW1dcmTl19+4evs/bee6R+fHkcnTKYBf5Htab52GOdrqzL/qkuxZmUu90a1qoUEVl39dXGf3+UYqnz+uPlj7vaOGBLZffsne0Pz1eBO1gS3W4B0B3FF332+7d43aapx7Zw/YX6D6As7pv5q36kHGlepm8L6x+MiFPzf3+RvaJpHaLaYt0AAGCzvs3mP0+tnP/V9kaWlUvyvaGBiLgrIvZHxN0RcSAi7snL3hcR96+z/uatoZXzz/TaBkNbk2z+93y+t9U4/ytmfzFQynP/r8Xfl5w+W5k6FhH7ImIo+nZm+dFWJy9O8dLPn7Wrf/n8L3tl9Rdzwfwk18pNC3ST47PjnZqUXv8o4lC5VfzJ4k5A1vcHI+LQ+k69r0icfeKrw+0K3Tr+VXRgn6n6ZcTj9f6fj6b4C8nq+5Mju6IydWykuCpW+vGnK6+3q39T8XdA1v+7G6//phL9fybL92tn1l/HlV8/bfubsrzB639H8mZtz3pH/t7747OzF0cjdiSv1vIN748tfbbIF+Wz+IeOth7/+/PPZPE/EBHZRXwkIh6MiIfyvns4Ih6JiKOrxP/9i4++0+7Yduj/yZb3v8Xrf6Cx/9efKJ377pt29a/t/neilhrK36nd/26hfXN25SU2ejUDAADAf08aEXsjSYcX02k6PFz/e/kDsTutTM/MPnl6+r0Lk/VnBAaiLy1WuvqXrYeOJvP5Gev5sXytuDh+PF83/rz0v1p+eGK6Mtnl2KHX7Wkz/jO/lbrdOmDLeV4Lelfz+E+71A7g9vP9D73L+IfeZfxD72o1/j9sytsLgDuT73/oXcY/9C7jH3qX8Q89aTPP9W9VorzK0/sS2yUR6bZohkSLRLkDo7vLNyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAO+TcAAP//uZjx6g==") 9.071583537s ago: executing program 4 (id=2282): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) stat(0x0, 0x0) 7.44549762s ago: executing program 0 (id=2283): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000080008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000400000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) syz_usb_connect(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000014da2108ab1204000000000000010902240001b30000040904410017ff5d810009050f1f0504000000090583"], 0x0) 7.444722651s ago: executing program 1 (id=2284): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000e40)=ANY=[@ANYBLOB="180200000000000000000000000000008500000007000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000017000000950000"], &(0x7f0000000080)='GPL\x00'}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe, 0x0, &(0x7f00000000c0)="e0b9547ed387dbe9abc86a457991", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 7.44349542s ago: executing program 2 (id=2285): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x4, &(0x7f0000000140)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x20}]}, &(0x7f0000000bc0)='syzkaller\x00'}, 0x90) 7.396050664s ago: executing program 4 (id=2286): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="1500000065ffff"], 0x15) r2 = dup(r1) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) write$FUSE_BMAP(r2, &(0x7f0000000700)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137) mount$9p_fd(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) r3 = open_tree(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0) symlinkat(&(0x7f0000000040)='./file0\x00', r3, &(0x7f0000000080)='./file0\x00') 5.73705334s ago: executing program 0 (id=2287): r0 = syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1a0100005c6b4408070a64006e40010203030902240001a82300000904000002ca744d00090503034d00ff99090805", @ANYRES32], &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]}) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) read$char_usb(r1, &(0x7f0000000280)=""/239, 0xef) write$char_usb(r1, 0x0, 0x0) read$char_usb(r1, 0x0, 0x0) syz_usb_disconnect(r0) syz_usb_connect(0x0, 0x24, 0x0, 0x0) syz_usb_control_io$cdc_ncm(0xffffffffffffffff, 0x0, 0x0) 5.73676271s ago: executing program 1 (id=2288): r0 = syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000bc0)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581", @ANYBLOB="f7", @ANYRESOCT], 0x0) syz_usb_disconnect(r0) r1 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000540)=ANY=[], 0x0) syz_usb_control_io(r1, 0x0, 0x0) syz_usb_connect$cdc_ncm(0x0, 0x76, 0x0, 0x0) syz_usb_control_io$cdc_ncm(0xffffffffffffffff, 0x0, 0x0) syz_usb_connect$printer(0x1, 0x0, 0x0, 0x0) syz_usb_disconnect(r1) r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) syz_usb_connect$cdc_ncm(0x4, 0x6e, 0x0, 0x0) r3 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) write$char_usb(r3, 0x0, 0x0) write$char_usb(r2, 0x0, 0x0) 5.736435911s ago: executing program 2 (id=2289): socket$inet_udplite(0x2, 0x2, 0x88) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f00000000c0)}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000680)=ANY=[@ANYRESHEX=0x0, @ANYRES32=0xffffffffffffffff, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa285070000000007020000f8ffffffb703000008000000b704000000000000850000000300000095859fc2bf7391fd590f7ae39e744f4d6ed1f414b9369191c57945bfd287be2cb56633cf556f8f984c7ce34f7c8c45dfe4497222ce8573"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r1, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000500)=ANY=[@ANYRES16=r2, @ANYRESDEC, @ANYRESDEC=r1, @ANYRES16=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000580)='kmem_cache_free\x00', r3}, 0x10) process_mrelease(0xffffffffffffffff, 0x0) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYRES32=r5], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0xa1) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10) bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000140)=@base={0x6, 0x4, 0x8000, 0x5c, 0x0, 0xffffffffffffffff, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2}, 0x48) socket$nl_route(0x10, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r7) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000080)=[{0x6}]}) mount$cgroup(0x20000000, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r7) ptrace$setsig(0x4203, r7, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x1}) socket$nl_route(0x10, 0x3, 0x0) socket$inet(0x2, 0x80001, 0x0) pipe(&(0x7f0000000100)) r8 = socket$nl_route(0x10, 0x3, 0x0) r9 = socket(0x1, 0x803, 0x0) getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB="440000001000090600"/20, @ANYRES32=0x0, @ANYBLOB="adffa888000000001c00128009000100766c616e000000000c000280060001000400000008000500", @ANYRES32=r10, @ANYBLOB="683b10019e6a79d28d061bc6397d4fc74da7e706"], 0x44}}, 0x0) 5.735922141s ago: executing program 4 (id=2290): setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$inet6(0xa, 0x800000000000002, 0x0) socket$nl_generic(0x10, 0x3, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) read$watch_queue(0xffffffffffffffff, &(0x7f0000000740)=""/4096, 0x1000) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x2d) close(r1) r7 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000080)=0x400000001, 0x4) setsockopt$inet6_tcp_int(r7, 0x6, 0x22, &(0x7f0000356000)=0x1, 0x4) connect$inet6(r7, &(0x7f0000000340)={0xa, 0x0, 0x0, @loopback}, 0x1c) sendto$inet6(r1, 0x0, 0x4, 0x0, 0x0, 0x0) sendmsg$NL80211_CMD_CHANNEL_SWITCH(r0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=@newlink={0x34, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x74}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x4}}}]}, 0x34}}, 0x0) 3.919236899s ago: executing program 2 (id=2291): bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000840)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6058afc4b4dcb5be, 0x10, &(0x7f0000001f00), &(0x7f0000002080), 0x8, 0x0, 0x8, 0x0, 0x0}}, 0x10) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000001158000000000000800000850000006d00000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000008c0)={r0, 0xe0, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10) 3.918454239s ago: executing program 4 (id=2292): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000d40)={@cgroup=r0, 0x1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) 1.940768302s ago: executing program 0 (id=2293): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000a40)={[{@stripe={'stripe', 0x3d, 0x3}}, {@noauto_da_alloc}, {@jqfmt_vfsold}, {@data_err_ignore}, {@noauto_da_alloc}, {@delalloc}, {@resuid}, {@oldalloc}, {@jqfmt_vfsv1}]}, 0xfc, 0x550, &(0x7f0000000b00)="$eJzs3d9rW1UcAPDvTdv91nUwhvoghT04mUvX1h8TfJiPosOBvs/Q3pXRZBlNOtY6cHtwL77IEEQciH+A7z4O/wH/ioEOhoyiD75EbnrTZWvSZm22Zubzgduec89Nzz0593t6bk5CAhhaE9mPQsSrEfFtEnG4rWw08sKJteNWH16fzbYkGo3P/koiyfe1jk/y3wfzzCsR8dvXEScLG+utLa8slMrldDHPT9YrVyZryyunLlVK8+l8enl6ZubMOzPT77/3bt/a+ub5f3749O5HZ745vvr9L/eP3E7ibBzKy9rbsQM32jMTMZE/J2Nx9okDp/pQ2SBJdvsE2JaRPM7HIhsDDsdIHvXA/99XEdEAhlQi/mFIteYBrXv7Pt0HvzAefLh2A7Sx/aNrr43Evua90YHV5LE7o+x+d7wP9Wd1/PrnndvZFv17HQJgSzduRsTp0dGN41+Sj3/bd7qHY56sw/gHz8/dbP7zVqf5T2F9/hMd5j8HO8Tudmwd/4X7faimq2z+90HH+e/6otX4SJ57qTnnG0suXiqn2dj2ckSciLG9WX6z9Zwzq/ca3cra53/ZltXfmgvm53F/dO/jj5kr1Us7aXO7BzcjXus4/03W+z/p0P/Z83G+xzqOpXde71a2dfufrcbPEW907P9HK1rJ5uuTk83rYbJ1VWz0961jv3erf7fbn/X/gc3bP560r9fWnr6On/b9m3Yr2+71vyf5vJnek++7VqrXF6ci9iSfbNw//eixrXzr+Kz9J45vPv51uv73R8QXPbb/1tFbXQ8dhP6fe6r+f/rEvY+//LFb/b31/9vN1Il8Ty/jX68nuJPnDgAAAAAAAAZNISIORVIorqcLhWJx7f0dR+NAoVyt1U9erC5dnovmZ2XHY6zQWuk+3PZ+iKn8/bCt/PQT+ZmIOBIR343sb+aLs9Xy3G43HgAAAAAAAAAAAAAAAAAAAAbEwYh9nT7/n/ljZLfPDnjmfOU3DK/u8Z+X9OObnoCB5P8/DC/xD8NL/MPwEv8wvMQ/DC/xD8NL/MPwEv8AAAAAAAAAAAAAAAAAAAAAAAAAAADQV+fPncu2xurD67NZfu7q8tJC9eqpubS2UKwszRZnq4tXivPV6nw5Lc5WK1v9vXK1emVqOpauTdbTWn2ytrxyoVJduly/cKlSmk8vpGPPpVUAAAAAAAAAAAAAAAAAAADwYqktryyUyuV0UUJiW4nRwTgNiT4ndntkAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBH/gsAAP//sQI4ww==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0) pwritev2(r0, &(0x7f00000006c0)=[{&(0x7f0000000080)='7', 0x1}], 0x1, 0x6e45, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x103042, 0x0) pwritev2(r1, &(0x7f00000001c0)=[{&(0x7f0000000380)="e9", 0x1}], 0x1, 0x7fff, 0x0, 0x0) read$FUSE(r1, &(0x7f0000001f80)={0x2020}, 0x2020) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305839, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x3fffffff404}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0, 0x0) ioctl$EXT4_IOC_CLEAR_ES_CACHE(r3, 0x6628) write$UHID_INPUT(r2, &(0x7f0000006fc0)={0x8, {"b346c1978cd8ac674fee0ef866ca1fa381023312f753a3649827ff931aaf520e0ecc6575040003fab07eb22405f940fcb667f05a680bf024c157fad2cb74d204d10a12caee4df7a513e249e34b2ae0da375d4b94909cf1a8d59f2498e517f77553a4019e86f1872f526df740e777326680d0cffd609f4dc22d8519748c96fc56c359dc455f99420c9bb2391d478bfedc0479e06630475437e0ddd0e4c5bf6077e794d6dde56de5ee679039eaa58fc11406525a5291cca3fa12e4f1d31ebfef63f6d70b56a68cb9b72fd96a4f5429ebde90a337fb8aebfd9bfc435c647cf42b706400d24a3815e0cf84231ac1a44a305644122814c47f42e5102e2abe3e6105647513a46b9fc3a6de0c710986e0d70c0463e8f4f43a609de5f505363cb7ae601cb8e5bd54f428946c311153e0a596b83a71d4e0209d75cb84690b3e263b31000b25da876304a6770ab5c2db9dd47abbf74817025eb384adef9ceacfcbd5991bfaf9ab21d96ef4dc68192ab2a31fac1246a9990681c587889e33ea773ce71fce18bf1dea8ef70803441f6d2061663b4002cd4c0cc58fd99e50e7d23a053212a821f234ba55c7137bdcf03823b0ebf00a036eaf1472813031a86ec69626885a1398fe86d12fd7c37a334489b2bd23eaff1dbab60fabf0d034c36390e4c166d6f354e75be196fe113e9fb6831aec67a320945044aeec56d9f59fa8f31d7692cfea0b96bb4f1a054d5e7f3c296f2b4c9be2de97e621d8120e6e4e452e8fc1fc72c3c7c65fc0b05d960d43c8757eb2a630a471041b3201fd150cc6acd8098a5b39ec4dc38c0c42c6a7d0469f4cdf5628712cd87eae3c35b4124bc203b19d33db77d36e3d0aaf8e375febfcddaae33695f43c9dfd2cbe182c1259748f19bdcc5372bb20120f0e0a82c882381ce60f7c35271c847fb078529ae72cc49b1a40ecd6393f110ddf16fb12867eb13231b6863012ede07f3ec84bf1b9bc517b14d109c7e3665da86f4e9b630860831666077d9dbbc09369ce8432cf2585a8b85efd3f532040c27797fc6f4432ddd0759dae2c4c65b3f8cec7c111de52491f7c8768dfacc81a0828272194593bc75c2fe1ddc30553e4f15df10de1e6a94870642dfd8dea3bffd9b6a23dc765ccc59d27b07de4ebe751546afe5a4b9c5b31098624d9fba7d2a00972d6656b17dde591e9c699aed58c8f315feca1d1c2088ce074c90a1db72dd5a2eb2219dbf95bf157340d387d0be87c375731fee9efd444e10114e79ae4f510f482bb80b341c17e8a85e3f962620bad2cf5f32fab7f4e4deb445a0c4bad3633415f07137df911f2e28776b81466913087290f3dc97fbf751a9b02fd8c1f4b0de68ca0183740ce21d57c2db8f0b5d92a0ff7aef11322eca7946d8da2ee9d6cd380b1535c7b3ad269a516d8c0637a93220e0f845c8b48e383c5a3b0a2e03ff586a52c881c8825592f3a57a03754cfb6cc88b73c9aa2c58ae43623c608651d19ebe3782f21e5a561dc8dfa17ea2078ea59ba90c64e2d98998f292d0c72e3badf3c38af4b95595ddafbe88da010419ec766f14d20c2bc440c7d8d84073d2c7dc09726ecaf07a71f2088c90ae4f557b99a0c6d890dfb2bea67a93685c3cf34f0ceb0429617e25c7ffc180d5680c78eca8967150fb4bc7dc84e872b628f6d559c4f5871b90235f5535094ec3723b135bcda0eb1ef9b3dc89044d3f69425aa948c3a006e91d89e75296bbc52c57f3892815ce90b134ab944499942b0ee39fa0c6370fa3d1f05b873dba525c47a7d09d816b9f153302aa6f763679705bf56c5979cbaa430ed257f6f11c794b5f75a36d2f32cd505e4f4d40e41e1abab4f28aafe37351374f805d8fdab250efb9c2a44a520dead55b1fd61f00b2a0a94ecf7563e40b8add0518c359260756a05c6dc38bf496dd70a00705d73aba7f9786ff67fbc09b9cf8f186eb41cf80c68ad6e61ca427f62b2f517fa91ed506791ecf70771e092b874c30fc7d460f8b004d1e703a7bb1c41231a40f1637eb8b0069e31307c6e616b92d9eb751fd35baedf70f1fc3d43e12c80b85d5bd3f8fedf3108b642406962917cfad408773623819c0803cca2b57c087158a090c18e4a6e4cbe67ad191d8892506bc693fdfb05c823c893e89c5d17119df0304eb138c12890691f87c8b60e4afa505b44a79f09564a1e7b786b2b28cd41cd402befff2e87e230b8f4e6551e011361a6fc2b14dc63b627d907195fd862450a23ea18faea53ba7b883e19e112f45e5ea80d789cc274d0206dad5bd1d163c6bc54ae187e75e43a0db568bd77b4cf1304931df982cddbe15118a64a4f73d54287ccb31179a7dc428c7377c7e75c6b452a2539e0364f2cf58b04e227e9caec7204895ef46cf987d932dd59e6629b5879d266d54ac059b499943f42711b35c85ce0faae3164e0d93b64772e28bb0379526d676402f21886a93bedab99f9046ffe0608cf34619ecdb821cbd30093842c4b086f82ed418a627ba33e2e3ce4a7efa7601f8311c5498cf38658013d38ac6f8257f2664404885614c88cd0bc84901dfceaeb980c37e3dd4cde43260cf766293bd3a6dfa0186aebdaa8aff08668b1070c26ab604175ae1f13a561d3137dd0d39f6410db5df4a0101734f992162f9b03488f884e05dc03597a90773244f88b7593b4e1d41d29460a993167ec3bb0a48ad5f8f8682c3b647886307ac3a58184874a3a8ca4b1bd9fb5d7deb6b81de8c609c0f6278729eb615ac1e2825b2068a277bcc491bff055e2648da00f16182fcf73637a43c448f667532c088abfff7bd40557754fafcb29714986aac64271a81eb66e6a67f952535aaa73a0425e8c2cb278320ecddc2f2c12a39e9f25738e1cd4a7478bf9d301a5f29100acd3bb9c9d4f3ac993d63f566c7429fde58395451f642d27dfb3c55e42e4b95fcb0acd3a1f160d18d0f263cf30b87fe550abe6db8900d781db64686deb87b7a94155c90e0ffa0273d3b9a95c473dd2e7a78efd302b8e6ec3cfb3c2131f1c307a36bbc148257a9653a3d330ed0e324e78f508e35e6dc5cd43d4dfd1d34cb1293b51254e415ab1b7ec7cf4247d089e1a9f5f3894227ee4ca926d24a59e9b105a31601dcf9a2fdc24686904a023eb60317a2f8fde2cf1cc69331173a93e66391c714209cc8dcdffe377f6973c4716d148a545afd40e7251178c232861297206b3d5fa218d2ace1463e093a34730a27f4f3577826a485618247dbb6cc24829b4ebd67bf90bd629754e79ae6143935b598b2540ef45d6d265ac1ac34107a43745af8e7514ab514898b79a8f44b6b776c98df44c77a3c63e8e1414209f27c46dfe71a1b123ac795fb54bdff15e51a9f84d025ae86f92aeb5ffa2639356ca6fa5d4315840a9cb36dd9a10c6b636f7c69c7531f906077845d94276803f3ce068d0eb7e2dbc1b14dbc49601a1e9b380ea3e378bd1eb42acb6f362bedd98dc36992b28b2c000334c11f351832ea24982993fac278e2af234ff353225b3f1b70a7c2745dac1f262d4d6b867601d15e691d38471d34ed92f447c3258d5db6f5fc377ab8e58781f08545693f99b5119c7d91ec828de928cb23e75f0d7d45a081acd3392fc4131b8d2a3d3ebced5e90e7b5d182a8d418ce591123ba69cd8c8bc72aa3afbaf8694b0ffeec0abd8bc2169730c311580cb5a54b786546fff06220289970911203c2e37ab03d079b7c123e1fcce53d7109c10c625b1c94e06fdd7d9c460f79c894eaf2ea30c2ffeefc93539d2ad37e3cfd117dbd5eeeb9b0ac2f0797b9439ab55d5fd03d442975be75a4773a20b11214fd1cfd8a2f79ddb9c18dc0552206b71f5e1cc27b451bbb1f6d5919741387dd7fd105a4efe6477a0611553e1645ca1b670265e4aeb3b597acc86c88721a418af75bdcfcad5c0419b85aa34fde6b9dd84adac257427719f2ee94451d093dccc16c62eb8b1b42bd33a5d8b0975be66752f22593eb05b4d6e5215403e5fa93eb893c47770c196ff949f5402e75cb8b9c35147ff8495b11fdf3b8913cf60f9bac00c4354cb43850e6012c364e049cb9c7f38c956c67ce1e15468d3df9ac549ba39886156b4b1a2f359e89d347d90a445f808c3e61809d2fbdb3e9c80ab381c58bb5127af8e9e737adf95aa0a8d774176e47c935d462b8727378353a452352f330a03384a2174a79b802570fb7be79a67780f92f082f2841c5653277c093b57fb18b97450c93cb96307bb535a68e762b0de51095650041a354111b028cc89d82bf917e8692d65c231159cf14cc505678975042ea37aebdfb185d89c2694e77dd0f815107f976720de6401edc7dc2e072d07f4c8862febfdc51e25be8c2e52f858a52156b18431e55b83a077c931f5692565fe6d8569d2956cb7fbff7217cded8c3d352596d8b3d92e51381065832f2371654f64bc74d498dba15aad147ea722e965a7165be279bb57d12c3d2ee8b5927d4c35ca930e875476df28be8743f8edbc70854a4fcca91c0da17717653d1ee357536ad7bb608d8d3426b751cb740083728c6548edb2feb2dc96368a75a6dbcc38452b3f6782cc77781438e793dd78b5ee3e89aba2b6a7a44d6a5d51fe55ce9b4e98a207237e6d49e861f78488933b949993ae23203226f205d14bd4a1a1481d12d64fece56d01a85a8dfcf738bf681078abc5d5fd7b1ce37d8d22f0792ce707e942eef6dda64cb9dc8f5bd67e5f1d678404050523d52e4f7465803b116e92ae9a0f1547b5fc706c3fd54f264050539a81d5dbbc3d503f93d6083da6336ffe87cb11ebe14a0a0024795d3b7c6236160bef882b7d1d6d28ff6b15ffe5b68a3d0e98188801550c3ec629aae66c7b8d91f34b1010ac3a55a586e815332aa5e3fcb1b10eb884cee47dc9fc492b8be7c536d8a36396bfa3ffe59ced46e91c31153f9c03ab55bb0e6a94df06456a16253bf09505c1a781f41825c0d160b26d642481bdadf6016fc3ac88a37f8c07ddfc377226579fc05195c2f2e7287d0b0111ffd5b27916260c6a4cb94d2a8924f026d6d17b28150f9a0e59159c297ffdf7721f59cf88873db557f0003839d0b49ef9b483e31fa2b63ec01a60afc098e2b53f66c2ce45d60d5b5527ef63918616a8079b46bea8b1f77f751bbfa181dbc79bec45b7dd0f85037e36292ff118aea4643b1bedcf80e1216b78b22bde897a4a0359903d4413e450b2ac096aed1d90d38c13088296b3b96f398586f19949c922af9d71f6b7594a7d96160dea113de415a64173d188efe6334e5d82beac1b345a900e16e9a83df2c853337797c03e47f4fe9ad9382901aac1b19e8725ecb1328298ffdace6de13b8b3a907b6c9b9ff91f39b05c113d2e3340513c6dc89644f7a46c1a1b1ac979c2767cb1234f260ee0cfd7761183483ede5f14be68fe96e46113999602a30ac15455761ddad08db0616691d4ead5470e1133e06cff944ea29621b3f3c750d27bc1aadabd2d634911b71c6b497bfb5b61f4f92e8d7b1af535dc5ab84a4fb85994f79edcec76c3192f7ed3ff5b54563088d45b00fa530cac7e3a9f1e902222d7116ed7fe12c56b086ee551c86376f7c24818e97487da59de539ecbe5faa6b71ca5c9012436f6f3306f98f063fff10b788c3406bae656a0c1197a8b491640fb9d99dbc87e595da7370957b0bcc62521d9306970e5c15b7602d63d2dab88d7e7d04189ac16bddc4e4e96989efe2590cd1a7ef2e8c68f350255b1d323c41dad0ec34be6b70f35b936c4e070828b3250f3be2c1081197b97c03d6df8fc01ecb5ae87f3949a6e7e534805db4e7839d58797", 0x1000}}, 0x1006) sendfile(r1, r3, 0x0, 0x100001) 1.940472012s ago: executing program 2 (id=2294): sendmsg$TIPC_NL_BEARER_SET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000900)=ANY=[@ANYBLOB="18", @ANYRES16], 0x18}}, 0x0) sendmsg$TIPC_NL_MON_GET(0xffffffffffffffff, 0x0, 0x1) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$tipc2(&(0x7f00000002c0), r1) getsockname$packet(r1, &(0x7f0000000380)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0x0, 0x3755385cad5719e5}}}, 0x24}}, 0x0) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000340), 0x8000, 0x0) close(r3) socketpair$unix(0x1, 0x2, 0x0, 0x0) ioctl$SIOCSIFHWADDR(r3, 0x8914, 0x0) r4 = openat$tun(0xffffffffffffff9c, 0x0, 0x1c1842, 0x0) ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x7101}) r5 = syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0) syz_usb_control_io$hid(r5, 0x0, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000200)={@in6={{0xa, 0x0, 0x0, @remote}}, 0x0, 0x0, 0x4d, 0x0, "8ddbb51a3cfd954e41e8ccb2650fa60067fb9bbcf0feeee4dc036d0675af58b39fa8d54ee8323507a61a95cf134ce8f605671338c7f8838a00bdfba71b43b828c7de258b6b9ca1fc52bcc83e2a016a00"}, 0xd8) bind$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(0xffffffffffffffff, 0x0) 1.940269092s ago: executing program 4 (id=2295): bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x6, 0x5, 0x9f}, 0x48) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='mounts\x00') prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r3 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r3, 0x1, 0x40, &(0x7f0000000000)=0x822, 0x4) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10) open(0x0, 0x0, 0x0) timerfd_create(0x9, 0x0) mount$bind(&(0x7f00000002c0)='.