last executing test programs: 35.116496701s ago: executing program 0 (id=126): syz_mount_image$exfat(&(0x7f0000000380), &(0x7f0000000180)='./file1\x00', 0x0, &(0x7f0000000100)=ANY=[], 0x1, 0x14fe, &(0x7f0000002ac0)="$eJzs3QuYjtX6MPB1r7UexjTxNslhWPe6H940WCZJckiSQ5IkSZJTQtIkSUJiyCkJSchxkhyGkBwmJo3z+ZBz0mRLkiSnnML6rqndtve//b/s/e39//y/Pffvutb1rvtaz72etd6beZ/nuebwQ9fhtZrUrt6IiMS/BH57SRFCxAghBgkh8gkhAiFE+fjy8dnjeRSk/GsnYf9ej6Zd6xWwa4nrn7Nx/XM2rn/OxvXP2bj+ORvXP2fj+udsXH/GcrKtMwvfwC3ntn/9+X/Mby/8/P//Q/z5n7Nx/f/TnM7zzxzN9f9Pctl7/89lcP1zNq5/zsb1z9m4/jkb1z9n4/ozlpNd6+fP3K5tu9b//hhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOM5Qzn/BVaCPF7/1qvizHGGGOMMcYYY/8+Pve1XgFjjDHGGGOMMcb+54GQQgktApFL5BYxIo+IFdeJOHG9yCvyiYi4QcSLG0V+cZMoIAqKQqKwSBBFRFFhBAorSISimCguouJmUULcIhJFSVFKlBZOlBFJ4lZRVtwmyonbRXlxh6gg7hQVRSVRWVQRd4mq4m5RTdwjqot7RQ1RU9QStcV9oo64X9QVD4h64kFRXzwkGoiHRUPxiGgkHhWNxWOiiXhcNBVPiGaiuWghWopW/1f5r4ie4lXRS/QWKaKP6CteE/1EfzFADBSDxOtisHhDDBFviqFimBgu3hIjxNtipHhHjBKjxRjxrhgrxonxYoKYKCaJVPGemCzeF1PEB2KqmCamixkiTcwUs8SHYraYI+aKj8Q88bGYLxaIhWKRSBefiMViicgQn4ql4jORKZaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Co+F9vEdrFD7BS7xG6xR3wh9oovxT7xlcgSX/+T+Wf/S343ECBAggQNGnJBLoiBGIiFWIiDOMgLeSECEYiHeMgP+aEAFIBCUAgSIAGKQlFAQCAgKAbFIApRKAElIBESoRSUAgcOkiAJysJtUA7KQXkoDxWgAlSESlAJqkAVqApVoRpUg+pQHWpADagFteA+uA/uh7pQF+pBPagP9aEBNICG0BAaQSNoDI2hCTSBptAUmkEzaAEtoBW0gtbQGtpAG2gH7aA9tIcO0AGSIRk6QkfoBJ2gM3SGLtAFukJX6AbdoTu8Aq/Aq/Aq9IYasg/0hb7QD/rBABgIA+F1GAxvwBvwJgyFYTAc3oK34G0YCWdgFIyGMTAGqspxMB4mAMlJkAqpMBkmwxSYAlNhGkyDGZAGM2EWzILZMAfmwEcwDz6Gj2EBLIBFkA7psBiWQAZkwFI4C5mwDJbDClgJq2AlrIG1sAbWwwZYD5tgE2yBLfA5fA7bYTvshJ2wG3bDF/AFfAlfwlDIgizYD/vhAByAg3AQDsEhOAyH4QgcgaNwFI7BMTgOJ+AknIDTcBrOwFk4B+fgAlyAi3ARLsPl7P/8MpuWWuaSuWSMjJGxMlbGyTiZV+aVERmR8TJe5pf5ZQFZQBaShWSCTJBFZVGJEiXJUBaTxWRURmUJWUImykRZSpaSTjqZJJNkWVlWlpPlZHl5h6wg75QVZSXZ1lWRVWRV2c5Vk/fI6rK6rCFrylqytqwt68g6sq6sK+vJerK+rC8byIdlQ9kHBsCjMrsyTeQwaCqHQzPZXLaQLeXb8KRsLUdCG9lWtpNPy9EwCjrI1i5ZPic7yvHQSb4gJ8CLsoucBF3ly7Kb7C57yFdkT9nG9ZK95VToI/vKGdBP9pcD5EA5G2rK7IrVkm/KoXKYHC7fkovgbTlSviNHydFyjHxXjpXj5Hg5QU6Uk2SqfE9Olu/LKfIDOVVOk9PlDJkmZ8pZ8kM5W86Rc+VHcp78WM6XC+RCuUimy0/kYrlEZshP5VL5mcyUy+RyuUKulKvkarlGrpXr5Hq5QW6Um+RmuUVulZ/LbXK73CF3yl1yt9wjv5B75Zdyn/xKZsmv5X75J3lAfiMPym/lIfmdPCy/l0fkD/Ko/FEekz/J4/KEPClPydPyZ3lGnpXn5Hl5Qf4iL8pL8rL0UihQUimlVaByqdwqRuVRseo6FaeuV3lVPhVRN6h4daPKr25SBVRBVUgVVgmqiCqqjEJlFalQFVPFVVTdrEqoW1SiKqlKqdLKqTIqSd2qyqrbVDl1uyqv7lAV1J2qoqqkKqsq6i5VVd2tqql7VHV1r6qhaqpaqra6T9VR96u66gFVTz2o6quHVAP1sGqoHlGN1KOqsXpMNVGPq6bqCdVMNVctVEvVSj2pWqunVBvVVrVTT6v26hnVQT2rktVzqqN6XnVSL6jO6kXVRb2kuqqXVTfVXfVQl9Rl5VUv1VulqD6qr3pN9VP91QA1UA1Sr6vB6g01RL2phqpharh6S41Qb6uR6h01So1WY9S7aqwap8arCWqimqRS1XtqsnpfTVEfqKlqmpquZqg0NVMN+PNMc/+B/Pf/Tv6QX8++RW1Vn6ttarvaoXaqXWq32qP2qL1qr9qn9qkslaX2q/3qgDqgDqqD6pA6pA6rw+qIOqKOqqPqmDqmjqsT6rw6pU6rn9UZdVadVefVBXVBXfzzeyA0aKmV1jrQuXRuHaPz6Fh9nY7T1+u8Op+O6Bt0vL5R59c36QK6oC6kC+sEXUQX1Uajtpp0qIvp4jqqb9Yl9C06UZfUpXRp7XQZnaRv/Zfzr7a+VrqVbq1b6za6jW6n2+n2ur3uoDvoZJ2sO+qOupPupDvrzrqL7qK76q66m+6me+geuqfuqb0QIkWn6L76Nd1P99cD9EA9SL+uB+vBeogeoofqoXq4Hq5H6BF6pB6pR+lReoweo8fqsXq8Hq8n6ok6VafqyXqynqKn6Kl6qp6up+s0naZn6Vl6tp6t5+q5ep6ep+fr+XqhXqjTdbperBfrDJ2hl+qlOlMv08v0Cr1Cr9Kr9Bq9Rq/T6/QGvUFv0pt0pv79GzR36B16l96l9+g9eq/eq/fpfTpLZ+n9er8+oA/og/qgPqQP6cP6sD6ij+ij+qg+po/p4/q4PqlP6tP6tD6jz+hz+py+oC/oi/qivqwvZ1/2BTKQgQ50kCvIFcQEMUFsEBvEBXFB3iBvEAkiQXwQH+QPbgoKBAWDQkHhICEoEhQNTICBDSgIg2JB8SAa3ByUCG4JEoOSQamgdOCCMkFScGtQNrgtKBfcHpQP7ggqBHcGFYNKQeWgSnBXUDW4O6gW3BNUD+4NagQ1g1pB7eC+oE5wf1A3eCCoFzwY1A8eChoEDwcNg0eCRsGjQePgsaBJ8HjQNHgiaBY0D1oELYNW/9b5vT9T8CnXy/Q2KaaP6WteM/1MfzPADDSDzOtmsHnDDDFvmqFmmBlu3jIjzNtmpHnHjDKjzRjzrhlrxpnxZoKZaCaZVPOemWzeN1PMB2aqmWammxkmzcw0s8yHZraZY+aaj8w887GZbxaYhWaRSTefmMVmickwn5ql5jOTaZaZ5WaFWWlWmdVmjVlr1pn1ZoPZaDaZzWaL2Wo+N9vMdrPD7DS7zG6zx3xh9povzT7zlckyX5v95k/mgPnGHDTfmkPmO3PYfG+OmB/MUfOjOWZ+MsfNCXPSnDKnzc/mjDlrzpnz5oL5xVw0l8xl47Mv7rM/3lGjxlyYC2MwBmMxFuMwDvNiXoxgBOMxHvNjfiyABbAQFsIETMCiWBSzERIWw2IYxSiWwBKYiIlYCkuhQ4dJmIRlsSyWw3JYHstjBayAFbEiVsbs+5G78G68G+/Be/BevBdrYk2sjbWxDtbBulgX62E9rI/1sQE2wIbYEBthI2yMjbEJNsGm2BSbYTNsgS2wFbbC1tga22AbbIftsD22xw7YAZMxGTtiR+yEnbAzdsYu2AW7Ylfsht2wB/bAntgTe2EvTMEU7It9sR/2wwE4AAfhIByMg3EIDsGhOBSH43AcgSNwJI7EUTgax+C7OBbH4XicgBNxEqZiKk7GyTgFp+BUnIrTcTqmYRrOwlk4G2fjXJyL83Aezsf5uBAXYjqm42JcjBmYgUtxKWZiJi7H5bgSV+JqXI1rcS2ux/W4ETfiZtyMW3ErbsNtuAN34C7chXtwD+7FvbgP92EWZuF+3I8H8AAexIN4CA/hYTyMR/AIHsWjeAyP4XE8DifxJJ7G03gGz+A5PIcX8Be8iJfwMnqMsXlsrL3OxtnrbV6bz8bYPL2FEH+JC9nCNsEWsUWtsQVswb+J0VqbaEvaUra0dbaMTbK3/iGuaCvZyraKvctWtXfban+I69j7bV37gK1nH7S17X1/E9e3D9kG9nHb0D5hG9nmtrFtaZvYx21T+4RtZpvbFralbW+fsR3sszbZPmc72uf/EC+2S+xau86utxvsXvulPWfP2yP2B3vB/mJ72d52kH3dDrZv2CH2TTvUDvtDPMa+a8facXa8nWAn2kl/iKfbGTbNzrSz7Id2tp3zhzjdfmLn2Qw73y6wC+2iX+PsNWXYT+1S+5nNtMvscrvCrrSr7Gq75i9rXWE32c12i91jv7Db7Ha7w+60u+zuX+PsfeyzX9ks+7U9bL+3B+w39qA9ag/Z736Ns/d31P5oj9mf7HF7wp60p+xp+7M9Y8/+uv/svZ+yl+xl660gIEmKNAWUi3JTDOWhWLqO4uh6ykv5KEI3UDzdSPnpJipABakQFaYEKkJFyRCSJaKQilFxitLNVIJuoUQqSaWoNDkqQ0l0K5Wl26gc3U7l6Q6qQHdSRapElakK3UVV6W6qRvdQdbqXalBNqkW16T6qQ/dTXXqA6tGDVJ8eogb0MDWkR6gRPUqN6TFqQo9TU3qCmlFzakEtqRU9Sa3pKWpDbakdPU3t6RnqQM9SMj1HHel56kQvUGd6kbrQS9SVXqZu1J160CvUk16lXtSbUqgP9aXXqB/1pwE0kAbR6zSY3qAh9CYNpWE0nN6iEfQ2jaR3aBSNpjH0Lo2lcTSeJtBEmkSp9B5NpvdpCn1AU2kaTacZlEYzaRZ9SLNpDs2lj2gefUzzaQEtpEWUTp/QYlpCGfQpLaXPKJOW0XJaQStpFa2mNbSW1tF62kAbaRNtpi20lT6nbbSddtBO2kW7aQ99QXvpS9pHX1EWfU376U90gL6hg/QtHaLv6DB9T0foBzpKP9Ix+omO0wk6SafoNP1MZ+gsnaPzdIF+oYt0iS6TJxFCKEMV6jAIc4W5w5gwTxgbXhfGhdeHecN8YSS8IYwPbwzzhzeFBcKCYaGwcJgQFgmLhibE0IYUhmGxsHgYDW8OS4S3hIlhybBUWDp0YZkwKbw1LBveFpYLbw/Lh3eEFcI7w4phpbByWCW8K6wa3h1WC+8Jq4f3hjXCmmGtsHZ4X1gnvD+sGz4Q1gsfDMuFD4UNwofDhuEjYaPw0bBx+FjYJHw8bBo+ETYLm4ctwpZhq/DJsHX4VNgmbBu2C58O24fPhB3CZ8Pk8LmwY/j8VcdTwj5h3/C18LXQ+wfUwuiiaHr0k+ji6JJoRvTT6NLoZ9HM6LLo8uiK6Mroqujq6Jro2ui66ProhujG6Kbo5uiWqPe1cwsHTjrltAtcLpfbxbg8LtZd5+Lc9S6vy+ci7gYX7250+d1NroAr6Aq5wi7BFXFFnXHorCMXumKuuIu6m10Jd4tLdCVdKVfaOVfGJbmWrpVr5Vq7p1wb19a1c0+7p90z7hn3rHvWPec6uuddJ/eC6+xedF3cS+4l97Lr5rq7Hu4V19O96nq53i7Fpbi+rq/r5/q5AW6AG+QGucFusBvihrihbqgb7oa7EW6EG+lGulFulBvjxrixbqwb78a7iW6iS3WpbrKb7Ka4KW6qm+qmu+kuzaW5WW6Wm+1mu7lurpvn5rn5br5b6Ba6dJfuFrvFLsNluKVuqct0mW65W+5WupVutVvt1rq1br1b7za6jW6z2+y2uq1um9vmdrgdbpfb5fa4PW6v2+v2uX0uy2W5/W6/O+AOuIPuW3fIfecOu+/dEfeDO+p+dMfcT+64O+FOulPutPvZnXFn3Tl33l1wv7iL7pK77LxLjbwXmRx5PzIl8kFkamRaZHpkRiQtMjMyK/JhZHZkTmRu5KPIvMjHkfmRBZGFkUWR9MgnkcWRJZGMyKeRpZHPIpmRZZHlkRWRlZFVEe+LbAt9MV/cR/3NvoS/xSf6kr6UL+2dL+OT/K2+rL/Nl/O3+/L+Dl/B3+kr+kq+sn/CN/PNfQvf0rfyT/rW/infxrf17fzTvr1/xnfwz/pk/5zv6J/3nfwLvrN/0XfxL/mu/mXfzXf3Pfwrvqd/1ffyvX2K7+P7+td8P9/fD/AD/SD/uh/s3/BD/Jt+qB/mh/u3/Aj/th/p3/Gj/Gg/xr/rx/pxfryf4Cf6ST7Vv+cn+/f9FP+Bn+qn+el+hk/zM/0s/6Gf7ef4uf4jP89/7Of7BX6hX+TT/Sd+sV/iM/ynfqn/zGf6ZX65X+FX+lV+tV/j1/p1fr3f4Df6TX6z3+K3+s/9Nr/d7/A7/S6/2+/xX/i9/ku/z3/ls/zXfr//kz/gv/EH/bf+kP/OH/bf+yP+B3/U/+iP+Z/8cX/Cn/Sn/Gn/sz/jz/pz/ry/4H/xF/0lf5l/Zo0xxhhj7B+irjLe57/JkX/u9xVCXL+98KH/Or6xwG/9/rkT2keEEM/17vro761GjZSUlD8fm6lEUHyBECJyJT+XuBIvE+3EMyJZtBVl/zIe81fn6i+7X6CrzB+9Q4jYv8rJzv89vjL/bX93//3luHlXnX+BEInFr+TkEVfiK/OX+2/mL9j6KvPn+SZViDZ/lRMnrsRX5k8ST4nnRfLfHMkYY4wxxhhjjP2mv6zc+Wr3t9n35wn6Sk5ucSX+e/fnjDHGGGOMMcYY+9/lxe49nn0yObltZ+78T3V8vt/e6v8t6+EOd/6BzrX+ysQYY4wxxhj7d7ty0X+tV8IYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjOVc/y9+ndjv57ra3xpkjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHG/lP9nwAAAP//sjE7Eg==") mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x1000) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) pwrite64(r0, &(0x7f00000000c0)='a', 0x200000c1, 0x9000) 34.90698423s ago: executing program 0 (id=130): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) getsockname$packet(r1, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000900)={0x6, 0x3, &(0x7f0000000380)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x636}}, &(0x7f0000000000)='syzkaller\x00', 0xf5, 0x0, 0x0, 0x41000, 0x8, '\x00', r2, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) 34.886291041s ago: executing program 0 (id=132): r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) close(r0) syz_usb_connect(0x4, 0x3e, &(0x7f0000000040)=ANY=[], 0x0) ioctl$SIOCSIFHWADDR(r0, 0x40095505, &(0x7f0000000000)={'veth0_to_batadv\x00', @random="372485e70eef"}) 34.376591679s ago: executing program 0 (id=151): syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000000c0)='./file1\x00', 0x101880a, &(0x7f0000000400)=ANY=[@ANYBLOB="6e6f646973636172642c6261636b67726f756e645f67633d73796e632c61636c2c6673796e635f6d6f64653d7374726963742c696e6c696e655f78617474722c6673796e635f6d6f64653d706f7369782c646973636172645f756e69743d7365676d656e742c6261636b67726f756e645f67633d6f6e2c6e6f696e6c696e655f78617474722c646973636172645f756e69743d626c6f636b2c6673796e635f6d6f64653d7374726963742c617467632c657874656e745f63616368652c6661756c745f696e6a656374696f6e3d30303030303030303030303030303031343033302c00271d57a599b8b169a579679e220c689eaaec4fa6229021e75c68a687d319b615573b0b0ceefba8e2e2419434463974ef8174b66469344931de0ccad650792761"], 0x1, 0x550b, &(0x7f00000079c0)="$eJzs3M1rI2UYAPAn/dhv1yIevO3AIrSwiU0/Fr1V3cUP7FJWPXjSNElDdpNMadK09uTBo3jwPxEFTx79Gzx49iYeFG+Ckpmpbv0AoWlj298PJs+8b94887xhWXhmSgK4sOaSX34qxc24GhHTEXEjIjsvFUdmLQ/PRcStiJh64igV839MXIqIaxFxc5Q8z1kq3vrszvD26o9v/vz1t5dnrn/+1XeT2zUwac9HRHc7P9/r5jFt5fFRMV8btrPYXRkWMX+j+7gYp3nca25mGfZqh+tqWVxu5evT7d3+KG51avVRbLW3svntXn7B/rB1mCf7wKPaTjZuNDez2O6nWWwd5HXtH+T/tx30B3meRpHvwyx9DAaHMZ9v7jfz/Ww/zmK9Nyjm87xpo7k/isMiFpeLetppZHVsHueb/n97q93b3U+GzZ1+O+0lq5Xqi5Xq3XJ1J200B82Vcq3buLuSzLc6o2XlQbPWXWulaavTrNTT7kIy36rXy9VqMn+vudmu9ZJqtbJcWSyvLhRnd5LXHrybdBrJ/Ci+0u7tDtqdfrKV7iT5JxaSpcrySwvJ7Wry9vpGsvHw/v31jXfev/feg5fX33i1WPS3spL5pcWlpXJ1sbxUXbhA+/+4KHqM+4djKU26AICzR/8PTMLJ9f87DyNOvv8P/f9YnKn+9/z1/3svREx0/3As+n8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAvr+9kvXs9O5vLx9WL+qWLqmWJcioipiPjtH0zHpSM5p4s8s/+yfvYvNXxTiizD6BqXi+NaRKwVx69Pn/S3AAAAAOfXlx/d+jTv1vOXuUkXxGnKb9pM3fhgTPlKETE798OYsk2NXp4dU7Ls3/dM7I8pW3YD68qYkuW33GbGle0/mT4SrjwRSnmYOtVyAACAU3G0EzjdLgQAAIDT9MmkC2AySnH4KPPwWXD2l/d/PhC8emQEAAAAnEGlSRcAAAAAnLis//f7fwAAAHC+5b//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAv7NzP7eJA1EcgJ8NXth/WrTa+7ayNyhjS9jjHiMKSBMUkANpIQ1QA7mlhAgiPA6BiEMkj20l+j7JmYxlfrxBcJgZaQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAu3Vfrxe3V7+u2Obt9O3lGAwAAAFyyrdaL+p9Z6n9t7n9vbv1s+kVElBFxae4+ik9nmaMmp3p5/ub0+epVDXcRdcLhPSbN9SUi/jTX44+uPwUAAAD4uDbL1TzN1tOf2dAF0ae0aFN++5spr4iIavaQKa085P3KFFZ/v8fxP1NavYA1zRSWltzGudLepP65H1ftpidNkZry4suORWYbOwAA0KPRWdPvLAQAAIA+/Ru6AIZRxPNW5nErcJKaZnvv81kPAAAAeIeKoQsAAAAAOlfP/3s6/2/v/D8AAAAYRjr/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC5tq/Vis1zN2+bs9u3kGQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyxP+8oEAJhEAZ713cmc//DSoOmpiZVIHz8jcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMX+vKRACARBFMwZ/zvp+x9WEvQMIkRAw6OKWjQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMXO/bzGUcUBAP/OzM7WtooxSg4RUfCgF5tua2tv4kEJHvwThJBua+zWH20QW4qYizfJuRfRo4igxFv/h55b6KXeethDBc/KzM5kp23A9dfMNvl84M377jDM+75ZCPnOewkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtfFb0zgrDguTOK3O3bp/bb3obz/UF25s31kuWhEnbSb9eHih+SFZioij3SUDAADAwZDV9X1E3M13Vos+XSjr/7y+pqj5v31qElf1/Gd1yfpw/V/X/kX75ed7z+0OtDAZp7jpuY3R8PijqfT+rznOu6f/8ope+eTLdy9Z+YWk7249O87L55l8ffPm2/0yPNRGtgDAP3Gs7qug/n2o6AddJgbAgdFrFN51/Z8tdJsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQBvGW3G0jpOIWO5N48Lt+9fW9+pvbN9Zrtvp69e348vpPYtb5BFxbmM0PN7qbObb5StXL6yNRsNL7QcvRkRXo79ZTf/C+zNcHNHJ8xH8R0Fafdnzks/jEXT4QwkAgH0pr1pR19/Nd1aLc8lixB/fPVj/v9KIY8b6/94Hp281x2rW/4PWZjj/VjYvfrJy+crV1zYurp0fnh9+9PqJwRuDk2dOnTqzUr4rWfHGBAAAgH+nX7Vm/Z8uPrr+f6QRx4z1/6ffDL5ojpWp//c0XfTrOhMAAICD7ZmXfv8t2eN80u/H52ubm5cGk+Pu5xOTYwep/m2Hqtas/7PFrrMCAAAA2jDeSh5Y/z/biGPG9f8nv3/+x+Y9s4g4XK3/H1v/eHS2venMtTb+nLjrOQIAANCtw1Vrrv/n5f7/dHfLQxoRr748iat/AzhT/Z+989UPzbGa+/9PtjfFuZQuTZ5H2S9F9Ja6zggAAID97ImqFcX+r/nO6oc/HXmvb/8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQNv+DAAA///fxzxy") mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) syz_mount_image$fuse(0x0, &(0x7f0000000180)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}, {@nfs_export_on}], [], 