last executing test programs: 11.704051021s ago: executing program 4 (id=3708): r0 = inotify_init1(0x0) creat(&(0x7f00000005c0)='./file0\x00', 0x0) inotify_add_watch(r0, &(0x7f00000019c0)='./file0\x00', 0x20) inotify_add_watch(r0, &(0x7f0000001a40)='./file0\x00', 0x80000800) 11.668625345s ago: executing program 4 (id=3710): syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000000c0)='./file0\x00', 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="6163746976655f6c6f67733d342c6e6f646973636172642c616c6c6f635f6d6f64653d64656661756c742c6163746976655f6c6f67733d362c6e6f666c7573685f6d657267652c64697361626c655f726f6c6c5f666f72776172642c696e6c696e655f646174612c6673796e635f6d6f64653d706f7369782c686561702c6e6f696e6c696e655f646174612c6e6f657874656e745f63616368652c6d6f64653d61646170746976652c6a71666d743d7666736f6c642c757365725f78617474722c00779cd4f02894cf964d909c186aac251e773b07a2a2349d810b3ec41107242d9e37b999afd91d5fe52bdddd57868a70f0b28523203ce742ef793e984a3e5c4fb9fa37eec6c48714f05711f8f7206ba61dcb3d975e8b544ca8aae49633e3cf0d015e32276cf811c1900db5f8e56ba59a7ec100"/320], 0x1, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S") prlimit64(0x0, 0x1, &(0x7f0000000140)={0x36, 0x200000000000008b}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_all\x00', 0x275a, 0x0) fallocate(r0, 0x20, 0x2000, 0x140000) 11.328895904s ago: executing program 4 (id=3721): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000007d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x10) r1 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000000c0)=ANY=[@ANYBLOB="500000001000050700000000c803000000000000", @ANYRES32=0x0, @ANYBLOB="001ba6000000000008000a80", @ANYRES32, @ANYBLOB="2800128008000100736974001c00028008000100", @ANYBLOB="05"], 0x50}, 0x1, 0x4c00000000000000}, 0x0) 11.02367404s ago: executing program 4 (id=3735): r0 = socket$unix(0x1, 0x2, 0x0) recvfrom$unix(r0, &(0x7f0000000140)=""/227, 0xe3, 0x0, 0x0, 0x0) bind$unix(r0, &(0x7f0000000000)=@abs={0x1, 0x0, 0x4e22}, 0x6e) sendto$unix(r0, &(0x7f0000000100)='k', 0x1, 0x0, &(0x7f0000000240)=@abs={0x1, 0x0, 0x4e22}, 0x6e) 10.956022248s ago: executing program 4 (id=3740): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x20081e, &(0x7f0000000040), 0x1, 0x501, &(0x7f0000001ac0)="$eJzs3c9vI1cdAPDveDeJs02btPQACOhSCgtarZN426jqAcoJIVQJ0SNI25B4oyh2HMVOacIe0v8BiUqc4MgfwLkn7lwQ3LiUAxI/IlBTiYPRjMepydobNz/srP35SLMzb57t73vrzHv214lfABPrdkQcRsR0RLwTEfP5+STf4s32lt7u46NHa8dHj9aSaLXe/meS1afnous+qWfyxyxGxI++F/HT5PG4jf2DrdVqtbLbLs4uNms7i439g3ubtdWNykZlu1xeWV5Zev3+a+VL6+tLten86Msf/eHwWz9PmzWXn+nux2Vqd33qJE7qZkT84CqCjcCNvD/To24I51KIiBci4uXs+p+PG9mzCQCMs1ZrPlrz3eUk+xcAGF+FLAeWFEp5LmAuCoVSqZ3DezFuFar1RvPuw/re9no7V7YQU4WHm9XKUp4rXIipJC0vZ8eflsunyvcj4vmI+MXMbFYurdWr66N84QMAE+yZU/P/f2ba8z8AMOaKo24AADB05n8AmDzmfwCYPOZ/AJg85n8AmDzmfwCYPOZ/AJgoP3zrrXRrHefff73+7v7eVv3de+uVxlaptrdWWqvv7pQ26vWN7Dt7amc9XrVe31l+NfbeW/j2TqO52Ng/eFCr7203H2Tf6/2gMjWUXgEAT/L8Sx/+OYmIwzdmsy261nIwV8N4K4y6AcDI3Djn/az3BE+/AVf76rGCH/C0u8B7fOkBGBNnTfDFiJg9fbLVarWurknAFbvzBfl/mFRd+X+/BQwT5rz5f+DpN2D+HxhDrVYy6Gr/MegNAYDrTY4f6PP5/wv5/rf5hwM/WT99iw+uslUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwvXXW/y3la4HPRaFQKkU8GxELMZU83KxWliLiuYj408zUTFpeHnGbAYCLKvwtydf/ujP/ytzp2unkk5lsHxE/+9Xbv3xvtdnc/WN6/l8n55sf5OfLo2g/AHCWzjyd7bveyH989Gitsw2zPX//bkQU2/GPj6bj+CT+zbiZ7YsxFRG3/p3k5bakK3dxEYfvR8Tne/U/ibksB9Je+fR0/DT2s0ONX/i/+IWsrr1P/y8+dwltgUnzYTr+vNnr+ivE7Wzf+/ovZiPUxeXjX/pQa8fZGPhp/M74d6PP+Hd70Biv/v777aPZx+vej/jizYhO7OOu8acTP+kT/5UB4//lS195uV9d69cRd6J3/O5Yi83azmJj/+DeZm11o7JR2S6XV5ZXll6//1p5MctRL/afDf7xxt3n+tWl/b/VJ37xjP5/fcD+/+a/7/z4q0+I/82v9YpfiBefED+dE78xYPzVW78r9qtL46/36f9Zz//dAeN/9NeDx5YNBwBGp7F/sLVarVZ2h3nQeSEx1KAOxuAg/am5Bs3oefCdYcWajs90r1brXLFOjxSd92OXkXUDroOTiz4iPhl1YwAAAAAAAAAAAAAAgJ6G8RdLo+4jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4+t/AQAA//8X/Mrj") mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0) mount(0x0, &(0x7f00000001c0)='./file0/../file0/../file0\x00', 0x0, 0x834421, 0x0) quotactl$Q_SETINFO(0xffffffff80000601, &(0x7f0000000000)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000280)) 10.834428241s ago: executing program 4 (id=3743): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000001c0)={0x1b, 0x0, 0x0, 0x1000000, 0x0, 0xffffffffffffffff, 0xfffffffe, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x0, 0x0, @void, @value, @void, @value}, 0x48) 8.032259107s ago: executing program 2 (id=3829): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='netlink_extack\x00', r0}, 0x10) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000007c0)=@newsa={0x13c, 0x10, 0x1, 0x100000, 0x25dfdbff, {{@in6=@dev={0xfe, 0x80, '\x00', 0x1b}, @in6=@loopback}, {@in6=@mcast2, 0x0, 0x32}, @in=@multicast2, {0x0, 0x4, 0x0, 0x0, 0xffffffffffffffff, 0x4, 0x8000000000000002}, {}, {}, 0xffffffff, 0x0, 0xa, 0x0, 0x4, 0xaf}, [@algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x13c}}, 0x0) 8.031579447s ago: executing program 2 (id=3831): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0) recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0) syz_clone(0x1100, 0x0, 0x0, 0x0, 0x0, 0x0) 7.971399134s ago: executing program 2 (id=3833): syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x0, &(0x7f00000002c0), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=") mkdirat(0xffffffffffffff9c, &(0x7f0000000640)='mnt/encrypted_dir\x00', 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000680)='mnt/encrypted_dir\x00', 0x0, 0x0) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f00000006c0)=@v1={0x0, @adiantum, 0x10, @auto="9e49f3bd066014d2"}) 7.852012838s ago: executing program 2 (id=3841): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="010000000000000080000040080000000002"]) 7.700451395s ago: executing program 2 (id=3845): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@minixdf}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=") syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000080)='./file1\x00', 0xe, &(0x7f0000000140)={[{@test_dummy_encryption}, {@orlov}, {@noauto_da_alloc}, {@minixdf}, {@errors_remount}, {@quota}]}, 0x3, 0x455, &(0x7f0000000f00)="$eJzs3MtvG0UYAPBv10n6pDGlPPoAAgUR8UiatEAPXEAgcQAJCQ7lGJK0KnUb1ASJVhUYhMoRVeKOOCLxF3CCCwJOSFzhjipVqJcWTkZr7yaOY6dxmsSl/v2kTWZ2Zz3zeXfs2Z1sAuhbI9mPJGJ3RPwREcON7PICI41fN69fmv7n+qXtEVF7+++kXu7G9UvTRdFiv115ZjSNSD9P4mCbeucvXDwzVanMns/z4wtnPxifv3DxudNnp07Nnpo9N3n8+LGjEy++MPn8in0vD3cfZ7bLjQMfzx3a//q7V96cPnHlvV++S4r4W+Jor9xtlSOrbXyyVuv29e5o9zSlk4EeNoSulCIiO1yD9f4/HKVYOnjD8dpnPW0csKlquQ6bqzXgLpZEr1sA9EbxRZ9d/xbL1o0+eu/ay40LoCzum/nS2DIQaV5msOX6diONRMSJ6r9fZ0us6T4EAMDt+SEb/zzbbvyXxgNN5fbkcyjliLg3IvZGxH0RsS8i7o+ol30wIh7qsv7WSZKV45/06roCW6Ns/PdSPre1fPyXRrWRKJfqucYYsByDycnTldkj+XsyGoPbsvzEKnX8+OrvX3ba1jz+y5as/mIsmLfj6sC25fvMTC1M3V7US659GnFgoF38yeJMQBIR+yPiwDrrOP30t4c6bRuJ6i3i72RjJplq30Q81Tj+1WiJv5CsPj85vj0qs0fGi7NipV9/u/xWp/pvffw3V3b8d7Y9/xfjLyfN87Xz3ddx+c8vOl7TrPf8H0reqaeH8nUfTS0snJ+IGEreaDS6ef3k0r5FviifxT96uH3/3xtL78TBiMhO4ocj4pGIeDRv+2MR8XhEHF4l/p9feeL99ce/ubL4Z7o6/kuJoWhd0z5ROvPT98sqLXcTf3b8j9VTo/matXz+raVd6zubAQAA4P8njYjdkaRji+k0HRtr/A3/vtiZVubmF545OffhuZnGMwLlGEyLO13DTfdDJxYv6xv5yTxfbD+a3zf+qrSjnh+bnqvM9Dp46HO7OvT/zF+ltrts29oWApvK81rQv/R/6F/6P/Qv/R/6V5v+v6MX7QC2Xrvv/0960A5g67X0//bTfsBdyfU/9C/9H/qX/g99aX5HrPqQfFT31Mut7Ul/iTsqEbERr1P8I4iWTZH2PkCJzUv09GMJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgw/wXAAD//7Jx47M=") mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount(0x0, &(0x7f0000000040)='./file0/../file0\x00', 0x0, 0x20, &(0x7f0000000140)='usrjquota=') 7.49084081s ago: executing program 2 (id=3849): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000026c0)=@delchain={0x644, 0x65, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff2}}, [@filter_kind_options=@f_route={{0xa}, {0x604, 0x2, [@TCA_ROUTE4_CLASSID={0x8, 0x1, {0xa, 0xe}}, @TCA_ROUTE4_ACT={0x5f8, 0x6, [@m_simple={0x188, 0x1f, 0x0, 0x0, {{0xb}, {0x88, 0x2, 0x0, 0x1, [@TCA_DEF_PARMS={0x18, 0x2, {0x401, 0x2, 0x1, 0x2, 0x8}}, @TCA_DEF_DATA={0xd, 0x3, '@-^[\xa5&,.\x00'}, @TCA_DEF_DATA={0x7, 0x3, 'lo\x00'}, @TCA_DEF_PARMS={0x18, 0x2, {0x0, 0x80000001, 0xfffffffffffffffe, 0x6, 0x2}}, @TCA_DEF_PARMS={0x18, 0x2, {0x401, 0x495, 0x20000000, 0xc9, 0x62c}}, @TCA_DEF_PARMS={0x18, 0x2, {0x6, 0x1, 0x10000000, 0x4, 0x8}}, @TCA_DEF_DATA={0xb, 0x3, 'j\xbf!*{$\x00'}]}, {0xd5, 0x6, "bb56072c27c5e2984fb9b39740c7dea2e6372a168bf1fdb8ecb6019c9f5db834fcaca18620641b7aab2922f69d2f9b062f5ec4be8a5a603fe7236ffd67f60e9e007b34e0f9cb58fc8855dae5289e4e856559f64bc5a1c5683263937fdd088e5f34874e0d2d2273a7a09810d9042b32fb69223c74e88c41fda5268c22a3107d32ee49d3a99665178abfde24d27a872b23ece9d09c9560070a6e3cca383ccb4d1a6d7c302ab3ee820e67d26e78f72566a2f9765698d783e6c14d8da6156473bc39143eaba66c1921f94f19f65bc88b127c0e"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x2}}}}, @m_vlan={0x134, 0x3, 0x0, 0x0, {{0x9}, {0x14, 0x2, 0x0, 0x1, [@TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x88a8}, @TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0xb7e}]}, {0xf5, 0x6, "b4f5f8a000aed611d1e3ee1aaa84601c97299db7511af811242f5e599e70462ff947d7fce8171ca76d6272e5926e4bcc41c5f2a45eda585981ca0de6f00b6a83a630a32eb3d933702dde61376ab26952f74f090fb6858f97715363bfca363004ef43db3a48e84090d7517b700dc6a2a2f94e7329147f25670ca37779fb3bb34630b673bfa93845abd7c41a11e2c7d51cd033af07fdedab1b0a4fd3289168734a438364c97d0791494427d5c5c48b1f99b2933a263cfb4ca5c4ae41bb0d4ad806597b90b1569a91f0af9997eb0a37a98b616eeb9b0e0d88e3faa90e480ed36ed0731503f2a4bda6e9158fad7756a073b2ce"}, {0xc}, {0xc, 0x8, {0x3}}}}, @m_csum={0x104, 0x8, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0xfffff800, 0xdd, 0x10000000, 0x4}, 0x2b}}]}, {0xb9, 0x6, "4c8530b4f61970da689c06a26312df6c492da62a443b3e60d222e666e87033e2acd998073932893a4243abe9e871015575017360a9830ecfb2232d104190c1680b2d7935db3e98eeb8fda548b5bb513959cfd9a3f35a136542121b41bf2eb5641dcf351162a085dc2dd873e5ec7b1fdb28b6602a6e7433e2f05c89ca536a736514819f81c14d1c7e4e62cd25c809a1b38716d82e2b023799c6fc2f08ae6e74a26bcce4f200ce8668bcfdb65e7787481db1ee75ef04"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x3}}}}, @m_ife={0x84, 0x7, 0x0, 0x0, {{0x8}, {0x38, 0x2, 0x0, 0x1, [@TCA_IFE_SMAC={0xa, 0x4, @remote}, @TCA_IFE_SMAC={0xa, 0x4, @multicast}, @TCA_IFE_PARMS={0x1c, 0x1, {{0xffffffff, 0x1, 0xffffffffffffffff, 0x5, 0xfffffff2}}}]}, {0x25, 0x6, "3c4d628f307b84d62ea02c2a83d6801f55d9f79db5283d58343d431b68a6d23b01"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x5}}}}, @m_nat={0xfc, 0xc, 0x0, 0x0, {{0x8}, {0x4}, {0xd1, 0x6, "256c3eb62a3c42cccec027988ad7149d48e69552fccd245cb90ebe3ebe6f36a14b83b65bb651bed880b4bf769cb0b5b18dabcc7d7a108e10124a104ef74333b28537655fecc96352477fe91863d2bd9822da8b57752f8d22cb68e4c4a79e0bba55acd2df7f410043b083dc74a0d99332f2ace4931a9efd89f8b8628f63b4791715c76fbcd195be1b8852f5b1f1e7b1296b3dd78041c0da1131303d605504dce4f02686d6875be1f7027e6e45a30376aff6097249b0111683261e334758927ff3e22f0a847fd35c396b7a43571a"}, {0xc}, {0xc, 0x8, {0x1, 0x3}}}}, @m_bpf={0x80, 0x1b, 0x0, 0x0, {{0x8}, {0x58, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x5}, @TCA_ACT_BPF_FD={0x8}, @TCA_ACT_BPF_PARMS={0x18, 0x2, {0x4, 0x3, 0x6, 0x4, 0x7}}, @TCA_ACT_BPF_PARMS={0x18, 0x2, {0x6, 0x7, 0x20000000, 0x0, 0x1}}, @TCA_ACT_BPF_NAME={0xc, 0x6, './file0\x00'}, @TCA_ACT_BPF_OPS_LEN={0x6}]}, {0x4}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x3}}}}, @m_connmark={0x34, 0x19, 0x0, 0x0, {{0xd}, {0x4}, {0x4}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1, 0x1}}}}]}]}}, @TCA_RATE={0x6, 0x5, {0x9d}}, @TCA_CHAIN={0x8, 0xb, 0x3}]}, 0x644}}, 0x0) r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x7e}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41, 0xb00}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400}) 2.745192181s ago: executing program 3 (id=3892): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0) 2.32322466s ago: executing program 3 (id=3897): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = epoll_create1(0x0) epoll_pwait2(r0, &(0x7f0000000280)=[{}], 0x1, &(0x7f0000000300)={0x0, 0x3938700}, 0x0, 0x0) 2.227469131s ago: executing program 3 (id=3901): unshare(0x22020600) syz_clone(0x498144ee5f62e149, 0x0, 0x17, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4000000010003b1500"/20, @ANYRES32=0x0, @ANYBLOB="000000000000000120001280080001"], 0x40}}, 0x0) syz_usb_connect(0x0, 0x5a, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000ec13b2106d04f308280b0102030109024800010000000009046900000e0100000841"], 0x0) 416.139742ms ago: executing program 3 (id=3925): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000240), 0x3af4701e) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28012, r0, 0x0) mremap(&(0x7f0000000000/0x9000)=nil, 0x600000, 0x600000, 0x3, &(0x7f0000a00000/0x600000)=nil) 310.555194ms ago: executing program 1 (id=3929): r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080), 0x1c0002, 0x0) write$vga_arbiter(r0, &(0x7f0000000000)=@other={'lock', ' ', 'io+mem'}, 0xc) write$vga_arbiter(r0, &(0x7f0000000400)=@other={'lock', ' ', 'io+mem'}, 0xc) close(r0) 278.614498ms ago: executing program 1 (id=3930): ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f00000000c0)) r0 = userfaultfd(0x80001) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)) 219.490445ms ago: executing program 1 (id=3931): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) r2 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000940)=@newqdisc={0x6c, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0xfffffffffffffd07, 0x2, [@TCA_TBF_RATE64={0xc}, @TCA_TBF_PARMS={0x28}, @TCA_TBF_PBURST={0x8}]}}]}, 0x6c}}, 0x0) 216.535135ms ago: executing program 0 (id=3932): mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_type(r0, &(0x7f00000000c0), 0x2, 0x0) preadv(r1, &(0x7f0000000040)=[{&(0x7f0000000100)=""/185, 0xb9}], 0x1, 0x0, 0x0) 215.689045ms ago: executing program 1 (id=3933): setresuid(0xee00, 0x0, 0x0) r0 = socket$unix(0x1, 0x5, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setresuid(0x0, r1, 0x0) 196.582997ms ago: executing program 1 (id=3935): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000002e80)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r1}, 0x10) sync() 189.478698ms ago: executing program 0 (id=3936): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) setreuid(0xee01, 0x0) ioprio_get$uid(0x3, 0xee01) 131.520755ms ago: executing program 0 (id=3937): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10) timer_create(0x2, 0x0, &(0x7f0000000040)=0x0) timer_gettime(r1, &(0x7f0000000140)) 131.324815ms ago: executing program 0 (id=3938): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x12, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000008850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, @cgroup_sock_addr, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10) execveat$binfmt(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x0) 120.913146ms ago: executing program 0 (id=3940): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="480000001400010000000000fdfff7ff0a004300", @ANYRES32=r2, @ANYBLOB="14000100ff"], 0x48}}, 0x0) 34.795686ms ago: executing program 3 (id=3941): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001540)={0x6, 0x15, &(0x7f0000001480)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400005d000000850000008200000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r2}, 0xc) 19.739628ms ago: executing program 1 (id=3942): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000100)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006, 0x0, 0x6, 0x3ff}]}, 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001600)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697aeea018512babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7acbf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000005d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd353646000000000000000000002b0000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4092140faed0c329be610c30180000000000000c03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3e16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e2e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a3009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981179186e4000000000000646174b55d251f7f8ca5ccc22a5efb33b237eff5597a3c3a5f3a9bb54ae54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db55474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24c5efd5c8495c1ccd580033c55725f2d60354f8ad5914a0155eaa743350ddb388f486b6de0549ef3b1b3c3b7d4d3a830ff39885776119408029be3788dd8422b1ab7b4c9d5b7d8682fd759c713108e1386f5800"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000b40)={r1, 0x18000000000002a0, 0x26, 0x0, &(0x7f0000000100)="b9ff030711a5268c019e14f088a847e0ffff00124000631177fbac141416e000030a94029f03", 0x0, 0x10, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) 397.51µs ago: executing program 3 (id=3943): r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000380)={'wg1\x00', 0x0}) ioctl$sock_inet6_SIOCSIFADDR(r0, 0x8916, &(0x7f00000012c0)={@private0={0xfc, 0x0, '\x00', 0x1}, 0x65, r1}) ioctl$sock_inet6_SIOCSIFADDR(r0, 0x8916, &(0x7f00000003c0)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, r1}) 0s ago: executing program 0 (id=3944): bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x6, &(0x7f0000000480)=ANY=[@ANYBLOB="180200003f00ffff0000000000004000850000002c0000001800000004000000000000000700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x27, 0x0, 0x0, 0x0, 0x0, 0x1400, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) kernel console output (not intermixed with test programs): .108922][ T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 138.121835][ T7018] EXT4-fs error (device loop2): ext4_acquire_dquot:6764: comm syz.2.2838: Failed to acquire dquot type 0 [ 138.129391][ T24] usb 5-1: SerialNumber: syz [ 138.160026][ T4755] EXT4-fs (loop2): unmounting filesystem. [ 138.191529][ T24] cdc_ether 5-1:1.0: skipping garbage [ 138.196775][ T24] cdc_ether: probe of 5-1:1.0 failed with error -22 [ 138.241645][ T7037] loop2: detected capacity change from 0 to 256 [ 138.254365][ T7037] exfat: Deprecated parameter 'utf8' [ 138.266153][ T7037] exfat: Deprecated parameter 'namecase' [ 138.274651][ T7037] exfat: Deprecated parameter 'utf8' [ 138.280528][ T7043] loop1: detected capacity change from 0 to 2048 [ 138.283771][ T7045] tap0: tun_chr_ioctl