\x00', 0x0, 0x0, 0x101091, 0x0) mount$bind(&(0x7f0000000040)='./file0/../file0\x00', 0x0, 0x0, 0x1217880, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x10, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x1a, 0x3, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000000000000950000200000000009a1f3cd91dfa631dbadeeb3981c21b6d6536425ce4cee7ae6ce9e201c874f87741e2b9e8bf08e2c52340981b96849feb0d8ed84f7a9d8cd79366b14b02aae76f9e1f39b7953c7acf1196db27cbaa0a2e57515864068c3b7f8a54c70e0ff00bab0816550c32ebbbe327af58690bf7ec7b30964d7cbdc1a391dca35bf55b90fc799df8c98db613482013fba748f4f9a92021944958584ca5a8906fe239288"], &(0x7f0000000340)='syzkaller\x00', 0x1, 0xc5, &(0x7f0000000180)=""/197, 0x0, 0x0, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x64}, 0x80) 1.71959ms ago: executing program 0 (id=2296): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="05010000000000107d1e222e00000000000109022400010000000009040000020300020009210000000122020009058103"], 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7030000080000002d010000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x8}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r1], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001c80)={{r1}, &(0x7f0000001c00), &(0x7f0000001c40)=r2}, 0x20) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f00000003c0)={0x2c, &(0x7f0000000080)={0x0, 0x0, 0x4, {0x4, 0x0, "78e4"}}, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000a40)={0x84, &(0x7f0000000200)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 1.15423ms ago: executing program 1 (id=2297): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="05010000000000107d1e222e00000000000109022400010000000009040000020300020009210000000122020009058103"], 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7030000080000002d010000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x8}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000150000001811", @ANYRES32=r1], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f00000003c0)={0x2c, &(0x7f0000000080)={0x0, 0x0, 0x4, {0x4, 0x0, "78e4"}}, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000a40)={0x84, &(0x7f0000000200)=ANY=[@ANYBLOB="000003fe2aff7ce3d025ce42842bc9de3ee3ecea2ffdedf1edb469053b6689003c679a2cf427"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 741.25Āµs ago: executing program 2 (id=2298): mount(0x0, 0x0, 0x0, 0x1000, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="05010000000000107d1e222e00000000000109022400010000000009040000020300020009210000000122020009058103"], 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_usb_control_io(r1, 0x0, 0x0) 0s ago: executing program 4 (id=2299): bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r0}, 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5d, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xb, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r2 = getpid() sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={0x0, 0x50}}, 0x4004000) r5 = socket$tipc(0x1e, 0x5, 0x0) setsockopt$TIPC_GROUP_JOIN(r5, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x0, 0x3}, 0x10) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3f, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) sendmsg$tipc(r5, &(0x7f0000000280)={&(0x7f0000000040), 0x10, 0x0}, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) kernel console output (not intermixed with test programs): 512.567131][ T6] hub 2-1:4.0: hub_hub_status failed (err = -71) [ 512.573572][ T6] hub 2-1:4.0: config failed, can't get hub status (err -71) [ 512.607509][ T6] usb 2-1: USB disconnect, device number 34 [ 512.697101][ T488] usb 1-1: Using ep0 maxpacket: 8 [ 512.817146][ T488] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 512.827901][ T488] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 512.837467][ T488] usb 1-1: New USB device found, idVendor=06a3, idProduct=0ccd, bcdDevice= 0.00 [ 512.846530][ T488] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 512.855225][ T488] usb 1-1: config 0 descriptor?? [ 512.906835][ T4894] EXT4-fs (loop4): unmounting filesystem. [ 513.186030][ T7969] 9pnet_fd: Insufficient options for proto=fd [ 513.447811][ T7973] loop1: detected capacity change from 0 to 256 [ 513.641680][ T488] saitek 0003:06A3:0CCD.0027: unknown main item tag 0x0 [ 513.648602][ T488] saitek 0003:06A3:0CCD.0027: unknown main item tag 0x0 [ 513.655663][ T488] saitek 0003:06A3:0CCD.0027: item fetching failed at offset 2/11 [ 513.667709][ T488] saitek 0003:06A3:0CCD.0027: parse failed [ 513.673437][ T488] saitek: probe of 0003:06A3:0CCD.0027 failed with error -22 [ 514.569860][ T333] usb 1-1: USB disconnect, device number 32 [ 515.287156][ T5149] usb 5-1: new high-speed USB device number 26 using dummy_hcd [ 515.496502][ T8003] loop0: detected capacity change from 0 to 512 [ 515.537104][ T5149] usb 5-1: Using ep0 maxpacket: 32 [ 515.538046][ T8005] loop1: detected capacity change from 0 to 256 [ 515.549056][ T8005] exfat: Bad value for 'uid' [ 515.559012][ T8003] EXT4-fs error (device loop0): __ext4_iget:5046: inode #15: block 1803188595: comm syz.0.1782: invalid block [ 515.571253][ T8003] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz.0.1782: couldn't read orphan inode 15 (err -117) [ 515.583547][ T8003] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 515.592593][ T347] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 515.776238][ T8003] input: syz0 as /devices/virtual/input/input94 [ 515.967180][ T5149] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 515.992629][ T5149] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 516.011612][ T5149] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 516.030968][ T5149] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 516.158826][ T5149] hub 5-1:4.0: USB hub found [ 516.414572][ T8023] fuse: Unknown parameter 'fd0x0000000000000003' [ 516.420913][ T5149] hub 5-1:4.0: 1 port detected [ 516.879820][ T7994] loop4: detected capacity change from 0 to 512 [ 516.912612][ T7994] EXT4-fs (loop4): 1 truncate cleaned up [ 516.922074][ T7994] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 517.037242][ T5149] hub 5-1:4.0: hub_hub_status failed (err = -71) [ 517.043425][ T5149] hub 5-1:4.0: config failed, can't get hub status (err -71) [ 517.087094][ T3407] kmmpd-loop3: attempt to access beyond end of device [ 517.087094][ T3407] loop3: rw=14337, sector=64, nr_sectors = 8 limit=64 [ 517.097406][ T5149] usb 5-1: USB disconnect, device number 26 [ 517.111828][ T3407] Buffer I/O error on dev loop3, logical block 8, lost sync page write [ 517.427674][ T293] EXT4-fs (loop0): unmounting filesystem. [ 517.447217][ T8037] FAULT_INJECTION: forcing a failure. [ 517.447217][ T8037] name failslab, interval 1, probability 0, space 0, times 0 [ 517.461581][ T8037] CPU: 1 PID: 8037 Comm: syz.3.1788 Tainted: G W 6.1.90-syzkaller-00004-g79436849ef1d #0 [ 517.472607][ T8037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 517.482509][ T8037] Call Trace: [ 517.485628][ T8037] [ 517.488422][ T8037] dump_stack_lvl+0x151/0x1b7 [ 517.492920][ T8037] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 517.493825][ T8040] loop0: detected capacity change from 0 to 512 [ 517.498206][ T8037] ? avc_has_perm_noaudit+0x2dd/0x430 [ 517.498241][ T8037] ? avc_has_perm_noaudit+0x348/0x430 [ 517.498269][ T8037] dump_stack+0x15/0x1a [ 517.498296][ T8037] should_fail_ex+0x3d0/0x520 [ 517.498325][ T8037] ? alloc_fs_context+0x65/0x830 [ 517.498347][ T8037] __should_failslab+0xaf/0xf0 [ 517.498369][ T8037] should_failslab+0x9/0x20 [ 517.529040][ T8040] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 517.532703][ T8037] __kmem_cache_alloc_node+0x3d/0x250 [ 517.537312][ T8040] ext4 filesystem being mounted at /344/file0 supports timestamps until 2038 (0x7fffffff) [ 517.545733][ T8037] ? alloc_fs_context+0x65/0x830 [ 517.565428][ T8037] kmalloc_trace+0x2a/0xa0 [ 517.569683][ T8037] alloc_fs_context+0x65/0x830 [ 517.574370][ T8037] ? _raw_read_unlock+0x25/0x40 [ 517.579055][ T8037] ? get_fs_type+0x460/0x4e0 [ 517.583480][ T8037] fs_context_for_mount+0x24/0x30 [ 517.588340][ T8037] do_new_mount+0x15c/0xb30 [ 517.592693][ T8037] ? do_move_mount_old+0x160/0x160 [ 517.597631][ T8037] ? security_capable+0x87/0xb0 [ 517.602318][ T8037] ? ns_capable+0x89/0xe0 [ 517.606481][ T8037] path_mount+0x671/0x1070 [ 517.610746][ T8037] ? user_path_at_empty+0x14e/0x1a0 [ 517.615778][ T8037] __se_sys_mount+0x2c4/0x3b0 [ 517.620284][ T8037] ? __x64_sys_mount+0xd0/0xd0 [ 517.624883][ T8037] ? debug_smp_processor_id+0x17/0x20 [ 517.630090][ T8037] __x64_sys_mount+0xbf/0xd0 [ 517.634518][ T8037] x64_sys_call+0x49d/0x9a0 [ 517.638857][ T8037] do_syscall_64+0x3b/0xb0 [ 517.640471][ T8040] EXT4-fs error (device loop0): ext4_do_update_inode:5212: inode #2: comm syz.0.1790: corrupted inode contents [ 517.643102][ T8037] ? clear_bhb_loop+0x55/0xb0 [ 517.659166][ T8037] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 517.663413][ T8040] EXT4-fs error (device loop0): ext4_dirty_inode:6074: inode #2: comm syz.0.1790: mark_inode_dirty error [ 517.664891][ T8037] RIP: 0033:0x7f73eb7799f9 [ 517.664912][ T8037] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 517.685604][ T8040] EXT4-fs error (device loop0): ext4_do_update_inode:5212: inode #2: comm syz.0.1790: corrupted inode contents [ 517.699608][ T8037] RSP: 002b:00007f73ec606038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 517.699637][ T8037] RAX: ffffffffffffffda RBX: 00007f73eb916058 RCX: 00007f73eb7799f9 [ 517.699652][ T8037] RDX: 0000000020000000 RSI: 0000000020000080 RDI: 0000000000000000 [ 517.699666][ T8037] RBP: 00007f73ec606090 R08: 00000000200005c0 R09: 0000000000000000 [ 517.699680][ T8037] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 517.726876][ T8040] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #2: comm syz.0.1790: mark_inode_dirty error [ 517.727207][ T8037] R13: 0000000000000000 R14: 00007f73eb916058 R15: 00007ffca45dc738 [ 517.727232][ T8037] [ 517.785157][ T4894] EXT4-fs (loop4): unmounting filesystem. [ 518.100636][ T293] EXT4-fs (loop0): unmounting filesystem. [ 518.250031][ T8062] loop1: detected capacity change from 0 to 512 [ 518.256839][ T8062] EXT4-fs: Ignoring removed mblk_io_submit option [ 518.263927][ T8062] EXT4-fs: Ignoring removed i_version option [ 518.273394][ T8062] /dev/loop1: Can't open blockdev [ 518.501082][ T8066] device veth1_macvtap left promiscuous mode [ 518.542819][ T8066] SELinux: Context #! ./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 518.598829][ T8067] loop1: detected capacity change from 0 to 256 [ 518.691804][ T8067] exfat: Deprecated parameter 'namecase' [ 518.697482][ T8067] /dev/loop1: Can't open blockdev [ 518.768063][ T347] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 518.902300][ T8063] loop1: detected capacity change from 0 to 256 [ 519.075967][ T347] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 519.137273][ T488] usb 5-1: new high-speed USB device number 27 using dummy_hcd [ 519.377107][ T488] usb 5-1: Using ep0 maxpacket: 8 [ 519.538227][ T488] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 519.598399][ T488] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 519.631213][ T488] usb 5-1: New USB device found, idVendor=056a, idProduct=00e5, bcdDevice= 0.00 [ 519.718289][ T488] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 519.822383][ T488] usb 5-1: config 0 descriptor?? [ 520.068497][ T8107] loop0: detected capacity change from 0 to 256 [ 520.401528][ T8107] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 520.575039][ T8111] 9pnet_fd: Insufficient options for proto=fd [ 520.640533][ T8113] loop1: detected capacity change from 0 to 1024 [ 520.647278][ T8113] /dev/loop1: Can't open blockdev [ 520.730557][ T488] wacom 0003:056A:00E5.0028: hidraw0: USB HID v0.00 Device [HID 056a:00e5] on usb-dummy_hcd.4-1/input0 [ 522.249819][ T8123] loop0: detected capacity change from 0 to 512 [ 523.525155][ T3407] kmmpd-loop3: attempt to access beyond end of device [ 523.525155][ T3407] loop3: rw=14337, sector=64, nr_sectors = 8 limit=64 [ 523.555028][ T6] usb 5-1: USB disconnect, device number 27 [ 523.622908][ T8128] netlink: 'syz.4.1811': attribute type 1 has an invalid length. [ 523.630709][ T3407] Buffer I/O error on dev loop3, logical block 8, lost sync page write [ 524.841654][ T8149] loop4: detected capacity change from 0 to 256 [ 524.854982][ T8149] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 525.302609][ T8165] netlink: 88 bytes leftover after parsing attributes in process `syz.0.1823'. [ 525.316731][ T8165] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1823'. [ 525.325904][ T8165] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1823'. [ 525.334741][ T8165] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1823'. [ 525.343524][ T8165] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1823'. [ 525.352955][ T8165] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1823'. [ 525.362029][ T8165] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1823'. [ 525.370876][ T8165] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1823'. [ 525.379644][ T8165] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1823'. [ 525.523082][ T8173] FAULT_INJECTION: forcing a failure. [ 525.523082][ T8173] name failslab, interval 1, probability 0, space 0, times 0 [ 525.551858][ T8173] CPU: 1 PID: 8173 Comm: syz.0.1826 Tainted: G W 6.1.90-syzkaller-00004-g79436849ef1d #0 [ 525.562908][ T8173] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 525.572807][ T8173] Call Trace: [ 525.575923][ T8173] [ 525.578701][ T8173] dump_stack_lvl+0x151/0x1b7 [ 525.583221][ T8173] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 525.588508][ T8173] ? _raw_spin_unlock_irqrestore+0x5b/0x80 [ 525.594236][ T8173] ? __wake_up+0x128/0x1c0 [ 525.596765][ T8160] loop4: detected capacity change from 0 to 40427 [ 525.598487][ T8173] ? __wake_up_bit+0x2b0/0x2b0 [ 525.598517][ T8173] dump_stack+0x15/0x1a [ 525.613335][ T8173] should_fail_ex+0x3d0/0x520 [ 525.617848][ T8173] ? ethnl_default_notify+0xab/0x610 [ 525.622964][ T8173] __should_failslab+0xaf/0xf0 [ 525.627568][ T8173] should_failslab+0x9/0x20 [ 525.631904][ T8173] __kmem_cache_alloc_node+0x3d/0x250 [ 525.637113][ T8173] ? __kasan_check_write+0x14/0x20 [ 525.642060][ T8173] ? ethnl_default_notify+0xab/0x610 [ 525.647177][ T8173] __kmalloc+0xa3/0x1e0 [ 525.651171][ T8173] ethnl_default_notify+0xab/0x610 [ 525.656118][ T8173] ? __kasan_check_read+0x11/0x20 [ 525.660980][ T8173] ethtool_notify+0xc1/0x1a0 [ 525.665404][ T8173] ethnl_netdev_event+0x58/0x70 [ 525.670095][ T8173] raw_notifier_call_chain+0x8c/0xf0 [ 525.675213][ T8173] netdev_update_features+0x159/0x1c0 [ 525.680422][ T8173] ? dev_disable_lro+0x1d0/0x1d0 [ 525.685196][ T8173] ? veth_disable_xdp+0x416/0x490 [ 525.690058][ T8173] veth_xdp+0x4fa/0x6b0 [ 525.694048][ T8173] ? veth_set_rx_headroom+0x160/0x160 [ 525.699254][ T8173] bpf_xdp_link_release+0x316/0x4c0 [ 525.704291][ T8173] ? __radix_tree_delete+0x257/0x3a0 [ 525.709414][ T8173] ? __netdev_adjacent_dev_remove+0x460/0x460 [ 525.715315][ T8173] bpf_link_free+0x129/0x3f0 [ 525.719739][ T8173] ? bpf_link_put_deferred+0x20/0x20 [ 525.724861][ T8173] ? bpf_prog_get_stats+0x290/0x290 [ 525.729894][ T8173] bpf_link_release+0x170/0x180 [ 525.734580][ T8173] ? bpf_prog_get_stats+0x290/0x290 [ 525.739615][ T8173] __fput+0x3ab/0x870 [ 525.743442][ T8173] ____fput+0x15/0x20 [ 525.747278][ T8173] task_work_run+0x24d/0x2e0 [ 525.751681][ T8173] ? task_work_cancel+0x2b0/0x2b0 [ 525.756537][ T8173] ? filp_close+0x105/0x150 [ 525.760880][ T8173] exit_to_user_mode_loop+0x94/0xa0 [ 525.765913][ T8173] exit_to_user_mode_prepare+0x5a/0xa0 [ 525.771216][ T8173] syscall_exit_to_user_mode+0x26/0x130 [ 525.776588][ T8173] do_syscall_64+0x47/0xb0 [ 525.780847][ T8173] ? clear_bhb_loop+0x55/0xb0 [ 525.785355][ T8173] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 525.791085][ T8173] RIP: 0033:0x7f2b909799f9 [ 525.795335][ T8173] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 525.814776][ T8173] RSP: 002b:00007f2b91761038 EFLAGS: 00000246 ORIG_RAX: 0000000000000003 [ 525.823022][ T8173] RAX: 0000000000000000 RBX: 00007f2b90b15f80 RCX: 00007f2b909799f9 [ 525.830843][ T8173] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 525.838648][ T8173] RBP: 00007f2b91761090 R08: 0000000000000000 R09: 0000000000000000 [ 525.846460][ T8173] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 525.854268][ T8173] R13: 0000000000000000 R14: 00007f2b90b15f80 R15: 00007ffdcd89f048 [ 525.862089][ T8173] [ 525.883906][ T8180] loop0: detected capacity change from 0 to 128 [ 525.899099][ T8160] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 525.918738][ T8160] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 525.939868][ T347] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 525.950753][ T8180] loop0: detected capacity change from 0 to 128 [ 525.958249][ T8160] F2FS-fs (loop4): invalid crc value [ 526.034054][ T8188] input: syz0 as /devices/virtual/input/input98 [ 526.044891][ T8188] loop1: detected capacity change from 0 to 256 [ 526.402468][ T8160] F2FS-fs (loop4): Found nat_bits in checkpoint [ 526.409186][ T319] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 526.490753][ T8160] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 526.498120][ T8160] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 527.963510][ T8217] loop1: detected capacity change from 0 to 256 [ 529.189929][ T3407] kmmpd-loop3: attempt to access beyond end of device [ 529.189929][ T3407] loop3: rw=14337, sector=64, nr_sectors = 8 limit=64 [ 529.223027][ T3407] Buffer I/O error on dev loop3, logical block 8, lost sync page write [ 530.259477][ T8235] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1837'. [ 530.324084][ T8235] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1837'. [ 530.379433][ T8238] loop0: detected capacity change from 0 to 512 [ 530.875607][ T8238] EXT4-fs error (device loop0): ext4_do_update_inode:5212: inode #3: comm syz.0.1836: corrupted inode contents [ 531.055307][ T8238] EXT4-fs error (device loop0): ext4_dirty_inode:6074: inode #3: comm syz.0.1836: mark_inode_dirty error [ 531.081381][ T8238] EXT4-fs error (device loop0): ext4_do_update_inode:5212: inode #3: comm syz.0.1836: corrupted inode contents [ 531.120149][ T8238] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #3: comm syz.0.1836: mark_inode_dirty error [ 531.424562][ T8238] Quota error (device loop0): write_blk: dquota write failed [ 531.919817][ T8258] input: syz0 as /devices/virtual/input/input99 [ 532.025883][ T8260] loop1: detected capacity change from 0 to 256 [ 532.032700][ T8260] /dev/loop1: Can't open blockdev [ 532.365246][ T8238] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 532.390697][ T8238] EXT4-fs error (device loop0): ext4_acquire_dquot:6764: comm syz.0.1836: Failed to acquire dquot type 0 [ 532.407631][ T8238] EXT4-fs error (device loop0): ext4_do_update_inode:5212: inode #16: comm syz.0.1836: corrupted inode contents [ 532.441828][ T8238] EXT4-fs error (device loop0): ext4_dirty_inode:6074: inode #16: comm syz.0.1836: mark_inode_dirty error [ 532.472204][ T8238] EXT4-fs error (device loop0): ext4_do_update_inode:5212: inode #16: comm syz.0.1836: corrupted inode contents [ 532.524648][ T8238] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #16: comm syz.0.1836: mark_inode_dirty error [ 532.536269][ T8238] EXT4-fs error (device loop0): ext4_do_update_inode:5212: inode #16: comm syz.0.1836: corrupted inode contents [ 532.549528][ T8238] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem [ 532.562722][ T8238] EXT4-fs error (device loop0): ext4_do_update_inode:5212: inode #16: comm syz.0.1836: corrupted inode contents [ 532.574901][ T8238] EXT4-fs error (device loop0): ext4_truncate:4302: inode #16: comm syz.0.1836: mark_inode_dirty error [ 532.586706][ T8238] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem [ 532.597927][ T8238] EXT4-fs (loop0): 1 truncate cleaned up [ 532.603491][ T8238] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 532.614652][ T8238] ext4 filesystem being mounted at /357/file1 supports timestamps until 2038 (0x7fffffff) [ 533.031707][ T8275] loop4: detected capacity change from 0 to 256 [ 533.077822][ T8275] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 533.117246][ T5150] usb 3-1: new high-speed USB device number 49 using dummy_hcd [ 533.353927][ T8238] syz.0.1836 (8238) used greatest stack depth: 19120 bytes left [ 533.375656][ T293] EXT4-fs (loop0): unmounting filesystem. [ 533.470508][ T8283] loop1: detected capacity change from 0 to 1024 [ 533.477221][ T8283] /dev/loop1: Can't open blockdev [ 533.553990][ T5150] usb 3-1: Using ep0 maxpacket: 8 [ 533.561599][ T8285] loop0: detected capacity change from 0 to 512 [ 533.687885][ T5150] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 533.792792][ T5150] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 533.794184][ T8285] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 533.811379][ T8285] ext4 filesystem being mounted at /358/file0 supports timestamps until 2038 (0x7fffffff) [ 533.825003][ T8285] EXT4-fs error (device loop0): ext4_do_update_inode:5212: inode #2: comm syz.0.1849: corrupted inode contents [ 533.836897][ T8285] EXT4-fs error (device loop0): ext4_dirty_inode:6074: inode #2: comm syz.0.1849: mark_inode_dirty error [ 533.848292][ T8285] EXT4-fs error (device loop0): ext4_do_update_inode:5212: inode #2: comm syz.0.1849: corrupted inode contents [ 533.860302][ T8285] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #2: comm syz.0.1849: mark_inode_dirty error [ 533.927690][ T5150] usb 3-1: New USB device found, idVendor=06a3, idProduct=0ccd, bcdDevice= 0.00 [ 534.013620][ T5150] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 534.055793][ T5150] usb 3-1: config 0 descriptor?? [ 534.228882][ T3407] kmmpd-loop3: attempt to access beyond end of device [ 534.228882][ T3407] loop3: rw=14337, sector=64, nr_sectors = 8 limit=64 [ 534.244568][ T3407] Buffer I/O error on dev loop3, logical block 8, lost sync page write [ 534.269014][ T3407] EXT4-fs error (device loop3): kmmpd:186: comm kmmpd-loop3: Error writing to MMP block [ 534.414393][ T293] EXT4-fs (loop0): unmounting filesystem. [ 534.448697][ T8303] loop0: detected capacity change from 0 to 16 [ 535.170552][ T8307] loop4: detected capacity change from 0 to 256 [ 535.216652][ T8307] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 535.247559][ T8303] erofs: (device loop0): mounted with root inode @ nid 36. [ 537.143205][ T8322] loop4: detected capacity change from 0 to 512 [ 537.189099][ T8322] EXT4-fs (loop4): 1 orphan inode deleted [ 537.198309][ T8322] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 537.218326][ T8322] ext4 filesystem being mounted at /153/file1 supports timestamps until 2038 (0x7fffffff) [ 537.720716][ T8322] tipc: Started in network mode [ 537.725424][ T8322] tipc: Node identity 2007ff, cluster identity 4711 [ 537.731872][ T8322] tipc: Node number set to 2099199 [ 537.793328][ T8334] loop0: detected capacity change from 0 to 256 [ 537.804875][ T8334] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 537.817133][ T5150] usbhid 3-1:0.0: can't add hid device: -71 [ 537.822997][ T5150] usbhid: probe of 3-1:0.0 failed with error -71 [ 537.830252][ T5150] usb 3-1: USB disconnect, device number 49 [ 538.448223][ T4894] EXT4-fs (loop4): unmounting filesystem. [ 539.509981][ T3407] kmmpd-loop3: attempt to access beyond end of device [ 539.509981][ T3407] loop3: rw=14337, sector=64, nr_sectors = 8 limit=64 [ 539.553044][ T8367] loop0: detected capacity change from 0 to 512 [ 539.560447][ T28] audit: type=1400 audit(1857709578.453:532): avc: denied { setattr } for pid=8364 comm="syz.1.1869" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 539.601783][ T3407] Buffer I/O error on dev loop3, logical block 8, lost sync page write [ 539.698465][ T8367] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 539.717175][ T8367] ext4 filesystem being mounted at /363/file0 supports timestamps until 2038 (0x7fffffff) [ 539.858906][ T8367] EXT4-fs error (device loop0): ext4_do_update_inode:5212: inode #2: comm syz.0.1868: corrupted inode contents [ 539.877845][ T8367] EXT4-fs error (device loop0): ext4_dirty_inode:6074: inode #2: comm syz.0.1868: mark_inode_dirty error [ 539.885024][ T8361] loop4: detected capacity change from 0 to 40427 [ 539.909687][ T8367] EXT4-fs error (device loop0): ext4_do_update_inode:5212: inode #2: comm syz.0.1868: corrupted inode contents [ 539.939965][ T8367] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #2: comm syz.0.1868: mark_inode_dirty error [ 540.120610][ T8379] loop4: detected capacity change from 0 to 128 [ 540.964290][ T293] EXT4-fs (loop0): unmounting filesystem. [ 541.800986][ T8374] loop1: detected capacity change from 0 to 40427 [ 541.981972][ T8386] loop0: detected capacity change from 0 to 40427 [ 542.017506][ T8386] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(2) root(0) [ 542.034642][ T8386] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 542.050285][ T8386] F2FS-fs (loop0): invalid crc value [ 542.061350][ T8402] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1547 sclass=netlink_route_socket pid=8402 comm=syz.2.1878 [ 542.621250][ T8386] F2FS-fs (loop0): Found nat_bits in checkpoint [ 542.629205][ T8402] xt_CT: You must specify a L4 protocol and not use inversions on it [ 542.707118][ T28] audit: type=1400 audit(1857709581.553:533): avc: denied { write } for pid=8401 comm="syz.2.1878" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 542.974332][ T8416] input: syz0 as /devices/virtual/input/input100 [ 542.985492][ T28] audit: type=1400 audit(1857709581.553:534): avc: denied { nlmsg_read } for pid=8401 comm="syz.2.1878" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 543.088453][ T8413] loop1: detected capacity change from 0 to 256 [ 543.338010][ T8386] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 543.360557][ T8386] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 543.528601][ T8412] loop4: detected capacity change from 0 to 40427 [ 543.843159][ T293] syz-executor: attempt to access beyond end of device [ 543.843159][ T293] loop0: rw=0, sector=45064, nr_sectors = 8 limit=40427 [ 543.917448][ T8434] loop4: detected capacity change from 0 to 128 [ 544.206500][ T8435] device pim6reg1 entered promiscuous mode [ 544.527169][ T3407] kmmpd-loop3: attempt to access beyond end of device [ 544.527169][ T3407] loop3: rw=14337, sector=64, nr_sectors = 8 limit=64 [ 544.540952][ T3407] Buffer I/O error on dev loop3, logical block 8, lost sync page write [ 544.557765][ T8449] loop4: detected capacity change from 0 to 128 [ 544.577893][ T347] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 544.579821][ T8449] loop4: detected capacity change from 0 to 128 [ 544.924510][ T8447] bridge0: port 1(bridge_slave_0) entered blocking state [ 545.004032][ T8447] bridge0: port 1(bridge_slave_0) entered disabled state [ 545.012750][ T8447] device bridge_slave_0 entered promiscuous mode [ 545.019379][ T8464] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 545.028795][ T8464] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 545.055406][ T8447] bridge0: port 2(bridge_slave_1) entered blocking state [ 545.064753][ T8447] bridge0: port 2(bridge_slave_1) entered disabled state [ 545.075924][ T8447] device bridge_slave_1 entered promiscuous mode [ 545.112403][ T8465] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 545.127277][ T7293] device bridge_slave_1 left promiscuous mode [ 545.133737][ T8465] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 545.141905][ T7293] bridge0: port 2(bridge_slave_1) entered disabled state [ 545.149584][ T7293] device bridge_slave_0 left promiscuous mode [ 545.155664][ T7293] bridge0: port 1(bridge_slave_0) entered disabled state [ 545.165544][ T7293] device veth1_macvtap left promiscuous mode [ 545.287092][ T703] usb 3-1: new high-speed USB device number 50 using dummy_hcd [ 545.358096][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 545.366754][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 545.383100][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 545.429026][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 545.437391][ T6] bridge0: port 1(bridge_slave_0) entered blocking state [ 545.444233][ T6] bridge0: port 1(bridge_slave_0) entered forwarding state [ 545.451783][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 545.460052][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 545.468961][ T6] bridge0: port 2(bridge_slave_1) entered blocking state [ 545.475813][ T6] bridge0: port 2(bridge_slave_1) entered forwarding state [ 545.496562][ T8470] loop4: detected capacity change from 0 to 512 [ 545.504880][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 545.507498][ T8470] EXT4-fs: Ignoring removed mblk_io_submit option [ 545.514748][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 545.519004][ T8470] EXT4-fs: Ignoring removed nobh option [ 545.526742][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 545.531813][ T8470] ext4: Unknown parameter 'appraise_type' [ 545.552471][ T8447] device veth0_vlan entered promiscuous mode [ 545.571295][ T5149] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 545.587522][ T5149] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 545.597143][ T703] usb 3-1: Using ep0 maxpacket: 16 [ 545.598210][ T5149] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 545.625759][ T5149] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 545.642867][ T8447] device veth1_macvtap entered promiscuous mode [ 545.651659][ T5149] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 545.670503][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 545.679132][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 545.724585][ T8474] loop0: detected capacity change from 0 to 128 [ 545.757114][ T703] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 545.767462][ T703] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 546.267426][ T703] usb 3-1: New USB device found, idVendor=0582, idProduct=0005, bcdDevice= 0.88 [ 546.340561][ T703] usb 3-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3 [ 546.417796][ T703] usb 3-1: Product: syz [ 546.455520][ T703] usb 3-1: SerialNumber: syz [ 546.541631][ T703] usb 3-1: config 0 descriptor?? [ 546.631664][ T8484] loop1: detected capacity change from 0 to 16 [ 546.638469][ T8484] /dev/loop1: Can't open blockdev [ 546.709834][ T8490] loop4: detected capacity change from 0 to 512 [ 547.405431][ T8490] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 547.503102][ T8502] loop1: detected capacity change from 0 to 256 [ 547.509695][ T8502] /dev/loop1: Can't open blockdev [ 547.530489][ T8490] ext4 filesystem being mounted at /159/file0 supports timestamps until 2038 (0x7fffffff) [ 547.661586][ T8504] input: syz0 as /devices/virtual/input/input101 [ 548.090920][ T333] usb 3-1: USB disconnect, device number 50 [ 548.131132][ T8490] EXT4-fs error (device loop4): ext4_do_update_inode:5212: inode #2: comm syz.4.1901: corrupted inode contents [ 548.162470][ T8490] EXT4-fs error (device loop4): ext4_dirty_inode:6074: inode #2: comm syz.4.1901: mark_inode_dirty error [ 548.227473][ T8487] loop0: detected capacity change from 0 to 40427 [ 548.235395][ T8490] EXT4-fs error (device loop4): ext4_do_update_inode:5212: inode #2: comm syz.4.1901: corrupted inode contents [ 548.255209][ T8509] loop1: detected capacity change from 0 to 512 [ 548.265236][ T8509] EXT4-fs: Ignoring removed mblk_io_submit option [ 548.271765][ T8509] EXT4-fs: Ignoring removed i_version option [ 548.281876][ T8509] /dev/loop1: Can't open blockdev [ 548.290918][ T8490] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #2: comm syz.4.1901: mark_inode_dirty error [ 548.415652][ T347] I/O error, dev loop0, sector 40192 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 548.568586][ T8518] loop1: detected capacity change from 0 to 256 [ 548.996108][ T8518] exfat: Deprecated parameter 'namecase' [ 549.003258][ T8518] /dev/loop1: Can't open blockdev [ 549.303670][ T8518] loop1: detected capacity change from 0 to 256 [ 549.339827][ T8526] loop0: detected capacity change from 0 to 128 [ 549.410111][ T4894] EXT4-fs (loop4): unmounting filesystem. [ 549.460241][ T347] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 550.136319][ T3407] kmmpd-loop3: attempt to access beyond end of device [ 550.136319][ T3407] loop3: rw=14337, sector=64, nr_sectors = 8 limit=64 [ 550.166386][ T3407] Buffer I/O error on dev loop3, logical block 8, lost sync page write [ 550.580710][ T8542] FAULT_INJECTION: forcing a failure. [ 550.580710][ T8542] name failslab, interval 1, probability 0, space 0, times 0 [ 550.593720][ T8542] CPU: 0 PID: 8542 Comm: syz.2.1912 Tainted: G W 6.1.90-syzkaller-00004-g79436849ef1d #0 [ 550.604739][ T8542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 550.614647][ T8542] Call Trace: [ 550.617749][ T8542] [ 550.620528][ T8542] dump_stack_lvl+0x151/0x1b7 [ 550.625043][ T8542] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 550.630338][ T8542] dump_stack+0x15/0x1a [ 550.634328][ T8542] should_fail_ex+0x3d0/0x520 [ 550.638841][ T8542] ? vm_area_dup+0x65/0x290 [ 550.643181][ T8542] __should_failslab+0xaf/0xf0 [ 550.647784][ T8542] should_failslab+0x9/0x20 [ 550.652121][ T8542] kmem_cache_alloc+0x3b/0x2c0 [ 550.656724][ T8542] vm_area_dup+0x65/0x290 [ 550.660887][ T8542] __split_vma+0x1c0/0x8e0 [ 550.665140][ T8542] ? kstrtoull+0x1cd/0x2e0 [ 550.669396][ T8542] do_mas_align_munmap+0x3bf/0x1400 [ 550.674426][ T8542] ? putname+0xfa/0x150 [ 550.678419][ T8542] ? kstrtouint+0xf6/0x180 [ 550.682670][ T8542] ? kasan_save_free_info+0x2b/0x40 [ 550.687710][ T8542] ? _kstrtol+0x150/0x150 [ 550.691871][ T8542] ? do_mas_munmap+0x2b0/0x2b0 [ 550.696480][ T8542] ? mas_find+0x4e4/0x520 [ 550.700639][ T8542] do_mas_munmap+0x23e/0x2b0 [ 550.705067][ T8542] do_munmap+0x181/0x1d0 [ 550.709143][ T8542] ? do_mas_align_munmap+0x1400/0x1400 [ 550.714442][ T8542] ? __kasan_slab_free+0x11/0x20 [ 550.719214][ T8542] __se_sys_mremap+0xda3/0x16b0 [ 550.723902][ T8542] ? __x64_sys_mremap+0xd0/0xd0 [ 550.728585][ T8542] ? fput+0x15b/0x1b0 [ 550.732407][ T8542] ? __ia32_sys_read+0x90/0x90 [ 550.737007][ T8542] ? debug_smp_processor_id+0x17/0x20 [ 550.742213][ T8542] __x64_sys_mremap+0xbf/0xd0 [ 550.746726][ T8542] x64_sys_call+0xd7/0x9a0 [ 550.750978][ T8542] do_syscall_64+0x3b/0xb0 [ 550.755232][ T8542] ? clear_bhb_loop+0x55/0xb0 [ 550.759746][ T8542] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 550.765471][ T8542] RIP: 0033:0x7ff5499799f9 [ 550.769728][ T8542] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 550.789166][ T8542] RSP: 002b:00007ff54a775038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 550.797413][ T8542] RAX: ffffffffffffffda