0x2c}) 33.990147028s ago: executing program 0 (id=166): socket$packet(0x11, 0x2, 0x300) socket$packet(0x11, 0x3, 0x300) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/ptype\x00') preadv(r0, &(0x7f0000000000)=[{&(0x7f0000000480)=""/187, 0xbb}], 0x1, 0x4c, 0x0) 32.929940704s ago: executing program 0 (id=176): r0 = epoll_create(0x7ff40000) epoll_wait(r0, 0x0, 0x14e, 0xfffffffd) r1 = eventfd(0xeac) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080)={0x1}) 32.928723275s ago: executing program 32 (id=176): r0 = epoll_create(0x7ff40000) epoll_wait(r0, 0x0, 0x14e, 0xfffffffd) r1 = eventfd(0xeac) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080)={0x1}) 20.862044816s ago: executing program 5 (id=611): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) rt_sigsuspend(&(0x7f0000000040)={[0x2000000]}, 0x8) 20.594444795s ago: executing program 5 (id=627): r0 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x0) syz_usb_disconnect(r0) syz_usb_connect$cdc_ecm(0x2, 0x4d, &(0x7f0000000340)=ANY=[@ANYBLOB="12010000020000102505a1a44000000400010902"], 0x0) ioctl$EVIOCRMFF(r0, 0x83c0550b, 0x0) 19.115013221s ago: executing program 5 (id=665): syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000400)='./file1\x00', 0x1008801, &(0x7f0000005ac0)=ANY=[], 0x1, 0x1e0, &(0x7f0000000480)="$eJzsmbGP0zAUxj87ufY4IRALAwsDJ3FIXJqkgG654ZAYkZDuEDBWNFSFtEVthrYSEhULCyMbK/8AA0MnBjY2VhZAQmKgI7ORHTdxmwZawlBx7yfV+fxiP9sv6bcEBEEcW75++fn5xfW9o8sATmIbZR3/bqVjuDFehl/u33j15tPr9+1TT8bz+RgAIZZf3wbw7sACnp5WfSFmZ2/r6xF4om+D45LWd8DgTPcq0tkBGO7p8ENDd05oEQbsfiesP2iGgSsbTza+bKqAmNnfZMRQB7Cpl2DG/nqD4aNaCHRjEQZTsSGm62RurSr+VL/JAce+UQL5vO4+fzaSfUfHXaN+Hjg8ratgONR6D2U4jpOWxDj/OTvNb2XOX/CQKF6jheLM7j9O+P8KVvAJAliDUywn2HxE/qGTyNnJ+EN21rd12fxfCGVcADK3Pm6F4c0CmUvaBHJfidg/mA1cNPzJhp34RyVqPa70BsPdZqvWCBpB2/er19wrrnvVrygjitvf+N+m8qctI/9GztgSK6Ffi6Ku1weirpf0/bg1HPfwbeeHmsOV/3HsXIhzyFdFHbu8eA2mf1xdpdqxcjdPEARBEARBEARBEARBEASxEufB4g9h8YcqkYN/S43+FQAA//9HTGj9") close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) fadvise64(r0, 0xfffffffffffffffb, 0x0, 0x4) 19.076943931s ago: executing program 5 (id=667): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0xc) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0) mount$bind(&(0x7f0000000080)='./file0\x00', &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x2081c80, 0x0) mount$bind(0x0, &(0x7f0000001200)='./file0/file0\x00', 0x0, 0x84000, 0x0) 19.02997858s ago: executing program 5 (id=670): r0 = syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301) ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000200)) ioctl$USBDEVFS_IOCTL(r0, 0x80045505, &(0x7f0000000340)=@usbdevfs_connect) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x8008551d, &(0x7f0000000000)={0xb7c6, 0x1, [{}]}) 18.95071044s ago: executing program 5 (id=673): syz_mount_image$ext4(&(0x7f0000000380)='ext4\x00', &(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc000, &(0x7f00000006c0), 0x2, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M") r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwrite64(r0, &(0x7f0000000080)="ad", 0x1, 0x8000c61) ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611) 18.92165697s ago: executing program 33 (id=673): syz_mount_image$ext4(&(0x7f0000000380)='ext4\x00', &(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc000, &(0x7f00000006c0), 0x2, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M") r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwrite64(r0, &(0x7f0000000080)="ad", 0x1, 0x8000c61) ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611) 4.681029895s ago: executing program 1 (id=1302): openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00') r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000000c40)) 4.671983385s ago: executing program 1 (id=1303): pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) ioctl$TIOCPKT(r1, 0x5420, &(0x7f00000000c0)=0x3ff) sendfile(r0, r1, 0x0, 0x10ffff) ioctl$TCSETS(r1, 0x5402, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, "fe941600"}) 4.609543855s ago: executing program 1 (id=1304): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuacct.usage_user\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x0) r1 = io_uring_setup(0x35f0, &(0x7f0000003800)) io_uring_enter(r1, 0x0, 0x8efb, 0x1, &(0x7f0000000080), 0x8) 4.598299005s ago: executing program 1 (id=1305): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000040)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0) mount$bind(0x0, &(0x7f0000000180)='./file0/../file0\x00', 0x0, 0x84000, 0x0) 4.584968755s ago: executing program 1 (id=1306): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000001afc1801000020207025000000000020"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x2}, 0x6) recvmmsg(r0, &(0x7f0000000100)=[{{0x0, 0xff32, 0x0, 0x0, &(0x7f0000000000)=""/10, 0x17}}], 0x400000000000078, 0x2, 0x0) write$bt_hci(r0, &(0x7f0000000200)={0x1, @accept_logical_link={{0x439, 0x21}, {0xc8, {0x10, 0xf, 0x8001, 0xef8, 0x0, 0x6}, {0x0, 0x5, 0x4, 0x80000001, 0x3, 0x5}}}}, 0x25) 4.465764354s ago: executing program 1 (id=1307): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0500000008000000e27f00000100000000"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000002300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000380)='mm_khugepaged_scan_pmd\x00', r1}, 0x18) madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19) 4.461916215s ago: executing program 34 (id=1307): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0500000008000000e27f00000100000000"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000002300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000380)='mm_khugepaged_scan_pmd\x00', r1}, 0x18) madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19) 1.278190635s ago: executing program 3 (id=1407): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000020000000c"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000007290000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000400)={r2, 0x0, 0x0}, 0x20) 1.246364764s ago: executing program 3 (id=1410): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0) openat2$dir(0xffffffffffffff9c, 0x0, &(0x7f0000000540)={0x0, 0x0, 0x13}, 0x18) 1.216215984s ago: executing program 3 (id=1413): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000240), 0xc0802, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000040)=0xfffffffc) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000300)=0x3) ioctl$PPPIOCSFLAGS1(r0, 0x40047459, &(0x7f0000000100)=0x2000004) pwritev(r0, &(0x7f0000000400)=[{&(0x7f0000000680)="00214717a70700000700030600710a5e31163c00000000", 0x17}], 0x1, 0x0, 0x0) 1.156653704s ago: executing program 4 (id=1416): r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x6, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="180200000000000000000000000000008500000036000000850000002a00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000100)={r2, r1}, 0x40) syz_emit_ethernet(0x1361, &(0x7f0000001500)=ANY=[], 0x0) 1.150612854s ago: executing program 4 (id=1419): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a00)=@newtaction={0x44, 0x30, 0x2, 0x70bd2d, 0x25dfdbff, {}, [{0x30, 0x1, [@m_nat={0x2c, 0x20, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x1}}}}]}]}, 0x44}}, 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', 0x0}) r2 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000880)=ANY=[@ANYBLOB="700200001300290a000000000000000007000000", @ANYRES32=r1, @ANYBLOB="000000000000000010011a801000f4800400058008000900000000000800038030000180050006000000000014000500714abbd2547de97cbbf6efb226f19bf90d0002003a288e5e5b5b5a40000000006000078014000400293a02149f3b75a67093c28fd6f55a2314000400e48f01e49713f0c2d839f940d9f088d80500060000000000130002006272696467655f736c6176655f30000007000200293a00000500060000000000080001000000000018000180140004004d2906d0880fc8acc30fe2020f9849675000018014000500a1085e7df341b9dc3d8008a2fe5bdaad140004009c7e472c916020fe41bcc5aa8f56c9471400050080ab8be51421cfa3c9e5cbfe8217e0af080001000000000008000100000000006000018005000600000000000500060000000000080001000000000005000600000000000c00020073797a746e6c30000800010000000000130002006272696467655f736c6176655f30000014000500e078d277f38ed3a40a448f3f6b6763e83c000c8008002c000000"], 0x270}}, 0x0) 1.128986744s ago: executing program 7 (id=1420): r0 = syz_open_dev$loop(&(0x7f0000000500), 0x887, 0x40) r1 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r2) ioctl$BLKPG(r0, 0x1269, &(0x7f0000000600)={0x3, 0x0, 0x0, 0x0}) 1.120710464s ago: executing program 3 (id=1421): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount$incfs(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000180), 0x0, 0x0) setxattr$security_capability(0x0, &(0x7f0000000280), 0x0, 0x0, 0x0) lsetxattr$security_capability(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), &(0x7f0000000040)=@v3, 0x18, 0x0) lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)=ANY=[], 0x0, 0x0) 1.120017744s ago: executing program 7 (id=1422): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'\x00', 0x5}) ioctl$TUNSETPERSIST(r0, 0x400454c9, 0x200000000000001) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x0) 1.088137584s ago: executing program 4 (id=1423): r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) r2 = syz_open_procfs(0x0, &(0x7f0000000000)='maps\x00') setresuid(r1, r1, r1) utimensat(r2, 0x0, &(0x7f0000000300)={{0x0, 0xea60}}, 0x0) 1.087844464s ago: executing program 3 (id=1424): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000009, 0x8031, 0xffffffffffffffff, 0x2b6b8000) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000040)={0xffffffffffffffff, 0x1d5d, 0x2}) 1.048923364s ago: executing program 7 (id=1426): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xffd, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f9ffffffb703000000080000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000012c0)='scsi_dispatch_cmd_start\x00', r1}, 