cmd 2147767511 [ 138.295840][ T7037] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d) [ 138.297313][ T7043] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 138.310398][ T7037] [syz.2.2849/7037] FS: loop2 File: /file1 would truncate fibmap result [ 138.339052][ T7048] loop2: detected capacity change from 0 to 512 [ 138.346544][ T3735] EXT4-fs (loop1): unmounting filesystem. [ 138.383260][ T7048] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 138.392076][ T7048] ext4 filesystem being mounted at /202/file0 supports timestamps until 2038 (0x7fffffff) [ 138.444687][ T7048] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 12: comm syz.2.2853: path /202/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0 [ 138.466422][ T7048] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 13: comm syz.2.2853: path /202/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0 [ 138.481770][ T60] usb 5-1: USB disconnect, device number 29 [ 138.489539][ T7048] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 14: comm syz.2.2853: path /202/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 138.513821][ T7048] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 15: comm syz.2.2853: path /202/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0 [ 138.534179][ T7048] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 16: comm syz.2.2853: path /202/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0 [ 138.555564][ T7048] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 17: comm syz.2.2853: path /202/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 138.575925][ T7048] EXT4-fs error (device loop2): ext4_map_blocks:607: inode #2: block 18: comm syz.2.2853: lblock 23 mapped to illegal pblock 18 (length 1) [ 138.590655][ T7048] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 19: comm syz.2.2853: path /202/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0 [ 138.611067][ T7048] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 20: comm syz.2.2853: path /202/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=2048 fake=0 [ 138.631603][ T7048] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 21: comm syz.2.2853: path /202/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=2048 fake=0 [ 138.681443][ T7071] loop3: detected capacity change from 0 to 40427 [ 138.688926][ T7071] F2FS-fs (loop3): invalid crc value [ 138.695149][ T7071] F2FS-fs (loop3): Found nat_bits in checkpoint [ 138.741994][ T7071] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 138.766420][ T294] syz-executor: attempt to access beyond end of device [ 138.766420][ T294] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 139.234876][ T4755] EXT4-fs (loop2): unmounting filesystem. [ 139.266654][ T7085] loop4: detected capacity change from 0 to 40427 [ 139.273361][ T7085] F2FS-fs (loop4): Small segment_count (9 < 1 * 24) [ 139.279845][ T7085] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 139.286033][ T7092] loop2: detected capacity change from 0 to 2048 [ 139.289655][ T7085] F2FS-fs (loop4): Found nat_bits in checkpoint [ 139.303958][ T7092] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 139.320951][ T333] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 139.327421][ T7085] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 139.339005][ T333] EXT4-fs (loop2): Remounting filesystem read-only [ 139.344549][ T7085] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 139.349531][ T4755] EXT4-fs (loop2): unmounting filesystem. [ 139.367279][ T5934] syz-executor: attempt to access beyond end of device [ 139.367279][ T5934] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 139.432808][ T7106] loop4: detected capacity change from 0 to 128 [ 139.448090][ T7108] loop4: detected capacity change from 0 to 512 [ 139.464770][ T7108] ext4 filesystem being mounted at /116/file0 supports timestamps until 2038 (0x7fffffff) [ 139.506252][ T7118] loop4: detected capacity change from 0 to 512 [ 139.515672][ T7118] EXT4-fs: Ignoring removed mblk_io_submit option [ 139.522232][ T7118] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 139.531268][ T7118] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b002c118, mo2=0002] [ 139.539411][ T7118] System zones: 1-12 [ 139.543693][ T7118] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2213: inode #15: comm syz.4.2880: corrupted in-inode xattr [ 139.555655][ T7118] EXT4-fs error (device loop4): ext4_orphan_get:1401: comm syz.4.2880: couldn't read orphan inode 15 (err -117) [ 139.711970][ T7149] loop2: detected capacity change from 0 to 512 [ 139.718399][ T7149] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 139.731894][ T7149] ext4 filesystem being mounted at /213/bus supports timestamps until 2038 (0x7fffffff) [ 139.744292][ T7149] EXT4-fs (loop2): shut down requested (0) [ 139.954775][ T441] usb 5-1: new high-speed USB device number 30 using dummy_hcd [ 140.104487][ T60] usb 3-1: new high-speed USB device number 28 using dummy_hcd [ 140.269985][ T7171] netlink: 'syz.0.2905': attribute type 12 has an invalid length. [ 140.278105][ T7171] netlink: 'syz.0.2905': attribute type 29 has an invalid length. [ 140.286402][ T7171] netlink: 'syz.0.2905': attribute type 2 has an invalid length. [ 140.294003][ T7171] netlink: 'syz.0.2905': attribute type 2 has an invalid length. [ 140.299013][ T7165] loop1: detected capacity change from 0 to 40427 [ 140.308135][ T7171] netlink: 'syz.0.2905': attribute type 1 has an invalid length. [ 140.315659][ T7171] netlink: 'syz.0.2905': attribute type 37 has an invalid length. [ 140.323406][ T7171] netlink: 'syz.0.2905': attribute type 2 has an invalid length. [ 140.330881][ T7165] F2FS-fs (loop1): Invalid SB checksum offset: 0 [ 140.337022][ T7165] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock [ 140.345071][ T441] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 140.345456][ T7171] bridge0: port 1(bridge_slave_0) entered disabled state [ 140.355876][ T441] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 140.371420][ T60] usb 3-1: Using ep0 maxpacket: 16 [ 140.376450][ T441] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 140.382448][ T7165] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 140.384943][ T441] usb 5-1: config 0 descriptor?? [ 140.407405][ T7165] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0 [ 140.414254][ T7165] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 140.466539][ T7182] loop1: detected capacity change from 0 to 16 [ 140.472832][ T7182] erofs: (device loop1): mounted with root inode @ nid 36. [ 140.500154][ T60] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 140.511236][ T60] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 140.520964][ T60] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 140.533759][ T60] usb 3-1: New USB device found, idVendor=5543, idProduct=0064, bcdDevice= 0.00 [ 140.542677][ T60] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 140.551015][ T60] usb 3-1: config 0 descriptor?? [ 140.810013][ T24] usb 2-1: new high-speed USB device number 32 using dummy_hcd [ 140.895950][ T441] keytouch 0003:0926:3333.004E: fixing up Keytouch IEC report descriptor [ 140.904983][ T441] input: HID 0926:3333 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:0926:3333.004E/input/input59 [ 140.982153][ T441] keytouch 0003:0926:3333.004E: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.4-1/input0 [ 141.045212][ T2483] Bluetooth: hci0: command 0x1003 tx timeout [ 141.045219][ T3252] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 141.063361][ T7195] loop3: detected capacity change from 0 to 128 [ 141.070608][ T60] uclogic 0003:5543:0064.004F: item fetching failed at offset 10/11 [ 141.071246][ T7195] ext4 filesystem being mounted at /566/file1 supports timestamps until 2038 (0x7fffffff) [ 141.078645][ T60] uclogic 0003:5543:0064.004F: parse failed [ 141.088206][ T24] usb 2-1: Using ep0 maxpacket: 32 [ 141.093919][ T60] uclogic: probe of 0003:5543:0064.004F failed with error -22 [ 141.115383][ T7195] EXT4-fs (loop3): re-mounted. Quota mode: writeback. [ 141.143574][ T28] kauditd_printk_skb: 36 callbacks suppressed [ 141.143589][ T28] audit: type=1400 audit(1997995911.343:1616): avc: denied { create } for pid=7200 comm="syz.3.2916" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 141.175495][ T28] audit: type=1400 audit(1997995911.371:1617): avc: denied { create } for pid=7202 comm="syz.3.2917" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 141.195484][ T28] audit: type=1400 audit(1997995911.371:1618): avc: denied { setopt } for pid=7202 comm="syz.3.2917" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 141.215127][ T28] audit: type=1400 audit(1997995911.371:1619): avc: denied { write } for pid=7202 comm="syz.3.2917" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 141.264574][ T28] audit: type=1400 audit(1997995911.455:1620): avc: denied { create } for pid=7209 comm="syz.3.2920" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 141.286168][ T28] audit: type=1400 audit(1997995911.455:1621): avc: denied { connect } for pid=7209 comm="syz.3.2920" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 141.293824][ T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 141.307902][ T28] audit: type=1400 audit(1997995911.455:1622): avc: denied { getopt } for pid=7209 comm="syz.3.2920" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 141.316391][ T417] usb 3-1: USB disconnect, device number 28 [ 141.341832][ T7213] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2921'. [ 141.355855][ T28] audit: type=1400 audit(1997995911.539:1623): avc: denied { unlink } for pid=7215 comm="syz.0.2923" name="#5" dev="tmpfs" ino=1275 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 141.357256][ T24] usb 2-1: New USB device found, idVendor=057e, idProduct=200e, bcdDevice= 0.00 [ 141.357285][ T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 141.359830][ T24] usb 2-1: config 0 descriptor?? [ 141.635426][ T417] usb 5-1: USB disconnect, device number 30 [ 141.665275][ T60] usb 4-1: new high-speed USB device number 33 using dummy_hcd [ 141.851717][ T28] audit: type=1326 audit(1997995912.007:1624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7221 comm="syz.2.2926" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ffad317dff9 code=0x0 [ 141.901702][ T24] nintendo 0003:057E:200E.0050: hidraw0: USB HID v80.00 Device [HID 057e:200e] on usb-dummy_hcd.1-1/input0 [ 141.996812][ T24] nintendo 0003:057E:200E.0050: Failed charging grip handshake [ 142.004178][ T24] nintendo 0003:057E:200E.0050: Failed to initialize controller; ret=-110 [ 142.029154][ T24] nintendo 0003:057E:200E.0050: probe - fail = -110 [ 142.035576][ T24] nintendo: probe of 0003:057E:200E.0050 failed with error -110 [ 142.050170][ T60] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 142.060950][ T60] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 142.070396][ T60] usb 4-1: New USB device found, idVendor=056e, idProduct=010d, bcdDevice= 0.00 [ 142.079292][ T60] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 142.087431][ T60] usb 4-1: config 0 descriptor?? [ 142.136817][ T24] usb 2-1: USB disconnect, device number 32 [ 142.205308][ T7226] loop4: detected capacity change from 0 to 512 [ 142.211557][ T7226] EXT4-fs: Ignoring removed orlov option [ 142.217241][ T7226] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 142.229332][ T7226] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -13 [ 142.237435][ T7226] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.2927: invalid indirect mapped block 2683928664 (level 1) [ 142.251596][ T7226] EXT4-fs (loop4): 1 truncate cleaned up [ 142.259670][ T28] audit: type=1400 audit(1997995912.390:1625): avc: denied { mounton } for pid=7225 comm="syz.4.2927" path="/127/file0/file0" dev="loop4" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 142.260270][ T7226] EXT4-fs (loop4): re-mounted. Quota mode: writeback. [ 142.297592][ T5934] EXT4-fs error (device loop4): htree_dirblock_to_tree:1111: inode #2: block 13: comm syz-executor: bad entry in directory: rec_len % 4 != 0 - offset=108, inode=4294901777, rec_len=65535, size=1024 fake=0 [ 142.318307][ T5934] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:477: comm syz-executor: Invalid block bitmap block 3 in block_group 0 [ 142.331833][ T5934] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6173: Corrupt filesystem [ 142.340977][ T5934] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2213: inode #15: comm syz-executor: corrupted in-inode xattr [ 142.353063][ T5934] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2213: inode #15: comm syz-executor: corrupted in-inode xattr [ 142.498353][ T7230] bridge0: port 1(bridge_slave_0) entered blocking state [ 142.505246][ T7230] bridge0: port 1(bridge_slave_0) entered disabled state [ 142.512386][ T7230] device bridge_slave_0 entered promiscuous mode [ 142.518947][ T7230] bridge0: port 2(bridge_slave_1) entered blocking state [ 142.525845][ T7230] bridge0: port 2(bridge_slave_1) entered disabled state [ 142.532923][ T7230] device bridge_slave_1 entered promiscuous mode [ 142.573338][ T7230] bridge0: port 2(bridge_slave_1) entered blocking state [ 142.580185][ T7230] bridge0: port 2(bridge_slave_1) entered forwarding state [ 142.587264][ T7230] bridge0: port 1(bridge_slave_0) entered blocking state [ 142.594055][ T7230] bridge0: port 1(bridge_slave_0) entered forwarding state [ 142.601994][ T60] elecom 0003:056E:010D.0051: item fetching failed at offset 0/3 [ 142.611970][ T60] elecom: probe of 0003:056E:010D.0051 failed with error -22 [ 142.619978][ T417] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 142.627835][ T417] bridge0: port 1(bridge_slave_0) entered disabled state [ 142.634833][ T417] bridge0: port 2(bridge_slave_1) entered disabled state [ 142.643536][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 142.651458][ T60] bridge0: port 1(bridge_slave_0) entered blocking state [ 142.658294][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state [ 142.670006][ T417] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 142.678005][ T417] bridge0: port 2(bridge_slave_1) entered blocking state [ 142.684855][ T417] bridge0: port 2(bridge_slave_1) entered forwarding state [ 142.707744][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 142.715786][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 142.723430][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 142.734135][ T441] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 142.742186][ T441] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 142.752233][ T441] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 142.761350][ T7230] device veth0_vlan entered promiscuous mode [ 142.772827][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 142.786502][ T7230] device veth1_macvtap entered promiscuous mode [ 142.797598][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 142.811770][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 142.825213][ T435] usb 4-1: USB disconnect, device number 33 [ 142.937106][ T7258] SELinux: failed to load policy [ 142.959486][ T7264] netlink: 'syz.4.2944': attribute type 11 has an invalid length. [ 143.065774][ T441] usb 3-1: new high-speed USB device number 29 using dummy_hcd [ 143.093362][ T7281] loop1: detected capacity change from 0 to 256 [ 143.104460][ T7281] FAT-fs (loop1): Directory bread(block 64) failed [ 143.111086][ T324] device bridge_slave_1 left promiscuous mode [ 143.117006][ T324] bridge0: port 2(bridge_slave_1) entered disabled state [ 143.119187][ T7281] FAT-fs (loop1): Directory bread(block 65) failed [ 143.130390][ T7281] FAT-fs (loop1): Directory bread(block 66) failed [ 143.130409][ T324] device bridge_slave_0 left promiscuous mode [ 143.136720][ T7281] FAT-fs (loop1): Directory bread(block 67) failed [ 143.136757][ T7281] FAT-fs (loop1): Directory bread(block 68) failed [ 143.142826][ T324] bridge0: port 1(bridge_slave_0) entered disabled state [ 143.149010][ T7281] FAT-fs (loop1): Directory bread(block 69) failed [ 143.168606][ T7281] FAT-fs (loop1): Directory bread(block 70) failed [ 143.174956][ T7281] FAT-fs (loop1): Directory bread(block 71) failed [ 143.181332][ T7281] FAT-fs (loop1): Directory bread(block 72) failed [ 143.181381][ T324] device veth1_macvtap left promiscuous mode [ 143.187640][ T7281] FAT-fs (loop1): Directory bread(block 73) failed [ 143.194500][ T324] device veth0_vlan left promiscuous mode [ 143.380263][ T7296] loop3: detected capacity change from 0 to 256 [ 143.388539][ T7296] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011f3f, chksum : 0x96b62a4c, utbl_chksum : 0xe619d30d) [ 143.408919][ T7296] exFAT-fs (loop3): error, exfat_zeroed_cluster: out of range(sect:224 len:8) [ 143.417627][ T7296] exFAT-fs (loop3): Filesystem has been set read-only [ 143.450658][ T441] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 143.455434][ T7309] loop1: detected capacity change from 0 to 512 [ 143.469794][ T441] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 143.479337][ T441] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 143.488060][ T441] usb 3-1: config 0 descriptor?? [ 143.491101][ T7309] ext4 filesystem being mounted at /289/bus supports timestamps until 2038 (0x7fffffff) [ 143.621713][ T7329] loop3: detected capacity change from 0 to 8192 [ 143.628940][ T7329] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 143.666248][ T7334] syz.4.2976[7334] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 143.666321][ T7334] syz.4.2976[7334] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 143.710321][ T7345] loop1: detected capacity change from 0 to 1024 [ 143.731950][ T7345] EXT4-fs: Ignoring removed nobh option [ 143.748105][ T7345] EXT4-fs error (device loop1): ext4_ext_check_inode:520: inode #11: comm syz.1.2982: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512) [ 143.781039][ T7345] EXT4-fs error (device loop1): ext4_orphan_get:1401: comm syz.1.2982: couldn't read orphan inode 11 (err -117) [ 143.805083][ T7345] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:477: comm syz.1.2982: Invalid block bitmap block 0 in block_group 0 [ 143.821151][ T7345] EXT4-fs error (device loop1): ext4_acquire_dquot:6764: comm syz.1.2982: Failed to acquire dquot type 0 [ 143.834910][ T7345] EXT4-fs error (device loop1): __ext4_get_inode_loc:4497: comm syz.1.2982: Invalid inode table block 8589934593 in block_group 0 [ 143.852503][ T333] EXT4-fs error (device loop1): __ext4_get_inode_loc:4497: comm kworker/u4:4: Invalid inode table block 8589934593 in block_group 0 [ 143.920611][ T7384] binder: binder_mmap: 7383 20000000-20002000 bad vm_flags failed -1 [ 144.007055][ T441] keytouch 0003:0926:3333.0052: fixing up Keytouch IEC report descriptor [ 144.016069][ T441] input: HID 0926:3333 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0926:3333.0052/input/input60 [ 144.093180][ T441] keytouch 0003:0926:3333.0052: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.2-1/input0 [ 144.198950][ T311] usb 2-1: new high-speed USB device number 33 using dummy_hcd [ 144.263123][ T24] usb 5-1: new high-speed USB device number 31 using dummy_hcd [ 144.391371][ T295] usb 4-1: new high-speed USB device number 34 using dummy_hcd [ 144.519645][ T24] usb 5-1: Using ep0 maxpacket: 16 [ 144.583820][ T311] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 144.596602][ T311] usb 2-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 144.605726][ T311] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 144.614232][ T311] usb 2-1: config 0 descriptor?? [ 144.638222][ T3889] usb 3-1: USB disconnect, device number 29 [ 144.647989][ T24] usb 5-1: config 0 has an invalid interface number: 251 but max is 0 [ 144.655993][ T24] usb 5-1: config 0 has no interface number 0 [ 144.658618][ C0] keytouch 0003:0926:3333.0052: usb_submit_urb(ctrl) failed: -19 [ 144.661906][ T295] usb 4-1: Using ep0 maxpacket: 16 [ 144.674490][ T24] usb 5-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16 [ 144.685129][ T24] usb 5-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64 [ 144.713140][ T7415] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3014'. [ 144.721811][ T7415] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3014'. [ 144.738499][ T7417] loop0: detected capacity change from 0 to 256 [ 144.744743][ T7417] exfat: Deprecated parameter 'utf8' [ 144.749850][ T7417] exfat: Deprecated parameter 'utf8' [ 144.755088][ T7417] exfat: Deprecated parameter 'utf8' [ 144.762601][ T7417] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d) [ 144.784170][ T7419] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3016'. [ 144.829779][ T295] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 144.840781][ T295] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8 [ 144.850295][ T295] usb 4-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22 [ 144.863150][ T295] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 144.871911][ T295] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 144.883183][ T24] usb 5-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4 [ 144.892043][ T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 144.899912][ T24] usb 5-1: Product: syz [ 144.899938][ T7403] raw-gadget.4 gadget.3: fail, usb_ep_enable returned -22 [ 144.903825][ T24] usb 5-1: Manufacturer: syz [ 144.915422][ T24] usb 5-1: SerialNumber: syz [ 144.920477][ T24] usb 5-1: config 0 descriptor?? [ 144.936625][ T7400] raw-gadget.3 gadget.4: fail, usb_ep_enable returned -22 [ 144.936947][ T295] cdc_acm 4-1:1.0: Control and data interfaces are not separated! [ 144.943929][ T7400] raw-gadget.3 gadget.4: fail, usb_ep_enable returned -22 [ 144.984129][ T7435] bridge0: port 3(syz_tun) entered blocking state [ 144.990398][ T7435] bridge0: port 3(syz_tun) entered disabled state [ 144.996933][ T7435] device syz_tun entered promiscuous mode [ 145.002525][ T7435] bridge0: port 3(syz_tun) entered blocking state [ 145.008706][ T7435] bridge0: port 3(syz_tun) entered forwarding state [ 145.056296][ T7442] loop0: detected capacity change from 0 to 512 [ 145.066541][ T7442] EXT4-fs error (device loop0): ext4_acquire_dquot:6764: comm syz.0.3027: Failed to acquire dquot type 1 [ 145.078125][ T7442] EXT4-fs (loop0): 1 truncate cleaned up [ 145.083606][ T7442] ext4 filesystem being mounted at /260/file0 supports timestamps until 2038 (0x7fffffff) [ 145.129367][ T311] keytouch 0003:0926:3333.0053: fixing up Keytouch IEC report descriptor [ 145.138424][ T311] input: HID 0926:3333 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:0926:3333.0053/input/input61 [ 145.172211][ T295] cdc_acm 4-1:1.0: ttyACM0: USB ACM device [ 145.179862][ T295] usb 4-1: USB disconnect, device number 34 [ 145.186568][ T7400] raw-gadget.3 gadget.4: fail, usb_ep_enable returned -22 [ 145.195134][ T7400] raw-gadget.3 gadget.4: fail, usb_ep_enable returned -22 [ 145.216481][ T311] keytouch 0003:0926:3333.0053: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.1-1/input0 [ 145.312749][ T7469] loop2: detected capacity change from 0 to 1024 [ 145.319284][ T7469] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 145.389036][ T7488] loop2: detected capacity change from 0 to 128 [ 145.397810][ T7488] ext4 filesystem being mounted at /233/mnt supports timestamps until 2038 (0x7fffffff) [ 145.452633][ T7505] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3056'. [ 145.471705][ T7507] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3057'. [ 145.576832][ T7528] user requested TSC rate below hardware speed [ 145.697904][ T7536] loop0: detected capacity change from 0 to 512 [ 145.705474][ T7536] EXT4-fs (loop0): orphan cleanup on readonly fs [ 145.711860][ T7536] EXT4-fs error (device loop0): ext4_ext_check_inode:520: inode #4: comm syz.0.3070: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 2048(2048) [ 145.721099][ T7542] loop2: detected capacity change from 0 to 2048 [ 145.730184][ T7536] EXT4-fs error (device loop0): ext4_quota_enable:6958: comm syz.0.3070: Bad quota inode: 4, type: 1 [ 145.747490][ T7536] EXT4-fs warning (device loop0): ext4_enable_quotas:6999: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 145.750391][ T7542] ext4 filesystem being mounted at /246/file0 supports timestamps until 2038 (0x7fffffff) [ 145.762122][ T7536] EXT4-fs (loop0): Cannot turn on quotas: error -117 [ 145.775499][ T7542] fs-verity (loop2, inode 13): Unsupported log_blocksize: 13 [ 145.801920][ T7536] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended [ 145.813135][ T295] usb 2-1: USB disconnect, device number 33 [ 145.824315][ T7536] EXT4-fs error (device loop0): ext4_ext_check_inode:520: inode #4: comm syz.0.3070: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 2048(2048) [ 145.855006][ T7536] EXT4-fs error (device loop0): ext4_quota_enable:6958: comm syz.0.3070: Bad quota inode: 4, type: 1 [ 145.865924][ T7536] EXT4-fs warning (device loop0): ext4_enable_quotas:6999: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 145.882444][ T7563] loop2: detected capacity change from 0 to 2048 [ 145.888127][ T24] asix 5-1:0.251 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 145.899577][ T24] asix 5-1:0.251 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9 [ 145.909907][ T24] asix: probe of 5-1:0.251 failed with error -71 [ 145.917381][ T24] usb 5-1: USB disconnect, device number 31 [ 145.959047][ T7574] xt_bpf: check failed: parse error [ 145.980440][ T7576] loop3: detected capacity change from 0 to 128 [ 145.999641][ T7576] ext4 filesystem being mounted at /607/mnt supports timestamps until 2038 (0x7fffffff) [ 146.012438][ T7576] fscrypt (loop3, inode 12): Direct key flag not allowed with different contents and filenames modes [ 146.017780][ T7584] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3090'. [ 146.032410][ T7584] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3090'. [ 146.042989][ T7584] bridge0: port 1(vlan2) entered blocking state [ 146.049371][ T7584] bridge0: port 1(vlan2) entered disabled state [ 146.081218][ T7590] SELinux: syz.3.3093 (7590) set checkreqprot to 1. This is deprecated and will be rejected in a future kernel release. [ 146.093730][ T7590] SELinux: https://github.com/SELinuxProject/selinux-kernel/wiki/DEPRECATE-checkreqprot [ 146.138146][ T7604] tap0: tun_chr_ioctl cmd 1074025677 [ 146.143300][ T7604] tap0: linktype set to 768 [ 146.365857][ T7636] loop1: detected capacity change from 0 to 128 [ 146.372852][ T7634] netlink: 104 bytes leftover after parsing attributes in process `syz.2.3112'. [ 146.385197][ T7636] FAT-fs (loop1): error, invalid FAT chain (i_pos 548, last_block 8) [ 146.393300][ T7636] FAT-fs (loop1): Filesystem has been set read-only [ 146.406571][ T7636] FAT-fs (loop1): error, corrupted file size (i_pos 548, 522) [ 146.456091][ T7650] loop2: detected capacity change from 0 to 16 [ 146.462839][ T7650] erofs: (device loop2): EXPERIMENTAL compressed fragments feature in use. Use at your own risk! [ 146.476758][ T7650] erofs: (device loop2): EXPERIMENTAL global deduplication feature in use. Use at your own risk! [ 146.497748][ T7650] erofs: (device loop2): EXPERIMENTAL EROFS subpage compressed block support in use. Use at your own risk! [ 146.529551][ T7650] erofs: (device loop2): mounted with root inode @ nid 36. [ 146.547905][ T7650] syz.2.3119: attempt to access beyond end of device [ 146.547905][ T7650] loop2: rw=0, sector=131157, nr_sectors = 1 limit=16 [ 146.581022][ T28] kauditd_printk_skb: 29 callbacks suppressed [ 146.581036][ T28] audit: type=1400 audit(1997995916.422:1651): avc: denied { setattr } for pid=7654 comm="syz.1.3122" name="file0" dev="incremental-fs" ino=1591 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 146.620189][ T7659] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3123'. [ 146.670967][ T28] audit: type=1400 audit(1997995916.515:1652): avc: denied { setopt } for pid=7669 comm="syz.1.3129" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 146.707589][ T7674] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3131'. [ 146.736571][ T435] usb 5-1: new high-speed USB device number 32 using dummy_hcd [ 146.861838][ T7630] loop0: detected capacity change from 0 to 131072 [ 146.870463][ T7630] F2FS-fs (loop0): Found nat_bits in checkpoint [ 146.893987][ T7630] F2FS-fs (loop0): Mounted with checkpoint version = 753bd00b [ 146.999900][ T435] usb 5-1: Using ep0 maxpacket: 16 [ 147.128613][ T435] usb 5-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 147.137396][ T435] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 147.147323][ T435] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 147.193259][ T7702] loop0: detected capacity change from 0 to 128 [ 147.208027][ T7704] netlink: 'syz.0.3142': attribute type 22 has an invalid length. [ 147.320632][ T435] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 147.329567][ T435] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 147.337329][ T435] usb 5-1: Product: syz [ 147.341335][ T435] usb 5-1: Manufacturer: syz [ 147.345738][ T435] usb 5-1: SerialNumber: syz [ 147.570044][ T7714] loop1: detected capacity change from 0 to 512 [ 147.576633][ T7714] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 147.589720][ T7714] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.3147: bg 0: block 64: padding at end of block bitmap is not set [ 147.604456][ T7714] Quota error (device loop1): write_blk: dquota write failed [ 147.611694][ T7714] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 147.621393][ T7714] EXT4-fs error (device loop1): ext4_acquire_dquot:6764: comm syz.1.3147: Failed to acquire dquot type 0 [ 147.632725][ T7714] EXT4-fs (loop1): 1 truncate cleaned up [ 147.639353][ T7714] syz.1.3147 (7714) used greatest stack depth: 19176 bytes left [ 147.653128][ T7718] loop1: detected capacity change from 0 to 256 [ 147.661637][ T7718] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 147.675474][ T28] audit: type=1400 audit(1997995917.451:1653): avc: denied { mounton } for pid=7717 comm="syz.1.3148" path="/307/file0/file0" dev="loop1" ino=1049007 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 147.708583][ T28] audit: type=1400 audit(1997995917.488:1654): avc: denied { read } for pid=7720 comm="syz.2.3149" name="usbmon0" dev="devtmpfs" ino=139 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 147.747611][ T28] audit: type=1400 audit(1997995917.488:1655): avc: denied { open } for pid=7720 comm="syz.2.3149" path="/dev/usbmon0" dev="devtmpfs" ino=139 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 147.771369][ T28] audit: type=1400 audit(1997995917.507:1656): avc: denied { map } for pid=7720 comm="syz.2.3149" path="/dev/usbmon0" dev="devtmpfs" ino=139 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 147.806730][ T7729] input: syz1 as /devices/virtual/input/input62 [ 147.855297][ T435] usb 5-1: 0:2 : does not exist [ 147.909966][ T7735] device bridge_slave_0 entered promiscuous mode [ 148.108874][ T7743] loop1: detected capacity change from 0 to 512 [ 148.115354][ T7743] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 148.123776][ T7743] EXT4-fs (loop1): invalid journal inode [ 148.129234][ T7743] EXT4-fs (loop1): can't get journal size [ 148.135877][ T7743] EXT4-fs (loop1): 1 truncate cleaned up [ 148.142830][ T7746] bridge0: port 4(vlan2) entered blocking state [ 148.149058][ T7746] bridge0: port 4(vlan2) entered disabled state [ 148.240010][ T311] usb 3-1: new high-speed USB device number 30 using dummy_hcd [ 148.319260][ T7766] netlink: 'syz.1.3171': attribute type 12 has an invalid length. [ 148.327046][ T7766] netlink: 'syz.1.3171': attribute type 29 has an invalid length. [ 148.334692][ T7766] netlink: 'syz.1.3171': attribute type 2 has an invalid length. [ 148.342721][ T7766] netlink: 'syz.1.3171': attribute type 2 has an invalid length. [ 148.350394][ T7766] netlink: 'syz.1.3171': attribute type 1 has an invalid length. [ 148.358037][ T7766] netlink: 'syz.1.3171': attribute type 37 has an invalid length. [ 148.365710][ T7766] netlink: 'syz.1.3171': attribute type 2 has an invalid length. [ 148.373519][ T7766] bridge0: port 1(bridge_slave_0) entered disabled state [ 148.404697][ T7776] bridge0: port 4(vlan3) entered blocking state [ 148.410825][ T7776] bridge0: port 4(vlan3) entered disabled state [ 148.496621][ T311] usb 3-1: Using ep0 maxpacket: 8 [ 148.503965][ T7772] loop0: detected capacity change from 0 to 40427 [ 148.510631][ T7772] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 148.518107][ T435] usb 5-1: 1:0: cannot get min/max values for control 4 (id 1) [ 148.518187][ T7772] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 148.534319][ T7772] F2FS-fs (loop0): invalid crc value [ 148.540762][ T7772] F2FS-fs (loop0): Found nat_bits in checkpoint [ 148.564323][ T7772] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 148.571196][ T7772] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 148.624899][ T311] usb 3-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 148.633577][ T311] usb 3-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 148.643676][ T311] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 148.732570][ T435] usb 5-1: USB disconnect, device number 32 [ 148.817456][ T311] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 148.826315][ T311] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 148.834134][ T311] usb 3-1: Product: syz [ 148.838103][ T311] usb 3-1: Manufacturer: syz [ 148.842609][ T311] usb 3-1: SerialNumber: syz [ 148.871752][ T7798] loop4: detected capacity change from 0 to 512 [ 148.883017][ T7798] ext4 filesystem being mounted at /24/w5T)`)YFnA@T<3ڂ$rcnHwC" -8 supports timestamps until 2038 (0x7fffffff) [ 148.900130][ T7798] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 3: comm syz.4.3183: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0 [ 148.928866][ T7807] netlink: 'syz.4.3186': attribute type 12 has an invalid length. [ 148.937738][ T7811] loop0: detected capacity change from 0 to 512 [ 148.942837][ T7807] netlink: 'syz.4.3186': attribute type 29 has an invalid length. [ 148.944255][ T7811] EXT4-fs: Ignoring removed mblk_io_submit option [ 148.958210][ T7811] EXT4-fs: Ignoring removed nomblk_io_submit option [ 148.964831][ T7807] bridge0: port 1(bridge_slave_0) entered disabled state [ 148.971800][ T7811] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 148.981575][ T7811] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 148.995372][ T7815] loop1: detected capacity change from 0 to 512 [ 149.003766][ T7811] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 18 vs 41 free clusters [ 149.010127][ T7815] EXT4-fs (loop1): orphan cleanup on readonly fs [ 149.017944][ T7811] Quota error (device loop0): write_blk: dquota write failed [ 149.024071][ T7815] EXT4-fs error (device loop1): ext4_ext_check_inode:520: inode #4: comm syz.1.3189: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 2048(2048) [ 149.031466][ T7811] Quota error (device loop0): find_free_dqentry: Can't write quota data block 5 [ 149.049704][ T7815] EXT4-fs error (device loop1): ext4_quota_enable:6958: comm syz.1.3189: Bad quota inode: 4, type: 1 [ 149.058471][ T7811] EXT4-fs error (device loop0): ext4_acquire_dquot:6764: comm syz.0.3197: Failed to acquire dquot type 1 [ 149.070453][ T7815] EXT4-fs warning (device loop1): ext4_enable_quotas:6999: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 149.083565][ T7826] loop4: detected capacity change from 0 to 512 [ 149.094565][ T7815] EXT4-fs (loop1): Cannot turn on quotas: error -117 [ 149.100858][ T7811] EXT4-fs (loop0): 1 truncate cleaned up [ 149.113887][ T7826] EXT4-fs: Ignoring removed nomblk_io_submit option [ 149.116428][ T7815] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended [ 149.124557][ T7826] EXT4-fs: old and new quota format mixing [ 149.130690][ T7811] EXT4-fs (loop0): re-mounted. Quota mode: writeback. [ 149.148961][ T7815] EXT4-fs error (device loop1): ext4_ext_check_inode:520: inode #4: comm syz.1.3189: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 2048(2048) [ 149.167252][ T7815] EXT4-fs error (device loop1): ext4_quota_enable:6958: comm syz.1.3189: Bad quota inode: 4, type: 1 [ 149.178217][ T7815] EXT4-fs warning (device loop1): ext4_enable_quotas:6999: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 149.197044][ T7831] loop4: detected capacity change from 0 to 512 [ 149.225167][ T7831] EXT4-fs error (device loop4): ext4_orphan_get:1396: inode #16: comm syz.4.3195: iget: bad