RBX: 00007ff549b15f80 RCX: 00007ff5499799f9 [ 550.805229][ T8542] RDX: 0000000000400000 RSI: 0000000000002000 RDI: 0000000020097000 [ 550.813036][ T8542] RBP: 00007ff54a775090 R08: 0000000020bff000 R09: 0000000000000000 [ 550.820848][ T8542] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001 [ 550.828657][ T8542] R13: 0000000000000000 R14: 00007ff549b15f80 R15: 00007ffc0c7ac928 [ 550.836474][ T8542] [ 551.709386][ T8556] input: syz0 as /devices/virtual/input/input102 [ 552.087087][ T314] usb 5-1: new high-speed USB device number 28 using dummy_hcd [ 552.231986][ T8552] loop0: detected capacity change from 0 to 40427 [ 552.238847][ T8552] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 552.246745][ T8552] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 552.256545][ T8552] F2FS-fs (loop0): invalid crc value [ 552.264006][ T8552] F2FS-fs (loop0): Found nat_bits in checkpoint [ 552.560061][ T8568] loop1: detected capacity change from 0 to 256 [ 552.570855][ T8568] /dev/loop1: Can't open blockdev [ 552.757081][ T314] usb 5-1: Using ep0 maxpacket: 16 [ 552.776328][ T8572] loop4: detected capacity change from 0 to 16 [ 552.800189][ T8572] erofs: (device loop4): mounted with root inode @ nid 36. [ 552.809575][ T8552] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 552.816504][ T8552] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 552.824198][ T314] usb 5-1: device descriptor read/all, error -71 [ 552.886304][ T8578] loop4: detected capacity change from 0 to 1024 [ 552.894393][ T8578] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 553.235196][ T8574] input: syz0 as /devices/virtual/input/input103 [ 553.257604][ T8578] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 553.397271][ T341] usb 1-1: new high-speed USB device number 33 using dummy_hcd [ 553.753489][ T8589] loop1: detected capacity change from 0 to 40427 [ 553.877484][ T341] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 553.998646][ T341] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 554.084372][ T341] usb 1-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00 [ 554.117062][ T341] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 554.151218][ T341] usb 1-1: config 0 descriptor?? [ 554.214113][ T4894] EXT4-fs (loop4): unmounting filesystem. [ 554.259633][ T8603] loop1: detected capacity change from 0 to 128 [ 554.291993][ T347] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 554.457222][ T488] usb 3-1: new high-speed USB device number 51 using dummy_hcd [ 554.604381][ T8611] input: syz0 as /devices/virtual/input/input104 [ 554.673688][ T8612] loop1: detected capacity change from 0 to 256 [ 555.062764][ T319] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 555.076205][ T341] hid-steam 0003:28DE:1142.0029: : USB HID v0.40 Device [HID 28de:1142] on usb-dummy_hcd.0-1/input0 [ 555.111103][ T8617] loop4: detected capacity change from 0 to 512 [ 555.117687][ T8617] ext4: Bad value for 'inode_readahead_blks' [ 555.155527][ T341] hid-steam 0003:28DE:1142.002A: hidraw0: USB HID v0.40 Device [HID 28de:1142] on usb-dummy_hcd.0-1/input0 [ 555.167190][ T3407] kmmpd-loop3: attempt to access beyond end of device [ 555.167190][ T3407] loop3: rw=14337, sector=64, nr_sectors = 8 limit=64 [ 555.181237][ T3407] Buffer I/O error on dev loop3, logical block 8, lost sync page write [ 555.182098][ T347] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 555.267585][ T341] hid-steam 0003:28DE:1142.0029: Steam wireless receiver connected [ 555.338052][ T8620] input: syz0 as /devices/virtual/input/input105 [ 555.757139][ T488] usb 3-1: device descriptor read/64, error -71 [ 555.781293][ T8552] syz.0.1914: attempt to access beyond end of device [ 555.781293][ T8552] loop0: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 555.798020][ T8552] syz.0.1914: attempt to access beyond end of device [ 555.798020][ T8552] loop0: rw=34817, sector=77824, nr_sectors = 848 limit=40427 [ 555.816239][ T2310] usb 1-1: USB disconnect, device number 33 [ 555.835067][ T2310] hid-steam 0003:28DE:1142.0029: Steam wireless receiver disconnected [ 555.931553][ T8627] 9pnet_fd: Insufficient options for proto=fd [ 555.977487][ T8629] FAULT_INJECTION: forcing a failure. [ 555.977487][ T8629] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 555.991023][ T8629] CPU: 1 PID: 8629 Comm: syz.3.1932 Tainted: G W 6.1.90-syzkaller-00004-g79436849ef1d #0 [ 556.002068][ T8629] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 556.011948][ T8629] Call Trace: [ 556.015067][ T8629] [ 556.017851][ T8629] dump_stack_lvl+0x151/0x1b7 [ 556.022361][ T8629] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 556.027656][ T8629] ? _kstrtol+0x150/0x150 [ 556.031822][ T8629] ? avc_has_perm_noaudit+0x348/0x430 [ 556.037262][ T8629] dump_stack+0x15/0x1a [ 556.041245][ T8629] should_fail_ex+0x3d0/0x520 [ 556.045760][ T8629] should_fail+0xb/0x10 [ 556.049752][ T8629] should_fail_usercopy+0x1a/0x20 [ 556.054610][ T8629] strncpy_from_user+0x24/0x2b0 [ 556.059298][ T8629] bpf_prog_load+0x1fb/0x1bf0 [ 556.063818][ T8629] ? map_freeze+0x3a0/0x3a0 [ 556.068154][ T8629] ? selinux_bpf+0xcb/0x100 [ 556.072590][ T8629] ? security_bpf+0x82/0xb0 [ 556.076927][ T8629] __sys_bpf+0x52c/0x7f0 [ 556.081011][ T8629] ? bpf_link_show_fdinfo+0x2d0/0x2d0 [ 556.086224][ T8629] ? bpf_trace_run1+0x240/0x240 [ 556.090902][ T8629] ? __ia32_sys_read+0x90/0x90 [ 556.095502][ T8629] __x64_sys_bpf+0x7c/0x90 [ 556.099755][ T8629] x64_sys_call+0x87f/0x9a0 [ 556.104089][ T8629] do_syscall_64+0x3b/0xb0 [ 556.108347][ T8629] ? clear_bhb_loop+0x55/0xb0 [ 556.112860][ T8629] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 556.118582][ T8629] RIP: 0033:0x7f73eb7799f9 [ 556.122858][ T8629] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 556.142364][ T8629] RSP: 002b:00007f73ec627038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 556.150609][ T8629] RAX: ffffffffffffffda RBX: 00007f73eb915f80 RCX: 00007f73eb7799f9 [ 556.157080][ T488] usb 3-1: device descriptor read/64, error -71 [ 556.158420][ T8629] RDX: 0000000000000048 RSI: 00000000200054c0 RDI: 0000000000000005 [ 556.172311][ T8629] RBP: 00007f73ec627090 R08: 0000000000000000 R09: 0000000000000000 [ 556.180117][ T8629] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 556.187929][ T8629] R13: 0000000000000001 R14: 00007f73eb915f80 R15: 00007ffca45dc738 [ 556.195750][ T8629] [ 556.297085][ T314] usb 5-1: new high-speed USB device number 30 using dummy_hcd [ 556.427085][ T488] usb 3-1: new high-speed USB device number 52 using dummy_hcd [ 556.614128][ T7288] kworker/u4:32: attempt to access beyond end of device [ 556.614128][ T7288] loop0: rw=1, sector=45104, nr_sectors = 8 limit=40427 [ 556.667181][ T314] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 556.688285][ T314] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 556.701732][ T488] usb 3-1: device descriptor read/64, error -71 [ 556.710017][ T314] usb 5-1: New USB device found, idVendor=0419, idProduct=0600, bcdDevice= 0.00 [ 556.719249][ T314] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 556.727986][ T314] usb 5-1: config 0 descriptor?? [ 557.214353][ T28] audit: type=1400 audit(1857709596.103:535): avc: denied { create } for pid=8630 comm="syz.4.1933" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:fusefs_t tclass=chr_file permissive=1 [ 557.237274][ T488] usb 3-1: device descriptor read/64, error -71 [ 557.249693][ T8631] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 557.267559][ T8631] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 557.339320][ T8657] FAULT_INJECTION: forcing a failure. [ 557.339320][ T8657] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 557.367464][ T488] usb usb3-port1: attempt power cycle [ 557.367606][ T8657] CPU: 1 PID: 8657 Comm: syz.2.1938 Tainted: G W 6.1.90-syzkaller-00004-g79436849ef1d #0 [ 557.383811][ T8657] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 557.387151][ T314] usbhid 5-1:0.0: can't add hid device: -71 [ 557.393699][ T8657] Call Trace: [ 557.393708][ T8657] [ 557.393717][ T8657] dump_stack_lvl+0x151/0x1b7 [ 557.406604][ T314] usbhid: probe of 5-1:0.0 failed with error -71 [ 557.409849][ T8657] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 557.409912][ T8657] dump_stack+0x15/0x1a [ 557.409940][ T8657] should_fail_ex+0x3d0/0x520 [ 557.409970][ T8657] should_fail+0xb/0x10 [ 557.409996][ T8657] should_fail_usercopy+0x1a/0x20 [ 557.410024][ T8657] _copy_to_user+0x1e/0x90 [ 557.410049][ T8657] do_ipv6_getsockopt+0x16bb/0x32b0 [ 557.410075][ T8657] ? ipv6_setsockopt+0x1a0/0x1a0 [ 557.410098][ T8657] ? kstrtouint+0xf6/0x180 [ 557.410124][ T8657] ? _kstrtol+0x150/0x150 [ 557.410150][ T8657] ? avc_has_perm_noaudit+0x348/0x430 [ 557.410179][ T8657] ? memcpy+0x56/0x70 [ 557.430687][ T314] usb 5-1: USB disconnect, device number 30 [ 557.434091][ T8657] ? avc_has_perm_noaudit+0x2dd/0x430 [ 557.481395][ T8657] ? avc_denied+0x1b0/0x1b0 [ 557.485734][ T8657] ? avc_has_perm+0x16f/0x260 [ 557.490246][ T8657] ipv6_getsockopt+0x104/0x350 [ 557.494845][ T8657] ? ipv6_getsockopt_sticky+0x1a0/0x1a0 [ 557.500232][ T8657] ? selinux_socket_getsockopt+0x243/0x340 [ 557.505873][ T8657] rawv6_getsockopt+0x282/0x5b0 [ 557.510566][ T8657] ? rawv6_setsockopt+0x750/0x750 [ 557.515424][ T8657] sock_common_getsockopt+0x99/0xb0 [ 557.520451][ T8657] ? sock_recv_errqueue+0x4c0/0x4c0 [ 557.525487][ T8657] __sys_getsockopt+0x290/0x560 [ 557.530177][ T8657] __x64_sys_getsockopt+0xbf/0xd0 [ 557.535032][ T8657] x64_sys_call+0x1a9/0x9a0 [ 557.539376][ T8657] do_syscall_64+0x3b/0xb0 [ 557.543624][ T8657] ? clear_bhb_loop+0x55/0xb0 [ 557.548141][ T8657] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 557.553871][ T8657] RIP: 0033:0x7ff5499799f9 [ 557.558124][ T8657] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 557.577561][ T8657] RSP: 002b:00007ff54a775038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 557.585806][ T8657] RAX: ffffffffffffffda RBX: 00007ff549b15f80 RCX: 00007ff5499799f9 [ 557.593625][ T8657] RDX: 0000000000000018 RSI: 0000000000000029 RDI: 0000000000000003 [ 557.601435][ T8657] RBP: 00007ff54a775090 R08: 0000000020000080 R09: 0000000000000000 [ 557.609236][ T8657] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 557.617052][ T8657] R13: 0000000000000000 R14: 00007ff549b15f80 R15: 00007ffc0c7ac928 [ 557.624882][ T8657] [ 557.738246][ T8662] input: syz0 as /devices/virtual/input/input106 [ 558.422210][ T8670] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1942'. [ 558.514989][ T28] audit: type=1400 audit(1857709597.403:536): avc: denied { sys_ptrace } for pid=8673 comm="syz.2.1943" capability=19 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1 [ 558.537199][ T333] usb 1-1: new high-speed USB device number 34 using dummy_hcd [ 558.594452][ T8676] input: syz0 as /devices/virtual/input/input107 [ 558.645840][ T8676] loop1: detected capacity change from 0 to 256 [ 558.798874][ T8678] FAULT_INJECTION: forcing a failure. [ 558.798874][ T8678] name failslab, interval 1, probability 0, space 0, times 0 [ 558.811986][ T8678] CPU: 1 PID: 8678 Comm: syz.2.1944 Tainted: G W 6.1.90-syzkaller-00004-g79436849ef1d #0 [ 558.823048][ T8678] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 558.832907][ T8678] Call Trace: [ 558.836028][ T8678] [ 558.838804][ T8678] dump_stack_lvl+0x151/0x1b7 [ 558.843319][ T8678] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 558.848621][ T8678] dump_stack+0x15/0x1a [ 558.852606][ T8678] should_fail_ex+0x3d0/0x520 [ 558.857120][ T8678] ? alloc_fs_context+0x65/0x830 [ 558.861892][ T8678] __should_failslab+0xaf/0xf0 [ 558.866496][ T8678] should_failslab+0x9/0x20 [ 558.870833][ T8678] __kmem_cache_alloc_node+0x3d/0x250 [ 558.876040][ T8678] ? alloc_fs_context+0x65/0x830 [ 558.880812][ T8678] kmalloc_trace+0x2a/0xa0 [ 558.885067][ T8678] alloc_fs_context+0x65/0x830 [ 558.889666][ T8678] ? _raw_read_unlock+0x38/0x40 [ 558.894351][ T8678] ? get_fs_type+0x460/0x4e0 [ 558.898779][ T8678] fs_context_for_mount+0x24/0x30 [ 558.903639][ T8678] do_new_mount+0x15c/0xb30 [ 558.907989][ T8678] ? do_move_mount_old+0x160/0x160 [ 558.912928][ T8678] ? path_mount+0x659/0x1070 [ 558.917362][ T8678] path_mount+0x671/0x1070 [ 558.921609][ T8678] ? user_path_at_empty+0x14e/0x1a0 [ 558.926646][ T8678] __se_sys_mount+0x2c4/0x3b0 [ 558.931154][ T8678] ? __x64_sys_mount+0xd0/0xd0 [ 558.935759][ T8678] __x64_sys_mount+0xbf/0xd0 [ 558.940182][ T8678] x64_sys_call+0x49d/0x9a0 [ 558.944518][ T8678] do_syscall_64+0x3b/0xb0 [ 558.948773][ T8678] ? clear_bhb_loop+0x55/0xb0 [ 558.953285][ T8678] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 558.959011][ T8678] RIP: 0033:0x7ff5499799f9 [ 558.963266][ T8678] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 558.982711][ T8678] RSP: 002b:00007ff54a775038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 558.990982][ T8678] RAX: ffffffffffffffda RBX: 00007ff549b15f80 RCX: 00007ff5499799f9 [ 558.998770][ T8678] RDX: 0000000020000b80 RSI: 0000000020000040 RDI: 0000000000000000 [ 559.006576][ T8678] RBP: 00007ff54a775090 R08: 0000000020000580 R09: 0000000000000000 [ 559.014386][ T8678] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 559.022198][ T8678] R13: 0000000000000000 R14: 00007ff549b15f80 R15: 00007ffc0c7ac928 [ 559.030018][ T8678] [ 559.137189][ T333] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 559.167539][ T333] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 559.178572][ T333] usb 1-1: New USB device found, idVendor=0419, idProduct=0600, bcdDevice= 0.00 [ 559.187940][ T333] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 559.204952][ T8682] loop4: detected capacity change from 0 to 40427 [ 559.214298][ T8682] F2FS-fs (loop4): invalid crc value [ 559.225604][ T8682] F2FS-fs (loop4): Found nat_bits in checkpoint [ 559.284410][ T8682] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 559.300836][ T333] usb 1-1: config 0 descriptor?? [ 559.329727][ T4894] syz-executor: attempt to access beyond end of device [ 559.329727][ T4894] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 560.169638][ T8693] loop1: detected capacity change from 0 to 40427 [ 560.207268][ T3407] kmmpd-loop3: attempt to access beyond end of device [ 560.207268][ T3407] loop3: rw=14337, sector=64, nr_sectors = 8 limit=64 [ 560.228916][ T3407] Buffer I/O error on dev loop3, logical block 8, lost sync page write [ 560.931603][ T6] usb 3-1: new high-speed USB device number 54 using dummy_hcd [ 561.010903][ T8708] loop4: detected capacity change from 0 to 256 [ 561.068197][ T8708] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 561.099493][ T8708] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe622a5da, utbl_chksum : 0xe619d30d) [ 561.250644][ T8707] incfs: Backing dir is not set, filesystem can't be mounted. [ 561.258472][ T8707] incfs: mount failed -2 [ 561.274208][ T8713] loop0: detected capacity change from 0 to 128 [ 561.357784][ T333] usbhid 1-1:0.0: can't add hid device: -71 [ 561.363817][ T333] usbhid: probe of 1-1:0.0 failed with error -71 [ 561.371968][ T333] usb 1-1: USB disconnect, device number 34 [ 561.771410][ T8720] loop4: detected capacity change from 0 to 16 [ 561.777928][ T8718] loop1: detected capacity change from 0 to 1024 [ 561.787537][ T8718] /dev/loop1: Can't open blockdev [ 561.788849][ T8720] erofs: (device loop4): mounted with root inode @ nid 36. [ 561.807284][ T6] usb 3-1: device descriptor read/64, error -71 [ 561.815539][ T347] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 561.939836][ T8725] bridge0: port 1(bridge_slave_0) entered blocking state [ 561.947294][ T8731] FAULT_INJECTION: forcing a failure. [ 561.947294][ T8731] name failslab, interval 1, probability 0, space 0, times 0 [ 561.957073][ T8725] bridge0: port 1(bridge_slave_0) entered disabled state [ 561.959936][ T8731] CPU: 0 PID: 8731 Comm: syz.4.1960 Tainted: G W 6.1.90-syzkaller-00004-g79436849ef1d #0 [ 561.967242][ T8725] device bridge_slave_0 entered promiscuous mode [ 561.977587][ T8731] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 561.977603][ T8731] Call Trace: [ 561.977610][ T8731] [ 561.977617][ T8731] dump_stack_lvl+0x151/0x1b7 [ 562.004167][ T8731] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 562.009476][ T8731] dump_stack+0x15/0x1a [ 562.013453][ T8731] should_fail_ex+0x3d0/0x520 [ 562.017966][ T8731] ? fuse_dentry_init+0x4f/0x90 [ 562.022766][ T8731] __should_failslab+0xaf/0xf0 [ 562.027361][ T8731] should_failslab+0x9/0x20 [ 562.031702][ T8731] __kmem_cache_alloc_node+0x3d/0x250 [ 562.037084][ T8731] ? fuse_dentry_init+0x4f/0x90 [ 562.041763][ T8731] kmalloc_trace+0x2a/0xa0 [ 562.046016][ T8731] fuse_dentry_init+0x4f/0x90 [ 562.050542][ T8731] __d_alloc+0x4a9/0x700 [ 562.054611][ T8731] d_alloc+0x4b/0x1d0 [ 562.058431][ T8731] lookup_one_qstr_excl+0xe7/0x290 [ 562.063374][ T8731] do_renameat2+0x6d9/0x1480 [ 562.067820][ T8731] ? fsnotify_move+0x4e0/0x4e0 [ 562.072411][ T8731] ? __check_object_size+0x48e/0x650 [ 562.077526][ T8731] ? getname_flags+0x1fd/0x520 [ 562.082123][ T8731] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 562.088029][ T8731] __x64_sys_rename+0x86/0x90 [ 562.092538][ T8731] x64_sys_call+0x266/0x9a0 [ 562.096879][ T8731] do_syscall_64+0x3b/0xb0 [ 562.101131][ T8731] ? clear_bhb_loop+0x55/0xb0 [ 562.105645][ T8731] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 562.111370][ T8731] RIP: 0033:0x7f92be9799f9 [ 562.115622][ T8731] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 562.135067][ T8731] RSP: 002b:00007f92bf6d8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 [ 562.143310][ T8731] RAX: ffffffffffffffda RBX: 00007f92beb16130 RCX: 00007f92be9799f9 [ 562.151128][ T8731] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000020000100 [ 562.158934][ T8731] RBP: 00007f92bf6d8090 R08: 0000000000000000 R09: 0000000000000000 [ 562.166747][ T8731] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 562.174561][ T8731] R13: 0000000000000001 R14: 00007f92beb16130 R15: 00007ffe7d6f0d48 [ 562.182375][ T8731] [ 562.189250][ T8725] bridge0: port 2(bridge_slave_1) entered blocking state [ 562.197254][ T8725] bridge0: port 2(bridge_slave_1) entered