0x10) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15) 1.048535983s ago: executing program 4 (id=1427): r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) readv(r1, &(0x7f0000001340)=[{&(0x7f00000000c0)=""/166, 0xa6}], 0x1) timer_settime(0x0, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) 958.735993ms ago: executing program 7 (id=1429): syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000180)='./file0\x00', 0x20044e, &(0x7f0000000340)={[{@minixdf}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1ff}}, {@grpquota}, {@noblock_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x8}}]}, 0x3, 0x451, &(0x7f0000000f80)="$eJzs3M2PU1UbAPDn3k6HlxdwRsQPPtRRNE78mGEAlYULNZq4wMREF7qczAwEKYxhxkQIUTAGV8aYuDcu/Rdc6cYYVyZudW9IiGEDuKq57b1MW9rCdFqq098vuXDOvedyztNzT3vuPS0BjKyp7I8kYntE/B4RE/Vsc4Gp+l/Xr55fuHH1/EIS1erbfyW1cteunl8oihbnbcsz02lE+lkSe9vUu3L23Mn5SmXpTJ6fXT31wezK2XPPnTg1f3zp+NLpg0eOHD409+ILB5/vS5xZm67t+Xh53+433vvqzaNfNMXfEkefTHU7+GS12ufqhmtHQzoZG2JDWJdSRGTdVa6N/4koxVrnTcTrnw61ccBAVavV6rbOhy9UgU0siea8IQ+jovigz+5/i611EvDy4KYfQ3fllfoNUBb39XyrHxmLNC9Tbrm/7aepiHj3wt/fZFsM5jkEAECTH7L5z7Pt5n9pPNBQ7p58bWgyIu6NiJ0RcV9E7IqI+yNqZR+MiIfWWX/rIsmt85/0ck+B3aFs/vdSvrbVPP8rZn8xWcpzO2rxl5NjJypLB/LXZDrKW7L8XJc6fnztty87HWuc/2VbVn8xF8zbcXlsS/M5i/Or8xuJudGVixF7xtrFn9xcCUgiYndE7OmxjhNPf7ev07Hbx99FH9aZqt9GPFXv/wvREn8h6b4+Ofu/qCwdmC2uilv98uultzrVv6H4+yDr//+3vf5vxj+ZNK7Xrqy/jkt/fN7xnqbX6388eaeWHs/3fTS/unpmLmI8OVpvdOP+g2vnFvmifBb/9P72439nrL0SeyMiu4gfjohHIuLRvO2PRcTjEbG/S/w/v/rE+73HP1hZ/Ivr6v+1xHi07mmfKJ386fumSidvif9G9/4/XEtN53vu5P3vTtrV29UMAAAA/z1pRGyPJJ25mU7TmZn69+V3RaSV5ZXVZ44tf3h6sf4bgckop8WTromG56Fz+W19PX8xIupfLSiOH8qfG39d2lrLzywsVxaHHTyMuG0dxn/mz9KwWwcMnN9rwegy/mF0Gf8wuox/GF1txv/WYbQDuPvaff5/MoR2AHdfy/i37AcjxP0/jK6O438z/88/QI3PfxhJK1vj9j+S75oo/qUeT9+0iSj/K5qx8UQ1adu5kQ67YRKDTAz3fQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBf/gkAAP//qmHgTw==") mount(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000140)='proc\x00', 0x1000000, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0) mount_setattr(0xffffffffffffff9c, &(0x7f0000000180)='.\x00', 0x8000, &(0x7f0000001dc0)={0xf, 0x0, 0x100000}, 0x20) 939.105013ms ago: executing program 6 (id=1430): syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='mnt\x00', 0x4, &(0x7f0000000000), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=") mkdirat(0xffffffffffffff9c, &(0x7f0000000640)='mnt/encrypted_dir\x00', 0x0) chdir(&(0x7f00000002c0)='mnt/encrypted_dir\x00') symlink(&(0x7f0000000040)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0/file0\x00', &(0x7f0000000280)='./file0\x00') creat(&(0x7f00000001c0)='./file0\x00', 0x0) 856.623633ms ago: executing program 6 (id=1431): bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r0}, 0x10) r1 = socket$inet(0x2, 0x2, 0x1) sendmsg$inet(r1, &(0x7f0000000600)={&(0x7f0000000280)={0x2, 0xffff, @remote}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f00000005c0)="72addd2720d6", 0x6}], 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000007"], 0x40}, 0x20000000) 807.156383ms ago: executing program 6 (id=1432): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10) utimes(0x0, 0x0) 807.017203ms ago: executing program 7 (id=1433): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) setsockopt$sock_timeval(r1, 0x1, 0x15, &(0x7f0000000180)={0x0, 0xea60}, 0x10) sendmmsg$unix(r1, &(0x7f00000bd000), 0x100, 0x0) dup3(r1, r0, 0x80000) 765.396653ms ago: executing program 6 (id=1434): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x6, 0x4, 0x5b, 0x8a, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x3, &(0x7f0000000280)=@framed, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_BIND_MAP(0x23, &(0x7f00000004c0)={r2, r1}, 0xc) 765.256133ms ago: executing program 2 (id=1435): mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000080)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000ffa000/0x4000)=nil, 0x4000}, 0x1}) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa07, &(0x7f0000000280)={{&(0x7f0000ffc000/0x2000)=nil, 0x2000}}) 765.139003ms ago: executing program 2 (id=1436): r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f0000000280)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x8}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) close_range(r0, r1, 0x0) 757.565573ms ago: executing program 6 (id=1437): mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r0) wait4(r0, 0x0, 0x0, 0x0) ptrace$getsig(0x4202, r0, 0x2, 0x0) 743.816413ms ago: executing program 7 (id=1438): r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={0x0, &(0x7f0000000040)=""/155, 0x1000000, 0x9b, 0x1, 0x0, 0x0, @void, @value}, 0x20) 743.231022ms ago: executing program 2 (id=1439): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0x1, 0x8, 0x2, 0x4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x19, 0x4, 0x4, 0x9, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c3a00000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000080000850000007200000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 702.621532ms ago: executing program 35 (id=1438): r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={0x0, &(0x7f0000000040)=""/155, 0x1000000, 0x9b, 0x1, 0x0, 0x0, @void, @value}, 0x20) 701.236262ms ago: executing program 6 (id=1441): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e5"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000850000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='signal_deliver\x00', r1}, 0x10) syz_open_procfs$namespace(0x0, 0xfffffffffffffffe) 700.910442ms ago: executing program 2 (id=1442): stat(0x0, 0x0) r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_read_part_table(0x59e, &(0x7f0000000000)="$eJzs0r1Lc1ccB/BzUx7CA49EROhgB8Hg0qgQBx3MYCWGLEbElg7OgoMOgoODpERnX/4BxTcQF7GzoxhBFOIkGcW5oLhkSmm9pa1bW4xYPp/lcs75nvM7h98NfGiJ8Euz2YxCCM3kP9/9/XF+vNg9OTo1HUIUZkII+W++/L4SxYk/Tj2Nx6V4XExma7tXY0/H7dc9t9X0fiJeP0uE8FMIYf7+IPVf38b/30nuIrW6tlhYX87N3RVWHgZn+/JdG/mFraG9kfIPX4/8GP9YZ4nW1E/Xhg9vmqXH7bb+T9VaI3sZ5zLR29Tnfb3u/05npV5pTPQeLQ1kOurn5c2478/6DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvLGT3EVqdW2xsL6cm7srrDwMzvbluzbyC1tDeyPlr/7MnSVaUz9dGz68aZYet9v6P1VrjexlnMtE4currd/9/DZXooW+DX/v/05npV5pTPQeLQ1kOurn5c3oJfccvfdNAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICP4vN4sXtydGo6hCjMhBDGEu0Hv803ky/rUZw7jb+leL6YzNZ2r8aejtuve26r6f3JZAjJv5w7f3+Q+tzKh/Cv/BoAAP//vsKFIA==") ptrace(0x10, r0) ptrace$getregset(0x4204, r0, 0x202, &(0x7f0000000140)={&(0x7f00000000c0)=""/88, 0x58}) 541.886302ms ago: executing program 3 (id=1443): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000009208500000072000000850000000800000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r1, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001400)=[{&(0x7f0000000080)="3bfdd75fa5717852d59a9367444a2130e72cd4dabc8854532cca0c32a5b9f844a4610c7525650ce3d3b76b15026d93e6dee896115e9364066aa3d14e33ef732b4681335c576902153114bdb9c74b538a71115fb1d1a63d1b04129661b29aab89d0be999a6b7c9bea755adedbf305a79f70b71d3d4c98577b49db4963ce89b0def5e840f459659cb6f86d56b069a5de11d601d348ff88ca6e5e2cfe40176880b33e9e8dbc32ba2e6a99b1b50276dc4f06166000d7069a3cc76f", 0xb9}, {&(0x7f0000000180)="892950e2405ee8629d9384a90f16d1706a3e61f305119f95cac0f1927f4c205b971eb41147cb1f86883d6910e68ac3996551800b3ec64b77f8444b18345a2c8b178eeeba0cde7319a5a46bfe7f5770e019efd9d52069edcced33a758c4e657f3a792dc193a1911b4e82ea800ad7afe03c851a8", 0x73}, {&(0x7f0000000200)="a68cde0d56b170df7710b54f17d9a39c4f98f3547190", 0x20000216}, {&(0x7f0000000240)="45e04400f2b383517a08c397dd0a76e67ecfc8e74573c24dedd3a48fb62418c1412fdcd15e888cb0f5d02e77bfecefda6b064c0bb2b66a9a522e63873dde02330510255eec7dfa1af708cdab59fb71eca786a359a2c3b0cbad35144ec5b069c53f90e43339845dc7fd140c55b0149ab38eb27c140f374bcc2c95b0b121d1a9302f3a01b888243b3fc0d46f0de0", 0x8d}, {&(0x7f0000000300)="87fb74cf4d67adbbd062637f514c1f5eb18d7b442e6457a356c6cb1f71a43dfae773c8489cce5145f92615d4bdb13ef54d6ae90ec7733180fcf5adf3e13fdb05b57b748bd14eda042a97fdd84498304a504a0a159b972e8200c2d0f536a3465ec498ed12b924bd134057df36129d3ebe3dd3ce9f0671e5278143e4afa3d43f444681de1b5f9725fca34fa357fe2154981666fb9dc202fc17a0199eb1c25bdd1005e590e84783ee9894c888998dc25a83c14aeee31d114acfa0bcd235d571cd765f4b9259ba43e6fc30291d8a642146c4771898030b736aeee6b247abb0784b154e104e7dcda401f9b1736fea30a41a4153fe6a9a525bd0a3487571f914f05b590e242341ade289d8f5b842c6be4a93c2755dfd47174def782a2f8f61c068b5a012f02c0801601e860def788121e8808c01fed4c920a3698d0d684920918c95b17f76bbcb4f265c931d8f79560ff8114b70f4dd6791e2ed70cfeb89905791b88be26efe1c5c66b7b50b3d2be0dbc066dfc31618f9507f6f340b85a2f76a6dcac9d6ccc289ace5e5fecd25afe22ffa451f5e365ab33cc985f2e9d7f7fb1be4794740a94215d7db14b0ffcec19e5e3c5ae0d8578ef3b65d2a7a77a11e390a6c3a6b391061c886b961e3c2f42d62047bfe1356a44b840d3d956105f4c0fa95db08c4933f00de77cdc057c28b41fecfc8398c442be1ad065954f6c9dfeb2fd7207e8548a00a1d50bdf522d2abfdafd71723616a34830fbfa8fc81e0c2639cc12f363a4919b7a00ac8189dad3e7e54122a2ef430f623658d5e281c9a19442995bb9b0e3f7d13e3016b6f9523be196bf23bbcc5ec802f43ef8b651d688d9d5a44f35c9847e4c32bce3e9ebed2326adadc76f06a195db32c80b3090d7cd65c9d8518ba4e528c5eb5c7a1c5695b21595fa8a8621734bfda8afddd65e1f37a1990220a00fa9bd2c22b0117ceb08ae6af3c944c2eca924abfddad065d1472d0c3f742a49b1e78c669471873706ad157d831d7482b773f07b0673a6ce1e227a7a4d13744bf459434c0ab1c323a38b1a84cbf1ce9741f2b8fdcc2e073e56171603d035aacd83e71d5132831f4f1e8bf517979f132a33fd03783272e9b8c96dfa4e1d320a58d82acfc8d3d53a5a52daafe4dc8be08f4ad53e11cc21374b6ff4ff5ea2ecc5d3f7c057f74f0098e57d990090475cdaffdef0da917653ed10fb70b94b72e5b4d95cbea0fc1dd2579635ad6ab545ba4d7b6d2f5442bdb78beb6c8ed62942a439117025b4566b48d9f3a17fdf4577e8606a4bc4c26557e58312fd2d1a541ebec3e5ae28eef8b2ab0597083716dd12889335570ee7839530eee879d9b137606cd4dd7103991671b4464bb68529eb19fb7a8845e3491bfbac688a87cf0744f429ea112014402915c4c1f6bae08d689d3cb7d641d7befe8fc74a2242310a9a367a39531b4c86da5b39df524e52f33ff9c40b48cb196ffc9ca855b6e698ade8a83e52b9ddc5031ff09e1907e4f8b0d07e64e1fb8e427f8819a7be907aa216bf8e2a4c7cc87ed53bf9490d4cc788b91f3b9f705e984a7e62c7a495e8421b97c39dc954b35468f17c6682334f4e16308448f457faeffff6d1f818522fa441d3a48168bdb12ffebace436a3915b63076cb6a655718647f87eaaf313b5bbd430421eed3a2215e439600a56eac8c65291eb103326a8034662bd337ab51577d9110ec7151be5cc9c54b2a30891acac5ad006ed537dbeb8f16eecbde7cf4e71373faf3c36b772f6d7ea9346875c8cf1049d49d4f8eb01b946c11e8c8e3ab2015f282167acddcc77fff03e1be9134252af0abfe538b4d25fc4ff874b52b9fb0996b5f32b4141dbd30578ff46e13ef6c63fc1620f62cb11a3dce401993976c272a5f62fde3f2a0e654d19e7a39dcdb622b9526d2a15cc18e6f817c916a00775353dd9c8954e66d0445b59bb0f5e6e3b46447232f52a0e398b057d123ef503afcbd48544db6434d2025bfc8dab72262a4fa5426a03061e7f8966e0086ff8ab5a91ab59f19b830394ee8bc76d6fb4816b8f4cde35b7eb9d3811228d51c54828f97fd1e648196c81bc73ed56249a59f318704e84656a6cedd2b8c1e1808d1cc648749abc643131e494c01336d4a14b8609