extended attribute block 128 [ 149.237849][ T7831] EXT4-fs error (device loop4): ext4_orphan_get:1401: comm syz.4.3195: couldn't read orphan inode 16 (err -117) [ 149.250128][ T7831] ext4 filesystem being mounted at /30/file1 supports timestamps until 2038 (0x7fffffff) [ 149.262022][ T7831] EXT4-fs error (device loop4): ext4_search_dir:1548: inode #12: block 13: comm syz.4.3195: bad entry in directory: inode out of bounds - offset=24, inode=33554445, rec_len=16, size=4096 fake=0 [ 149.281525][ T7831] EXT4-fs error (device loop4): ext4_acquire_dquot:6764: comm syz.4.3195: Failed to acquire dquot type 1 [ 149.309807][ T7839] loop4: detected capacity change from 0 to 512 [ 149.317506][ T7839] EXT4-fs (loop4): orphan cleanup on readonly fs [ 149.323833][ T7839] EXT4-fs error (device loop4): ext4_find_extent:936: inode #4: comm syz.4.3199: pblk 2 bad header/extent: invalid magic - magic 3fff, entries 12, max 508(0), depth 0(0) [ 149.340770][ T7839] EXT4-fs warning (device loop4): ext4_enable_quotas:6999: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 149.355659][ T7839] EXT4-fs (loop4): Cannot turn on quotas: error -22 [ 149.552583][ T7844] loop4: detected capacity change from 0 to 40427 [ 149.560265][ T7844] F2FS-fs (loop4): invalid crc value [ 149.566454][ T7844] F2FS-fs (loop4): Found nat_bits in checkpoint [ 149.576520][ T311] usb 3-1: 0:2 : does not exist [ 149.598524][ T7844] F2FS-fs (loop4): Start checkpoint disabled! [ 149.604859][ T7844] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6 [ 149.615163][ T7844] syz.4.3201: attempt to access beyond end of device [ 149.615163][ T7844] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 149.628797][ T7844] syz.4.3201: attempt to access beyond end of device [ 149.628797][ T7844] loop4: rw=2049, sector=45136, nr_sectors = 8 limit=40427 [ 149.652182][ T43] kworker/u4:2: attempt to access beyond end of device [ 149.652182][ T43] loop4: rw=2049, sector=40960, nr_sectors = 8 limit=40427 [ 149.665928][ T43] kworker/u4:2: attempt to access beyond end of device [ 149.665928][ T43] loop4: rw=2049, sector=40992, nr_sectors = 8 limit=40427 [ 149.792578][ T295] usb 3-1: USB disconnect, device number 30 [ 150.344108][ T7853] loop1: detected capacity change from 0 to 512 [ 150.358061][ T7853] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 150.371062][ T7853] EXT4-fs (loop1): ea_inode feature is not supported for Hurd [ 150.383316][ T7865] loop4: detected capacity change from 0 to 16 [ 150.389653][ T7865] erofs: (device loop4): mounted with root inode @ nid 36. [ 150.404339][ T7867] loop4: detected capacity change from 0 to 512 [ 150.411178][ T7867] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 150.422693][ T7867] ext4 filesystem being mounted at /37/bus supports timestamps until 2038 (0x7fffffff) [ 150.436509][ T7867] EXT4-fs (loop4): shut down requested (0) [ 150.442220][ T7876] bridge0: port 3(syz_tun) entered disabled state [ 150.448446][ T7876] bridge0: port 2(bridge_slave_1) entered disabled state [ 150.493038][ T7886] loop4: detected capacity change from 0 to 512 [ 150.509119][ T7886] ext4 filesystem being mounted at /40/file1 supports timestamps until 2038 (0x7fffffff) [ 151.184923][ T7901] __nla_validate_parse: 11 callbacks suppressed [ 151.184941][ T7901] netlink: 277 bytes leftover after parsing attributes in process `syz.1.3235'. [ 151.189229][ T7904] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3224'. [ 151.209157][ T7904] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3224'. [ 151.219162][ T7904] bridge0: port 3(vlan2) entered blocking state [ 151.225349][ T7904] bridge0: port 3(vlan2) entered disabled state [ 151.270647][ T7910] bridge0: port 2(bridge_slave_1) entered disabled state [ 151.303736][ T7916] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 151.482632][ T24] usb 2-1: new high-speed USB device number 34 using dummy_hcd [ 151.526258][ T7940] loop3: detected capacity change from 0 to 512 [ 151.534408][ T7940] EXT4-fs (loop3): orphan cleanup on readonly fs [ 151.541433][ T7940] EXT4-fs (loop3): 1 orphan inode deleted [ 151.596029][ T7947] loop2: detected capacity change from 0 to 512 [ 151.609347][ T7947] ext4 filesystem being mounted at /304/bus supports timestamps until 2038 (0x7fffffff) [ 151.628936][ T311] usb 5-1: new high-speed USB device number 33 using dummy_hcd [ 151.629109][ T7951] syz.2.3247[7951] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 151.636410][ T7951] syz.2.3247[7951] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 151.885492][ T311] usb 5-1: Using ep0 maxpacket: 16 [ 151.885514][ T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 151.912265][ T3889] usb 4-1: new high-speed USB device number 35 using dummy_hcd [ 151.919668][ T24] usb 2-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 151.928470][ T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 151.936854][ T24] usb 2-1: config 0 descriptor?? [ 152.011622][ T7958] loop2: detected capacity change from 0 to 512 [ 152.017920][ T7958] EXT4-fs: Ignoring removed mblk_io_submit option [ 152.024162][ T7958] EXT4-fs: Ignoring removed nomblk_io_submit option [ 152.031119][ T7958] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 152.039647][ T7958] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 152.056572][ T311] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 152.058091][ T7958] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 18 vs 41 free clusters [ 152.067415][ T311] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8 [ 152.081435][ T7958] __quota_error: 10 callbacks suppressed [ 152.081448][ T7958] Quota error (device loop2): write_blk: dquota write failed [ 152.090760][ T311] usb 5-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22 [ 152.096193][ T7958] Quota error (device loop2): find_free_dqentry: Can't write quota data block 5 [ 152.103449][ T311] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 152.116262][ T7958] Quota error (device loop2): write_blk: dquota write failed [ 152.125050][ T311] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 152.133935][ T7958] Quota error (device loop2): qtree_write_dquot: Error -28 occurred while creating quota [ 152.158547][ T7958] EXT4-fs error (device loop2): ext4_acquire_dquot:6764: comm syz.2.3250: Failed to acquire dquot type 1 [ 152.163489][ T7918] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22 [ 152.169772][ T7958] EXT4-fs (loop2): 1 truncate cleaned up [ 152.184847][ T3889] usb 4-1: Using ep0 maxpacket: 16 [ 152.191624][ T7958] EXT4-fs (loop2): re-mounted. Quota mode: writeback. [ 152.198647][ T311] cdc_acm 5-1:1.0: Control and data interfaces are not separated! [ 152.313156][ T3889] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 152.323889][ T3889] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 152.333390][ T3889] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 152.346039][ T3889] usb 4-1: New USB device found, idVendor=5543, idProduct=0064, bcdDevice= 0.00 [ 152.354830][ T3889] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 152.355129][ T7972] loop2: detected capacity change from 0 to 40427 [ 152.369685][ T3889] usb 4-1: config 0 descriptor?? [ 152.374535][ T7972] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 152.382221][ T7972] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 152.386328][ T7976] loop0: detected capacity change from 0 to 512 [ 152.392398][ T7972] F2FS-fs (loop2): Found nat_bits in checkpoint [ 152.411354][ T7976] ext4 filesystem being mounted at /316/file0 supports timestamps until 2038 (0x7fffffff) [ 152.430207][ T7976] EXT4-fs error (device loop0): ext4_readdir:260: inode #2: block 12: comm syz.0.3260: path /316/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0 [ 152.451531][ T24] keytouch 0003:0926:3333.0054: fixing up Keytouch IEC report descriptor [ 152.460143][ T7976] EXT4-fs error (device loop0): ext4_readdir:260: inode #2: block 13: comm syz.0.3260: path /316/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0 [ 152.482077][ T311] cdc_acm 5-1:1.0: ttyACM0: USB ACM device [ 152.482399][ T24] input: HID 0926:3333 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:0926:3333.0054/input/input63 [ 152.487975][ T7976] EXT4-fs error (device loop0): ext4_readdir:260: inode #2: block 14: comm syz.0.3260: path /316/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 152.519322][ T7976] EXT4-fs error (device loop0): ext4_readdir:260: inode #2: block 15: comm syz.0.3260: path /316/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0 [ 152.521965][ T311] usb 5-1: USB disconnect, device number 33 [ 152.545542][ T7972] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 152.548365][ T7976] EXT4-fs error (device loop0): ext4_readdir:260: inode #2: block 16: comm syz.0.3260: path /316/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0 [ 152.559003][ T7972] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 152.581091][ T7976] EXT4-fs error (device loop0): ext4_readdir:260: inode #2: block 17: comm syz.0.3260: path /316/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 152.581228][ T24] keytouch 0003:0926:3333.0054: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.1-1/input0 [ 152.613400][ T7976] EXT4-fs error (device loop0): ext4_map_blocks:607: inode #2: block 18: comm syz.0.3260: lblock 23 mapped to illegal pblock 18 (length 1) [ 152.629827][ T7976] EXT4-fs error (device loop0): ext4_readdir:260: inode #2: block 19: comm syz.0.3260: path /316/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0 [ 152.650212][ T7976] EXT4-fs error (device loop0): ext4_readdir:260: inode #2: block 20: comm syz.0.3260: path /316/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=2048 fake=0 [ 152.687655][ T7976] EXT4-fs error (device loop0): ext4_readdir:260: inode #2: block 21: comm syz.0.3260: path /316/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=2048 fake=0 [ 152.870404][ T3889] uclogic 0003:5543:0064.0055: item fetching failed at offset 10/11 [ 152.875386][ T7993] loop2: detected capacity change from 0 to 512 [ 152.886183][ T3889] uclogic 0003:5543:0064.0055: parse failed [ 152.892688][ T3889] uclogic: probe of 0003:5543:0064.0055 failed with error -22 [ 152.903148][ T7993] ext4 filesystem being mounted at /319/file0 supports timestamps until 2038 (0x7fffffff) [ 152.915862][ T28] audit: type=1400 audit(2000000003.301:1662): avc: denied { setattr } for pid=7992 comm="syz.2.3265" name="file0" dev="loop2" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 152.974864][ T8001] loop2: detected capacity change from 0 to 512 [ 152.981261][ T8001] EXT4-fs: Ignoring removed nomblk_io_submit option [ 152.988385][ T8001] EXT4-fs: old and new quota format mixing [ 153.086821][ T3889] usb 4-1: USB disconnect, device number 35 [ 153.137907][ T8009] loop2: detected capacity change from 0 to 1024 [ 153.144391][ T8009] EXT4-fs: Ignoring removed orlov option [ 153.150168][ T8009] EXT4-fs (loop2): Test dummy encryption mode enabled [ 153.188574][ T8014] loop2: detected capacity change from 0 to 256 [ 153.197457][ T441] usb 2-1: USB disconnect, device number 34 [ 153.205623][ T8014] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011f3f, chksum : 0x96b62a4c, utbl_chksum : 0xe619d30d) [ 153.211112][ C1] keytouch 0003:0926:3333.0054: usb_submit_urb(ctrl) failed: -19 [ 153.234334][ T8014] exFAT-fs (loop2): error, exfat_zeroed_cluster: out of range(sect:224 len:8) [ 153.243065][ T8014] exFAT-fs (loop2): Filesystem has been set read-only [ 153.379029][ T28] audit: type=1400 audit(2000000003.732:1663): avc: denied { shutdown } for pid=8036 comm="syz.0.3284" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 153.399496][ T8042] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3286'. [ 153.497928][ T28] audit: type=1400 audit(2000000003.844:1664): avc: denied { write } for pid=8062 comm="syz.0.3295" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 153.564194][ T8067] futex_wake_op: syz.0.3298 tries to shift op by 32; fix this program [ 153.629891][ T8081] loop2: detected capacity change from 0 to 128 [ 153.660734][ T28] audit: type=1400 audit(2000000004.003:1665): avc: denied { connect } for pid=8087 comm="syz.0.3306" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 153.680703][ T28] audit: type=1400 audit(2000000004.003:1666): avc: denied { write } for pid=8087 comm="syz.0.3306" path="socket:[46624]" dev="sockfs" ino=46624 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 153.772164][ T8098] loop0: detected capacity change from 0 to 1024 [ 153.788671][ T8099] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3320'. [ 153.789388][ T8101] loop3: detected capacity change from 0 to 1024 [ 153.804161][ T8098] EXT4-fs: Ignoring removed nobh option [ 153.810088][ T8101] EXT4-fs: Ignoring removed orlov option [ 153.815989][ T8099] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3320'. [ 153.816102][ T8101] EXT4-fs (loop3): Test dummy encryption mode enabled [ 153.832747][ T8098] EXT4-fs error (device loop0): ext4_ext_check_inode:520: inode #11: comm syz.0.3310: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512) [ 153.851824][ T8098] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz.0.3310: couldn't read orphan inode 11 (err -117) [ 153.865679][ T8078] loop4: detected capacity change from 0 to 40427 [ 153.872362][ T8078] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 153.882653][ T8078] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 153.884285][ T8098] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:477: comm syz.0.3310: Invalid block bitmap block 0 in block_group 0 [ 153.904767][ T8098] Quota error (device loop0): write_blk: dquota write failed [ 153.912194][ T8098] EXT4-fs error (device loop0): ext4_acquire_dquot:6764: comm syz.0.3310: Failed to acquire dquot type 0 [ 153.936932][ T8098] EXT4-fs error (device loop0): __ext4_get_inode_loc:4497: comm syz.0.3310: Invalid inode table block 8589934593 in block_group 0 [ 153.956517][ T8078] F2FS-fs (loop4): Found nat_bits in checkpoint [ 153.965518][ T43] EXT4-fs error (device loop0): __ext4_get_inode_loc:4497: comm kworker/u4:2: Invalid inode table block 8589934593 in block_group 0 [ 154.001218][ T8078] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 154.008488][ T8078] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 154.084298][ T8120] A link change request failed with some changes committed already. Interface vlan1 may have been left with an inconsistent configuration, please check. [ 154.125904][ T8107] loop1: detected capacity change from 0 to 40427 [ 154.138270][ T8107] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 154.148432][ T8107] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 154.167142][ T8107] F2FS-fs (loop1): Found nat_bits in checkpoint [ 154.183461][ T8130] SELinux: failed to load policy [ 154.215649][ T8132] loop3: detected capacity change from 0 to 512 [ 154.222065][ T8107] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 154.229572][ T8107] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 154.233277][ T8132] EXT4-fs (loop3): orphan cleanup on readonly fs [ 154.257214][ T8132] EXT4-fs error (device loop3): ext4_find_extent:936: inode #4: comm syz.3.3322: pblk 2 bad header/extent: invalid magic - magic 3fff, entries 12, max 508(0), depth 0(0) [ 154.291666][ T8132] EXT4-fs warning (device loop3): ext4_enable_quotas:6999: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 154.338665][ T8132] EXT4-fs (loop3): Cannot turn on quotas: error -22 [ 154.707155][ T8149] loop1: detected capacity change from 0 to 1024 [ 154.713628][ T8149] EXT4-fs: Ignoring removed orlov option [ 154.719457][ T8149] EXT4-fs: Ignoring removed nomblk_io_submit option [ 154.742854][ T8156] loop1: detected capacity change from 0 to 128 [ 154.862376][ T8175] syz.1.3341[8175] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 154.862447][ T8175] syz.1.3341[8175] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 154.893022][ T8180] loop1: detected capacity change from 0 to 128 [ 154.910566][ T8180] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 154.922421][ T8180] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 154.944628][ T8184] loop1: detected capacity change from 0 to 128 [ 154.952045][ T8184] ext4 filesystem being mounted at /356/mnt supports timestamps until 2038 (0x7fffffff) [ 154.964406][ T8184] fscrypt (loop1, inode 12): Unsupported encryption flags (0x99) [ 154.979578][ T8187] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3355'. [ 154.988306][ T3889] usb 4-1: new high-speed USB device number 36 using dummy_hcd [ 155.061007][ T8193] validate_nla: 5 callbacks suppressed [ 155.061024][ T8193] netlink: 'syz.4.3358': attribute type 3 has an invalid length. [ 155.242813][ T3889] usb 4-1: Using ep0 maxpacket: 8 [ 155.370649][ T3889] usb 4-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 155.379143][ T3889] usb 4-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 155.389068][ T3889] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 155.563080][ T3889] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 155.571937][ T3889] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 155.579754][ T3889] usb 4-1: Product: syz [ 155.583721][ T3889] usb 4-1: Manufacturer: syz [ 155.588157][ T3889] usb 4-1: SerialNumber: syz [ 155.658828][ T8200] xt_bpf: check failed: parse error [ 155.685525][ T8209] loop2: detected capacity change from 0 to 256 [ 155.696759][ T8209] FAT-fs (loop2): Directory bread(block 64) failed [ 155.703399][ T8209] FAT-fs (loop2): Directory bread(block 65) failed [ 155.709767][ T8209] FAT-fs (loop2): Directory bread(block 66) failed [ 155.716079][ T8209] FAT-fs (loop2): Directory bread(block 67) failed [ 155.722734][ T8209] FAT-fs (loop2): Directory bread(block 68) failed [ 155.729069][ T8209] FAT-fs (loop2): Directory bread(block 69) failed [ 155.735421][ T8209] FAT-fs (loop2): Directory bread(block 70) failed [ 155.741712][ T8209] FAT-fs (loop2): Directory bread(block 71) failed [ 155.748164][ T8209] FAT-fs (loop2): Directory bread(block 72) failed [ 155.754385][ T8209] FAT-fs (loop2): Directory bread(block 73) failed [ 155.915587][ T8220] loop2: detected capacity change from 0 to 512 [ 155.923298][ T8220] EXT4-fs (loop2): orphan cleanup on readonly