disabled state [ 562.247672][ T8725] device bridge_slave_1 entered promiscuous mode [ 562.401832][ T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 562.410184][ T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 562.427162][ T6] usb 3-1: device descriptor read/64, error -71 [ 562.433832][ T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 562.442221][ T314] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 562.450848][ T314] bridge0: port 1(bridge_slave_0) entered blocking state [ 562.457730][ T314] bridge0: port 1(bridge_slave_0) entered forwarding state [ 562.464932][ T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 562.473186][ T314] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 562.481254][ T314] bridge0: port 2(bridge_slave_1) entered blocking state [ 562.488129][ T314] bridge0: port 2(bridge_slave_1) entered forwarding state [ 562.495369][ T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 562.503363][ T314] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 562.526805][ T8725] device veth0_vlan entered promiscuous mode [ 562.534058][ T488] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 562.541885][ T488] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 562.550426][ T488] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 562.558568][ T488] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 562.566831][ T488] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 562.575803][ T488] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 562.583669][ T488] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 562.597768][ T7291] device bridge_slave_1 left promiscuous mode [ 562.603729][ T7291] bridge0: port 2(bridge_slave_1) entered disabled state [ 562.613155][ T7291] device bridge_slave_0 left promiscuous mode [ 562.619447][ T7291] bridge0: port 1(bridge_slave_0) entered disabled state [ 562.627962][ T7291] device veth1_macvtap left promiscuous mode [ 562.697137][ T6] usb 3-1: new high-speed USB device number 55 using dummy_hcd [ 562.841369][ T8725] device veth1_macvtap entered promiscuous mode [ 562.876315][ T314] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 562.928975][ T314] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 562.977217][ T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 563.065416][ T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 563.146863][ T6] usb 3-1: device descriptor read/64, error -71 [ 563.250389][ T314] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 563.258076][ T314] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 563.266315][ T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 563.274674][ T314] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 563.283036][ T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 563.781914][ T8764] loop4: detected capacity change from 0 to 16 [ 563.873012][ T8764] erofs: (device loop4): mounted with root inode @ nid 36. [ 564.369472][ T8778] loop0: detected capacity change from 0 to 256 [ 564.438939][ T8778] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 564.479318][ T8778] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe622a5da, utbl_chksum : 0xe619d30d) [ 565.236155][ T8792] loop4: detected capacity change from 0 to 512 [ 565.247199][ T3407] kmmpd-loop3: attempt to access beyond end of device [ 565.247199][ T3407] loop3: rw=14337, sector=64, nr_sectors = 8 limit=64 [ 565.264785][ T3407] Buffer I/O error on dev loop3, logical block 8, lost sync page write [ 565.275133][ T8792] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 565.284531][ T8792] ext4 filesystem being mounted at /173/file0 supports timestamps until 2038 (0x7fffffff) [ 565.312546][ T8792] EXT4-fs error (device loop4): ext4_do_update_inode:5212: inode #2: comm syz.4.1976: corrupted inode contents [ 565.324616][ T8792] EXT4-fs error (device loop4): ext4_dirty_inode:6074: inode #2: comm syz.4.1976: mark_inode_dirty error [ 565.336251][ T8792] EXT4-fs error (device loop4): ext4_do_update_inode:5212: inode #2: comm syz.4.1976: corrupted inode contents [ 565.348188][ T8792] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #2: comm syz.4.1976: mark_inode_dirty error [ 565.433930][ T5150] usb 1-1: new high-speed USB device number 35 using dummy_hcd [ 566.413822][ T4894] EXT4-fs (loop4): unmounting filesystem. [ 566.946420][ T5150] usb 1-1: Using ep0 maxpacket: 32 [ 567.091619][ T8817] loop4: detected capacity change from 0 to 256 [ 567.435954][ T8817] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 567.472951][ T8817] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe622a5da, utbl_chksum : 0xe619d30d) [ 567.561134][ T5150] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 567.752262][ T5150] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 567.763620][ T5150] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 567.773756][ T5150] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 567.819748][ T5150] hub 1-1:4.0: USB hub found [ 567.955325][ T8814] loop1: detected capacity change from 0 to 40427 [ 568.041668][ T8826] loop4: detected capacity change from 0 to 512 [ 568.087264][ T5150] hub 1-1:4.0: 1 port detected [ 568.129778][ T8826] EXT4-fs: Ignoring removed mblk_io_submit option [ 568.136367][ T8826] EXT4-fs: Ignoring removed i_version option [ 568.162320][ T8826] EXT4-fs error (device loop4): __ext4_iget:5046: inode #11: block 1: comm syz.4.1984: invalid block [ 568.176368][ T8826] EXT4-fs (loop4): Remounting filesystem read-only [ 568.183389][ T8826] EXT4-fs error (device loop4): ext4_orphan_get:1401: comm syz.4.1984: couldn't read orphan inode 11 (err -117) [ 568.196616][ T8831] loop1: detected capacity change from 0 to 128 [ 568.201427][ T8826] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 568.295233][ T8787] loop0: detected capacity change from 0 to 512 [ 568.308579][ T8787] EXT4-fs (loop0): 1 truncate cleaned up [ 568.324295][ T8787] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 568.623737][ T5150] hub 1-1:4.0: hub_hub_status failed (err = -71) [ 568.789101][ T5150] hub 1-1:4.0: config failed, can't get hub status (err -71) [ 569.021425][ T4894] EXT4-fs (loop4): unmounting filesystem. [ 569.057699][ T5150] usb 1-1: USB disconnect, device number 35 [ 569.655033][ T8447] EXT4-fs (loop0): unmounting filesystem. [ 570.549847][ T3407] kmmpd-loop3: attempt to access beyond end of device [ 570.549847][ T3407] loop3: rw=14337, sector=64, nr_sectors = 8 limit=64 [ 570.586718][ T3407] Buffer I/O error on dev loop3, logical block 8, lost sync page write [ 570.673075][ T8861] loop0: detected capacity change from 0 to 16 [ 570.673565][ T8861] erofs: (device loop0): mounted with root inode @ nid 36. [ 571.012552][ T8867] 9pnet_fd: Insufficient options for proto=fd [ 571.089391][ T8871] 9pnet_fd: Insufficient options for proto=fd [ 571.776851][ T8876] loop0: detected capacity change from 0 to 40427 [ 571.784116][ T8876] F2FS-fs (loop0): Invalid SB checksum offset: 0 [ 571.791718][ T8876] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock [ 571.802809][ T8876] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 572.320653][ T8876] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0 [ 572.327745][ T8876] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 572.335191][ T28] audit: type=1400 audit(1857709611.223:537): avc: denied { map } for pid=8891 comm="syz.3.1999" path="/dev/binderfs/binder0" dev="binder" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 572.336904][ T8892] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 572.367299][ T8892] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 572.569165][ T8898] loop4: detected capacity change from 0 to 512 [ 572.584537][ T8898] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 572.594223][ T8898] ext4 filesystem being mounted at /178/file0 supports timestamps until 2038 (0x7fffffff) [ 572.904035][ T8898] EXT4-fs error (device loop4): ext4_search_dir:1548: inode #2: block 3: comm syz.4.2001: bad entry in directory: directory entry overrun - offset=16444, inode=113, rec_len=26368, size=2048 fake=0 [ 573.114957][ T28] audit: type=1400 audit(1857709612.003:538): avc: denied { remove_name } for pid=8897 comm="syz.4.2001" name="#13" dev="loop4" ino=23 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 573.136757][ T8918] FAULT_INJECTION: forcing a failure. [ 573.136757][ T8918] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 573.141547][ T28] audit: type=1400 audit(1857709612.003:539): avc: denied { rename } for pid=8897 comm="syz.4.2001" name="#13" dev="loop4" ino=23 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 573.150305][ T8918] CPU: 1 PID: 8918 Comm: syz.3.2006 Tainted: G W 6.1.90-syzkaller-00004-g79436849ef1d #0 [ 573.172121][ T28] audit: type=1400 audit(1857709612.003:540): avc: denied { unlink } for pid=8897 comm="syz.4.2001" name="#13" dev="loop4" ino=24 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=chr_file permissive=1 [ 573.182262][ T8918] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 573.182279][ T8918] Call Trace: [ 573.182285][ T8918] [ 573.182293][ T8918] dump_stack_lvl+0x151/0x1b7 [ 573.182333][ T8918] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 573.182369][ T8918] dump_stack+0x15/0x1a [ 573.182398][ T8918] should_fail_ex+0x3d0/0x520 [ 573.205953][ T28] audit: type=1400 audit(1857709612.003:541): avc: denied { unlink } for pid=8897 comm="syz.4.2001" name="#14" dev="loop4" ino=23 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 573.214057][ T8918] should_fail+0xb/0x10 [ 573.214093][ T8918] should_fail_usercopy+0x1a/0x20 [ 573.268564][ T8918] strncpy_from_user+0x24/0x2b0 [ 573.273245][ T8918] ? getname_flags+0xba/0x520 [ 573.277757][ T8918] getname_flags+0xf2/0x520 [ 573.282107][ T8918] user_path_at_empty+0x2d/0x1a0 [ 573.286873][ T8918] __se_sys_mount+0x285/0x3b0 [ 573.291386][ T8918] ? __x64_sys_mount+0xd0/0xd0 [ 573.295987][ T8918] ? debug_smp_processor_id+0x17/0x20 [ 573.301200][ T8918] __x64_sys_mount+0xbf/0xd0 [ 573.305627][ T8918] x64_sys_call+0x49d/0x9a0 [ 573.309966][ T8918] do_syscall_64+0x3b/0xb0 [ 573.314213][ T8918] ? clear_bhb_loop+0x55/0xb0 [ 573.318729][ T8918] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 573.324454][ T8918] RIP: 0033:0x7f311d9799f9 [ 573.328705][ T8918] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 573.348154][ T8918] RSP: 002b:00007f311e791038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 573.356402][ T8918] RAX: ffffffffffffffda RBX: 00007f311db15f80 RCX: 00007f311d9799f9 [ 573.364205][ T8918] RDX: 0000000020000080 RSI: 00000000200000c0 RDI: 0000000000000000 [ 573.372030][ T8918] RBP: 00007f311e791090 R08: 0000000020000900 R09: 0000000000000000 [ 573.379924][ T8918] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 573.387742][ T8918] R13: 0000000000000000 R14: 00007f311db15f80 R15: 00007fff43aa2888 [ 573.395554][ T8918] [ 573.457889][ T4894] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 3: comm syz-executor: path /178/file0: bad entry in directory: directory entry overrun - offset=60, inode=113, rec_len=26368, size=2048 fake=0 [ 573.480837][ T4894] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 7: comm syz-executor: path /178/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=536870912, rec_len=0, size=2048 fake=0 [ 574.624626][ T4894] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 12: comm syz-executor: path /178/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0 [ 574.696725][ T4894] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 13: comm syz-executor: path /178/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0 [ 574.740467][ T4894] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 14: comm syz-executor: path /178/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 574.762118][ T4894] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 15: comm syz-executor: path /178/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0 [ 574.916409][ T8939] loop1: detected capacity change from 0 to 256 [ 574.922807][ T8939] /dev/loop1: Can't open blockdev [ 575.697881][ T4894] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 16: comm syz-executor: path /178/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0 [ 575.707143][ T3407] kmmpd-loop3: attempt to access beyond end of device [ 575.707143][ T3407] loop3: rw=14337, sector=64, nr_sectors = 8 limit=64 [ 575.751811][ T4894] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 17: comm syz-executor: path /178/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 575.752042][ T4894] EXT4-fs error (device loop4): ext4_map_blocks:607: inode #2: block 18: comm syz-executor: lblock 23 mapped to illegal pblock 18 (length 1) [ 575.820930][ T3407] Buffer I/O error on dev loop3, logical block 8, lost sync page write [ 575.894682][ T8951] FAULT_INJECTION: forcing a failure. [ 575.894682][ T8951] name failslab, interval 1, probability 0, space 0, times 0 [ 575.929676][ T8951] CPU: 0 PID: 8951 Comm: syz.1.2015 Tainted: G W 6.1.90-syzkaller-00004-g79436849ef1d #0 [ 575.941019][ T8951] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 575.951015][ T8951] Call Trace: [ 575.954122][ T8951] [ 575.956900][ T8951] dump_stack_lvl+0x151/0x1b7 [ 575.961413][ T8951] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 575.966715][ T8951] dump_stack+0x15/0x1a [ 575.970698][ T8951] should_fail_ex+0x3d0/0x520 [ 575.975213][ T8951] ? sk_prot_alloc+0xf9/0x330 [ 575.979731][ T8951] __should_failslab+0xaf/0xf0 [ 575.984329][ T8951] should_failslab+0x9/0x20 [ 575.988665][ T8951] __kmem_cache_alloc_node+0x3d/0x250 [ 575.993871][ T8951] ? sk_prot_alloc+0xf9/0x330 [ 575.998507][ T8951] __kmalloc+0xa3/0x1e0 [ 576.002507][ T8951] sk_prot_alloc+0xf9/0x330 [ 576.006840][ T8951] sk_alloc+0x38/0x440 [ 576.010745][ T8951] pptp_create+0x33/0x300 [ 576.014909][ T8951] pppox_create+0x14a/0x1c0 [ 576.019256][ T8951] __sock_create+0x3a6/0x760 [ 576.023677][ T8951] __sys_socketpair+0x313/0x6e0 [ 576.028365][ T8951] ? __ia32_sys_socket+0x90/0x90 [ 576.033135][ T8951] ? __ia32_sys_read+0x90/0x90 [ 576.037740][ T8951] ? debug_smp_processor_id+0x17/0x20 [ 576.042941][ T8951] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 576.048935][ T8951] __x64_sys_socketpair+0x9b/0xb0 [ 576.053794][ T8951] x64_sys_call+0x19b/0x9a0 [ 576.058132][ T8951] do_syscall_64+0x3b/0xb0 [ 576.062509][ T8951] ? clear_bhb_loop+0x55/0xb0 [ 576.066984][ T8951] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 576.072715][ T8951] RIP: 0033:0x7fd9b43799f9 [ 576.076969][ T8951] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 576.096413][ T8951] RSP: 002b:00007fd9b516c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 [ 576.104653][ T8951] RAX: ffffffffffffffda RBX: 00007fd9b4515f80 RCX: 00007fd9b43799f9 [ 576.112461][ T8951] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000018 [ 576.120380][ T8951] RBP: 00007fd9b516c090 R08: 0000000000000000 R09: 0000000000000000 [ 576.128190][ T8951] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000001 [ 576.136002][ T8951] R13: 0000000000000000 R14: 00007fd9b4515f80 R15: 00007ffe9a5668f8 [ 576.143836][ T8951] [ 576.218980][ T4894] EXT4-fs (loop4): unmounting filesystem. [ 576.249462][ T7292] tipc: Left network mode [ 576.353644][ T8961] bridge0: port 1(bridge_slave_0) entered blocking state [ 576.360675][ T8961] bridge0: port 1(bridge_slave_0) entered disabled state [ 576.368140][ T8961] device bridge_slave_0 entered promiscuous mode [ 576.374957][ T8961] bridge0: port 2(bridge_slave_1) entered blocking state [ 576.382013][ T8961] bridge0: port 2(bridge_slave_1) entered disabled state [ 576.389583][ T8961] device bridge_slave_1 entered promiscuous mode [ 576.451510][ T8961] bridge0: port 2(bridge_slave_1) entered blocking state [ 576.458516][ T8961] bridge0: port 2(bridge_slave_1) entered forwarding state [ 576.465598][ T8961] bridge0: port 1(bridge_slave_0) entered blocking state [ 576.472380][ T8961] bridge0: port 1(bridge_slave_0) entered forwarding state [ 576.495835][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 576.503486][ T6] bridge0: port 1(bridge_slave_0) entered disabled state [ 576.510967][ T6] bridge0: port 2(bridge_slave_1) entered disabled state [ 576.529139][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 576.537312][ T6] bridge0: port 1(bridge_slave_0) entered blocking state [ 576.544165][ T6] bridge0: port 1(bridge_slave_0) entered forwarding state [ 576.551513][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 576.560093][ T6] bridge0: port 2(bridge_slave_1) entered blocking state [ 576.566933][ T6] bridge0: port 2(bridge_slave_1) entered forwarding state [ 576.574302][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 576.588305][ T488] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 576.607766][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 576.625373][ T8961] device veth0_vlan entered promiscuous mode [ 576.638757][ T5150] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 576.646924][ T5150] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 576.654570][ T5150] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 576.667270][ T488] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 576.676679][ T8961] device veth1_macvtap entered promiscuous mode [ 576.691220][ T488] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 576.707942][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 576.809010][ T8972] loop4: detected capacity change from 0 to 512 [ 576.829554][ T8972] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 576.838628][ T8972] ext4 filesystem being mounted at /0/file0 supports timestamps until 2038 (0x7fffffff) [ 576.896732][ T8972] EXT4-fs error (device loop4): ext4_search_dir:1548: inode #2: block 3: comm syz.4.2019: bad entry in directory: directory entry overrun - offset=16444, inode=113, rec_len=26368, size=2048 fake=0 [ 577.164052][ T8966] loop0: detected capacity change from 0 to 40427 [ 577.171423][ T7292] device bridge_slave_1 left promiscuous mode [ 577.176313][ T8966] F2FS-fs (loop0): invalid crc value [ 577.178187][ T7292] bridge0: port 2(bridge_slave_1) entered disabled state [ 577.209872][ T7292] device bridge_slave_0 left promiscuous mode [ 577.215916][ T7292] bridge0: port 1(bridge_slave_0) entered disabled state [ 577.224369][ T7292] device veth1_macvtap left promiscuous mode [ 577.259041][ T8966] F2FS-fs (loop0): Found nat_bits in checkpoint [ 577.343683][ T8986] FAULT_INJECTION: forcing a failure. [ 577.343683][ T8986] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 577.356625][ T8986] CPU: 0 PID: 8986 Comm: syz.4.2019 Tainted: G W 6.1.90-syzkaller-00004-g79436849ef1d #0 [ 577.367571][ T8986] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 577.377467][ T8986] Call Trace: [ 577.380587][ T8986] [ 577.383368][ T8986] dump_stack_lvl+0x151/0x1b7 [ 577.387880][ T8986] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 577.393179][ T8986] dump_stack+0x15/0x1a [ 577.397168][ T8986] should_fail_ex+0x3d0/0x520 [ 577.401681][ T8986] should_fail+0xb/0x10 [ 577.405672][ T8986] should_fail_usercopy+0x1a/0x20 [ 577.410533][ T8986] strncpy_from_user+0x24/0x2b0 [ 577.415218][ T8986] ? getname_flags+0xba/0x520 [ 577.419736][ T8986] getname_flags+0xf2/0x520 [ 577.424073][ T8986] user_path_at_empty+0x2d/0x1a0 [ 577.428845][ T8986] __se_sys_mount+0x285/0x3b0 [ 577.433362][ T8986] ? __x64_sys_mount+0xd0/0xd0 [ 577.437958][ T8986] ? debug_smp_processor_id+0x17/0x20 [ 577.443165][ T8986] __x64_sys_mount+0xbf/0xd0 [ 577.447593][ T8986] x64_sys_call+0x49d/0x9a0 [ 577.452018][ T8986] do_syscall_64+0x3b/0xb0 [ 577.456268][ T8986] ? clear_bhb_loop+0x55/0xb0 [ 577.460782][ T8986] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 577.466517][ T8986] RIP: 0033:0x7f2bb5f799f9 [ 577.470766][ T8986] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 577.490237][ T8986] RSP: 002b:00007f2bb6d43038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 577.498449][ T8986] RAX: ffffffffffffffda RBX: 00007f2bb6116130 RCX: 00007f2bb5f799f9 [ 577.506260][ T8986] RDX: 0000000020000080 RSI: 00000000200000c0 RDI: 0000000000000000 [ 577.514076][ T8986] RBP: 00007f2bb6d43090 R08: 0000000020000900 R09: 0000000000000000 [ 577.521883][ T8986] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 577.529696][ T8986] R13: 0000000000000001 R14: 00007f2bb6116130 R15: 00007ffc2cfd59b8 [ 577.537517][ T8986] [ 577.561423][ T8966] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4 [ 578.390865][ T8998] loop1: detected capacity change from 0 to 512 [ 578.411673][ T8961] EXT4-fs (loop4): unmounting filesystem. [ 578.425974][ T8998] EXT4-fs: Ignoring removed mblk_io_submit option [ 578.432897][ T8998] EXT4-fs: Ignoring removed i_version option [ 578.438998][ T8998] /dev/loop1: Can't open blockdev [ 578.467486][ T8447] syz-executor: attempt to access beyond end of device [ 578.467486][ T8447] loop0: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 578.623919][ T9005] loop1: detected capacity change from 0 to 256 [ 578.630232][ T9005] exfat: Deprecated parameter 'namecase' [ 578.635783][ T9005] /dev/loop1: Can't open blockdev [ 578.679853][ T9005] loop1: detected capacity change from 0 to 256 [ 579.187960][ T9019] loop1: detected capacity change from 0 to 256 [ 579.206990][ T9019] exfat: Bad value for 'uid' [ 579.818033][ T9027] loop0: detected capacity change from 0 to 1024 [ 579.843937][ T9027] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 579.859152][ T9027] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 580.171728][ T9038] input: syz0 as /devices/virtual/input/input108 [ 580.676046][ T8447] EXT4-fs (loop0): unmounting filesystem. [ 580.687167][ T3407] kmmpd-loop3: attempt to access beyond end of device [ 580.687167][ T3407] loop3: rw=14337, sector=64, nr_sectors = 8 limit=64 [ 580.700595][ T3407] Buffer I/O error on dev loop3, logical block 8, lost sync page write [ 580.702713][ T9047] loop0: detected capacity change from 0 to 512 [ 580.716243][ T9047] EXT4-fs: Ignoring removed bh option [ 580.916981][ T9050] input: syz0 as /devices/virtual/input/input109 [ 581.079754][ T9047] EXT4-fs (loop0): 1 orphan inode deleted [ 581.085406][ T9047] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 581.094845][ T9047] ext4 filesystem being mounted at /18/file1 supports timestamps until 2038 (0x7fffffff) [ 581.261000][ T9057] syz.0.2038[9057] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 581.261086][ T9057] syz.0.2038[9057] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 581.307604][ T9061] netlink: 'syz.3.2039': attribute type 13 has an invalid length. [ 581.454024][ T9064] loop1: detected capacity change from 0 to 128 [ 581.467460][ T9064] /dev/loop1: Can't open blockdev [ 581.567765][ T8447] EXT4-fs (loop0): unmounting filesystem. [ 581.574591][ T9068] loop4: detected capacity change from 0 to 128 [ 581.589910][ T9068] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 581.602773][ T9068] ext4 filesystem being mounted at /4/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff) [ 581.662405][ T8961] EXT4-fs (loop4): unmounting filesystem. [ 581.781725][ T9079] loop0: detected capacity change from 0 to 1024 [ 581.788524][ T9079] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 581.799278][ T9079] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 582.433597][ T9086] loop1: detected capacity change from 0 to 512 [ 582.454994][ T9086] /dev/loop1: Can't open blockdev [ 582.583424][ T9094] loop4: detected capacity change from 0 to 512 [ 582.606895][ T9094] ext4: Bad value for 'inode_readahead_blks' [ 583.195885][ T9097] loop1: detected capacity change from 0 to 512 [ 583.202608][ T9097] EXT4-fs: Ignoring removed mblk_io_submit option [ 583.209179][ T9097] /dev/loop1: Can't open blockdev [ 583.286193][ T319] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 583.324270][ T8447] EXT4-fs (loop0): unmounting filesystem. [ 583.795059][ T9120] loop1: detected capacity change from 0 to 512 [ 583.847479][ T9120] EXT4-fs: Ignoring removed mblk_io_submit option [ 583.855049][ T9120] EXT4-fs: Ignoring removed i_version option [ 583.874842][ T9120] /dev/loop1: Can't open blockdev [ 584.074214][ T9124] loop1: detected capacity change from 0 to 256 [ 584.080601][ T9124] exfat: Deprecated parameter 'namecase' [ 584.086233][ T9124] /dev/loop1: Can't open blockdev [ 584.117831][ T347] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 584.131552][ T9124] loop1: detected capacity change from 0 to 256 [ 585.207086][ T5434] usb 3-1: new high-speed USB device number 56 using dummy_hcd [ 585.247087][ T333] usb 5-1: new high-speed USB device number 31 using dummy_hcd [ 585.447082][ T5434] usb 3-1: Using ep0 maxpacket: 32 [ 585.567285][ T5434] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 585.571288][ T333] usb 5-1: Using ep0 maxpacket: 32 [ 585.588970][ T5434] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 585.610395][ T5434] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 585.622024][ T5434] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 585.727705][ T3407] kmmpd-loop3: attempt to access beyond end of device [ 585.727705][ T3407] loop3: rw=14337, sector=64, nr_sectors = 8 limit=64 [ 585.741671][ T333] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 585.763958][ T333] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 585.841121][ T3407] Buffer I/O error on dev loop3, logical block 8, lost sync page write [ 585.901754][ T5434] usb 3-1: config 0 descriptor?? [ 585.911557][ T333] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 585.917151][ T9130] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 585.931649][ T333] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 585.957693][ T5434] hub 3-1:0.0: USB hub found [ 585.974865][ T9153] loop0: detected capacity change from 0 to 40427 [ 585.981785][ T9153] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 585.990054][ T333] hub 5-1:4.0: USB hub found [ 585.993151][ T9153] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 586.002740][ T9153] F2FS-fs (loop0): Unrecognized mount option "0x0000000000000003" or missing value [ 586.192595][ T9153] loop0: detected capacity change from 0 to 40427 [ 586.199061][ T5434] hub 3-1:0.0: 2 ports detected [ 586.205425][ T9153] F2FS-fs (loop0): invalid crc value [ 586.212902][ T9153] F2FS-fs (loop0): Found nat_bits in checkpoint [ 586.248661][ T9153] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4 [ 586.277176][ T333] hub 5-1:4.0: 1 port detected [ 586.317604][ T28] audit: type=1400 audit(1857709625.213:542): avc: denied { watch } for pid=9152 comm="syz.0.2065" path="/23/bus" dev="loop0" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 586.378551][ T8447] syz-executor: attempt to access beyond end of device [ 586.378551][ T8447] loop0: rw=2049, sector=45096, nr_sectors = 24 limit=40427 [ 586.522371][ T9149] loop4: detected capacity change from 0 to 1024 [ 586.611298][ T9178] loop1: detected capacity change from 0 to 256 [ 586.646125][ T9149] ext4: Bad value for 'debug_want_extra_isize' [ 587.512331][ T347] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 587.611744][ T9182] loop0: detected capacity change from 0 to 512 [ 587.618237][ T9182] EXT4-fs: Ignoring removed mblk_io_submit option [ 587.624494][ T9182] EXT4-fs: Ignoring removed i_version option [ 587.668942][ T5434] hub 3-1:0.0: set hub depth failed [ 587.671779][ T9149] loop4: detected capacity change from 0 to 512 [ 587.698368][ T9182] EXT4-fs error (device loop0): __ext4_iget:5046: inode #11: block 1: comm syz.0.2072: invalid block [ 587.713561][ T5434] usb 3-1: USB disconnect, device number 56 [ 587.738300][ T9182] EXT4-fs (loop0): Remounting filesystem read-only [ 587.744884][ T9182] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz.0.2072: couldn't read orphan inode 11 (err -117) [ 587.758452][ T9182] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 587.760226][ T333] hub 5-1:4.0: hub_hub_status failed (err = -32) [ 587.768558][ T9149] EXT4-fs (loop4): 1 truncate cleaned up [ 587.773243][ T333] hub 5-1:4.0: config failed, can't get hub status (err -32) [ 587.786896][ T9149] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 587.941303][ T9188] input: syz0 as /devices/virtual/input/input110 [ 588.437490][ T333] usb 5-1: USB disconnect, device number 31 [ 588.701545][ T8447] EXT4-fs (loop0): unmounting filesystem. [ 589.073098][ T8961] EXT4-fs (loop4): unmounting filesystem. [ 589.164769][ T9217] loop4: detected capacity change from 0 to 256 [ 589.187833][ T9217] exfat: Bad value for 'uid' [ 589.644507][ T9225] loop0: detected capacity change from 0 to 512 [ 589.739412][ T9225] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 589.757451][ T9225] ext4 filesystem being mounted at /28/file0 supports timestamps until 2038 (0x7fffffff) [ 589.780093][ T9225] EXT4-fs error (device loop0): ext4_do_update_inode:5212: inode #2: comm syz.0.2083: corrupted inode contents [ 589.797370][ T9225] EXT4-fs error (device loop0): ext4_dirty_inode:6074: inode #2: comm syz.0.2083: mark_inode_dirty error [ 589.826754][ T9225] EXT4-fs error (device loop0): ext4_do_update_inode:5212: inode #2: comm syz.0.2083: corrupted inode contents [ 589.838828][ T9225] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #2: comm syz.0.2083: mark_inode_dirty error [ 590.510402][ T8447] EXT4-fs (loop0): unmounting filesystem. [ 590.542723][ T9245] loop1: detected capacity change from 0 to 512 [ 590.558423][ T9245] EXT4-fs: Ignoring removed mblk_io_submit option [ 590.567873][ T9245] EXT4-fs: Ignoring removed i_version option [ 590.575880][ T9245] /dev/loop1: Can't open blockdev [ 591.112867][ T9248] loop0: detected capacity change from 0 to 256 [ 591.114060][ T3407] kmmpd-loop3: attempt to access beyond end of device [ 591.114060][ T3407] loop3: rw=14337, sector=64, nr_sectors = 8 limit=64 [ 591.138529][ T347] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 591.145193][ T3407] Buffer I/O error on dev loop3, logical block 8, lost sync page write [ 591.155953][ T9248] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 591.176239][ T9248] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe622a5da, utbl_chksum : 0xe619d30d) [ 591.235813][ T9255] loop4: detected capacity change from 0 to 256 [ 591.245073][ T9255] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 591.267687][ T9255] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe622a5da, utbl_chksum : 0xe619d30d) [ 591.526547][ T9258] loop1: detected capacity change from 0 to 256 [ 591.532826][ T9258] exfat: Deprecated parameter 'namecase' [ 591.538430][ T9258] /dev/loop1: Can't open blockdev [ 591.610089][ T9258] loop1: detected capacity change from 0 to 256 [ 591.764610][ T9262] loop4: detected capacity change from 0 to 40427 [ 591.782736][ T9262] F2FS-fs (loop4): invalid crc value [ 591.790266][ T9262] F2FS-fs (loop4): Found nat_bits in checkpoint [ 591.840869][ T9262] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4 [ 592.047879][ T333] usb 3-1: new high-speed USB device number 57 using dummy_hcd [ 592.218132][ T9279] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 592.227353][ T9279] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 592.236662][ T28] audit: type=1400 audit(1857709631.123:543): avc: denied { create } for pid=9278 comm="syz.3.2094" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 592.467157][ T333] usb 3-1: config 17 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 255, changing to 11 [ 592.511764][ T333] usb 3-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 59391, setting to 1024 [ 592.527416][ T333] usb 3-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00 [ 592.536447][ T333] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 592.567184][ T9264] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 592.583982][ T8961] syz-executor: attempt to access beyond end of device [ 592.583982][ T8961] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 592.748745][ T28] audit: type=1400 audit(1857709631.643:544): avc: denied { unlink } for pid=8725 comm="syz-executor" name="file0" dev="tmpfs" ino=205 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 592.780243][ T9289] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 592.780375][ T9289] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 592.823369][ T9292] loop4: detected capacity change from 0 to 512 [ 592.843442][ T9292] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 592.843526][ T9292] ext4 filesystem being mounted at /12/file0 supports timestamps until 2038 (0x7fffffff) [ 592.859140][ T9292] EXT4-fs error (device loop4): ext4_do_update_inode:5212: inode #2: comm syz.4.2096: corrupted inode contents [ 592.859396][ T9292] EXT4-fs error (device loop4): ext4_dirty_inode:6074: inode #2: comm syz.4.2096: mark_inode_dirty error [ 592.859768][ T9292] EXT4-fs error (device loop4): ext4_do_update_inode:5212: inode #2: comm syz.4.2096: corrupted inode contents [ 592.859995][ T9292] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #2: comm syz.4.2096: mark_inode_dirty error [ 593.207136][ T333] aiptek 3-1:17.0: Aiptek using 400 ms programming speed [ 593.222209][ T333] input: Aiptek as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:17.0/input/input111 [ 593.246747][ T333] usb 3-1: USB disconnect, device number 57 [ 593.252654][ C1] aiptek 3-1:17.0: aiptek_irq - usb_submit_urb failed with result -19 [ 594.041027][ T8961] EXT4-fs (loop4): unmounting filesystem. [ 594.053381][ T9310] loop1: detected capacity change from 0 to 512 [ 594.059788][ T9310] /dev/loop1: Can't open blockdev [ 594.119263][ T9312] loop4: detected capacity change from 0 to 512 [ 594.131468][ T9312] EXT4-fs: Ignoring removed mblk_io_submit option [ 594.137874][ T9312] EXT4-fs: Ignoring removed i_version option [ 594.156926][ T9312] EXT4-fs error (device loop4): __ext4_iget:5046: inode #11: block 1: comm syz.4.2103: invalid block [ 594.168055][ T9312] EXT4-fs (loop4): Remounting filesystem read-only [ 594.174520][ T9312] EXT4-fs error (device loop4): ext4_orphan_get:1401: comm syz.4.2103: couldn't read orphan inode 11 (err -117) [ 594.186773][ T9312] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 594.201882][ T9307] loop0: detected capacity change from 0 to 40427 [ 594.213181][ T9313] loop1: detected capacity change from 0 to 512 [ 594.219443][ T9313] EXT4-fs: Ignoring removed mblk_io_submit option [ 594.225797][ T9313] /dev/loop1: Can't open blockdev [ 594.311465][ T319] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 594.321040][ T9307] F2FS-fs (loop0): invalid crc value [ 594.345197][ T28] audit: type=1400 audit(1857709633.233:545): avc: denied { setopt } for pid=9318 comm="syz.2.2105" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 594.348552][ T9307] F2FS-fs (loop0): Found nat_bits in checkpoint [ 594.481763][ T9307] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4 [ 595.108781][ T8961] EXT4-fs (loop4): unmounting filesystem. [ 595.328335][ T8447] syz-executor: attempt to access beyond end of device [ 595.328335][ T8447] loop0: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 595.897095][ T6] usb 3-1: new high-speed USB device number 58 using dummy_hcd [ 595.913901][ T9334] loop1: detected capacity change from 0 to 40427 [ 596.166336][ T3407] kmmpd-loop3: attempt to access beyond end of device [ 596.166336][ T3407] loop3: rw=14337, sector=64, nr_sectors = 8 limit=64 [ 596.226875][ T3407] Buffer I/O error on dev loop3, logical block 8, lost sync page write [ 596.244564][ T347] I/O error, dev loop1, sector 40192 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 596.419649][ T6] usb 3-1: Using ep0 maxpacket: 8 [ 596.459661][ T9353] input: syz0 as /devices/virtual/input/input113 [ 596.576736][ T9353] loop4: detected capacity change from 0 to 256 [ 596.585760][ T9353] FAT-fs (loop4): Unrecognized mount option "ioŠ¼harseG®S„874" or missing value [ 596.901850][ T6] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 596.917354][ T6] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 596.938234][ T6] usb 3-1: New USB device found, idVendor=06a3, idProduct=0ccd, bcdDevice= 0.00 [ 596.951830][ T6] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 597.035140][ T9361] input: syz0 as /devices/virtual/input/input114 [ 597.287076][ T9359] loop0: detected capacity change from 