656f2c972dc23c5c2e43fe40119fb88b5ec2aade35c03646e347354c493de8ab3672ccf94af0df333c6678299129d79be0eec281c5b3858ce3995566a390b674635b356692e3e9c53a089638ba0d69e772b7b410a5ae03de12e7de755ee559e1707b7b8003aabc8e2ce03c01e3183ff2d93262f6d5ceaafecdae66bc7cb3952c5a6571d864d502f281db5a228695badca5d022fdb6da56ab15dc377d1c1f8581ff56e28c2b2a84edb629547d28275c2ed571103b4ca7cdeb0776ba9f9dffcd78d21c3d4caa9289ed199672f4e7b912068c49c817114c37d37ea03954bae87d1ddae3da2ad85feb2fbb735b75a51f7bee5c8d88cc7bf64700d1a46ec6b631ae22ac7b06730a86a26bdcb992e1c7b50142de96b14a8468e4514068a30896fc677fddefaebb125c693a8d460469c7fe535f844781940f66d6abd091191c3122d584f5b0f5b0d443713d7d5186124d73de28aca30b719d4a55e09d259bddbf16995aeb1000880890afbd24d4066b0398985a40999de22ce176348e1c1f57eaf75b92a1e4f1482e89a00ac2cc36b20e36af9ec310599c19a5b1d6f8fadba104c58c801c6633315f82ebfa88faddd0b693e2f827f586c1cc5538e93bcf10f81af6dd7ee727df3b5018c0b4e31e40d040a47503b6ace4d29a1162ce487351825255f5584aff7cbd421f85c3d9fbb3784abd9848f16028b68f0d32ed8bb80106e8cc4acb939ff88bd39976d166b2addebf628b3fcd056da2f60e1b90f7a32702954921908ebccb683622a1f574ceba6951bef5e751c338c8279318dc28e36b9fc2bb17c3ad08aceb00fc388e6db112a738f86a4a1eb11526e1b9d73250b326285ed47c4398d93a3933d9a784249b65ad7d78a1f81d96ef36493ed693045a2150a8eb43cecc0c93e7d20b15b39a0646b081c2923b816365b7fbb41683a41732d942c5aa12faf876ec7f036becde8f3295af6dacff38d076d8e06260fee167703bb610745374a2758a6b88e465ca77d1f3105ae8b6b04a1eb509fb178d6249dbbc84d5d1d069278449a89d03e4a9a395d8170c329a296cfc329798cb9b9f1078d098cf3f989fd4ec53e013fbe917df35292d44fb1f3da4da4432a1847d4721514ade8cda5e5c0b51183580fc35266a970ebba74faeda56d4dcb56df51f96ad237452cedbd0cb2bee112713c3d450835811bf3da9745136d428e148fd0932dc77c8d8e61a16c625241fad8425b4ece394eedd5f165bd94923bfa1172be8edc8a4fcaae5f77ee8cc510192b27964da09c3e84efb4bc7154da1a24da8b7e544b42278d2574687ec76143afa6cf193d52a2a7f4c20ee57b6056a1337d5e408117a6cf1ab49c8980f39597f69902085d3e8d374d44e6ab4ed1185a26be2bc7281e9cfbbeb6bed899aa1924d3faa06d95999fbeaf2337494e0c2c39eef5a73fcde84459a9ea48d4e015d9e5bb5839354967ce02f637bc8678d2595b9a918fc36b927d7501f0ac2e3471ce02b5df355689c87f191ef5390900a41deec29984e45a878ece964b0009aad561316fc3b30ce1b49266d32eb17cd30f3e17e1f59014e8c518940dd0a093d1349c1a7c2581963bbe0ba372b6426e81c33c71b2ec8141c5713e52a37fff0a417a5b259e1420d9fb6a731f5baa0cc494221947895aa8fa14745a986a366bff9d0c239a19f85372497565b5b703da16439019df5f3d29f4247fb528854c9648630f03e9dedde5a08a47728ea6a4d42e62eff6fa3bd402325e0f4387b60171c37c180f958ad80955779c899517e7ea76eed00598e01552eaaf08b723daf9d466e8c57af43a15a46528b1119f5074aa3c51f77357ebe158275bc06b89640d7ce3c0a03af01418d7dc6ae8a1be8ab08c1722d66d1e9277480b8b178447667c024f9b78f8a878a2d7cf8e83e5104f6964b2907a989abafc7d7d0df941abf3d7283b6a11d46c2911a42182ec27ab785d92946e1ee8ef44846d561850d2a98c305c382f36d4cfc9b2bfd3b86ef21a0d187adcafbec8268c7d662a34dda1c83c4967097743133bc8c587edf249f5668c34ddb112fa4eb1bea9c8f6a000f1f34428b54688a5e214a7919868b25dbe930e86a243ecf54afe0b518c647d04873d2cf62cb2ab27f00015537a4fd2ea3dc8777abdf3284622347016566da0b9c406ca8c40694e4013a53fbf2e803d51b0bbe5e9df5fc74f66be618856357ccf803c53ed0e3b3fe79f69f0ede9b565d8f7a8ce5aa8cbb4e8fa61be3fd00ffb07e45065498925c14c0b311942d4ed951ad6237aadb5405bc7b2d79e1fd295b7c2ed8efa883e44c86a5053e2f421c6d4dc0c47d3a05d911db37d6efdb8e50fb3f06139ac147bc7162c21aece79eaf72e9779f19eb5395cec3d15a7594ea70a6b373d98651d2215b210f037ea3f8a57ded74474f6fdb64a08b56af52168da70b30aee03472cd8bee5af04cad7303004a4aba464b99", 0xcb3}], 0x5, &(0x7f0000001480)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @private, @multicast1}}}], 0x20}, 0x0) recvmsg$unix(r2, &(0x7f0000001140)={0x0, 0x0, &(0x7f0000001040)=[{&(0x7f00000015c0)=""/4096, 0x7ffff000}], 0x1}, 0x40000100) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0x10, 0x10, &(0x7f00000002c0)="0000ffffffffa000", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) 488.618732ms ago: executing program 2 (id=1444): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001540), 0x180, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = dup(r2) ioctl$KVM_CAP_VM_COPY_ENC_CONTEXT_FROM(r3, 0x4068aea3, &(0x7f0000000180)={0xc5, 0x0, r1}) 307.760751ms ago: executing program 2 (id=1445): syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000240), 0x25, 0x4b6, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvvW1pKYUWJfFHVBBRNISZdoCGsMKNxhASI3HlAmo7NE1nOk1nirSyKP+DiSSu9E9wYeLChJV7d7pzgwsTVOILfclbzMudmZZSOm3fo8x96Xw+ycm9555hvt/D9J4zPW3nBNC3LkTERkSciIgHETHeuZ50Stxul+xxr189md189WQ2iWbz3n+TVnt2LXb8m8ypznOORMTPfhzxy+TduPW19cWZSqW80qkXG9XlYn1t/epCdWa+PF9eKpWmp6Ynb167UTqyvp6v/vHljxbu/Pwvf/7mi79t/ODXWVpjnbad/ThK7a4PbcfJDEbEnQ8RLAcDnf6cyDsRPpc0Ir4UERez+7+ZdzYAQC80m+PRHN9ZBwCOu7S1Bpakhc5awFikaaHQXsM7F6NppVZvXHlYW12aa6+VTcRQ+nChUp7srBVOxFCS1ada52/qpV31axFxNiJ+M3yyVS/M1ipzeb7xAYA+dmrX/P/RcHv+BwCOuZG8EwAAes78DwD9x/wPAP3H/A8A/cf8DwD9x/wPAP3H/A8AfeWnd+9mpbnZ+fzruUdrq4u1R1fnyvXFQnV1tjBbW1kuzNdq863P7Kke9HyVWm156nqsPi42yvVGsb62fr9aW11q3G99rvf98lBPegUA7Ofs+ef/SCJi49bJVokdezmYq+F4S/NOAMjNQN4JALkZzDsBIDe+xwf22KL3LV1/RejZ0ecC9Mblr1n/h35l/R/6l/V/6F/W/6F/NZuJPf8BoM9Y4wf8/B8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+u7FWSdJCZy/wsUjTQiHidERMxFDycKFSnoyIMxHx9+Gh4aw+lXfSAMB7Sv+ddPb/ujx+aWx364nk4+HWMSJ+9bt7v30802isTGXX/7d9vfGsc72UR/4AwEG25umteXzL61dPZrdKL/N5+cP25qJZ3M1OabcMxmDrOBJDETH6/6RTb8verwwcQfyNpxHx1b36n7TWRiY6O5/ujp/FPt3T+Olb8dNWW/uY/V98+QhygX7zPBt/bu91/6VxoXXc+/4faY1Q729r/Nt8Z/xLt8e/gS7j34XDxrj+1590bXsa8fXBveIn2/GTLvEvHTL+P7/xrYvd2pq/j7gce8ffGavYqC4X62vrVxeqM/Pl+fJSqTQ9NT1589qNUrG1Rl3cWql+139uXTmzX/9Hu8QfOaD/3z1k///wyYNffHuf+N//zt6v/7l94mdz4vcOGX9m9E9dt+/O4s916f9Br/+VQ8Z/8a/1uUM+FADogfra+uJMpVJecdKzk+y92xcgDSe5nWRfAUfxPF/5gKnmPTIBH9qbmz7vTAAAAAAAAAAAAAAAgG568QdPefcRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA4+vTAAAA//+0tdao") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0) pwritev2(r0, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5412, 0x0, 0x0) ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611) sendfile(r0, r0, 0x0, 0x7a680000) 14.37072ms ago: executing program 4 (id=1446): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10) unlink(0x0) 0s ago: executing program 4 (id=1447): r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180), 0x802, 0x0) write$uinput_user_dev(r0, &(0x7f0000000200)={'syz0\x00', {}, 0x0, [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000]}, 0x45c) ioctl$UI_DEV_CREATE(r0, 0x5501) r1 = syz_open_dev$evdev(&(0x7f0000000700), 0x3, 0x0) ioctl$EVIOCSABS2F(r1, 0x401845ef, &(0x7f0000000000)={0x1, 0x6, 0x0, 0xffffc671, 0x10000, 0xf}) kernel console output (not intermixed with test programs): gh-speed USB device number 2 using dummy_hcd [ 28.342489][ T672] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 28.395924][ T296] usb 4-1: USB disconnect, device number 2 [ 28.407488][ T292] F2FS-fs (loop0): access invalid blkaddr:2816 [ 28.413720][ T292] CPU: 0 PID: 292 Comm: syz-executor Not tainted 6.1.124-syzkaller-00114-g2055772eada0 #0 [ 28.423404][ T292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 28.433303][ T292] Call Trace: [ 28.436425][ T292] [ 28.439200][ T292] dump_stack_lvl+0x151/0x1b7 [ 28.443713][ T292] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 28.449012][ T292] ? f2fs_get_next_page_offset+0x770/0x770 [ 28.454648][ T292] dump_stack+0x15/0x18 [ 28.458641][ T292] __f2fs_is_valid_blkaddr+0xda6/0x1450 [ 28.464024][ T292] f2fs_is_valid_blkaddr+0x25/0x30 [ 28.468970][ T292] f2fs_map_blocks+0xd16/0x4340 [ 28.473661][ T292] ? f2fs_map_lock+0x260/0x260 [ 28.478256][ T292] ? xa_load+0x1a1/0x210 [ 28.482334][ T292] ? xas_find_conflict+0x8c0/0x8c0 [ 28.487284][ T292] f2fs_mpage_readpages+0xc65/0x20f0 [ 28.492406][ T292] ? dquot_release_reservation_block+0xa0/0xa0 [ 28.498392][ T292] ? __this_cpu_preempt_check+0x13/0x20 [ 28.503773][ T292] ? memcg_rstat_updated+0x57/0x120 [ 28.508811][ T292] f2fs_readahead+0xfd/0x250 [ 28.513233][ T292] ? blk_start_plug+0x9c/0x130 [ 28.517834][ T292] read_pages+0x1be/0xd40 [ 28.522004][ T292] ? workingset_activation+0x430/0x430 [ 28.527294][ T292] ? folio_add_lru+0x280/0x3f0 [ 28.531905][ T292] ? page_cache_ra_unbounded+0x800/0x800 [ 28.537366][ T292] ? filemap_add_folio+0x18f/0x200 [ 28.542312][ T292] ? __filemap_add_folio+0xdb0/0xdb0 [ 28.547431][ T292] page_cache_ra_unbounded+0x61f/0x800 [ 28.552725][ T292] ? readahead_gfp_mask+0x190/0x190 [ 28.557757][ T292] ? __kernel_text_address+0xd/0x40 [ 28.562793][ T292] ? unwind_get_return_address+0x4d/0x90 [ 28.568263][ T292] page_cache_ra_order+0x987/0xc40 [ 28.573207][ T292] ? do_page_cache_ra+0x110/0x110 [ 28.578066][ T292] ? __stack_depot_save+0x36/0x480 [ 28.583014][ T292] ? putname+0xfa/0x150 [ 28.587006][ T292] ondemand_readahead+0x925/0xef0 [ 28.591867][ T292] ? kasan_set_track+0x4b/0x70 [ 28.596465][ T292] ? kasan_save_free_info+0x2b/0x40 [ 28.601499][ T292] ? ____kasan_slab_free+0x131/0x180 [ 28.606620][ T292] ? do_syscall_64+0x3b/0xb0 [ 28.611047][ T292] ? page_cache_sync_ra+0x450/0x450 [ 28.616081][ T292] ? blk_cgroup_congested+0x132/0x150 [ 28.621289][ T292] page_cache_sync_ra+0x3d6/0x450 [ 28.626148][ T292] f2fs_readdir+0x599/0xc10 [ 28.630492][ T292] ? f2fs_fill_dentries+0xd00/0xd00 [ 28.635521][ T292] ? __this_cpu_preempt_check+0x13/0x20 [ 28.640902][ T292] ? memcg_rstat_updated+0x57/0x120 [ 28.645939][ T292] ? security_file_permission+0x86/0xb0 [ 28.651320][ T292] iterate_dir+0x265/0x600 [ 28.655571][ T292] ? f2fs_fill_dentries+0xd00/0xd00 [ 28.660605][ T292] __se_sys_getdents64+0x1c1/0x460 [ 28.665551][ T292] ? __x64_sys_getdents64+0x90/0x90 [ 28.670587][ T292] ? filldir+0x670/0x670 [ 28.674667][ T292] ? debug_smp_processor_id+0x17/0x20 [ 28.679870][ T292] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 28.685775][ T292] ? exit_to_user_mode_prepare+0x39/0xa0 [ 28.691242][ T292] __x64_sys_getdents64+0x7b/0x90 [ 28.696102][ T292] x64_sys_call+0x5ae/0x9a0 [ 28.700443][ T292] do_syscall_64+0x3b/0xb0 [ 28.704692][ T292] ? clear_bhb_loop+0x55/0xb0 [ 28.709206][ T292] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 28.714946][ T292] RIP: 0033:0x7f26523bf713 [ 28.719193][ T292] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 82 3e f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8 [ 28.738631][ T292] RSP: 002b:00007ffde5372218 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9 [ 28.746875][ T292] RAX: ffffffffffffffda RBX: 000055557fb0f4e0 RCX: 00007f26523bf713 [ 28.754725][ T292] RDX: 0000000000008000 RSI: 000055557fb0f4e0 RDI: 0000000000000005 [ 28.762497][ T292] RBP: 000055557fb0f4b4 R08: 0000000000000000 R09: 0000000000000000 [ 28.770310][ T292] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffa8 [ 28.778120][ T292] R13: 0000000000000010 R14: 000055557fb0f4b0 R15: 00007ffde53744d0 [ 28.785933][ T292] [ 28.791497][ T292] F2FS-fs (loop0): access invalid blkaddr:2816 [ 28.797586][ T292] CPU: 0 PID: 292 Comm: syz-executor Not tainted 6.1.124-syzkaller-00114-g2055772eada0 #0 [ 28.807187][ T292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 28.817089][ T292] Call Trace: [ 28.820216][ T292] [ 28.822992][ T292] dump_stack_lvl+0x151/0x1b7 [ 28.827499][ T292] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 28.832791][ T292] ? f2fs_get_next_page_offset+0x770/0x770 [ 28.835359][ T709] loop1: detected capacity change from 0 to 128 [ 28.838433][ T292] dump_stack+0x15/0x18 [ 28.838456][ T292] __f2fs_is_valid_blkaddr+0xda6/0x1450 [ 28.838476][ T292] f2fs_is_valid_blkaddr+0x25/0x30 [ 28.858833][ T292] f2fs_map_blocks+0xd16/0x4340 [ 28.863612][ T292] ? f2fs_map_lock+0x260/0x260 [ 28.868200][ T292] ? xa_load+0x1a1/0x210 [ 28.872278][ T292] ? xas_find_conflict+0x8c0/0x8c0 [ 28.877242][ T292] ? folio_unlock+0x5c/0x70 [ 28.881567][ T292] f2fs_mpage_readpages+0xc65/0x20f0 [ 28.886692][ T292] ? dquot_release_reservation_block+0xa0/0xa0 [ 28.892675][ T292] ? __this_cpu_preempt_check+0x13/0x20 [ 28.898055][ T292] ? memcg_rstat_updated+0x57/0x120 [ 28.903091][ T292] f2fs_readahead+0xfd/0x250 [ 28.907517][ T292] ? blk_start_plug+0x9c/0x130 [ 28.912115][ T292] read_pages+0x1be/0xd40 [ 28.916281][ T292] ? workingset_activation+0x430/0x430 [ 28.921578][ T292] ? folio_add_lru+0x280/0x3f0 [ 28.926182][ T292] ? page_cache_ra_unbounded+0x800/0x800 [ 28.931640][ T292] ? filemap_add_folio+0x18f/0x200 [ 28.936592][ T292] ? __filemap_add_folio+0xdb0/0xdb0 [ 28.941718][ T292] page_cache_ra_unbounded+0x61f/0x800 [ 28.947006][ T292] ? readahead_gfp_mask+0x190/0x190 [ 28.952037][ T292] ? __kernel_text_address+0xd/0x40 [ 28.957075][ T292] ? unwind_get_return_address+0x4d/0x90 [ 28.962542][ T292] page_cache_ra_order+0x987/0xc40 [ 28.967492][ T292] ? do_page_cache_ra+0x110/0x110 [ 28.972347][ T292] ? __stack_depot_save+0x36/0x480 [ 28.977295][ T292] ? putname+0xfa/0x150 [ 28.981289][ T292] ondemand_readahead+0x925/0xef0 [ 28.986145][ T292] ? kasan_set_track+0x4b/0x70 [ 28.990746][ T292] ? kasan_save_free_info+0x2b/0x40 [ 28.995781][ T292] ? ____kasan_slab_free+0x131/0x180 [ 29.000903][ T292] ? do_syscall_64+0x3b/0xb0 [ 29.005331][ T292] ? page_cache_sync_ra+0x450/0x450 [ 29.010363][ T292] ? blk_cgroup_congested+0x132/0x150 [ 29.015719][ T292] page_cache_sync_ra+0x3d6/0x450 [ 29.020573][ T292] f2fs_readdir+0x599/0xc10 [ 29.024913][ T292] ? f2fs_fill_dentries+0xd00/0xd00 [ 29.029945][ T292] ? __this_cpu_preempt_check+0x13/0x20 [ 29.035322][ T292] ? memcg_rstat_updated+0x57/0x120 [ 29.040359][ T292] ? security_file_permission+0x86/0xb0 [ 29.045740][ T292] iterate_dir+0x265/0x600 [ 29.050007][ T292] ? f2fs_fill_dentries+0xd00/0xd00 [ 29.055122][ T292] __se_sys_getdents64+0x1c1/0x460 [ 29.060082][ T292] ? __x64_sys_getdents64+0x90/0x90 [ 29.065102][ T292] ? filldir+0x670/0x670 [ 29.069181][ T292] ? debug_smp_processor_id+0x17/0x20 [ 29.074385][ T292] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 29.080287][ T292] ? exit_to_user_mode_prepare+0x39/0xa0 [ 29.085755][ T292] __x64_sys_getdents64+0x7b/0x90 [ 29.090617][ T292] x64_sys_call+0x5ae/0x9a0 [ 29.094960][ T292] do_syscall_64+0x3b/0xb0 [ 29.099207][ T292] ? clear_bhb_loop+0x55/0xb0 [ 29.103730][ T292] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 29.109449][ T292] RIP: 0033:0x7f26523bf713 [ 29.113702][ T292] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 82 3e f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8 [ 29.133155][ T292] RSP: 002b:00007ffde5372218 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9 [ 29.141407][ T292] RAX: ffffffffffffffda RBX: 000055557fb0f4e0 RCX: 00007f26523bf713 [ 29.149198][ T292] RDX: 0000000000008000 RSI: 000055557fb0f4e0 RDI: 0000000000000005 [ 29.157011][ T292] RBP: 000055557fb0f4b4 R08: 0000000000000000 R09: 0000000000000000 [ 29.164821][ T292] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffa8 [ 29.172806][ T292] R13: 0000000000000010 R14: 000055557fb0f4b0 R15: 00007ffde53744d0 [ 29.180623][ T292] [ 29.187146][ T709] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 29.198867][ T292] syz-executor: attempt to access beyond end of device [ 29.198867][ T292] loop0: rw=0, sector=45064, nr_sectors = 8 limit=40427 [ 29.211550][ T714] syzkaller0: tun_chr_ioctl cmd 1074812117 [ 29.216370][ T19] usb 3-1: Using ep0 maxpacket: 16 [ 29.239838][ T10] kworker/u4:1: attempt to access beyond end of device [ 29.239838][ T10] loop0: rw=2049, sector=40960, nr_sectors = 24 limit=40427 [ 29.248048][ T19] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 29.264572][ T19] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 29.275112][ T19] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 29.288195][ T19] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 29.297248][ T19] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 29.312680][ T19] usb 3-1: config 0 descriptor?? [ 29.320214][ T718] loop4: detected capacity change from 0 to 128 [ 29.354055][ T718] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 29.363014][ T718] ext4 filesystem being mounted at /27/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 29.399668][ T295] EXT4-fs (loop4): unmounting filesystem. [ 29.517733][ T736] loop3: detected capacity change from 0 to 512 [ 29.555268][ T738] loop4: detected capacity change from 0 to 256 [ 29.564370][ T736] EXT4-fs: Ignoring removed oldalloc option [ 29.589276][ T736] EXT4-fs error (device loop3): ext4_xattr_inode_iget:400: comm syz.3.180: Parent and EA inode have the same ino 15 [ 29.617360][ T736] EXT4-fs (loop3): Remounting filesystem read-only [ 29.623803][ T736] EXT4-fs error (device loop3): ext4_xattr_inode_iget:400: comm syz.3.180: Parent and EA inode have the same ino 15 [ 29.636666][ T736] EXT4-fs (loop3): Remounting filesystem read-only [ 29.643162][ T736] EXT4-fs (loop3): 1 orphan inode deleted [ 29.650914][ T736] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 29.668523][ T290] EXT4-fs (loop3): unmounting filesystem. [ 29.709300][ T739] bridge0: port 1(bridge_slave_0) entered blocking state [ 29.732499][ T19] microsoft 0003:045E:07DA.0002: ignoring exceeding usage max [ 29.749244][ T19] input: HID 045e:07da as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:045E:07DA.0002/input/input7 [ 29.760403][ T739] bridge0: port 1(bridge_slave_0) entered disabled state [ 29.760855][ T739] device bridge_slave_0 entered promiscuous mode [ 29.784961][ T404] device gretap0 left promiscuous mode [ 29.790467][ T404] bridge0: port 3(gretap0) entered disabled state [ 29.806182][ T739] bridge0: port 2(bridge_slave_1) entered blocking state [ 29.813409][ T739] bridge0: port 2(bridge_slave_1) entered disabled state [ 29.821422][ T739] device bridge_slave_1 entered promiscuous mode [ 29.841507][ T19] microsoft 0003:045E:07DA.0002: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0 [ 29.910617][ T772] loop4: detected capacity change from 0 to 16 [ 29.918393][ T772] erofs: (device loop4): mounted with root inode @ nid 36. [ 29.969980][ T404] device bridge_slave_1 left promiscuous mode [ 29.972610][ T312] usb 3-1: USB disconnect, device number 2 [ 29.975931][ T404] bridge0: port 2(bridge_slave_1) entered disabled state [ 29.989328][ T404] device bridge_slave_0 left promiscuous mode [ 29.997132][ T404] bridge0: port 1(bridge_slave_0) entered disabled state [ 30.010873][ T404] device veth1_macvtap left promiscuous mode [ 30.023888][ T404] device veth0_vlan left promiscuous mode [ 30.142823][ T787] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 30.144795][ T739] bridge0: port 2(bridge_slave_1) entered blocking state [ 30.153049][ T787] FAT-fs (loop3): unable to read boot sector [ 30.158664][ T739] bridge0: port 2(bridge_slave_1) entered forwarding state [ 30.158756][ T739] bridge0: port 1(bridge_slave_0) entered blocking state [ 30.178372][ T739] bridge0: port 1(bridge_slave_0) entered forwarding state [ 30.219009][ T719] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 30.230456][ T719] bridge0: port 1(bridge_slave_0) entered disabled state [ 30.237733][ T719] bridge0: port 2(bridge_slave_1) entered disabled state [ 30.258477][ T719] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 30.266884][ T719] bridge0: port 1(bridge_slave_0) entered blocking state [ 30.273752][ T719] bridge0: port 1(bridge_slave_0) entered forwarding state [ 30.282147][ T719] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 30.284620][ T799] loop4: detected capacity change from 0 to 2048 [ 30.290869][ T719] bridge0: port 2(bridge_slave_1) entered blocking state [ 30.303121][ T719] bridge0: port 2(bridge_slave_1) entered forwarding state [ 30.310471][ T719] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 30.318708][ T719] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 30.328446][ T799] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 30.336730][ T739] device veth0_vlan entered promiscuous mode [ 30.342923][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 30.351451][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 30.358164][ T799] process 'syz.4.201' launched './file2' with NULL argv: empty string added [ 30.360004][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 30.375925][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 30.383989][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 30.391059][ T295] EXT4-fs (loop4): unmounting filesystem. [ 30.391748][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 30.410403][ T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 30.422895][ T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 30.432075][ T739] device veth1_macvtap entered promiscuous mode [ 30.459152][ T322] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 30.471104][ T322] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 30.479273][ T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 30.497070][ T719] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 30.505698][ T719] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 30.528554][ T813] netlink: 24 bytes leftover after parsing attributes in process `syz.2.206'. [ 30.564028][ T819] loop5: detected capacity change from 0 to 512 [ 30.571304][ T819] EXT4-fs (loop5): Test dummy encryption mode enabled [ 30.577914][ T819] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 30.590913][ T819] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 30.601147][ T819] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00cc018, mo2=0002] [ 30.609292][ T819] System zones: 1-12 [ 30.613769][ T819] EXT4-fs (loop5): 1 truncate cleaned up [ 30.619293][ T819] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 30.646641][ T819] fscrypt: AES-256-XTS using implementation "xts-aes-aesni" [ 30.659246][ T739] EXT4-fs (loop5): unmounting filesystem. [ 30.826425][ T784] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 30.895210][ T847] input: syz1 as /devices/virtual/input/input8 [ 30.939712][ T853] loop3: detected capacity change from 0 to 1024 [ 30.946205][ T853] EXT4-fs: Ignoring removed nobh