fs [ 155.930515][ T8220] EXT4-fs error (device loop2): ext4_find_extent:936: inode #4: comm syz.2.3361: pblk 2 bad header/extent: invalid magic - magic 3fff, entries 12, max 508(0), depth 0(0) [ 155.948582][ T8220] EXT4-fs warning (device loop2): ext4_enable_quotas:6999: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 155.964582][ T8220] EXT4-fs (loop2): Cannot turn on quotas: error -22 [ 156.035993][ T8227] loop2: detected capacity change from 0 to 128 [ 156.155462][ T8233] xt_bpf: check failed: parse error [ 156.213238][ T8239] loop2: detected capacity change from 0 to 1024 [ 156.219588][ T8239] EXT4-fs: Ignoring removed orlov option [ 156.225080][ T8239] EXT4-fs: Ignoring removed nomblk_io_submit option [ 156.332882][ T3889] usb 4-1: 0:2 : does not exist [ 156.549427][ T3889] usb 4-1: USB disconnect, device number 36 [ 156.915191][ T8256] loop1: detected capacity change from 0 to 16 [ 156.932011][ T8256] erofs: (device loop1): mounted with root inode @ nid 36. [ 156.950136][ T8256] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 156.971690][ T8254] loop4: detected capacity change from 0 to 40427 [ 156.978426][ T8256] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -23 in[64, 4032] out[1851] [ 156.988404][ T8247] loop2: detected capacity change from 0 to 131072 [ 156.995535][ T8254] F2FS-fs (loop4): Invalid SB checksum offset: 0 [ 157.001788][ T8254] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock [ 157.010469][ T8247] F2FS-fs (loop2): Found nat_bits in checkpoint [ 157.018210][ T8256] erofs: (device loop1): z_erofs_read_folio: failed to read, err [-117] [ 157.048115][ T8247] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 157.055490][ T8254] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 157.108602][ T8254] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0 [ 157.115754][ T8254] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 157.153623][ T7230] syz-executor: attempt to access beyond end of device [ 157.153623][ T7230] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 157.244818][ T8287] loop0: detected capacity change from 0 to 512 [ 157.284001][ T8293] loop4: detected capacity change from 0 to 512 [ 157.304335][ T8293] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 157.315198][ T8287] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 157.327183][ T8287] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e028, mo2=0002] [ 157.338450][ T8287] System zones: 0-1, 15-15, 18-18, 34-34 [ 157.351397][ T8293] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e01c, mo2=0002] [ 157.360327][ T8287] EXT4-fs (loop0): orphan cleanup on readonly fs [ 157.366588][ T8293] System zones: 1-12 [ 157.368408][ T8306] incfs: Options parsing error. -22 [ 157.375406][ T8306] incfs: mount failed -22 [ 157.386702][ T8287] EXT4-fs warning (device loop0): ext4_enable_quotas:6999: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 157.389956][ T8293] EXT4-fs (loop4): orphan cleanup on readonly fs [ 157.407593][ T8287] EXT4-fs (loop0): Cannot turn on quotas: error -22 [ 157.414164][ T8293] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.3390: invalid indirect mapped block 12 (level 1) [ 157.427192][ T8287] EXT4-fs error (device loop0): ext4_orphan_get:1422: comm syz.0.3388: bad orphan inode 16 [ 157.427428][ T8293] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.3390: invalid indirect mapped block 2 (level 2) [ 157.440853][ T8287] EXT4-fs (loop0): Remounting filesystem read-only [ 157.450478][ T8293] EXT4-fs (loop4): 1 truncate cleaned up [ 157.462918][ T8287] ext4_test_bit(bit=15, block=18) = 1 [ 157.464753][ T28] kauditd_printk_skb: 3103 callbacks suppressed [ 157.464765][ T28] audit: type=1326 audit(2000000007.558:4766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8291 comm="syz.4.3390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f224ef7c990 code=0x7ffc0000 [ 157.470310][ T8314] loop2: detected capacity change from 0 to 128 [ 157.478687][ T8287] is_bad_inode(inode)=0 [ 157.498291][ T8314] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 157.508809][ T28] audit: type=1326 audit(2000000007.595:4767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8291 comm="syz.4.3390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f224ef7c990 code=0x7ffc0000 [ 157.546357][ T8287] NEXT_ORPHAN(inode)=0 [ 157.550293][ T8287] max_ino=32 [ 157.551548][ T8314] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 157.553359][ T8287] i_nlink=2 [ 157.565141][ T28] audit: type=1326 audit(2000000007.595:4768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8291 comm="syz.4.3390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f224ef7dbfb code=0x7ffc0000 [ 157.599787][ T28] audit: type=1326 audit(2000000007.595:4769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8291 comm="syz.4.3390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f224ef7cc8a code=0x7ffc0000 [ 157.623893][ T28] audit: type=1326 audit(2000000007.595:4770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8291 comm="syz.4.3390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f224ef7dff9 code=0x7ffc0000 [ 157.647121][ T28] audit: type=1326 audit(2000000007.595:4771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8291 comm="syz.4.3390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f224ef7dff9 code=0x7ffc0000 [ 157.673778][ T8287] incfs: Can't find or create .index dir in ./file0 [ 157.681313][ T8287] incfs: mount failed -30 [ 157.690286][ T28] audit: type=1326 audit(2000000007.604:4772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8291 comm="syz.4.3390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f224ef7dff9 code=0x7ffc0000 [ 157.714176][ T28] audit: type=1326 audit(2000000007.604:4773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8291 comm="syz.4.3390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f224ef7dff9 code=0x7ffc0000 [ 157.740131][ T28] audit: type=1326 audit(2000000007.604:4774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8291 comm="syz.4.3390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f224ef7dff9 code=0x7ffc0000 [ 157.770370][ T28] audit: type=1326 audit(2000000007.604:4775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8291 comm="syz.4.3390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=74 compat=0 ip=0x7f224ef7dff9 code=0x7ffc0000 [ 157.816235][ T8342] loop0: detected capacity change from 0 to 256 [ 157.829256][ T8344] loop1: detected capacity change from 0 to 256 [ 157.836389][ T8344] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 157.840993][ T8348] loop0: detected capacity change from 0 to 128 [ 157.847462][ T8344] exFAT-fs (loop1): Medium has reported failures. Some data may be lost. [ 157.868124][ T8348] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 157.872503][ T8344] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 157.891644][ T8348] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 157.995671][ T8350] loop2: detected capacity change from 0 to 40427 [ 158.002928][ T8350] F2FS-fs (loop2): invalid crc value [ 158.009078][ T8350] F2FS-fs (loop2): Found nat_bits in checkpoint [ 158.032252][ T8350] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 158.047288][ T8350] F2FS-fs (loop2): switch extent_cache option is not allowed [ 158.118100][ T311] usb 5-1: new high-speed USB device number 34 using dummy_hcd [ 158.160870][ T24] usb 4-1: new high-speed USB device number 37 using dummy_hcd [ 158.417439][ T24] usb 4-1: Using ep0 maxpacket: 32 [ 158.417439][ T311] usb 5-1: Using ep0 maxpacket: 8 [ 158.545758][ T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 158.545756][ T311] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 158.545790][ T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 158.556758][ T311] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 158.567444][ T24] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 158.578345][ T311] usb 5-1: New USB device found, idVendor=046d, idProduct=c24f, bcdDevice= 0.00 [ 158.587914][ T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 158.596738][ T311] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 158.606206][ T24] usb 4-1: config 0 descriptor?? [ 158.613888][ T311] usb 5-1: config 0 descriptor?? [ 158.641993][ T8352] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 158.663944][ T24] hub 4-1:0.0: USB hub found [ 158.984081][ T24] hub 4-1:0.0: config failed, hub has too many ports! (err -19) [ 159.123766][ T311] logitech 0003:046D:C24F.0056: hidraw0: USB HID v0.00 Device [HID 046d:c24f] on usb-dummy_hcd.4-1/input0 [ 159.134932][ T311] logitech 0003:046D:C24F.0056: no inputs found [ 159.326164][ T24] usbhid 4-1:0.0: can't add hid device: -71 [ 159.332073][ T24] usbhid: probe of 4-1:0.0 failed with error -71 [ 159.361787][ T295] usb 5-1: USB disconnect, device number 34 [ 159.370521][ T24] usb 4-1: USB disconnect, device number 37 [ 159.859867][ T8393] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3432'. [ 160.027964][ T8429] netlink: 'syz.3.3450': attribute type 15 has an invalid length. [ 160.074495][ T311] usb 3-1: new high-speed USB device number 31 using dummy_hcd [ 160.265277][ T8449] loop3: detected capacity change from 0 to 16 [ 160.271755][ T8449] erofs: (device loop3): mounted with root inode @ nid 36. [ 160.331059][ T311] usb 3-1: Using ep0 maxpacket: 16 [ 160.348126][ T8390] loop1: detected capacity change from 0 to 131072 [ 160.356755][ T8390] F2FS-fs (loop1): Found nat_bits in checkpoint [ 160.394457][ T8390] F2FS-fs (loop1): Mounted with checkpoint version = 753bd00b [ 160.459451][ T311] usb 3-1: config 0 has an invalid interface number: 251 but max is 0 [ 160.470171][ T311] usb 3-1: config 0 has no interface number 0 [ 160.482861][ T311] usb 3-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16 [ 160.503048][ T311] usb 3-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64 [ 160.588629][ T8466] loop3: detected capacity change from 0 to 40427 [ 160.595450][ T8466] F2FS-fs (loop3): fault_type options not supported [ 160.602541][ T8466] F2FS-fs (loop3): invalid crc value [ 160.608502][ T8466] F2FS-fs (loop3): Found nat_bits in checkpoint [ 160.618255][ T8470] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3466'. [ 160.627122][ T8470] device syz_tun left promiscuous mode [ 160.632785][ T8470] bridge0: port 3(syz_tun) entered disabled state [ 160.639554][ T8470] device bridge_slave_1 left promiscuous mode [ 160.644088][ T8466] F2FS-fs (loop3): Start checkpoint disabled! [ 160.645542][ T8470] bridge0: port 2(bridge_slave_1) entered disabled state [ 160.651996][ T8466] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6 [ 160.665774][ T8470] device bridge_slave_0 left promiscuous mode [ 160.671802][ T8470] bridge0: port 1(bridge_slave_0) entered disabled state [ 160.683894][ T311] usb 3-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4 [ 160.692890][ T311] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 160.700850][ T311] usb 3-1: Product: syz [ 160.704814][ T311] usb 3-1: Manufacturer: syz [ 160.706768][ T43] kworker/u4:2: attempt to access beyond end of device [ 160.706768][ T43] loop3: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 160.709268][ T311] usb 3-1: SerialNumber: syz [ 160.729265][ T311] usb 3-1: config 0 descriptor?? [ 160.748031][ T8381] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 160.755024][ T8381] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 160.876571][ T8484] loop1: detected capacity change from 0 to 512 [ 160.905544][ T8473] loop3: detected capacity change from 0 to 40427 [ 160.914049][ T8473] F2FS-fs (loop3): invalid crc value [ 160.919934][ T8473] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109) [ 160.957226][ T8473] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 160.969808][ T8497] loop4: detected capacity change from 0 to 1024 [ 160.976799][ T8497] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 160.988936][ T8381] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 160.996534][ T8381] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 161.006480][ T8497] EXT4-fs mount: 76 callbacks suppressed [ 161.006496][ T8497] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 161.022962][ T8497] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: inode #11: comm syz.4.3478: missing EA_INODE flag [ 161.034542][ T8497] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.3478: error while reading EA inode 11 err=-117 [ 161.053569][ T7230] EXT4-fs (loop4): unmounting filesystem. [ 161.066886][ T8508] loop1: detected capacity change from 0 to 512 [ 161.074218][ T8508] EXT4-fs (loop1): Test dummy encryption mode enabled [ 161.090848][ T8508] EXT4-fs error (device loop1): __ext4_iget:5046: inode #11: block 1: comm syz.1.3483: invalid block [ 161.111679][ T8508] EXT4-fs error (device loop1): ext4_orphan_get:1401: comm syz.1.3483: couldn't read orphan inode 11 (err -117) [ 161.133010][ T8508] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 161.160215][ T8515] loop0: detected capacity change from 0 to 256 [ 161.169445][ T8515] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104b5, chksum : 0x72e3a6c8, utbl_chksum : 0xe619d30d) [ 163.058066][ T311] asix 3-1:0.251 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 163.068471][ T28] kauditd_printk_skb: 8 callbacks suppressed [ 163.068485][ T28] audit: type=1400 audit(2000000012.805:4784): avc: denied { lock } for pid=8514 comm="syz.0.3485" path="/335/file0/file1" dev="loop0" ino=1049024 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 163.102380][ T311] asix 3-1:0.251 (unnamed net_device) (uninitialized): Failed to read MAC address: -71 [ 163.104362][ T28] audit: type=1400 audit(2000000012.833:4785): avc: denied { unlink } for pid=8514 comm="syz.0.3485" name="file1" dev="loop0" ino=1049024 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 163.113514][ T311] asix: probe of 3-1:0.251 failed with error -5 [ 163.135949][ T8524] loop2: detected capacity change from 0 to 256 [ 163.142565][ T311] usb 3-1: USB disconnect, device number 31 [ 163.156563][ T8524] FAT-fs (loop2): Directory bread(block 64) failed [ 163.162957][ T8524] FAT-fs (loop2): Directory bread(block 65) failed [ 164.115905][ T8524] FAT-fs (loop2): Directory bread(block 66) failed [ 164.122280][ T8524] FAT-fs (loop2): Directory bread(block 67) failed [ 164.128729][ T8524] FAT-fs (loop2): Directory bread(block 68) failed [ 164.135096][ T8524] FAT-fs (loop2): Directory bread(block 69) failed [ 164.141605][ T8524] FAT-fs (loop2): Directory bread(block 70) failed [ 164.147972][ T8524] FAT-fs (loop2): Directory bread(block 71) failed [ 164.154289][ T8524] FAT-fs (loop2): Directory bread(block 72) failed [ 164.160646][ T8524] FAT-fs (loop2): Directory bread(block 73) failed [ 164.237685][ T3735] EXT4-fs (loop1): unmounting filesystem. [ 164.272836][ T8539] loop3: detected capacity change from 0 to 1024 [ 164.277916][ T8541] tap0: tun_chr_ioctl cmd 1074025678 [ 164.280353][ T8539] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 164.284481][ T8541] tap0: group set to 0 [ 164.315767][ T8543] loop1: detected capacity change from 0 to 512 [ 164.338831][ T8543] EXT4-fs: Ignoring removed mblk_io_submit option [ 164.347361][ T8539] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 164.363413][ T8559] loop2: detected capacity change from 0 to 256 [ 164.370157][ T8543] EXT4-fs error (device loop1): ext4_find_inline_data_nolock:164: inode #12: comm syz.1.3497: inline data xattr refers to an external xattr inode [ 164.387085][ T8559] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010253, chksum : 0xa98551aa, utbl_chksum : 0xe619d30d) [ 164.395950][ T8543] EXT4-fs error (device loop1): ext4_orphan_get:1401: comm syz.1.3497: couldn't read orphan inode 12 (err -117) [ 164.410676][ T8539] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: inode #11: comm syz.3.3494: missing EA_INODE flag [ 164.416922][ T8543] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 164.423789][ T8539] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.3494: error while reading EA inode 11 err=-117 [ 164.452006][ T3735] EXT4-fs (loop1): unmounting filesystem. [ 164.467971][ T294] EXT4-fs (loop3): unmounting filesystem. [ 164.472571][ T28] audit: type=1400 audit(2000000014.115:4786): avc: denied { ioctl } for pid=8569 comm="syz.0.3509" path="socket:[47958]" dev="sockfs" ino=47958 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 164.505063][ T8571] bridge0: port 2(bridge_slave_1) entered disabled state [ 164.585085][ T8595] loop3: detected capacity change from 0 to 16 [ 164.591577][ T8595] erofs: (device loop3): mounted with root inode @ nid 36. [ 164.612238][ T8598] netlink: 312 bytes leftover after parsing attributes in process `syz.4.3522'. [ 164.679302][ T8614] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3530'. [ 164.766825][ T8630] netlink: 60 bytes leftover after parsing attributes in process `syz.3.3537'. [ 164.796347][ T8634] netlink: 'syz.3.3540': attribute type 8 has an invalid length. [ 164.805471][ T8634] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3540'. [ 164.875398][ T8647] loop3: detected capacity change from 0 to 128 [ 164.883131][ T8647] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 164.892255][ T8647] ext4 filesystem being mounted at /692/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff) [ 164.931173][ T294] EXT4-fs (loop3): unmounting filesystem. [ 164.969604][ T8654] netlink: 76 bytes leftover after parsing attributes in process `syz.3.3548'. [ 165.043899][ T8670] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3557'. [ 165.131628][ T8684] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3564'. [ 165.161322][ T8686] loop2: detected capacity change from 0 to 128 [ 165.183745][ T8686] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 165.202909][ T8686] ext4 filesystem being mounted at /386/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff) [ 165.331623][ T4755] EXT4-fs (loop2): unmounting filesystem. [ 165.698149][ T8675] loop3: detected capacity change from 0 to 131072 [ 165.719651][ T8675] F2FS-fs (loop3): Wrong CP boundary, start(512) end(198144) blocks(1024) [ 165.727979][ T8675] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock [ 165.741739][ T8694] netlink: 