0 to 256 [ 597.293486][ T9359] FAT-fs (loop0): Unrecognized mount option "ioŠ¼harseG®S„874" or missing value [ 597.312990][ T6] usb 3-1: config 0 descriptor?? [ 597.376765][ T319] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 598.072414][ T9378] loop0: detected capacity change from 0 to 256 [ 598.078931][ T9378] exfat: Bad value for 'uid' [ 598.107160][ T6] usbhid 3-1:0.0: can't add hid device: -71 [ 598.113646][ T6] usbhid: probe of 3-1:0.0 failed with error -71 [ 598.123330][ T6] usb 3-1: USB disconnect, device number 58 [ 598.760169][ T9383] loop4: detected capacity change from 0 to 512 [ 598.782447][ T9383] EXT4-fs: Ignoring removed mblk_io_submit option [ 598.789699][ T9383] EXT4-fs: Ignoring removed i_version option [ 598.798557][ T9383] EXT4-fs error (device loop4): __ext4_iget:5046: inode #11: block 1: comm syz.4.2119: invalid block [ 598.809555][ T9383] EXT4-fs (loop4): Remounting filesystem read-only [ 598.816042][ T9383] EXT4-fs error (device loop4): ext4_orphan_get:1401: comm syz.4.2119: couldn't read orphan inode 11 (err -117) [ 598.827804][ T9383] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 599.020638][ T8961] EXT4-fs (loop4): unmounting filesystem. [ 599.648178][ T9402] loop4: detected capacity change from 0 to 256 [ 599.988191][ T9402] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 600.001274][ T9402] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe622a5da, utbl_chksum : 0xe619d30d) [ 600.021953][ T9401] incfs: Backing dir is not set, filesystem can't be mounted. [ 600.029935][ T9401] incfs: mount failed -2 [ 600.040845][ T9406] process 'syz.1.2123' launched './file2' with NULL argv: empty string added [ 600.059189][ T9406] loop1: detected capacity change from 0 to 16 [ 600.070026][ T9406] /dev/loop1: Can't open blockdev [ 600.227110][ T347] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 600.240288][ T9406] loop1: detected capacity change from 0 to 512 [ 600.254550][ T9406] EXT4-fs: Ignoring removed mblk_io_submit option [ 600.828021][ T9416] input: syz0 as /devices/virtual/input/input115 [ 601.591076][ T3407] kmmpd-loop3: attempt to access beyond end of device [ 601.591076][ T3407] loop3: rw=14337, sector=64, nr_sectors = 8 limit=64 [ 601.640612][ T3407] Buffer I/O error on dev loop3, logical block 8, lost sync page write [ 601.642099][ T9406] /dev/loop1: Can't open blockdev [ 601.826155][ T9430] loop0: detected capacity change from 0 to 512 [ 601.837393][ T9430] EXT4-fs: Ignoring removed mblk_io_submit option [ 601.843772][ T9430] EXT4-fs: Ignoring removed i_version option [ 602.905985][ T9415] loop4: detected capacity change from 0 to 40427 [ 602.935335][ T9415] F2FS-fs (loop4): invalid crc value [ 602.941827][ T9430] EXT4-fs error (device loop0): __ext4_iget:5046: inode #11: block 1: comm syz.0.2131: invalid block [ 602.953179][ T9430] EXT4-fs (loop0): Remounting filesystem read-only [ 602.960103][ T9430] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz.0.2131: couldn't read orphan inode 11 (err -117) [ 602.960830][ T9415] F2FS-fs (loop4): Found nat_bits in checkpoint [ 602.972453][ T9430] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 603.044739][ T9447] loop1: detected capacity change from 0 to 256 [ 603.051874][ T9447] /dev/loop1: Can't open blockdev [ 603.217122][ T9415] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4 [ 603.250904][ T9450] 9pnet_fd: Insufficient options for proto=fd [ 603.275318][ T8447] EXT4-fs (loop0): unmounting filesystem. [ 603.824428][ T9459] loop1: detected capacity change from 0 to 256 [ 603.842955][ T9459] exfat: Bad value for 'uid' [ 604.407189][ T1551] usb 5-1: new high-speed USB device number 32 using dummy_hcd [ 604.728661][ T1551] usb 5-1: Using ep0 maxpacket: 8 [ 604.917116][ T1551] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 604.934975][ T1551] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 604.957708][ T9489] syz.3.2143[9489] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 604.957800][ T9489] syz.3.2143[9489] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 604.968370][ T1551] usb 5-1: New USB device found, idVendor=06a3, idProduct=0ccd, bcdDevice= 0.00 [ 605.016647][ T1551] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 605.038258][ T1551] usb 5-1: config 0 descriptor?? [ 605.685621][ T9495] loop0: detected capacity change from 0 to 40427 [ 605.705452][ T9495] F2FS-fs (loop0): invalid crc value [ 605.740525][ T9495] F2FS-fs (loop0): Found nat_bits in checkpoint [ 605.789600][ T9495] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4 [ 605.827144][ T1551] usbhid 5-1:0.0: can't add hid device: -71 [ 605.833250][ T1551] usbhid: probe of 5-1:0.0 failed with error -71 [ 605.847904][ T1551] usb 5-1: USB disconnect, device number 32 [ 605.984828][ T9504] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 605.994359][ T9504] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 606.008946][ T5149] usb 3-1: new high-speed USB device number 59 using dummy_hcd [ 606.940949][ T9509] loop1: detected capacity change from 0 to 256 [ 606.953885][ T3407] kmmpd-loop3: attempt to access beyond end of device [ 606.953885][ T3407] loop3: rw=14337, sector=64, nr_sectors = 8 limit=64 [ 606.967667][ T3407] Buffer I/O error on dev loop3, logical block 8, lost sync page write [ 607.023981][ T347] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 607.067087][ T5149] usb 3-1: Using ep0 maxpacket: 32 [ 607.081516][ T8447] syz-executor: attempt to access beyond end of device [ 607.081516][ T8447] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 607.237127][ T9517] loop4: detected capacity change from 0 to 512 [ 607.247266][ T5149] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 607.261460][ T5149] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 607.271379][ T5149] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 607.280653][ T5149] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 607.351757][ T9521] loop1: detected capacity change from 0 to 256 [ 607.359508][ T9521] /dev/loop1: Can't open blockdev [ 607.365514][ T347] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 607.504421][ T9522] syz.4.2152[9522] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 607.504826][ T9522] syz.4.2152[9522] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 607.627660][ T5149] hub 3-1:4.0: USB hub found [ 607.697789][ T9524] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 607.710147][ T9519] loop0: detected capacity change from 0 to 40427 [ 607.724255][ T9524] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 607.887755][ T5149] hub 3-1:4.0: 1 port detected [ 608.051097][ T9529] FAULT_INJECTION: forcing a failure. [ 608.051097][ T9529] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 608.159042][ T9529] CPU: 0 PID: 9529 Comm: syz.1.2154 Tainted: G W 6.1.90-syzkaller-00004-g79436849ef1d #0 [ 608.170179][ T9529] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 608.180071][ T9529] Call Trace: [ 608.183196][ T9529] [ 608.185972][ T9529] dump_stack_lvl+0x151/0x1b7 [ 608.190483][ T9529] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 608.195792][ T9529] ? __alloc_pages+0x780/0x780 [ 608.200376][ T9529] dump_stack+0x15/0x1a [ 608.204369][ T9529] should_fail_ex+0x3d0/0x520 [ 608.208886][ T9529] should_fail_alloc_page+0x68/0x90 [ 608.213913][ T9529] __alloc_pages+0x1f4/0x780 [ 608.218434][ T9529] ? prep_new_page+0x110/0x110 [ 608.223031][ T9529] ? _raw_spin_trylock_bh+0x190/0x190 [ 608.228239][ T9529] __get_free_pages+0xe/0x30 [ 608.232802][ T9529] kasan_populate_vmalloc_pte+0x39/0x130 [ 608.238268][ T9529] ? __apply_to_page_range+0x8ca/0xbe0 [ 608.243565][ T9529] __apply_to_page_range+0x8dd/0xbe0 [ 608.248686][ T9529] ? kasan_populate_vmalloc+0x70/0x70 [ 608.253898][ T9529] ? kasan_populate_vmalloc+0x70/0x70 [ 608.259101][ T9529] apply_to_page_range+0x3b/0x50 [ 608.263873][ T9529] kasan_populate_vmalloc+0x65/0x70 [ 608.268906][ T9529] alloc_vmap_area+0x1961/0x1aa0 [ 608.273774][ T9529] ? vm_map_ram+0x940/0x940 [ 608.278103][ T9529] ? __kasan_kmalloc+0x9c/0xb0 [ 608.282705][ T9529] ? kmalloc_node_trace+0x3d/0xb0 [ 608.287568][ T9529] __get_vm_area_node+0x171/0x370 [ 608.292428][ T9529] __vmalloc_node_range+0x36e/0x1540 [ 608.297547][ T9529] ? htab_map_alloc+0x39d/0xf80 [ 608.302241][ T9529] ? vmap+0x2b0/0x2b0 [ 608.306052][ T9529] ? kasan_save_alloc_info+0x1f/0x30 [ 608.311174][ T9529] ? __kasan_kmalloc+0x9c/0xb0 [ 608.315774][ T9529] ? __kmalloc_node+0xb4/0x1e0 [ 608.320461][ T9529] bpf_map_area_alloc+0xdc/0xf0 [ 608.325150][ T9529] ? htab_map_alloc+0x39d/0xf80 [ 608.329838][ T9529] htab_map_alloc+0x39d/0xf80 [ 608.334350][ T9529] ? htab_map_alloc_check+0x319/0x430 [ 608.339557][ T9529] map_create+0x44a/0xcf0 [ 608.343726][ T9529] __sys_bpf+0x2e6/0x7f0 [ 608.347804][ T9529] ? bpf_link_show_fdinfo+0x2d0/0x2d0 [ 608.353013][ T9529] ? __ia32_sys_read+0x90/0x90 [ 608.357610][ T9529] ? debug_smp_processor_id+0x17/0x20 [ 608.362817][ T9529] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 608.368723][ T9529] __x64_sys_bpf+0x7c/0x90 [ 608.372973][ T9529] x64_sys_call+0x87f/0x9a0 [ 608.377312][ T9529] do_syscall_64+0x3b/0xb0 [ 608.381562][ T9529] ? clear_bhb_loop+0x55/0xb0 [ 608.386078][ T9529] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 608.391806][ T9529] RIP: 0033:0x7fd9b43799f9 [ 608.396054][ T9529] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 608.415500][ T9529] RSP: 002b:00007fd9b516c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 608.423748][ T9529] RAX: ffffffffffffffda RBX: 00007fd9b4515f80 RCX: 00007fd9b43799f9 [ 608.431557][ T9529] RDX: 0000000000000048 RSI: 00000000200005c0 RDI: 0000000000000000 [ 608.439379][ T9529] RBP: 00007fd9b516c090 R08: 0000000000000000 R09: 0000000000000000 [ 608.447179][ T9529] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 608.454991][ T9529] R13: 0000000000000000 R14: 00007fd9b4515f80 R15: 00007ffe9a5668f8 [ 608.462809][ T9529] [ 608.477075][ T5149] hub 3-1:4.0: hub_hub_status failed (err = -71) [ 608.490493][ T5149] hub 3-1:4.0: config failed, can't get hub status (err -71) [ 608.527303][ T5149] usb 3-1: USB disconnect, device number 59 [ 608.995100][ T9544] loop0: detected capacity change from 0 to 256 [ 609.002024][ T9544] FAT-fs (loop0): Unrecognized mount option "ioŠ¼harseG®S„874" or missing value [ 609.521421][ T9539] loop1: detected capacity change from 0 to 40427 [ 610.368490][ T9570] loop0: detected capacity change from 0 to 40427 [ 610.393488][ T9570] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 610.405635][ T9570] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 610.414890][ T9570] F2FS-fs (loop0): invalid crc value [ 610.421462][ T9570] F2FS-fs (loop0): Found nat_bits in checkpoint [ 610.456764][ T9570] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 610.463696][ T9570] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 610.861069][ T9590] 9pnet_fd: Insufficient options for proto=fd [ 610.999489][ T9594] loop1: detected capacity change from 0 to 16 [ 611.027069][ T9594] erofs: (device loop1): mounted with root inode @ nid 36. [ 611.048524][ T2482] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 611.058244][ T2482] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 611.149245][ T28] audit: type=1326 audit(1857709650.043:546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9597 comm="syz.1.2174" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd9b43799f9 code=0x0 [ 611.233879][ T9607] sit: Dst spoofed 0.0.0.0/2002::bfd8:a5dd -> 224.0.0.1/2002:c021:42c4:3911:45ba:dd28:fd7f:ffc [ 611.238402][ T9609] loop0: detected capacity change from 0 to 512 [ 611.258200][ T9609] EXT4-fs: Ignoring removed mblk_io_submit option [ 611.267368][ T9609] EXT4-fs: Ignoring removed i_version option [ 611.276037][ T9609] EXT4-fs error (device loop0): __ext4_iget:5046: inode #11: block 1: comm syz.0.2172: invalid block [ 611.287042][ T9609] EXT4-fs (loop0): Remounting filesystem read-only [ 611.293469][ T9609] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz.0.2172: couldn't read orphan inode 11 (err -117) [ 611.305916][ T9609] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 611.347886][ T8447] EXT4-fs (loop0): unmounting filesystem. [ 611.674119][ T28] audit: type=1326 audit(1857709650.563:547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9633 comm="syz.0.2187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fddfd7799f9 code=0x7fc00000 [ 611.702955][ T28] audit: type=1326 audit(1857709650.563:548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9633 comm="syz.0.2187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fddfd7799f9 code=0x7fc00000 [ 611.798079][ T28] audit: type=1326 audit(1857709650.693:549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9650 comm="syz.4.2195" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2bb5f799f9 code=0x0 [ 611.863226][ T9655] loop4: detected capacity change from 0 to 256 [ 611.875370][ T9655] FAT-fs (loop4): Directory bread(block 64) failed [ 611.882147][ T9655] FAT-fs (loop4): Directory bread(block 65) failed [ 611.889091][ T9655] FAT-fs (loop4): Directory bread(block 66) failed [ 611.895640][ T9655] FAT-fs (loop4): Directory bread(block 67) failed [ 611.902596][ T9655] FAT-fs (loop4): Directory bread(block 68) failed [ 611.909152][ T9655] FAT-fs (loop4): Directory bread(block 69) failed [ 611.915594][ T9655] FAT-fs (loop4): Directory bread(block 70) failed [ 611.922417][ T9655] FAT-fs (loop4): Directory bread(block 71) failed [ 611.929038][ T9655] FAT-fs (loop4): Directory bread(block 72) failed [ 611.935573][ T9655] FAT-fs (loop4): Directory bread(block 73) failed [ 611.967054][ T3407] kmmpd-loop3: attempt to access beyond end of device [ 611.967054][ T3407] loop3: rw=14337, sector=64, nr_sectors = 8 limit=64 [ 611.990662][ T3407] Buffer I/O error on dev loop3, logical block 8, lost sync page write [ 612.043271][ T9661] loop1: detected capacity change from 0 to 512 [ 612.080457][ T9661] EXT4-fs (loop1): write access unavailable, skipping orphan cleanup [ 612.095544][ T9661] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 612.142709][ T9661] EXT4-fs (loop1): Couldn't remount RDWR because of unprocessed orphan inode list. Please umount/remount instead [ 612.184356][ T3578] EXT4-fs (loop1): unmounting filesystem. [ 612.209531][ T9674] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2205'. [ 612.218941][ T9674] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2205'. [ 612.228082][ T9674] bridge0: port 2(bridge_slave_1) entered listening state [ 612.238146][ T28] audit: type=1400 audit(1857709651.133:550): avc: denied { write } for pid=9670 comm="syz.1.2203" name="ppp" dev="devtmpfs" ino=138 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 612.302516][ T28] audit: type=1400 audit(1857709651.193:551): avc: denied { write } for pid=9680 comm="syz.1.2209" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1 [ 612.375796][ T9701] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2218'. [ 612.404793][ T28] audit: type=1326 audit(1857709651.293:552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9633 comm="syz.0.2187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fddfd7799f9 code=0x7fc00000 [ 612.465802][ T28] audit: type=1326 audit(1857709651.293:553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9633 comm="syz.0.2187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7fddfd7799f9 code=0x7fc00000 [ 612.483707][ T9717] overlayfs: missing 'lowerdir' [ 612.494330][ T28] audit: type=1326 audit(1857709651.293:554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9633 comm="syz.0.2187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fddfd7799f9 code=0x7fc00000 [ 612.517751][ T28] audit: type=1326 audit(1857709651.293:555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9633 comm="syz.0.2187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fddfd7799f9 code=0x7fc00000 [ 612.619202][ T9728] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2230'. [ 613.699102][ T9759] loop1: detected capacity change from 0 to 512 [ 613.722766][ T9759] /dev/loop1: Can't open blockdev [ 614.351581][ T9773] loop4: detected capacity change from 0 to 1024 [ 614.369287][ T347] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 615.880043][ T9791] loop1: detected capacity change from 0 to 128 [ 616.822945][ T9799] kvm: pic: non byte write [ 616.827556][ T9799] kvm: pic: level sensitive irq not supported [ 616.827614][ T9799] kvm: pic: single mode not supported [ 616.833593][ T9799] kvm: pic: single mode not supported [ 616.839390][ T9799] kvm: pic: level sensitive irq not supported [ 616.844835][ T9799] kvm: pic: single mode not supported [ 616.850897][ T9799] kvm: pic: single mode not supported [ 616.856117][ T9799] kvm: pic: level sensitive irq not supported [ 616.861529][ T9799] kvm: pic: single mode not supported [ 616.867631][ T9799] kvm: pic: single mode not supported [ 616.872981][ T9799] kvm: pic: level sensitive irq not supported [ 616.878428][ T9799] kvm: pic: single mode not supported [ 616.884362][ T9799] kvm: pic: single mode not supported [ 616.889661][ T9799] kvm: pic: level sensitive irq not supported [ 616.895016][ T9799] kvm: pic: single mode not supported [ 616.901058][ T9799] kvm: pic: single mode not supported [ 616.906240][ T9799] kvm: pic: level sensitive irq not supported [ 616.911675][ T9799] kvm: pic: level sensitive irq not supported [ 616.917682][ T9799] kvm: pic: level sensitive irq not supported [ 616.923657][ T9799] kvm: pic: level sensitive irq not supported [ 616.930058][ T9799] kvm: pic: level sensitive irq not supported [ 617.007195][ T3407] kmmpd-loop3: attempt to access beyond end of device [ 617.007195][ T3407] loop3: rw=14337, sector=64, nr_sectors = 8 limit=64 [ 617.026485][ T3407] Buffer I/O error on dev loop3, logical block 8, lost sync page write [ 617.167790][ T7292] device bridge_slave_1 left promiscuous mode [ 617.173721][ T7292] bridge0: port 2(bridge_slave_1) entered disabled state [ 617.181093][ T7292] device bridge_slave_0 left promiscuous mode [ 617.187053][ T7292] bridge0: port 1(bridge_slave_0) entered disabled state [ 617.194806][ T7292] device