option [ 30.951891][ T853] EXT4-fs: Ignoring removed bh option [ 30.957512][ T853] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 30.977658][ T853] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 30.996898][ T28] kauditd_printk_skb: 49 callbacks suppressed [ 30.996907][ T28] audit: type=1400 audit(2000000006.749:240): avc: denied { ioctl } for pid=851 comm="syz.3.222" path="/52/file1/file1" dev="loop3" ino=15 ioctlcmd=0x660b scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 31.028820][ T290] EXT4-fs (loop3): unmounting filesystem. [ 31.038224][ T784] usb 5-1: Using ep0 maxpacket: 32 [ 31.044401][ T857] loop3: detected capacity change from 0 to 256 [ 31.047274][ T784] usb 5-1: config 0 has an invalid interface number: 99 but max is 0 [ 31.061263][ T784] usb 5-1: config 0 has no interface number 0 [ 31.065473][ T857] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x20261ffc, utbl_chksum : 0xe619d30d) [ 31.067585][ T784] usb 5-1: config 0 interface 99 altsetting 0 endpoint 0x9 has invalid maxpacket 1024, setting to 64 [ 31.093391][ T859] loop1: detected capacity change from 0 to 512 [ 31.093783][ T784] usb 5-1: config 0 interface 99 altsetting 0 bulk endpoint 0xB has invalid maxpacket 8 [ 31.103093][ T859] EXT4-fs: Ignoring removed nobh option [ 31.112100][ T784] usb 5-1: config 0 interface 99 altsetting 0 endpoint 0x6 has an invalid bInterval 251, changing to 11 [ 31.130002][ T784] usb 5-1: New USB device found, idVendor=0763, idProduct=1002, bcdDevice=f3.fe [ 31.138926][ T28] audit: type=1400 audit(2000000006.879:241): avc: denied { connect } for pid=861 comm="syz.3.226" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 31.159851][ T859] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2 [ 31.167882][ T859] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.225: invalid indirect mapped block 2683928664 (level 1) [ 31.169484][ T28] audit: type=1400 audit(2000000006.879:242): avc: denied { write } for pid=861 comm="syz.3.226" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 31.186424][ T784] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 31.201714][ T296] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 31.218395][ T859] EXT4-fs (loop1): Remounting filesystem read-only [ 31.221126][ T784] usb 5-1: Product: syz [ 31.224887][ T859] EXT4-fs (loop1): 1 truncate cleaned up [ 31.229073][ T784] usb 5-1: Manufacturer: syz [ 31.235564][ T859] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 31.247570][ T784] usb 5-1: SerialNumber: syz [ 31.275400][ T784] usb 5-1: config 0 descriptor?? [ 31.282402][ T859] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:477: comm syz.1.225: Invalid block bitmap block 3 in block_group 0 [ 31.297870][ T821] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 31.305872][ T859] EXT4-fs (loop1): Remounting filesystem read-only [ 31.312358][ T859] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6170: Corrupt filesystem [ 31.323948][ T28] audit: type=1400 audit(2000000007.079:243): avc: denied { mounton } for pid=872 comm="syz.3.231" path="/59/file0" dev="tmpfs" ino=327 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 31.324096][ T321] udevd[321]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.99/sound/card0/controlC0/../uevent} for writing: No such file or directory [ 31.350559][ T859] EXT4-fs (loop1): Remounting filesystem read-only [ 31.374015][ T859] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.225: invalid indirect mapped block 480848489 (level 1) [ 31.386001][ T28] audit: type=1400 audit(2000000007.129:244): avc: denied { unmount } for pid=874 comm="syz.3.232" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 31.396399][ T296] usb 6-1: Using ep0 maxpacket: 16 [ 31.415361][ T877] netlink: 100 bytes leftover after parsing attributes in process `syz.3.233'. [ 31.419377][ T28] audit: type=1400 audit(2000000007.159:245): avc: denied { write } for pid=876 comm="syz.3.233" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 31.427390][ T296] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 31.445288][ T879] loop2: detected capacity change from 0 to 256 [ 31.461299][ T859] EXT4-fs (loop1): Remounting filesystem read-only [ 31.461310][ T28] audit: type=1400 audit(2000000007.159:246): avc: denied { nlmsg_write } for pid=876 comm="syz.3.233" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 31.468032][ T879] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 31.491669][ T296] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 31.528784][ T28] audit: type=1400 audit(2000000007.279:247): avc: denied { watch watch_reads } for pid=880 comm="syz.3.235" path="/62/file0" dev="tmpfs" ino=343 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 31.536408][ T296] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00 [ 31.553185][ T28] audit: type=1400 audit(2000000007.309:248): avc: denied { remove_name } for pid=84 comm="syslogd" name="messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 31.583496][ T28] audit: type=1400 audit(2000000007.309:249): avc: denied { rename } for pid=84 comm="syslogd" name="messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 31.596376][ T296] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 31.618675][ T294] EXT4-fs (loop1): unmounting filesystem. [ 31.625335][ T296] usb 6-1: config 0 descriptor?? [ 31.700090][ T6] usb 5-1: USB disconnect, device number 3 [ 31.707714][ T885] loop1: detected capacity change from 0 to 256 [ 31.723552][ T887] loop2: detected capacity change from 0 to 1024 [ 31.733502][ T889] loop3: detected capacity change from 0 to 512 [ 31.740014][ T885] exfat: Deprecated parameter 'namecase' [ 31.744366][ T889] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 31.753882][ T885] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d) [ 31.770478][ T887] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 31.781411][ T887] ext4 filesystem being mounted at /29/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 31.781700][ T889] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 31.800622][ T889] ext4 filesystem being mounted at /64/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 31.832599][ T291] EXT4-fs (loop2): unmounting filesystem. [ 31.895909][ T290] EXT4-fs (loop3): unmounting filesystem. [ 31.959545][ T905] loop3: detected capacity change from 0 to 512 [ 31.982055][ T911] tap0: tun_chr_ioctl cmd 2147767521 [ 31.987645][ T905] EXT4-fs: Ignoring removed mblk_io_submit option [ 31.995590][ T905] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 32.008044][ T905] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2186: inode #15: comm syz.3.243: corrupted in-inode xattr [ 32.020093][ T905] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.243: couldn't read orphan inode 15 (err -117) [ 32.020729][ T895] loop1: detected capacity change from 0 to 40427 [ 32.034212][ T296] pyra 0003:1E7D:2CF6.0003: unknown main item tag 0x0 [ 32.043295][ T905] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 32.045466][ T296] pyra 0003:1E7D:2CF6.0003: item fetching failed at offset 6/7 [ 32.061754][ T296] pyra 0003:1E7D:2CF6.0003: parse failed [ 32.067400][ T296] pyra: probe of 0003:1E7D:2CF6.0003 failed with error -22 [ 32.100011][ T290] EXT4-fs (loop3): unmounting filesystem. [ 32.107279][ T895] F2FS-fs (loop1): Found nat_bits in checkpoint [ 32.136783][ T919] kvm: apic: phys broadcast and lowest prio [ 32.153828][ T924] netlink: 44 bytes leftover after parsing attributes in process `syz.3.252'. [ 32.162685][ T924] netlink: 8 bytes leftover after parsing attributes in process `syz.3.252'. [ 32.172340][ T895] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 32.271701][ T294] syz-executor: attempt to access beyond end of device [ 32.271701][ T294] loop1: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 32.353946][ T312] usb 6-1: USB disconnect, device number 2 [ 32.526599][ T931] capability: warning: `syz.2.255' uses deprecated v2 capabilities in a way that may be insecure [ 32.750985][ T955] loop2: detected capacity change from 0 to 40427 [ 32.762960][ T955] F2FS-fs (loop2): heap/no_heap options were deprecated [ 32.781781][ T955] F2FS-fs (loop2): invalid crc value [ 32.803348][ T955] F2FS-fs (loop2): Found nat_bits in checkpoint [ 32.836425][ T927] loop3: detected capacity change from 0 to 131072 [ 32.864354][ T927] F2FS-fs (loop3): invalid crc value [ 32.871256][ T955] F2FS-fs (loop2): Start checkpoint disabled! [ 32.878748][ T927] F2FS-fs (loop3): Found nat_bits in checkpoint [ 32.891622][ T955] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6 [ 32.940892][ T959] loop1: detected capacity change from 0 to 40427 [ 32.948974][ T927] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4 [ 32.960455][ T968] loop5: detected capacity change from 0 to 2048 [ 32.967383][ T959] F2FS-fs (loop1): invalid crc value [ 32.991904][ T959] F2FS-fs (loop1): Found nat_bits in checkpoint [ 33.019352][ T968] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 33.031225][ T968] ext4 filesystem being mounted at /9/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 33.042264][ T43] kworker/u4:2: attempt to access beyond end of device [ 33.042264][ T43] loop2: rw=2049, sector=40960, nr_sectors = 24 limit=40427 [ 33.071115][ T739] EXT4-fs (loop5): unmounting filesystem. [ 33.087110][ T959] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 33.149864][ T970] f2fs_ckpt-7:1: attempt to access beyond end of device [ 33.149864][ T970] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 33.287743][ T991] xt_bpf: check failed: parse error [ 33.393133][ T1006] loop4: detected capacity change from 0 to 16 [ 33.409688][ T1006] erofs: (device loop4): mounted with root inode @ nid 36. [ 33.446085][ T1013] netlink: 'syz.5.287': attribute type 2 has an invalid length. [ 33.466402][ T1013] netlink: 'syz.5.287': attribute type 1 has an invalid length. [ 33.469237][ T1018] netlink: 12 bytes leftover after parsing attributes in process `syz.2.290'. [ 33.485273][ T1020] input: syz1 as /devices/virtual/input/input9 [ 33.515008][ T1024] input: syz0 as /devices/virtual/input/input10 [ 33.612006][ T1037] pim6reg0: tun_chr_ioctl cmd 35108 [ 33.787097][ T1047] netlink: 8 bytes leftover after parsing attributes in process `syz.4.302'. [ 33.819896][ T1026] loop5: detected capacity change from 0 to 40427 [ 33.826980][ T1026] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12 [ 33.835145][ T1051] loop3: detected capacity change from 0 to 256 [ 33.841600][ T1051] exfat: Bad value for 'uid' [ 33.851592][ T1026] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 33.877893][ T764] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 33.907360][ T1026] F2FS-fs (loop5): Found nat_bits in checkpoint [ 33.914740][ T1066] loop1: detected capacity change from 0 to 512 [ 33.982235][ T1066] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 33.994611][ T1080] loop2: detected capacity