76 bytes leftover after parsing attributes in process `syz.1.3568'. [ 165.750697][ T8675] F2FS-fs (loop3): invalid crc value [ 165.769093][ T8675] F2FS-fs (loop3): Found nat_bits in checkpoint [ 165.832811][ T8701] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3570'. [ 165.877565][ T8675] F2FS-fs (loop3): Try to recover 2th superblock, ret: 0 [ 165.900857][ T8675] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4 [ 166.258613][ T8733] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3585'. [ 166.424736][ T24] usb 2-1: new high-speed USB device number 35 using dummy_hcd [ 166.488855][ T295] usb 3-1: new high-speed USB device number 32 using dummy_hcd [ 166.691969][ T24] usb 2-1: Using ep0 maxpacket: 16 [ 166.756166][ T295] usb 3-1: Using ep0 maxpacket: 16 [ 166.820343][ T24] usb 2-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 166.828965][ T24] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 166.838871][ T24] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 166.905852][ T295] usb 3-1: config 0 has an invalid interface number: 1 but max is 0 [ 166.913855][ T295] usb 3-1: config 0 has no interface number 0 [ 166.919752][ T295] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 166.930566][ T295] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 166.940202][ T295] usb 3-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00 [ 166.949130][ T295] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 166.957556][ T295] usb 3-1: config 0 descriptor?? [ 167.044830][ T24] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 167.053779][ T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 167.061555][ T24] usb 2-1: Product: syz [ 167.065585][ T24] usb 2-1: Manufacturer: syz [ 167.070049][ T24] usb 2-1: SerialNumber: syz [ 167.496362][ T28] audit: type=1400 audit(2000000016.940:4787): avc: denied { connect } for pid=8615 comm="syz.4.3531" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 167.569038][ T24] usb 2-1: 0:2 : does not exist [ 167.698255][ T295] input: HID 28bd:0071 Pen as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.1/0003:28BD:0071.0057/input/input64 [ 167.712551][ T295] input: HID 28bd:0071 Pad as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.1/0003:28BD:0071.0057/input/input65 [ 167.727577][ T295] uclogic 0003:28BD:0071.0057: input,hiddev96,hidraw0: USB HID v0.02 Keypad [HID 28bd:0071] on usb-dummy_hcd.2-1/input1 [ 167.916152][ T295] usb 3-1: USB disconnect, device number 32 [ 168.176334][ T8756] loop3: detected capacity change from 0 to 40427 [ 168.184300][ T8756] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 168.191910][ T8756] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 168.211136][ T8756] F2FS-fs (loop3): invalid crc value [ 168.224173][ T8756] F2FS-fs (loop3): Found nat_bits in checkpoint [ 168.263168][ T8756] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 168.271481][ T24] usb 2-1: USB disconnect, device number 35 [ 168.277526][ T8756] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 168.308863][ T294] syz-executor: attempt to access beyond end of device [ 168.308863][ T294] loop3: rw=2049, sector=40960, nr_sectors = 8 limit=40427 [ 168.449914][ T8749] loop0: detected capacity change from 0 to 131072 [ 168.456908][ T8749] F2FS-fs (loop0): Wrong CP boundary, start(512) end(198144) blocks(1024) [ 168.465375][ T8749] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock [ 168.474874][ T8749] F2FS-fs (loop0): invalid crc value [ 168.492519][ T8749] F2FS-fs (loop0): Found nat_bits in checkpoint [ 168.509438][ T435] usb 5-1: new high-speed USB device number 35 using dummy_hcd [ 168.532520][ T28] audit: type=1326 audit(2000000017.912:4788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8802 comm="syz.3.3615" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9bd997dff9 code=0x0 [ 168.556090][ T8749] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0 [ 168.563105][ T8749] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4 [ 168.894299][ T435] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 168.905444][ T435] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 168.926443][ T435] usb 5-1: New USB device found, idVendor=05ac, idProduct=0262, bcdDevice= 0.00 [ 168.935360][ T435] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 168.946431][ T435] usb 5-1: config 0 descriptor?? [ 169.033239][ T24] usb 2-1: new high-speed USB device number 36 using dummy_hcd [ 169.300496][ T24] usb 2-1: Using ep0 maxpacket: 16 [ 169.428852][ T24] usb 2-1: config 0 has an invalid interface number: 1 but max is 0 [ 169.438192][ T24] usb 2-1: config 0 has no interface number 0 [ 169.449344][ T8839] loop3: detected capacity change from 0 to 1024 [ 169.455583][ T24] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 169.461549][ T435] apple 0003:05AC:0262.0058: unbalanced delimiter at end of report description [ 169.466928][ T24] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 169.482341][ T435] apple 0003:05AC:0262.0058: parse failed [ 169.484656][ T8839] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 169.490042][ T435] apple: probe of 0003:05AC:0262.0058 failed with error -22 [ 169.512023][ T24] usb 2-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00 [ 169.520929][ T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 169.529351][ T24] usb 2-1: config 0 descriptor?? [ 169.536750][ T8839] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 169.558049][ T294] EXT4-fs (loop3): unmounting filesystem. [ 169.705901][ T311] usb 5-1: USB disconnect, device number 35 [ 169.845705][ T441] usb 3-1: new high-speed USB device number 33 using dummy_hcd [ 170.102276][ T441] usb 3-1: Using ep0 maxpacket: 32 [ 170.230675][ T441] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 170.241389][ T441] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 170.251080][ T441] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 170.260292][ T441] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 170.263847][ T24] input: HID 28bd:0071 Pen as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.1/0003:28BD:0071.0059/input/input66 [ 170.274181][ T441] usb 3-1: config 0 descriptor?? [ 170.286007][ T8859] loop3: detected capacity change from 0 to 1024 [ 170.299557][ T24] input: HID 28bd:0071 Pad as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.1/0003:28BD:0071.0059/input/input67 [ 170.312817][ T24] uclogic 0003:28BD:0071.0059: input,hiddev96,hidraw0: USB HID v0.02 Keypad [HID 28bd:0071] on usb-dummy_hcd.1-1/input1 [ 170.327354][ T441] hub 3-1:0.0: USB hub found [ 170.347862][ T8859] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 170.360416][ T8859] ext4 filesystem being mounted at /720/file1 supports timestamps until 2038 (0x7fffffff) [ 170.376137][ T8859] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.3636: bg 0: block 273: padding at end of block bitmap is not set [ 170.397673][ T8869] loop0: detected capacity change from 0 to 512 [ 170.407729][ T294] EXT4-fs (loop3): unmounting filesystem. [ 170.413531][ T8869] EXT4-fs: Ignoring removed mblk_io_submit option [ 170.428086][ T8869] EXT4-fs error (device loop0): ext4_find_inline_data_nolock:164: inode #12: comm syz.0.3640: inline data xattr refers to an external xattr inode [ 170.442733][ T28] audit: type=1400 audit(2000000019.680:4789): avc: denied { ioctl } for pid=8870 comm="syz.3.3641" path="/dev/usbmon5" dev="devtmpfs" ino=154 ioctlcmd=0x9201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 170.468697][ T8869] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz.0.3640: couldn't read orphan inode 12 (err -117) [ 170.480598][ T8869] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 170.510103][ T311] usb 2-1: USB disconnect, device number 36 [ 170.527978][ T3868] EXT4-fs (loop0): unmounting filesystem. [ 170.551345][ T441] hub 3-1:0.0: config failed, hub doesn't have any ports! (err -19) [ 170.624479][ T8883] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 170.821642][ T8855] loop4: detected capacity change from 0 to 131072 [ 170.828447][ T8855] F2FS-fs (loop4): Wrong CP boundary, start(512) end(198144) blocks(1024) [ 170.836910][ T8855] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock [ 170.845847][ T8855] F2FS-fs (loop4): invalid crc value [ 170.852603][ T8855] F2FS-fs (loop4): Found nat_bits in checkpoint [ 170.857300][ T8902] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=514 sclass=netlink_route_socket pid=8902 comm=syz.0.3654 [ 170.861386][ T441] usbhid 3-1:0.0: can't add hid device: -71 [ 170.887631][ T441] usbhid: probe of 3-1:0.0 failed with error -71 [ 170.905719][ T8855] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0 [ 170.912577][ T8855] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4 [ 170.926553][ T441] usb 3-1: USB disconnect, device number 33 [ 171.027906][ T8909] loop4: detected capacity change from 0 to 512 [ 171.034169][ T8909] EXT4-fs: Ignoring removed mblk_io_submit option [ 171.041682][ T8909] EXT4-fs error (device loop4): ext4_find_inline_data_nolock:164: inode #12: comm syz.4.3657: inline data xattr refers to an external xattr inode [ 171.056488][ T8909] EXT4-fs error (device loop4): ext4_orphan_get:1401: comm syz.4.3657: couldn't read orphan inode 12 (err -117) [ 171.068279][ T8909] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 171.083515][ T7230] EXT4-fs (loop4): unmounting filesystem. [ 171.319544][ T8926] loop2: detected capacity change from 0 to 1024 [ 171.327386][ T8926] EXT4-fs error (device loop2): ext4_ext_check_inode:520: inode #11: comm syz.2.3665: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512) [ 171.345922][ T8926] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.3665: couldn't read orphan inode 11 (err -117) [ 171.357784][ T8926] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 171.368529][ T8926] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:477: comm syz.2.3665: Invalid block bitmap block 0 in block_group 0 [ 171.382012][ T8926] Quota error (device loop2): write_blk: dquota write failed [ 171.385154][ T24] usb 2-1: new high-speed USB device number 37 using dummy_hcd [ 171.389225][ T8926] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 171.396685][ T295] usb 5-1: new high-speed USB device number 36 using dummy_hcd [ 171.406313][ T8926] EXT4-fs error (device loop2): ext4_acquire_dquot:6764: comm syz.2.3665: Failed to acquire dquot type 0 [ 171.430040][ T4755] EXT4-fs (loop2): unmounting filesystem. [ 171.435822][ T333] Quota error (device loop2): do_check_range: Getting block 0 out of range 1-8 [ 171.444580][ T333] EXT4-fs error (device loop2): ext4_release_dquot:6787: comm kworker/u4:4: Failed to release dquot type 0 [ 171.555915][ T8930] loop2: detected capacity change from 0 to 40427 [ 171.562656][ T8930] F2FS-fs (loop2): Invalid SB checksum offset: 0 [ 171.569043][ T8930] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock [ 171.578780][ T8930] F2FS-fs (loop2): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 171.599572][ T8930] F2FS-fs (loop2): Try to recover 2th superblock, ret: 0 [ 171.606426][ T8930] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 171.673969][ T24] usb 2-1: Using ep0 maxpacket: 16 [ 171.812837][ T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 171.823593][ T295] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 171.834317][ T295] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 171.843853][ T295] usb 5-1: New USB device found, idVendor=5543, idProduct=0005, bcdDevice= 0.00 [ 171.852824][ T24] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 171.865521][ T24] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 171.874386][ T295] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 171.882304][ T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 171.890707][ T295] usb 5-1: config 0 descriptor?? [ 171.896101][ T24] usb 2-1: config 0 descriptor?? [ 171.908988][ T441] usb 4-1: new high-speed USB device number 38 using dummy_hcd [ 171.988057][ T8940] loop2: detected capacity change from 0 to 131072 [ 171.994932][ T8940] F2FS-fs (loop2): Wrong CP boundary, start(512) end(198144) blocks(1024) [ 172.003237][ T8940] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock [ 172.011704][ T8940] F2FS-fs (loop2): invalid crc value [ 172.018205][ T8940] F2FS-fs (loop2): Found nat_bits in checkpoint [ 172.041138][ T8940] F2FS-fs (loop2): Try to recover 2th superblock, ret: 0 [ 172.048062][ T8940] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4 [ 172.151774][ T8947] loop2: detected capacity change from 0 to 512 [ 172.158191][ T8947] EXT4-fs: Ignoring removed mblk_io_submit option [ 172.165558][ T441] usb 4-1: Using ep0 maxpacket: 16 [ 172.169069][ T8947] EXT4-fs error (device loop2): ext4_find_inline_data_nolock:164: inode #12: comm syz.2.3670: inline data xattr refers to an external xattr inode [ 172.185321][ T8947] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.3670: couldn't read orphan inode 12 (err -117) [ 172.197201][ T8947] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 172.212191][ T4755] EXT4-fs (loop2): unmounting filesystem. [ 172.293871][ T441] usb 4-1: config 0 has an invalid interface number: 1 but max is 0 [ 172.301679][ T441] usb 4-1: config 0 has no interface number 0 [ 172.315235][ T441] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 172.336594][ T441] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 172.346136][ T441] usb 4-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00 [ 172.368671][ T441] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 172.380889][ T24] input: HID 045e:07da as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:045E:07DA.005A/input/input68 [ 172.390219][ T441] usb 4-1: config 0 descriptor?? [ 172.401957][ T295] uclogic 0003:5543:0005.005B: unknown main item tag 0x0 [ 172.408920][ T295] uclogic 0003:5543:0005.005B: unknown main item tag 0x0 [ 172.416011][ T295] uclogic 0003:5543:0005.005B: No inputs registered, leaving [ 172.423681][ T295] uclogic 0003:5543:0005.005B: hidraw0: USB HID v0.00 Device [HID 5543:0005] on usb-dummy_hcd.4-1/input0 [ 172.466209][ T24] microsoft 0003:045E:07DA.005A: input,hidraw1: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0 [ 173.756150][ T24] usb 5-1: USB disconnect, device number 36 [ 173.963426][ T311] usb 2-1: USB disconnect, device number 37 [ 174.229672][ T441] input: HID 28bd:0071 Pen as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.1/0003:28BD:0071.005C/input/input69 [ 174.241840][ T441] input: HID 28bd:0071 Pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.1/0003:28BD:0071.005C/input/input70 [ 174.254111][ T441] uclogic 0003:28BD:0071.005C: input,hiddev96,hidraw0: USB HID v0.02 Keypad [HID 28bd:0071] on usb-dummy_hcd.3-1/input1 [ 174.447971][ T24] usb 4-1: USB disconnect, device number 38 [ 174.504680][ T8953] loop4: detected capacity change from 0 to 128 [ 174.512285][ T8956] netlink: 'syz.2.3673': attribute type 10 has an invalid length. [ 174.545103][ T8953] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 174.558926][ T8953] ext4 filesystem being mounted at /126/mnt supports timestamps until 2038 (0x7fffffff) [ 174.571798][ T8953] fscrypt (loop4, inode 12): Unsupported encryption flags (0x10) [ 174.604996][ T7230] EXT4-fs (loop4): unmounting filesystem. [ 174.629264][ T8977] loop4: detected capacity change from 0 to 512 [ 174.635805][ T8977] ext4: Unknown parameter 'fowner<00000000000000000000' [ 174.669494][ T8992] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3690'. [ 174.728620][ T9014] loop4: detected capacity change from 0 to 256 [ 174.737168][ T9014] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 174.737573][ T9016] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 174.877402][ T9022] loop1: detected capacity change from 0 to 40427 [ 174.880991][ T441] usb 3-1: new high-speed USB device number 34 using dummy_hcd [ 174.891574][ T9022] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 174.902013][ T9022] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 174.905782][ T28] audit: type=1400 audit(2000000023.871:4790): avc: denied { watch } for pid=9028 comm="syz.4.3708" path="/134/file0" dev="tmpfs" ino=715 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 174.937457][ T9022] F2FS-fs (loop1): invalid crc value [ 174.961972][ T9022] F2FS-fs (loop1): Found nat_bits in checkpoint [ 175.002660][ T9022] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 175.013373][ T9022] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 175.158948][ T441] usb 3-1: Using ep0 maxpacket: 16 [ 175.161288][ T9031] loop4: detected capacity change from 0 to 40427 [ 175.175006][ T9031] F2FS-fs (loop4): heap/no_heap options were deprecated [ 175.182953][ T9031] F2FS-fs (loop4): invalid crc value [ 175.196049][ T9031] F2FS-fs (loop4): Found nat_bits in checkpoint [ 175.242798][ T9031] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 175.278553][ T7230] syz-executor: attempt to access beyond end of device [ 175.278553][ T7230] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 175.292463][ T441] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 175.322160][ T441] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 175.328961][ T9047] loop0: detected capacity change from 0 to 40427 [ 175.333059][ T441] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 175.338873][ T9047] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 175.358218][ T9047] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 175.372771][ T441] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 175.389701][ T441] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 175.399152][ T441] usb 3-1: config 0 descriptor?? [ 175.405578][ T9073] loop1: detected capacity change from 0 to 512 [ 175.420989][ T9078] syz.3.3729[9078] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 175.421060][ T9078] syz.3.3729[9078] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 175.432901][ T9047] F2FS-fs (loop0): invalid crc value [ 175.450606][ T9073] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 175.460127][ T9073] ext4 filesystem being mounted at /437/file0 supports timestamps until 2038 (0x7fffffff) [ 175.468809][ T9047] F2FS-fs (loop0): Found nat_bits in checkpoint [ 175.477065][ T9083] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3721'. [ 175.489195][ T28] audit: type=1400 audit(2000000024.423:4791): avc: denied { unlink } for pid=3735 comm="syz-executor" name="file1" dev="loop1" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1 [ 175.507040][ T9083] device sit1 entered promiscuous mode [ 175.513262][ T3735] EXT4-fs (loop1): unmounting filesystem. [ 175.517462][ T9047] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 175.530860][ T9047] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 175.535745][ T9089] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3731'. [ 175.600790][ T9097] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3736'. [ 175.624591][ T9106] loop0: detected capacity change from 0 to 512 [ 175.631908][ T9106] EXT4-fs error (device loop0): __ext4_fill_super:5386: inode #2: comm syz.0.3739: casefold flag without casefold feature [ 175.644680][ T9106] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended [ 175.655449][ T9106] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 175.656063][ T9110] loop4: detected capacity change from 0 to 512 [ 175.666281][ T28] audit: type=1400 audit(2000000024.582:4792): avc: denied { create } for pid=9104 comm="syz.0.3739" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=sock_file permissive=1 [ 175.699187][ T28] audit: type=1400 audit(2000000024.582:4793): avc: denied { unlink } for pid=9104 comm="syz.0.3739" name=E91F7189591E9233614B dev="loop0" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=sock_file permissive=1 [ 175.705476][ T9110] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 175.731236][ T9110] ext4 filesystem being mounted at /138/file1 supports timestamps until 2038 (0x7fffffff) [ 175.731865][ T3868] EXT4-fs (loop0): unmounting filesystem. [ 175.760218][ T9110] EXT4-fs (loop4): re-mounted. Quota mode: writeback. [ 175.760703][ T9116] syz.0.3741[9116] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 175.766936][ T9116] syz.0.3741[9116] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 175.778610][ T7230] EXT4-fs error (device loop4): ext4_readdir:260: inode #12: block 32: comm syz-executor: path /138/file1/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 175.847257][ T28] audit: type=1400 audit(2000000024.750:4794): avc: denied { read } for pid=9121 comm="syz.0.3746" name="file0" dev="tmpfs" ino=2045 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 175.880719][ T9124] loop0: detected capacity change from 0 to 2048 [ 175.896597][ T24] usb 2-1: new high-speed USB device number 38 using dummy_hcd [ 175.897420][ T441] microsoft 0003:045E:07DA.005D: ignoring exceeding usage max [ 175.912545][ T441] microsoft 0003:045E:07DA.005D: ignoring exceeding usage max [ 175.920037][ T441] microsoft 0003:045E:07DA.005D: usage index exceeded [ 175.926696][ T441] microsoft 0003:045E:07DA.005D: item 0 4 2 0 parsing failed [ 175.934167][ T441] microsoft 0003:045E:07DA.005D: parse failed [ 175.934540][ T9124] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 175.948376][ T441] microsoft: probe of 0003:045E:07DA.005D failed with error -22 [ 175.967742][ T3868] EXT4-fs (loop0): unmounting filesystem. [ 176.035580][ T311] usb 4-1: new high-speed USB device number 39 using dummy_hcd [ 176.098285][ T28] audit: type=1400 audit(2000000024.984:4795): avc: denied { bind } for pid=9137 comm="syz.0.3752" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 176.116808][ T441] usb 3-1: USB disconnect, device number 34 [ 176.292134][ T311] usb 4-1: Using ep0 maxpacket: 16 [ 176.345647][ T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 176.356481][ T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 176.366022][ T24] usb 2-1: New USB device found, idVendor=0079, idProduct=0011, bcdDevice= 0.00 [ 176.374935][ T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 176.383350][ T24] usb 2-1: config 0 descriptor?? [ 176.420462][ T311] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7 [ 176.431321][ T311] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 176.440892][ T311] usb 4-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 176.449823][ T311] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 176.463731][ T311] usb 4-1: config 0 descriptor?? [ 176.721200][ T9114] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 176.729484][ T9114] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 176.827125][ T9164] netlink: 'syz.2.3765': attribute type 4 has an invalid length. [ 176.834756][ T9164] netlink: 3657 bytes leftover after parsing attributes in process `syz.2.3765'. [ 176.856850][ T9166] loop2: detected capacity change from 0 to 512 [ 176.864123][ T9166] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 176.875496][ T9166] EXT4-fs (loop2): 1 truncate cleaned up [ 176.880836][ T24] dragonrise 0003:0079:0011.005E: unknown main item tag 0x0 [ 176.881310][ T9166] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 176.888111][ T24] dragonrise 0003:0079:0011.005E: unknown main item tag 0x0 [ 176.906411][ T4755] EXT4-fs (loop2): unmounting filesystem. [ 176.922910][ T24] dragonrise 0003:0079:0011.005E: unknown main item tag 0x0 [ 176.930017][ T24] dragonrise 0003:0079:0011.005E: unknown main item tag 0x0 [ 176.937145][ T24] dragonrise 0003:0079:0011.005E: unknown main item tag 0x0 [ 176.944867][ T24] dragonrise 0003:0079:0011.005E: hidraw0: USB HID v0.00 Device [HID 0079:0011] on usb-dummy_hcd.1-1/input0 [ 176.974558][ T28] audit: type=1400 audit(2000000025.807:4796): avc: denied { map } for pid=9172 comm="syz.2.3768" path="/dev/ashmem" dev="devtmpfs" ino=177 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 176.976594][ T311] hid (null): bogus close delimiter [ 177.008979][ T311] hid (null): invalid report_size 59136 [ 177.015207][ T9175] bridge0: port 1(syz_tun) entered blocking state [ 177.023091][ T311] hid (null): report_id 48035 is invalid [ 177.028660][ T9175] bridge0: port 1(syz_tun) entered disabled state [ 177.036452][ T311] hid-generic 0003:0158:0100.005F: unknown main item tag 0x0 [ 177.043777][ T311] hid-generic 0003:0158:0100.005F: unknown main item tag 0x0 [ 177.051666][ T9175] device syz_tun entered promiscuous mode [ 177.057324][ T311] hid-generic 0003:0158:0100.005F: bogus close delimiter [ 177.064514][ T311] hid-generic 0003:0158:0100.005F: item 0 0 2 10 parsing failed [ 177.090514][ T311] hid-generic: probe of 0003:0158:0100.005F failed with error -22 [ 177.097638][ T889] usb 2-1: USB disconnect, device number 38 [ 177.118068][ T28] audit: type=1400 audit(2000000025.947:4797): avc: denied { append } for pid=9182 comm="syz.2.3773" name="event2" dev="devtmpfs" ino=182 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 177.246121][ T24] usb 4-1: USB disconnect, device number 39 [ 177.271679][ T9188] loop0: detected capacity change from 0 to 8192 [ 177.379685][ T28] audit: type=1400 audit(2000000026.181:4798): avc: denied { read } for pid=9191 comm="syz.0.3777" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 177.479120][ T9210] sch_fq: defrate 0 ignored. [ 177.740056][ T9226] loop0: detected capacity change from 0 to 512 [ 177.790320][ T9226] EXT4-fs (loop0): 1 orphan inode deleted [ 177.795974][ T9226] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 177.804767][ T9226] ext4 filesystem being mounted at /420/file1 supports timestamps until 2038 (0x7fffffff) [ 177.817614][ T28] audit: type=1400 audit(2000000026.593:4799): avc: denied { watch watch_reads } for pid=9225 comm="syz.0.3793" path="/420/file1/file0" dev="loop0" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 177.855259][ T3868] EXT4-fs (loop0): unmounting filesystem. [ 178.033677][ T9249] input: syz0 as /devices/virtual/input/input71 [ 178.039362][ T9224] loop1: detected capacity change from 0 to 40427 [ 178.046733][ T9224] F2FS-fs (loop1): Invalid Fs Meta Ino: node(0) meta(2) root(0) [ 178.055087][ T9224] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 178.079711][ T9224] F2FS-fs (loop1): invalid crc value [ 178.091609][ T9224] F2FS-fs (loop1): Found nat_bits in checkpoint [ 178.123108][ T9261] loop0: detected capacity change from 0 to 512 [ 178.135975][ T9263] sch_fq: defrate 0 ignored. [ 178.148829][ T9224] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 178.156350][ T9224] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4 [ 178.174775][ T9261] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 178.189736][ T9224] syz.1.3792: attempt to access beyond end of device [ 178.189736][ T9224] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 178.216542][ T9261] ext4 filesystem being mounted at /423/file0 supports timestamps until 2038 (0x7fffffff) [ 178.244688][ T3735] syz-executor: attempt to access beyond end of device [ 178.244688][ T3735] loop1: rw=2049, sector=45104, nr_sectors = 8 limit=40427 [ 178.245393][ T9274] loop2: detected capacity change from 0 to 256 [ 178.268612][ T3868] EXT4-fs (loop0): unmounting filesystem. [ 178.298762][ T9276] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3814'. [ 178.299670][ T9278] loop0: detected capacity change from 0 to 128 [ 178.352381][ T9278] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 178.360935][ T9281] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3 [ 178.383339][ T9278] ext4 filesystem being mounted at /424/mnt supports timestamps until 2038 (0x7fffffff) [ 178.394260][ T9285] loop1: detected capacity change from 0 to 128 [ 178.405262][ T9285] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 178.413961][ T9285] ext4 filesystem being mounted at /446/mnt supports timestamps until 2038 (0x7fffffff) [ 178.436972][ T9285] fscrypt (loop1, inode 12): Unsupported encryption flags (0x10) [ 178.444916][ T3868] EXT4-fs (loop0): unmounting filesystem. [ 178.467848][ T3735] EXT4-fs (loop1): unmounting filesystem. [ 178.496606][ T9299] loop3: detected capacity change from 0 to 512 [ 178.510065][ T9305] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3826'. [ 178.526572][ T9299] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 178.537750][ T9299] EXT4-fs (loop3): 1 truncate cleaned up [ 178.543561][ T9299] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 178.556985][ T9310] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3828'. [ 178.575150][ T294] EXT4-fs (loop3): unmounting filesystem. [ 178.622202][ T9323] loop2: detected capacity change from 0 to 128 [ 178.638282][ T9323] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 178.649485][ T9326] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3835'. [ 178.672071][ T9323] ext4 filesystem being mounted at /444/mnt supports timestamps until 2038 (0x7fffffff) [ 178.684570][ T9331] loop1: detected capacity change from 0 to 512 [ 178.707579][ T9323] fscrypt (loop2, inode 12): Unsupported encryption flags (0x10) [ 178.721303][ T9331] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 178.741004][ T9335] loop3: detected capacity change from 0 to 512 [ 178.752396][ T9335] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 178.753249][ T4755] EXT4-fs (loop2): unmounting filesystem. [ 178.769159][ T9331] EXT4-fs (loop1): 1 truncate cleaned up [ 178.774854][ T9331] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 178.790305][ T9335] EXT4-fs (loop3): 1 truncate cleaned up [ 178.796871][ T3735] EXT4-fs (loop1): unmounting filesystem. [ 178.802543][ T9335] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 178.820865][ T9335] fscrypt (loop3, inode 18): Reserved bits set in encryption policy [ 178.844449][ T294] EXT4-fs (loop3): unmounting filesystem. [ 178.920810][ T9351] loop2: detected capacity change from 0 to 512 [ 178.971077][ T9351] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 178.991529][ T9351] ext4 filesystem being mounted at /446/bus supports timestamps until 2038 (0x7fffffff) [ 178.996199][ T9337] loop0: detected capacity change from 0 to 40427 [ 179.018498][ T9351] EXT4-fs: Ignoring removed orlov option [ 179.030366][ T9355] syz.1.3846[9355] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 179.030438][ T9355] syz.1.3846[9355] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 179.040517][ T9351] EXT4-fs: Cannot change journaled quota options when quota turned on [ 179.061043][ T9337] F2FS-fs (loop0): invalid crc value [ 179.082778][ T4755] EXT4-fs error (device loop2): ext4_readdir:260: inode #12: block 32: comm syz-executor: path /446/bus/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 179.106290][ T9337] F2FS-fs (loop0): Found nat_bits in checkpoint [ 179.186623][ T9337] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 179.225278][ T3868] syz-executor: attempt to access beyond end of device [ 179.225278][ T3868] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 179.412092][ T9380] loop0: detected capacity change from 0 to 128 [ 179.443521][ T9380] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 179.467422][ T9380] ext4 filesystem being mounted at /433/mnt supports timestamps until 2038 (0x7fffffff) [ 179.502550][ T9380] fscrypt (loop0, inode 12): Unsupported encryption flags (0x10) [ 179.536711][ T3868] EXT4-fs (loop0): unmounting filesystem. [ 179.697368][ T9376] loop1: detected capacity change from 0 to 40427 [ 179.703924][ T435] usb 4-1: new high-speed USB device number 40 using dummy_hcd [ 179.731167][ T9376] F2FS-fs (loop1): invalid crc value [ 179.762133][ T9376] F2FS-fs (loop1): Found nat_bits in checkpoint [ 179.848566][ T9376] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4 [ 180.258402][ T435] usb 4-1: New USB device found, idVendor=0f19, idProduct=0105, bcdDevice= 1.00 [ 180.267266][ T435] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 180.290427][ T435] usb 4-1: Product: syz [ 180.294390][ T435] usb 4-1: Manufacturer: syz [ 180.298818][ T435] usb 4-1: SerialNumber: syz [ 180.321808][ T435] usb 4-1: config 0 descriptor?? [ 180.365697][ T435] usb-storage 4-1:0.0: USB Mass Storage device detected [ 180.387133][ T435] usb-storage 4-1:0.0: Quirks match for vid 0f19 pid 0105: 20 [ 180.493537][ T24] usb 2-1: new full-speed USB device number 39 using dummy_hcd [ 180.582439][ T311] usb 4-1: USB disconnect, device number 40 [ 180.878432][ T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 180.899763][ T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 180.920117][ T24] usb 2-1: New USB device found, idVendor=05ac, idProduct=0240, bcdDevice= 0.00 [ 180.941565][ T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 180.950068][ T24] usb 2-1: config 0 descriptor?? [ 181.423634][ T311] usb 4-1: new high-speed USB device number 41 using dummy_hcd [ 181.477908][ T24] apple 0003:05AC:0240.0060: unknown main item tag 0x0 [ 181.495404][ T24] apple 0003:05AC:0240.0060: unbalanced collection at end of report description [ 181.504519][ T24] apple 0003:05AC:0240.0060: parse failed [ 181.519844][ T24] apple: probe of 0003:05AC:0240.0060 failed with error -22 [ 181.694442][ T24] usb 2-1: USB disconnect, device number 39 [ 181.723013][ T311] usb 4-1: too many configurations: 65, using maximum allowed: 8 [ 182.417908][ T311] usb 4-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d [ 182.426870][ T311] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 182.535451][ T24] usb 2-1: new high-speed USB device number 40 using dummy_hcd [ 182.813405][ T24] usb 2-1: Using ep0 maxpacket: 16 [ 182.941737][ T24] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 182.962410][ T24] usb 2-1: config 0 has no interfaces? [ 183.005885][ T311] usb 4-1: string descriptor 0 read error: -71 [ 183.011917][ T311] usb 4-1: Found UVC 0.00 device (046d:08c1) [ 183.033414][ T311] usb 4-1: No valid video chain found. [ 183.039034][ T28] kauditd_printk_skb: 9 callbacks suppressed [ 183.039048][ T28] audit: type=1400 audit(2000000031.485:4809): avc: denied { view } for pid=9424 comm="syz.0.3873" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1 [ 183.039755][ T311] usb 4-1: USB disconnect, device number 41 [ 183.155721][ T24] usb 2-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=d3.06 [ 183.175349][ T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=67 [ 183.186108][ T24] usb 2-1: Product: syz [ 183.190111][ T24] usb 2-1: Manufacturer: syz [ 183.194506][ T24] usb 2-1: SerialNumber: syz [ 183.220244][ T24] r8152-cfgselector 2-1: config 0 descriptor?? [ 183.508356][ T24] r8152-cfgselector 2-1: Unknown version 0x0000 [ 183.529723][ T9433] bridge0: port 3(syz_tun) entered blocking state [ 183.549327][ T9433] bridge0: port 3(syz_tun) entered disabled state [ 183.567574][ T9433] device syz_tun entered promiscuous mode [ 183.583280][ T9433] bridge0: port 3(syz_tun) entered blocking state [ 183.589530][ T9433] bridge0: port 3(syz_tun) entered forwarding state [ 183.633669][ T9441] loop3: detected capacity change from 0 to 128 [ 183.723248][ T889] r8152-cfgselector 2-1: USB disconnect, device number 40 [ 183.752104][ T9458] loop3: detected capacity change from 0 to 512 [ 183.806631][ T9458] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 183.816705][ T9458] ext4 filesystem being mounted at /757/file0 supports timestamps until 2038 (0x7fffffff) [ 183.831536][ T28] audit: type=1400 audit(2000000032.224:4810): avc: denied { mounton } for pid=9457 comm="syz.3.3887" path="/757/file0/bus" dev="loop3" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 183.883676][ T294] EXT4-fs (loop3): unmounting filesystem. [ 183.899905][ T28] audit: type=1400 audit(2000000032.271:4811): avc: denied { unlink } for pid=294 comm="syz-executor" name="bus" dev="loop3" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 183.968921][ T28] audit: type=1400 audit(2000000032.355:4812): avc: denied { shutdown } for pid=9475 comm="syz.0.3895" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 184.341865][ T9487] loop0: detected capacity change from 0 to 256 [ 184.369522][ T9487] FAT-fs (loop0): Directory bread(block 64) failed [ 184.384937][ T9487] FAT-fs (loop0): Directory bread(block 65) failed [ 184.395723][ T9487] FAT-fs (loop0): Directory bread(block 66) failed [ 184.412838][ T9487] FAT-fs (loop0): Directory bread(block 67) failed [ 184.419222][ T9487] FAT-fs (loop0): Directory bread(block 68) failed [ 184.436300][ T9487] FAT-fs (loop0): Directory bread(block 69) failed [ 184.447086][ T9487] FAT-fs (loop0): Directory bread(block 70) failed [ 184.468565][ T9487] FAT-fs (loop0): Directory bread(block 71) failed [ 184.474968][ T9487] FAT-fs (loop0): Directory bread(block 72) failed [ 184.492063][ T9487] FAT-fs (loop0): Directory bread(block 73) failed [ 184.652209][ T311] usb 4-1: new high-speed USB device number 42 using dummy_hcd [ 184.832430][ T9516] loop1: detected capacity change from 0 to 512 [ 184.867087][ T9516] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.3912: invalid indirect mapped block 256 (level 2) [ 184.887690][ T9516] EXT4-fs (loop1): 2 truncates cleaned up [ 184.898079][ T9516] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 184.921266][ T3735] EXT4-fs (loop1): unmounting filesystem. [ 184.930141][ T311] usb 4-1: Using ep0 maxpacket: 16 [ 185.032642][ T9508] loop0: detected capacity change from 0 to 40427 [ 185.049741][ T9508] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504) [ 185.056508][ T9508] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 185.064632][ T311] usb 4-1: config 0 has an invalid interface number: 105 but max is 0 [ 185.075364][ T311] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 185.096825][ T311] usb 4-1: config 0 has no interface number 0 [ 185.107813][ T9508] F2FS-fs (loop0): invalid crc value [ 185.134055][ T9508] F2FS-fs (loop0): Found nat_bits in checkpoint [ 185.205755][ T9508] F2FS-fs (loop0): Start checkpoint disabled! [ 185.229046][ T9508] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 185.237023][ T9508] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6 [ 185.247701][ T9526] loop1: detected capacity change from 0 to 256 [ 185.278041][ T9526] exfat: Deprecated parameter 'namecase' [ 185.282982][ T311] usb 4-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28 [ 185.293687][ T9526] exfat: Deprecated parameter 'namecase' [ 185.299152][ T9526] exfat: Deprecated parameter 'utf8' [ 185.303127][ T311] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 185.304262][ T9526] exfat: Deprecated parameter 'namecase' [ 185.313892][ T311] usb 4-1: Product: syz [ 185.330481][ T311] usb 4-1: Manufacturer: syz [ 185.334903][ T311] usb 4-1: SerialNumber: syz [ 185.355361][ T43] kworker/u4:2: attempt to access beyond end of device [ 185.355361][ T43] loop0: rw=2049, sector=40960, nr_sectors = 32 limit=40427 [ 185.357937][ T311] usb 4-1: config 0 descriptor?? [ 185.390520][ T9526] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d) [ 185.422401][ T311] usb 4-1: Found UVC 0.00 device syz (046d:08f3) [ 185.439386][ T311] usb 4-1: No valid video chain found. [ 185.461631][ T28] audit: type=1400 audit(2000000033.739:4813): avc: denied { mounton } for pid=9525 comm="syz.1.3914" path="/481/file0/file0/file0" dev="loop1" ino=1049051 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 185.535472][ T9530] sch_tbf: burst 0 is lower than device veth0_to_team mtu (1514) ! [ 185.885667][ T9532] loop0: detected capacity change from 0 to 40427 [ 185.892789][ T9532] F2FS-fs (loop0): fault_injection options not supported [ 185.899673][ T9532] F2FS-fs (loop0): Image doesn't support compression [ 185.906238][ T9532] F2FS-fs (loop0): Image doesn't support compression [ 185.912674][ T9532] F2FS-fs (loop0): fault_type options not supported [ 185.919803][ T9532] F2FS-fs (loop0): invalid crc value [ 185.935837][ T9532] F2FS-fs (loop0): Found nat_bits in checkpoint [ 186.001951][ T9546] loop1: detected capacity change from 0 to 512 [ 186.018832][ T9546] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 186.028419][ T9532] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 186.051117][ T9546] EXT4-fs (loop1): 1 truncate cleaned up [ 186.056673][ T9546] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 186.101947][ T3735] EXT4-fs (loop1): unmounting filesystem. [ 186.111596][ T333] kworker/u4:4: attempt to access beyond end of device [ 186.111596][ T333] loop0: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 186.147152][ T9532] VFS:Filesystem freeze failed [ 186.177548][ T435] usb 4-1: USB disconnect, device number 42 [ 186.196164][ T9556] input: syz0 as /devices/virtual/input/input72 [ 186.302512][ T28] audit: type=1400 audit(2000000034.534:4814): avc: denied { write } for pid=9562 comm="syz.1.3929" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1 [ 186.347568][ T9569] netlink: 64 bytes leftover after parsing attributes in process `syz.1.3931'. [ 186.502950][ T8980] EXT4-fs (loop4): unmounting filesystem. [ 186.570626][ T9584] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3940'. [ 186.610799][ T9592] ================================================================== [ 186.618692][ T9592] BUG: KASAN: use-after-free in cpu_map_enqueue+0xb4/0x370 [ 186.625722][ T9592] Read of size 8 at addr ffff888118372708 by task syz.0.3944/9592 [ 186.633359][ T9592] [ 186.635543][ T9592] CPU: 0 PID: 9592 Comm: syz.0.3944 Not tainted 6.1.99-syzkaller-00053-g5e1f4bb11f0d #0 [ 186.645078][ T9592] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 186.654978][ T9592] Call Trace: [ 186.658096][ T9592] [ 186.660874][ T9592] dump_stack_lvl+0x151/0x1b7 [ 186.665389][ T9592] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 186.670681][ T9592] ? _printk+0xd1/0x111 [ 186.674675][ T9592] ? __virt_addr_valid+0x242/0x2f0 [ 186.679621][ T9592] print_report+0x158/0x4e0 [ 186.683961][ T9592] ? __virt_addr_valid+0x242/0x2f0 [ 186.688904][ T9592] ? kasan_complete_mode_report_info+0x90/0x1b0 [ 186.694981][ T9592] ? cpu_map_enqueue+0xb4/0x370 [ 186.699667][ T9592] kasan_report+0x13c/0x170 [ 186.704007][ T9592] ? cpu_map_enqueue+0xb4/0x370 [ 186.708698][ T9592] __asan_report_load8_noabort+0x14/0x20 [ 186.714162][ T9592] cpu_map_enqueue+0xb4/0x370 [ 186.718682][ T9592] xdp_do_redirect_frame+0x275/0x800 [ 186.723802][ T9592] bpf_test_run_xdp_live+0xc30/0x1f70 [ 186.729008][ T9592] ? __kasan_check_write+0x14/0x20 [ 186.733957][ T9592] ? bpf_test_run_xdp_live+0x7ae/0x1f70 [ 186.739332][ T9592] ? xdp_convert_md_to_buff+0x360/0x360 [ 186.744713][ T9592] ? bpf_dispatcher_change_prog+0xd9d/0xf20 [ 186.750451][ T9592] ? trace_raw_output_bpf_test_finish+0xd0/0xd0 [ 186.756523][ T9592] ? __kasan_check_write+0x14/0x20 [ 186.761464][ T9592] ? _copy_from_user+0x90/0xc0 [ 186.766066][ T9592] bpf_prog_test_run_xdp+0x7d1/0x1130 [ 186.771280][ T9592] ? dev_put+0x80/0x80 [ 186.775184][ T9592] ? __kasan_check_write+0x14/0x20 [ 186.780127][ T9592] ? fput+0x15b/0x1b0 [ 186.783943][ T9592] ? dev_put+0x80/0x80 [ 186.787853][ T9592] bpf_prog_test_run+0x3b0/0x630 [ 186.792626][ T9592] ? bpf_prog_query+0x260/0x260 [ 186.797313][ T9592] ? selinux_bpf+0xd2/0x100 [ 186.801654][ T9592] ? security_bpf+0x82/0xb0 [ 186.805992][ T9592] __sys_bpf+0x59f/0x7f0 [ 186.810072][ T9592] ? bpf_link_show_fdinfo+0x2d0/0x2d0 [ 186.815286][ T9592] ? fpregs_restore_userregs+0x130/0x290 [ 186.820746][ T9592] __x64_sys_bpf+0x7c/0x90 [ 186.824997][ T9592] x64_sys_call+0x87f/0x9a0 [ 186.829335][ T9592] do_syscall_64+0x3b/0xb0 [ 186.833594][ T9592] ? clear_bhb_loop+0x55/0xb0 [ 186.838101][ T9592] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 186.843828][ T9592] RIP: 0033:0x7fa6d797dff9 [ 186.848084][ T9592] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 186.867542][ T9592] RSP: 002b:00007fa6d878b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 186.875769][ T9592] RAX: ffffffffffffffda RBX: 00007fa6d7b35f80 RCX: 00007fa6d797dff9 [ 186.883580][ T9592] RDX: 0000000000000050 RSI: 00000000200000c0 RDI: 000000000000000a [ 186.891392][ T9592] RBP: 00007fa6d79f0296 R08: 0000000000000000 R09: 0000000000000000 [ 186.899202][ T9592] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 186.907016][ T9592] R13: 0000000000000000 R14: 00007fa6d7b35f80 R15: 00007fff8fd5b978 [ 186.914829][ T9592] [ 186.917690][ T9592] [ 186.919860][ T9592] Allocated by task 9451: [ 186.924025][ T9592] kasan_set_track+0x4b/0x70 [ 186.928452][ T9592] kasan_save_alloc_info+0x1f/0x30 [ 186.933399][ T9592] __kasan_kmalloc+0x9c/0xb0 [ 186.937826][ T9592] __kmalloc_node+0xb4/0x1e0 [ 186.942253][ T9592] bpf_map_kmalloc_node+0xd0/0x2c0 [ 186.947200][ T9592] cpu_map_update_elem+0x28f/0xf50 [ 186.952147][ T9592] bpf_map_update_value+0x1a3/0x410 [ 186.957181][ T9592] map_update_elem+0x500/0x680 [ 186.961780][ T9592] __sys_bpf+0x460/0x7f0 [ 186.965860][ T9592] __x64_sys_bpf+0x7c/0x90 [ 186.970114][ T9592] x64_sys_call+0x87f/0x9a0 [ 186.974454][ T9592] do_syscall_64+0x3b/0xb0 [ 186.978704][ T9592] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 186.984434][ T9592] [ 186.986604][ T9592] Freed by task 9454: [ 186.990422][ T9592] kasan_set_track+0x4b/0x70 [ 186.994848][ T9592] kasan_save_free_info+0x2b/0x40 [ 186.999709][ T9592] ____kasan_slab_free+0x131/0x180 [ 187.004658][ T9592] __kasan_slab_free+0x11/0x20 [ 187.009255][ T9592] __kmem_cache_free+0x218/0x3b0 [ 187.014030][ T9592] kfree+0x7a/0xf0 [ 187.017587][ T9592] put_cpu_map_entry+0x6e2/0x760 [ 187.022363][ T9592] cpu_map_kthread_run+0x2463/0x2520 [ 187.027484][ T9592] kthread+0x26d/0x300 [ 187.031390][ T9592] ret_from_fork+0x1f/0x30 [ 187.035648][ T9592] [ 187.037811][ T9592] Last potentially related work creation: [ 187.043366][ T9592] kasan_save_stack+0x3b/0x60 [ 187.047879][ T9592] __kasan_record_aux_stack+0xb4/0xc0 [ 187.053087][ T9592] kasan_record_aux_stack_noalloc+0xb/0x10 [ 187.058728][ T9592] insert_work+0x56/0x310 [ 187.062894][ T9592] __queue_work+0x9b6/0xd70 [ 187.067234][ T9592] queue_work_on+0x105/0x170 [ 187.071660][ T9592] cpu_map_free+0x1e7/0x2c0 [ 187.075999][ T9592] bpf_map_free_deferred+0xf7/0x1b0 [ 187.081033][ T9592] process_one_work+0x73d/0xcb0 [ 187.085723][ T9592] worker_thread+0xa60/0x1260 [ 187.090237][ T9592] kthread+0x26d/0x300 [ 187.094140][ T9592] ret_from_fork+0x1f/0x30 [ 187.098394][ T9592] [ 187.100563][ T9592] Second to last potentially related work creation: [ 187.106988][ T9592] kasan_save_stack+0x3b/0x60 [ 187.111498][ T9592] __kasan_record_aux_stack+0xb4/0xc0 [ 187.116705][ T9592] kasan_record_aux_stack_noalloc+0xb/0x10 [ 187.122349][ T9592] call_rcu+0xee/0x1340 [ 187.126340][ T9592] cpu_map_free+0x109/0x2c0 [ 187.130679][ T9592] bpf_map_free_deferred+0xf7/0x1b0 [ 187.135715][ T9592] process_one_work+0x73d/0xcb0 [ 187.140400][ T9592] worker_thread+0xa60/0x1260 [ 187.144913][ T9592] kthread+0x26d/0x300 [ 187.148819][ T9592] ret_from_fork+0x1f/0x30 [ 187.153075][ T9592] [ 187.155242][ T9592] The buggy address belongs to the object at ffff888118372700 [ 187.155242][ T9592] which belongs to the cache kmalloc-192 of size 192 [ 187.169130][ T9592] The buggy address is located 8 bytes inside of [ 187.169130][ T9592] 192-byte region [ffff888118372700, ffff8881183727c0) [ 187.182067][ T9592] [ 187.184235][ T9592] The buggy address belongs to the physical page: [ 187.190487][ T9592] page:ffffea000460dc80 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x118372 [ 187.200553][ T9592] flags: 0x4000000000000200(slab|zone=1) [ 187.206026][ T9592] raw: 4000000000000200 0000000000000000 dead000000000001 ffff888100042c00 [ 187.214443][ T9592] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000 [ 187.222855][ T9592] page dumped because: kasan: bad access detected [ 187.229112][ T9592] page_owner tracks the page as allocated [ 187.234659][ T9592] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY), pid 103, tgid 103 (udevd), ts 4600057154, free_ts 0 [ 187.251066][ T9592] post_alloc_hook+0x213/0x220 [ 187.255663][ T9592] prep_new_page+0x1b/0x110 [ 187.260002][ T9592] get_page_from_freelist+0x27ea/0x2870 [ 187.265384][ T9592] __alloc_pages+0x3a1/0x780 [ 187.269810][ T9592] alloc_slab_page+0x6c/0xf0 [ 187.274238][ T9592] new_slab+0x90/0x3e0 [ 187.278142][ T9592] ___slab_alloc+0x6f9/0xb80 [ 187.282570][ T9592] __slab_alloc+0x5d/0xa0 [ 187.286734][ T9592] __kmem_cache_alloc_node+0x1af/0x250 [ 187.292028][ T9592] kmalloc_trace+0x2a/0xa0 [ 187.296283][ T9592] kernfs_fop_open+0x350/0xb10 [ 187.300882][ T9592] do_dentry_open+0x891/0x1250 [ 187.305483][ T9592] vfs_open+0x73/0x80 [ 187.309301][ T9592] path_openat+0x2532/0x2d60 [ 187.313727][ T9592] do_filp_open+0x230/0x480 [ 187.318066][ T9592] do_sys_openat2+0x151/0x870 [ 187.322582][ T9592] page_owner free stack trace missing [ 187.327788][ T9592] [ 187.329956][ T9592] Memory state around the buggy address: [ 187.335432][ T9592] ffff888118372600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 187.343327][ T9592] ffff888118372680: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 187.351224][ T9592] >ffff888118372700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 187.359121][ T9592] ^ [ 187.363290][ T9592] ffff888118372780: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 187.371197][ T9592] ffff888118372800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 187.379083][ T9592] ================================================================== [ 187.387045][ T9592] Disabling lock debugging due to kernel taint [ 187.393050][ T9592] general protection fault, probably for non-canonical address 0xe0dbed79dedc04a8: 0000 [#1] PREEMPT SMP KASAN [ 187.404518][ T9592] KASAN: maybe wild-memory-access in range [0x06df8bcef6e02540-0x06df8bcef6e02547] [ 187.413630][ T9592] CPU: 0 PID: 9592 Comm: syz.0.3944 Tainted: G B 6.1.99-syzkaller-00053-g5e1f4bb11f0d #0 [ 187.424651][ T9592] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 187.434548][ T9592] RIP: 0010:cpu_map_enqueue+0x113/0x370 [ 187.439927][ T9592] Code: e8 03 42 80 3c 30 00 74 08 48 89 df e8 96 d8 24 00 4c 8b 23 4f 8d 74 3c 58 4d 89 f5 49 c1 ed 03 48 b8 00 00 00 00 00 fc ff df <41> 0f b6 44 05 00 84 c0 0f 85 a8 01 00 00 4d 01 fc 41 8b 1e bf 08 [ 187.459370][ T9592] RSP: 0018:ffffc90001cbf600 EFLAGS: 00010203 [ 187.465270][ T9592] RAX: dffffc0000000000 RBX: ffffffff86745880 RCX: 0000000000040000 [ 187.473081][ T9592] RDX: ffffc900042d2000 RSI: 000000000002c860 RDI: 000000000002c861 [ 187.480894][ T9592] RBP: ffffc90001cbf638 R08: ffffffff81980e8e R09: fffffbfff0f6dafd [ 187.488706][ T9592] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff8881f6e00000 [ 187.496518][ T9592] R13: 00dbf179dedc04a8 R14: 06df8bcef6e02546 R15: 06e0034d000024ee [ 187.504327][ T9592] FS: 00007fa6d878b6c0(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 187.513093][ T9592] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 187.519517][ T9592] CR2: 000000110c2db0e6 CR3: 00000001120a6000 CR4: 00000000003506b0 [ 187.527332][ T9592] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 187.535137][ T9592] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 187.542952][ T9592] Call Trace: [ 187.546077][ T9592] [ 187.548855][ T9592] ? __die_body+0x62/0xb0 [ 187.553018][ T9592] ? die_addr+0x9f/0xd0 [ 187.557014][ T9592] ? exc_general_protection+0x317/0x4c0 [ 187.562403][ T9592] ? asm_exc_general_protection+0x27/0x30 [ 187.567948][ T9592] ? cpu_map_enqueue+0xce/0x370 [ 187.572637][ T9592] ? cpu_map_enqueue+0x113/0x370 [ 187.577409][ T9592] xdp_do_redirect_frame+0x275/0x800 [ 187.582531][ T9592] bpf_test_run_xdp_live+0xc30/0x1f70 [ 187.587742][ T9592] ? __kasan_check_write+0x14/0x20 [ 187.592688][ T9592] ? bpf_test_run_xdp_live+0x7ae/0x1f70 [ 187.598067][ T9592] ? xdp_convert_md_to_buff+0x360/0x360 [ 187.603446][ T9592] ? bpf_dispatcher_change_prog+0xd9d/0xf20 [ 187.609184][ T9592] ? trace_raw_output_bpf_test_finish+0xd0/0xd0 [ 187.615255][ T9592] ? __kasan_check_write+0x14/0x20 [ 187.620196][ T9592] ? _copy_from_user+0x90/0xc0 [ 187.624802][ T9592] bpf_prog_test_run_xdp+0x7d1/0x1130 [ 187.630010][ T9592] ? dev_put+0x80/0x80 [ 187.633913][ T9592] ? __kasan_check_write+0x14/0x20 [ 187.638859][ T9592] ? fput+0x15b/0x1b0 [ 187.642676][ T9592] ? dev_put+0x80/0x80 [ 187.646582][ T9592] bpf_prog_test_run+0x3b0/0x630 [ 187.651358][ T9592] ? bpf_prog_query+0x260/0x260 [ 187.656044][ T9592] ? selinux_bpf+0xd2/0x100 [ 187.660386][ T9592] ? security_bpf+0x82/0xb0 [ 187.664722][ T9592] __sys_bpf+0x59f/0x7f0 [ 187.668804][ T9592] ? bpf_link_show_fdinfo+0x2d0/0x2d0 [ 187.674014][ T9592] ? fpregs_restore_userregs+0x130/0x290 [ 187.679479][ T9592] __x64_sys_bpf+0x7c/0x90 [ 187.683731][ T9592] x64_sys_call+0x87f/0x9a0 [ 187.688070][ T9592] do_syscall_64+0x3b/0xb0 [ 187.692322][ T9592] ? clear_bhb_loop+0x55/0xb0 [ 187.696837][ T9592] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 187.702574][ T9592] RIP: 0033:0x7fa6d797dff9 [ 187.706817][ T9592] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 187.726346][ T9592] RSP: 002b:00007fa6d878b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 187.734597][ T9592] RAX: ffffffffffffffda RBX: 00007fa6d7b35f80 RCX: 00007fa6d797dff9 [ 187.742405][ T9592] RDX: 0000000000000050 RSI: 00000000200000c0 RDI: 000000000000000a [ 187.750215][ T9592] RBP: 00007fa6d79f0296 R08: 0000000000000000 R09: 0000000000000000 [ 187.758025][ T9592] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 187.765836][ T9592] R13: 0000000000000000 R14: 00007fa6d7b35f80 R15: 00007fff8fd5b978 [ 187.773654][ T9592] [ 187.776511][ T9592] Modules linked in: [ 187.780291][ T9592] ---[ end trace 0000000000000000 ]--- [ 187.785554][ T9592] RIP: 0010:cpu_map_enqueue+0x113/0x370 [ 187.790918][ T9592] Code: e8 03 42 80 3c 30 00 74 08 48 89 df e8 96 d8 24 00 4c 8b 23 4f 8d 74 3c 58 4d 89 f5 49 c1 ed 03 48 b8 00 00 00 00 00 fc ff df <41> 0f b6 44 05 00 84 c0 0f 85 a8 01 00 00 4d 01 fc 41 8b 1e bf 08 [ 187.810378][ T9592] RSP: 0018:ffffc90001cbf600 EFLAGS: 00010203 [ 187.816267][ T9592] RAX: dffffc0000000000 RBX: ffffffff86745880 RCX: 0000000000040000 [ 187.824091][ T9592] RDX: ffffc900042d2000 RSI: 000000000002c860 RDI: 000000000002c861 [ 187.831914][ T9592] RBP: ffffc90001cbf638 R08: ffffffff81980e8e R09: fffffbfff0f6dafd [ 187.839714][ T9592] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff8881f6e00000 [ 187.847511][ T9592] R13: 00dbf179dedc04a8 R14: 06df8bcef6e02546 R15: 06e0034d000024ee [ 187.855336][ T9592] FS: 00007fa6d878b6c0(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 187.864098][ T9592] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 187.870523][ T9592] CR2: 000000110c2db0e6 CR3: 00000001120a6000 CR4: 00000000003506b0 [ 187.878324][ T9592] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 187.886149][ T9592] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 187.893958][ T9592] Kernel panic - not syncing: Fatal exception in interrupt [ 187.901180][ T9592] Kernel Offset: disabled [ 187.905296][ T9592] Rebooting in 86400 seconds..