veth1_macvtap left promiscuous mode [ 618.930106][ T9819] loop1: detected capacity change from 0 to 512 [ 618.939477][ T9819] EXT4-fs: Ignoring removed oldalloc option [ 618.971544][ T9819] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 618.979424][ T9819] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=80fc01c, mo2=0002] [ 618.987885][ T9819] EXT4-fs (loop1): write access unavailable, skipping orphan cleanup [ 618.995783][ T9819] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 619.018785][ T28] kauditd_printk_skb: 26 callbacks suppressed [ 619.018803][ T28] audit: type=1326 audit(1857709657.913:582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9818 comm="syz.1.2263" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd9b43799f9 code=0x0 [ 619.119565][ T9827] EXT4-fs warning (device loop1): dx_probe:892: inode #2: comm syz.1.2263: dx entry: limit 65535 != root limit 120 [ 619.131519][ T9827] EXT4-fs warning (device loop1): dx_probe:965: inode #2: comm syz.1.2263: Corrupt directory, running e2fsck is recommended [ 619.144273][ T9827] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 3: comm syz.1.2263: path /315/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0 [ 619.166568][ T9827] sch_tbf: burst 1399 is lower than device veth0_to_team mtu (1514) ! [ 619.175172][ T9827] EXT4-fs error (device loop1): htree_dirblock_to_tree:1111: inode #2: block 3: comm syz.1.2263: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0 [ 619.764707][ T3578] EXT4-fs (loop1): unmounting filesystem. [ 620.151789][ T9835] loop0: detected capacity change from 0 to 512 [ 620.179029][ T9835] EXT4-fs error (device loop0): ext4_orphan_get:1396: inode #16: comm syz.0.2266: casefold flag without casefold feature [ 620.191889][ T9835] EXT4-fs error (device loop0): ext4_do_update_inode:5212: inode #3: comm syz.0.2266: corrupted inode contents [ 620.203808][ T9835] EXT4-fs error (device loop0): ext4_dirty_inode:6074: inode #3: comm syz.0.2266: mark_inode_dirty error [ 620.216231][ T9835] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.2266: bg 0: block 64: padding at end of block bitmap is not set [ 620.231865][ T9835] Quota error (device loop0): write_blk: dquota write failed [ 620.239575][ T9835] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 620.249621][ T9835] EXT4-fs error (device loop0): ext4_acquire_dquot:6764: comm syz.0.2266: Failed to acquire dquot type 0 [ 620.262357][ T9835] EXT4-fs (loop0): 1 truncate cleaned up [ 620.268277][ T9835] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 620.277640][ T9835] ext4 filesystem being mounted at /66/file1 supports timestamps until 2038 (0x7fffffff) [ 620.340815][ T9835] Quota error (device loop0): write_blk: dquota write failed [ 620.348191][ T9835] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota [ 620.358182][ T9835] EXT4-fs error (device loop0): ext4_acquire_dquot:6764: comm syz.0.2266: Failed to acquire dquot type 0 [ 620.379595][ T28] audit: type=1326 audit(1857709659.273:583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9830 comm="syz.0.2266" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fddfd7799f9 code=0x0 [ 620.486568][ T9845] Quota error (device loop0): write_blk: dquota write failed [ 620.494359][ T9845] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota [ 620.504109][ T9845] EXT4-fs error (device loop0): ext4_acquire_dquot:6764: comm syz.0.2266: Failed to acquire dquot type 0 [ 621.042946][ T8447] EXT4-fs (loop0): unmounting filesystem. [ 622.255131][ T3407] kmmpd-loop3: attempt to access beyond end of device [ 622.255131][ T3407] loop3: rw=14337, sector=64, nr_sectors = 8 limit=64 [ 622.452445][ T3407] Buffer I/O error on dev loop3, logical block 8, lost sync page write [ 623.070417][ T9878] loop1: detected capacity change from 0 to 512 [ 623.079301][ T9878] journal_path: Lookup failure for './file0' [ 623.085203][ T9878] EXT4-fs: error: could not find journal device path [ 623.599049][ T9868] loop0: detected capacity change from 0 to 40427 [ 623.605807][ T9868] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 623.613886][ T9868] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 623.622717][ T9868] F2FS-fs (loop0): invalid crc value [ 623.629348][ T9868] F2FS-fs (loop0): Found nat_bits in checkpoint [ 623.665276][ T9868] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 623.672243][ T9868] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 623.880439][ T9886] syz.0.2274[9886] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 623.880797][ T9886] syz.0.2274[9886] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 624.088978][ T7283] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 624.109200][ T7283] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 624.535916][ T28] audit: type=1326 audit(1857709663.373:584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9891 comm="syz.4.2282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bb5f799f9 code=0x7ffc0000 [ 624.561079][ T28] audit: type=1326 audit(1857709663.373:585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9891 comm="syz.4.2282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bb5f799f9 code=0x7ffc0000 [ 624.584611][ T28] audit: type=1326 audit(1857709663.373:586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9891 comm="syz.4.2282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=4 compat=0 ip=0x7f2bb5f799f9 code=0x7ffc0000 [ 624.608721][ T28] audit: type=1326 audit(1857709663.373:587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9891 comm="syz.4.2282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bb5f799f9 code=0x7ffc0000 [ 624.631899][ T28] audit: type=1326 audit(1857709663.373:588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9891 comm="syz.4.2282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2bb5f799f9 code=0x7ffc0000 [ 625.200534][ T9894] loop0: detected capacity change from 0 to 40427 [ 625.207383][ T9894] F2FS-fs (loop0): Invalid SB checksum offset: 0 [ 625.213673][ T9894] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock [ 625.224232][ T9894] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 625.249942][ T9894] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0 [ 625.256940][ T9894] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 625.469298][ T9906] syz.0.2279: attempt to access beyond end of device [ 625.469298][ T9906] loop0: rw=2049, sector=53248, nr_sectors = 8 limit=40427 [ 625.483847][ T9906] syz.0.2279: attempt to access beyond end of device [ 625.483847][ T9906] loop0: rw=2049, sector=53256, nr_sectors = 64 limit=40427 [ 625.675003][ T8447] syz-executor: attempt to access beyond end of device [ 625.675003][ T8447] loop0: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 626.357080][ T333] usb 1-1: new high-speed USB device number 36 using dummy_hcd [ 626.597101][ T333] usb 1-1: Using ep0 maxpacket: 8 [ 626.717136][ T333] usb 1-1: config 179 has an invalid interface number: 65 but max is 0 [ 626.725199][ T333] usb 1-1: config 179 has no interface number 0 [ 626.731320][ T333] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 626.742144][ T333] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1029, setting to 1024 [ 626.753171][ T333] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 255, changing to 11 [ 626.764357][ T333] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 59391, setting to 1024 [ 626.775565][ T333] usb 1-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 626.788597][ T333] usb 1-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 626.797433][ T333] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 626.817148][ T9914] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 626.824116][ T9914] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 626.840179][ T333] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:179.65/input/input117 [ 627.038682][ T333] usb 1-1: USB disconnect, device number 36 [ 627.057190][ T333] xpad 1-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 627.327100][ T3407] kmmpd-loop3: attempt to access beyond end of device [ 627.327100][ T3407] loop3: rw=14337, sector=64, nr_sectors = 8 limit=64 [ 627.340546][ T3407] Buffer I/O error on dev loop3, logical block 8, lost sync page write [ 627.836439][ T28] audit: type=1326 audit(1857709666.723:589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9922 comm="syz.2.2289" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff5499799f9 code=0x0 [ 627.890059][ T9929] device vlan2 entered promiscuous mode [ 627.895435][ T9929] device ip6gretap0 entered promiscuous mode [ 628.277064][ T300] usb 1-1: new high-speed USB device number 37 using dummy_hcd [ 628.284639][ T333] usb 2-1: new high-speed USB device number 35 using dummy_hcd [ 628.537097][ T300] usb 1-1: Using ep0 maxpacket: 8 [ 628.658380][ T333] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 628.666820][ T333] usb 2-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 628.676859][ T300] usb 1-1: config 168 descriptor has 1 excess byte, ignoring [ 628.684065][ T300] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 628.695148][ T333] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 628.704103][ T300] usb 1-1: config 168 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping [ 628.714684][ T333] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9 [ 628.725430][ T333] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 628.797110][ T300] usb 1-1: config 168 descriptor has 1 excess byte, ignoring [ 628.804596][ T300] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 628.815788][ T300] usb 1-1: config 168 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping [ 628.847128][ T333] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 628.856082][ T333] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 628.864013][ T333] usb 2-1: Product: syz [ 628.867998][ T333] usb 2-1: Manufacturer: syz [ 628.897144][ T300] usb 1-1: config 168 descriptor has 1 excess byte, ignoring [ 628.904353][ T300] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 628.915888][ T333] cdc_wdm 2-1:1.0: skipping garbage [ 628.920958][ T333] cdc_wdm 2-1:1.0: skipping garbage [ 628.926445][ T300] usb 1-1: config 168 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping [ 628.937144][ T333] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device [ 629.117621][ T6] usb 2-1: USB disconnect, device number 35 [ 629.197122][ T300] usb 1-1: string descriptor 0 read error: -22 [ 629.203252][ T300] usb 1-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 629.212097][ T300] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 629.459493][ T300] usb 1-1: USB disconnect, device number 37 [ 629.697093][ T6] usb 2-1: new high-speed USB device number 36 using dummy_hcd [ 630.057138][ T6] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 630.065590][ T6] usb 2-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 630.075584][ T6] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 630.084337][ T6] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9 [ 630.095099][ T6] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 630.217322][ T6] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 630.226193][ T6] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 630.234059][ T6] usb 2-1: Product: syz [ 630.238010][ T6] usb 2-1: Manufacturer: syz [ 630.277650][ T6] cdc_wdm 2-1:1.0: skipping garbage [ 630.282692][ T6] cdc_wdm 2-1:1.0: skipping garbage [ 630.288788][ T6] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device [ 631.524639][ T9946] loop0: detected capacity change from 0 to 1024 [ 631.534448][ T9946] EXT4-fs: Ignoring removed oldalloc option [ 631.556622][ T9946] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 631.633634][ T8447] EXT4-fs (loop0): unmounting filesystem. [ 632.050587][ T6] usb 2-1: USB disconnect, device number 36 [ 632.377069][ T3407] kmmpd-loop3: attempt to access beyond end of device [ 632.377069][ T3407] loop3: rw=14337, sector=64, nr_sectors = 8 limit=64 [ 632.391737][ T3407] Buffer I/O error on dev loop3, logical block 8, lost sync page write SYZFAIL: mmap of output file failed want 0x1b2be20000, got 0xffffffffffffffff (errno 13: Permission denied) SYZFAIL: mmap of output file failed want 0x1b2c320000, got 0xffffffffffffffff (errno 13: Permission denied) SYZFAIL: mmap of output file failed want 0x1b2c420000, got 0xffffffffffffffff (errno 13: Permission denied) SYZFAIL: mmap of output file failed want 0x1b2c720000, got 0xffffffffffffffff (errno 13: Permission denied) SYZFAIL: mmap of output file failed want 0x1b2d320000, got 0xffffffffffffffff (errno 13: Permission denied) SYZFAIL: mmap of output file failed want 0x1b2de20000, got 0xffffffffffffffff (errno 13: Permission denied) SYZFAIL: mmap of output file failed want 0x1b2ed20000, got 0xffffffffffffffff (errno 13: Permission denied) SYZFAIL: mmap of output file failed want 0x1b2f520000, got 0xffffffffffffffff (errno 13: Permission denied) SYZFAIL: mmap of output file failed want 0x1b30020000, got 0xffffffffffffffff (errno 13: Permission denied) SYZFAIL: mmap of output file failed want 0x1b30920000, got 0xffffffffffffffff (errno 13: Permission denied) SYZFAIL: mmap of output file failed want 0x1b31320000, got 0xffffffffffffffff (errno 13: Permission denied) SYZFAIL: mmap of output file failed want 0x1b32120000, got 0xffffffffffffffff (errno 13: Permission denied) SYZFAIL: mmap of output file failed want 0x1b33320000, got 0xffffffffffffffff (errno 13: Permission denied) SYZFAIL: mmap of output file failed want 0x1b2c520000, got 0xffffffffffffffff (errno 13: Permission denied) SYZFAIL: mmap of output file failed want 0x1b2dc20000, got 0xffffffffffffffff (errno 13: Permission denied) SYZFAIL: mmap of output file failed want 0x1b2ef20000, got 0xffffffffffffffff (errno 13: Permission denied) SYZFAIL: mmap of output file failed want 0x1b2fa20000, got 0xffffffffffffffff (errno 13: Permission denied) SYZFAIL: mmap of output file failed want 0x1b30920000, got 0xffffffffffffffff (errno 13: Permission denied) SYZFAIL: mmap of output file failed want 0x1b31120000, got 0xffffffffffffffff (errno 13: Permission denied) SYZFAIL: mmap of output file failed want 0x1b31f20000, got 0xffffffffffffffff (errno 13: Permission denied) SYZFAIL: repeatedly failed to execute the program proc=3 req=2232 state=1 status=67 (errno 9: Bad file descriptor) [ 633.530462][ T28] audit: type=1326 audit(1857709672.423:590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9958 comm="syz.2.2298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5499799f9 code=0x7ffc0000 [ 633.555609][ T28] audit: type=1326 audit(1857709672.443:591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9958 comm="syz.2.2298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5499799f9 code=0x7ffc0000 [ 633.578917][ T28] audit: type=1326 audit(1857709672.443:592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9958 comm="syz.2.2298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff549978390 code=0x7ffc0000 [ 633.602513][ T28] audit: type=1326 audit(1857709672.443:593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9958 comm="syz.2.2298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff5499795fb code=0x7ffc0000 [ 633.626086][ T28] audit: type=1326 audit(1857709672.443:594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9958 comm="syz.2.2298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff5499795fb code=0x7ffc0000 [ 633.666169][ T28] audit: type=1326 audit(1857709672.443:595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9958 comm="syz.2.2298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff5499795fb code=0x7ffc0000 [ 633.689715][ T28] audit: type=1326 audit(1857709672.443:596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9958 comm="syz.2.2298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff5499795fb code=0x7ffc0000 [ 633.880266][ T300] usb 1-1: new high-speed USB device number 38 using dummy_hcd [ 634.095782][ T488] usb 2-1: new high-speed USB device number 37 using dummy_hcd [ 634.103282][ T6] usb 3-1: new high-speed USB device number 60 using dummy_hcd [ 634.627763][ T2482] device bridge_slave_1 left promiscuous mode [ 634.633790][ T2482] bridge0: port 2(bridge_slave_1) entered disabled state [ 634.641209][ T2482] device bridge_slave_0 left promiscuous mode [ 634.647225][ T2482] bridge0: port 1(bridge_slave_0) entered disabled state [ 634.654896][ T2482] device veth1_macvtap left promiscuous mode [ 634.660781][ T2482] device veth0_vlan left promiscuous mode [ 634.999887][ T2482] device ip6gretap0 left promiscuous mode [ 635.477866][ T2482] device bridge_slave_1 left promiscuous mode [ 635.483797][ T2482] bridge0: port 2(bridge_slave_1) entered disabled state [ 635.491144][ T2482] device bridge_slave_0 left promiscuous mode [ 635.497199][ T2482] bridge0: port 1(bridge_slave_0) entered disabled state [ 635.504939][ T2482] device bridge_slave_1 left promiscuous mode [ 635.510998][ T2482] bridge0: port 2(bridge_slave_1) entered disabled state [ 635.518407][ T2482] device bridge_slave_0 left promiscuous mode [ 635.524315][ T2482] bridge0: port 1(bridge_slave_0) entered disabled state [ 635.532627][ T2482] device bridge_slave_1 left promiscuous mode [ 635.538629][ T2482] bridge0: port 2(bridge_slave_1) entered disabled state [ 635.545843][ T2482] device bridge_slave_0 left promiscuous mode [ 635.551816][ T2482] bridge0: port 1(bridge_slave_0) entered disabled state [ 635.560206][ T2482] device veth1_macvtap left promiscuous mode [ 635.566021][ T2482] device veth0_vlan left promiscuous mode [ 635.571981][ T2482] device veth1_macvtap left promiscuous mode [ 637.407120][ T3407] kmmpd-loop3: attempt to access beyond end of device [ 637.407120][ T3407] loop3: rw=14337, sector=64, nr_sectors = 8 limit=64 [ 637.420474][ T3407] Buffer I/O error on dev loop3, logical block 8, lost sync page write [ 642.447121][ T3407] kmmpd-loop3: attempt to access beyond end of device [ 642.447121][ T3407] loop3: rw=14337, sector=64, nr_sectors = 8 limit=64 [ 642.460477][ T3407] Buffer I/O error on dev loop3, logical block 8, lost sync page write