change from 0 to 128 [ 33.996902][ T1066] ext4 filesystem being mounted at /61/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 34.018481][ T1026] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0 [ 34.025779][ T1026] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 34.071876][ T294] EXT4-fs (loop1): unmounting filesystem. [ 34.107608][ T1089] netlink: 28 bytes leftover after parsing attributes in process `syz.3.322'. [ 34.185162][ T739] syz-executor: attempt to access beyond end of device [ 34.185162][ T739] loop5: rw=2049, sector=40960, nr_sectors = 8 limit=40427 [ 34.318919][ T1124] loop2: detected capacity change from 0 to 512 [ 34.381756][ T1124] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 34.404868][ T1124] ext4 filesystem being mounted at /61/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 34.459482][ T1137] loop4: detected capacity change from 0 to 512 [ 34.474612][ T1137] EXT4-fs error (device loop4): ext4_orphan_get:1400: inode #15: comm syz.4.341: casefold flag without casefold feature [ 34.480433][ T1119] loop3: detected capacity change from 0 to 40427 [ 34.487847][ T1137] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.341: couldn't read orphan inode 15 (err -117) [ 34.505459][ T1137] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 34.515656][ T1119] F2FS-fs (loop3): Invalid Fs Meta Ino: node(1) meta(2) root(0) [ 34.532359][ T1119] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 34.536406][ T6] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 34.540896][ T1119] F2FS-fs (loop3): fault_injection options not supported [ 34.555972][ T291] EXT4-fs (loop2): unmounting filesystem. [ 34.569005][ T1119] F2FS-fs (loop3): invalid crc value [ 34.583537][ T295] EXT4-fs (loop4): unmounting filesystem. [ 34.590339][ T1119] F2FS-fs (loop3): Found nat_bits in checkpoint [ 34.633274][ T1119] F2FS-fs (loop3): Start checkpoint disabled! [ 34.640330][ T1119] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 34.647245][ T1119] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6 [ 34.673006][ T1153] loop2: detected capacity change from 0 to 2048 [ 34.699462][ T1155] tmpfs: Unknown parameter 'measure' [ 34.715646][ T1119] syz.3.333: attempt to access beyond end of device [ 34.715646][ T1119] loop3: rw=2049, sector=53248, nr_sectors = 16 limit=40427 [ 34.715673][ T1153] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 34.730735][ T1119] syz.3.333: attempt to access beyond end of device [ 34.730735][ T1119] loop3: rw=2049, sector=53256, nr_sectors = 8 limit=40427 [ 34.738964][ T6] usb 2-1: New USB device found, idVendor=077b, idProduct=2226, bcdDevice=ca.8b [ 34.768428][ T1153] EXT4-fs error (device loop2): ext4_init_orphan_info:586: comm syz.2.346: inode #0: comm syz.2.346: iget: illegal inode # [ 34.783278][ T1153] EXT4-fs (loop2): get orphan inode failed [ 34.789568][ T1153] EXT4-fs (loop2): mount failed [ 34.795251][ T719] kworker/u4:5: attempt to access beyond end of device [ 34.795251][ T719] loop3: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 34.814583][ T6] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 34.852174][ T6] usb 2-1: config 0 descriptor?? [ 34.978967][ T1182] netlink: 12 bytes leftover after parsing attributes in process `syz.4.359'. [ 34.988529][ T1184] binder: 1183:1184 ioctl c018620b 20000400 returned -14 [ 35.008944][ T1182] netlink: 12 bytes leftover after parsing attributes in process `syz.4.359'. [ 35.042852][ T1192] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2 [ 35.045783][ T1194] loop5: detected capacity change from 0 to 512 [ 35.064302][ T1196] input input11: cannot allocate more than FF_MAX_EFFECTS effects [ 35.090794][ T1194] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 35.106244][ T1194] ext4 filesystem being mounted at /28/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 35.144885][ T739] EXT4-fs (loop5): unmounting filesystem. [ 35.175848][ T1214] loop2: detected capacity change from 0 to 128 [ 35.191741][ T1216] loop4: detected capacity change from 0 to 256 [ 35.235247][ T1216] FAT-fs (loop4): Directory bread(block 64) failed [ 35.241995][ T1216] FAT-fs (loop4): Directory bread(block 65) failed [ 35.248842][ T1216] FAT-fs (loop4): Directory bread(block 66) failed [ 35.257827][ T1216] FAT-fs (loop4): Directory bread(block 67) failed [ 35.264303][ T1216] FAT-fs (loop4): Directory bread(block 68) failed [ 35.271259][ T1216] FAT-fs (loop4): Directory bread(block 69) failed [ 35.277931][ T1216] FAT-fs (loop4): Directory bread(block 70) failed [ 35.284320][ T1216] FAT-fs (loop4): Directory bread(block 71) failed [ 35.290859][ T1216] FAT-fs (loop4): Directory bread(block 72) failed [ 35.297397][ T1216] FAT-fs (loop4): Directory bread(block 73) failed [ 35.374093][ T1229] sch_tbf: burst 4 is lower than device lo mtu (65550) ! [ 35.481260][ T1246] netlink: 16 bytes leftover after parsing attributes in process `syz.2.388'. [ 35.665246][ T6] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 35.675863][ T6] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to write RX_CTL mode to 0x0080: ffffffb9 [ 35.687955][ T6] asix: probe of 2-1:0.0 failed with error -71 [ 35.697168][ T6] usb 2-1: USB disconnect, device number 2 [ 35.713626][ T1270] loop5: detected capacity change from 0 to 128 [ 35.762357][ T1276] loop5: detected capacity change from 0 to 2048 [ 35.778662][ T1276] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 35.803047][ T739] EXT4-fs (loop5): unmounting filesystem. [ 35.856501][ T317] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 36.037618][ T317] usb 3-1: config 220 has an invalid interface number: 76 but max is 2 [ 36.051480][ T317] usb 3-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 36.066485][ T317] usb 3-1: config 220 has no interface number 2 [ 36.072656][ T317] usb 3-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 36.085640][ T317] usb 3-1: config 220 interface 0 has no altsetting 0 [ 36.092391][ T317] usb 3-1: config 220 interface 76 has no altsetting 0 [ 36.104997][ T317] usb 3-1: config 220 interface 1 has no altsetting 0 [ 36.118910][ T317] usb 3-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 36.134416][ T317] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 36.149071][ T317] usb 3-1: Product: syz [ 36.163229][ T317] usb 3-1: Manufacturer: syz [ 36.168153][ T317] usb 3-1: SerialNumber: syz [ 36.190548][ T1297] loop3: detected capacity change from 0 to 16 [ 36.202488][ T1297] erofs: (device loop3): erofs_superblock_csum_verify: invalid checksum 0xc98ea669, 0xa48ae4e5 expected [ 36.242968][ T28] kauditd_printk_skb: 26 callbacks suppressed [ 36.242983][ T28] audit: type=1400 audit(2000000011.989:276): avc: denied { read } for pid=1300 comm="syz.1.411" name="usbmon7" dev="devtmpfs" ino=176 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 36.275076][ T28] audit: type=1400 audit(2000000012.029:277): avc: denied { open } for pid=1300 comm="syz.1.411" path="/dev/usbmon7" dev="devtmpfs" ino=176 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 36.343005][ T1304] loop3: detected capacity change from 0 to 256 [ 36.359153][ T1304] FAT-fs (loop3): Directory bread(block 64) failed [ 36.371116][ T1304] FAT-fs (loop3): Directory bread(block 65) failed [ 36.382083][ T1304] FAT-fs (loop3): Directory bread(block 66) failed [ 36.391444][ T1304] FAT-fs (loop3): Directory bread(block 67) failed [ 36.393524][ T317] usb 3-1: Found Unit with invalid ID 0. [ 36.400249][ T1304] FAT-fs (loop3): Directory bread(block 68) failed [ 36.410184][ T1304] FAT-fs (loop3): Directory bread(block 69) failed [ 36.411505][ T317] usb 3-1: USB disconnect, device number 3 [ 36.435362][ T1304] FAT-fs (loop3): Directory bread(block 70) failed [ 36.442049][ T1304] FAT-fs (loop3): Directory bread(block 71) failed [ 36.449133][ T1304] FAT-fs (loop3): Directory bread(block 72) failed [ 36.457308][ T1304] FAT-fs (loop3): Directory bread(block 73) failed [ 36.528420][ T1312] loop1: detected capacity change from 0 to 1024 [ 36.535805][ T1312] EXT4-fs: Ignoring removed nobh option [ 36.549470][ T1312] EXT4-fs: Ignoring removed nobh option [ 36.591948][ T1312] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 36.616784][ T294] EXT4-fs (loop1): unmounting filesystem. [ 36.666539][ T28] audit: type=1400 audit(2000000012.419:278): avc: denied { connect } for pid=1318 comm="syz.4.418" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 36.709132][ T1319] loop5: detected capacity change from 0 to 128 [ 36.727699][ T28] audit: type=1400 audit(2000000012.439:279): avc: denied { listen } for pid=1318 comm="syz.4.418" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 36.746990][ T1330] tap0: tun_chr_ioctl cmd 2148553947 [ 36.762763][ T1319] EXT4-fs (loop5): Test dummy encryption mode enabled [ 36.769866][ T28] audit: type=1400 audit(2000000012.439:280): avc: denied { accept } for pid=1318 comm="syz.4.418" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 36.789592][ T28] audit: type=1400 audit(2000000012.439:281): avc: denied { name_bind } for pid=1325 comm="syz.3.421" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 36.793415][ T1319] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 36.822807][ T1319] ext4 filesystem being mounted at /43/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 36.833542][ T28] audit: type=1400 audit(2000000012.439:282): avc: denied { node_bind } for pid=1325 comm="syz.3.421" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1 [ 36.854229][ T28] audit: type=1400 audit(2000000012.589:283): avc: denied { bind } for pid=1336 comm="syz.4.426" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 36.886133][ T28] audit: type=1400 audit(2000000012.589:284): avc: denied { node_bind } for pid=1336 comm="syz.4.426" saddr=fec0:ffff::1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1 [ 36.922423][ T739] EXT4-fs (loop5): unmounting filesystem. [ 36.952746][ T1355] loop4: detected capacity change from 0 to 256 [ 36.956091][ T1353] loop2: detected capacity change from 0 to 512 [ 36.974031][ T1355] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 36.978017][ T1351] loop5: detected capacity change from 0 to 256 [ 36.998646][ T1360] loop3: detected capacity change from 0 to 128 [ 37.006645][ T1353] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 37.019157][ T1351] exFAT-fs (loop5): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 37.038680][ T1360] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 37.047949][ T1360] ext4 filesystem being mounted at /101/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 37.071217][ T28] audit: type=1400 audit(2000000012.819:285): avc: denied { nlmsg_read } for pid=1361 comm="syz.1.438" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 37.082282][ T1353] EXT4-fs (loop2): 1 truncate cleaned up [ 37.097840][ T1353] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 37.118987][ T1360] fscrypt (loop3, inode 12): Can't use IV_INO_LBLK_64 policy with contents mode other than AES-256-XTS [ 37.158132][ T290] EXT4-fs (loop3): unmounting filesystem. [ 37.165414][ T291] EXT4-fs (loop2): unmounting filesystem. [ 37.222088][ T1376] loop1: detected capacity change from 0 to 2048 [ 37.254976][ T1392] loop5: detected capacity change from 0 to 512 [ 37.262734][ T1392] EXT4-fs: Ignoring removed mblk_io_submit option [ 37.274060][ T317] hid-generic 0000:0000:0000.0004: unknown main item tag 0x3 [ 37.282015][ T317] hid-generic 0000:0000:0000.0004: unknown main item tag 0xd [ 37.289517][ T317] hid-generic 0000:0000:0000.0004: unknown main item tag 0xe [ 37.297018][ T1392] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem [ 37.305357][ T317] hid-generic 0000:0000:0000.0004: item fetching failed at offset 25/83 [ 37.314555][ T317] hid-generic: probe of 0000:0000:0000.0004 failed with error -22 [ 37.322800][ T1392] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e002c118, mo2=0002] [ 37.331984][ T1402] devpts: called with bogus options [ 37.337134][ T1392] System zones: 1-12 [ 37.341465][ T1392] EXT4-fs error (device loop5): ext4_xattr_ibody_find:2186: inode #15: comm syz.5.452: corrupted in-inode xattr [ 37.366620][ T1392] EXT4-fs error (device loop5): ext4_orphan_get:1405: comm syz.5.452: couldn't read orphan inode 15 (err -117) [ 37.378931][ T102] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 37.388098][ T1392] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 37.395769][ T102] Buffer I/O error on dev loop1, logical block 0, async page read [ 37.414409][ T102] loop1: unable to read partition table [ 37.420311][ T102] loop1: partition table beyond EOD, truncated [ 37.420505][ T739] EXT4-fs (loop5): unmounting filesystem. [ 37.457662][ T1408] loop1: detected capacity change from 0 to 512 [ 37.470540][ T1410] loop4: detected capacity change from 0 to 256 [ 37.489377][ T1408] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 37.505757][ T1414] input: syz1 as /devices/virtual/input/input12 [ 37.509223][ T1410] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x20261ffc, utbl_chksum : 0xe619d30d) [ 37.517723][ T1404] syz.2.451 (1404) used greatest stack depth: 20528 bytes left [ 37.531302][ T1413] loop3: detected capacity change from 0 to 2048 [ 37.559527][ T1408] EXT4-fs error (device loop1): ext4_orphan_get:1426: comm syz.1.457: bad orphan inode 131083 [ 37.587704][ T1413] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 37.617640][ T1413] EXT4-fs (loop3): shut down requested (2) [ 37.626067][ T1408] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 37.639080][ T1425] netlink: 44 bytes leftover after parsing attributes in process `syz.4.463'. [ 37.655089][ T1425] netlink: 8 bytes leftover after parsing attributes in process `syz.4.463'. [ 37.656357][ T1413] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop3 ino=15 [ 37.682919][ T1429] loop5: detected capacity change from 0 to 512 [ 37.693176][ T1429] EXT4-fs: Ignoring removed mblk_io_submit option [ 37.705333][ T1431] loop4: detected capacity change from 0 to 1024 [ 37.714824][ T294] EXT4-fs (loop1): unmounting filesystem. [ 37.718321][ T1431] EXT4-fs: Ignoring removed nobh option [ 37.725844][ T1429] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 37.726506][ T1431] EXT4-fs: Ignoring removed bh option [ 37.735587][ T1413] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop3 ino=15 [ 37.754758][ T1431] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 37.767790][ T1429] EXT4-fs error (device loop5): ext4_xattr_ibody_find:2186: inode #15: comm syz.5.466: corrupted in-inode xattr [ 37.791605][ T290] EXT4-fs (loop3): unmounting filesystem. [ 37.793448][ T1429] EXT4-fs error (device loop5): ext4_orphan_get:1405: comm syz.5.466: couldn't read orphan inode 15 (err -117) [ 37.819469][ T1429] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 37.828144][ T1437] loop3: detected capacity change from 0 to 256 [ 37.849898][ T1431] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 37.861721][ T739] EXT4-fs (loop5): unmounting filesystem. [ 37.927871][ T1437] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x421408f7, utbl_chksum : 0xe619d30d) [ 37.987427][ T1441] loop2: detected capacity change from 0 to 40427 [ 37.994284][ T1437] exFAT-fs (loop3): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 37.995654][ T1441] F2FS-fs (loop2): Invalid Fs Meta Ino: node(0) meta(2) root(0) [ 38.025785][ T1441] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 38.052211][ T1437] exFAT-fs (loop3): error, exfat_alloc_cluster: invalid used clusters(t:15,u:4294930442) [ 38.052211][ T1437] [ 38.063634][ T1441] F2FS-fs (loop2): invalid crc value [ 38.064323][ T1437] exFAT-fs (loop3): Filesystem has been set read-only [ 38.077270][ T295] EXT4-fs (loop4): unmounting filesystem. [ 38.088537][ T1437] exFAT-fs (loop3): error, failed to bmap (inode : ffff8881167f21d0 iblock : 0, err : -5) [ 38.107162][ T1441] F2FS-fs (loop2): Found nat_bits in checkpoint [ 38.225762][ T1441] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 38.232765][ T1441] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4 [ 38.418666][ T1477] loop5: detected capacity change from 0 to 512 [ 38.446531][ T1477] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 38.479938][ T1485] loop2: detected capacity change from 0 to 128 [ 38.481092][ T1477] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 38.515224][ T1477] ext4 filesystem being mounted at /54/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 38.526215][ T1485] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 38.564581][ T1485] ext4 filesystem being mounted at /88/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 38.579015][ T1493] input: syz0 as /devices/virtual/input/input13 [ 38.601944][ T1475] loop1: detected capacity change from 0 to 40427 [ 38.615934][ T1471] loop4: detected capacity change from 0 to 40427 [ 38.636772][ T1475] F2FS-fs (loop1): Found nat_bits in checkpoint [ 38.657942][ T1485] fscrypt (loop2, inode 12): Can't use IV_INO_LBLK_64 policy with contents mode other than AES-256-XTS [ 38.672562][ T739] EXT4-fs (loop5): unmounting filesystem. [ 38.680273][ T1498] input: syz0 as /devices/virtual/input/input14 [ 38.684941][ T1471] F2FS-fs (loop4): Found nat_bits in checkpoint [ 38.699360][ T1475] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 38.725563][ T291] EXT4-fs (loop2): unmounting filesystem. [ 38.746382][ T1471] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 38.807942][ T1513] loop5: detected capacity change from 0 to 16 [ 38.814230][ T294] syz-executor: attempt to access beyond end of device [ 38.814230][ T294] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 38.825899][ T1513] erofs: (device loop5): mounted with root inode @ nid 36. [ 38.838778][ T295] syz-executor: attempt to access beyond end of device [ 38.838778][ T295] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 38.878903][ T1517] loop2: detected capacity change from 0 to 1024 [ 38.889507][ T1517] EXT4-fs: Ignoring removed nobh option [ 38.901944][ T1517] EXT4-fs: Ignoring removed bh option [ 38.916205][ T1517] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 38.952347][ T1517] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 39.014011][ T291] EXT4-fs (loop2): unmounting filesystem. [ 39.107751][ T1540] loop4: detected capacity change from 0 to 16 [ 39.114272][ T1540] erofs: (device loop4): mounted with root inode @ nid 36. [ 39.122951][ T1540] syz.4.509: attempt to access beyond end of device [ 39.122951][ T1540] loop4: rw=0, sector=8, nr_sectors = 32 limit=16 [ 39.136700][ T1540] syz.4.509: attempt to access beyond end of device [ 39.136700][ T1540] loop4: rw=0, sector=8, nr_sectors = 32 limit=16 [ 39.175936][ T1535] loop5: detected capacity change from 0 to 40427 [ 39.195648][ T1535] F2FS-fs (loop5): Found nat_bits in checkpoint [ 39.234726][ T1535] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 39.266400][ T24] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 39.296367][ T312] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 39.332167][ T739] syz-executor: attempt to access beyond end of device [ 39.332167][ T739] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 39.466403][ T24] usb 2-1: Using ep0 maxpacket: 32 [ 39.472413][ T24] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 39.484380][ T312] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 39.505659][ T312] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 39.515375][ T24] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 39.525102][ T312] usb 3-1: New USB device found, idVendor=054c, idProduct=024b, bcdDevice= 0.00 [ 39.534089][ T312] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 39.543238][ T24] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 39.554420][ T312] usb 3-1: config 0 descriptor?? [ 39.559600][ T24] usb 2-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 39.567982][ T24] usb 2-1: Product: syz [ 39.572042][ T24] usb 2-1: Manufacturer: syz [ 39.597478][ T24] hub 2-1:4.0: USB hub found [ 39.789212][ T24] hub 2-1:4.0: 2 ports detected [ 39.906420][ T317] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 39.979378][ T312] sony 0003:054C:024B.0005: unexpected long global item [ 39.986604][ T312] sony 0003:054C:024B.0005: parse failed [ 39.992101][ T312] sony: probe of 0003:054C:024B.0005 failed with error -22 [ 40.012208][ T1580] overlayfs: upper fs does not support tmpfile. [ 40.118003][ T317] usb 6-1: New USB device found, idVendor=077b, idProduct=2226, bcdDevice=ca.8b [ 40.126947][ T317] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 40.140642][ T317] usb 6-1: config 0 descriptor?? [ 40.183870][ T312] usb 3-1: USB disconnect, device number 4 [ 40.200650][ T24] hub 2-1:4.0: set hub depth failed [ 40.210093][ T24] usb 2-1: USB disconnect, device number 3 [ 40.233994][ T1599] loop4: detected capacity change from 0 to 128 [ 40.337986][ T1618] loop4: detected capacity change from 0 to 256 [ 40.344373][ T1618] exfat: Deprecated parameter 'namecase' [ 40.351405][ T1618] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x36bd6320, utbl_chksum : 0xe619d30d) [ 40.664788][ T1651] loop3: detected capacity change from 0 to 8192 [ 40.687107][ T1651] loop3: p2 p3 p4 [ 40.690835][ T1651] loop3: p2 size 130943 extends beyond EOD, truncated [ 40.725089][ T1651] loop3: p3 size 16776960 extends beyond EOD, truncated [ 40.736257][ T1651] loop3: p4 size 3599499392 extends beyond EOD, truncated [ 40.863144][ T321] udevd[321]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory [ 40.863660][ T764] udevd[764]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory [ 40.883922][ T767] udevd[767]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory [ 40.900359][ T1684] loop3: detected capacity change from 0 to 256 [ 40.907719][ T1684] exfat: Deprecated parameter 'namecase' [ 40.923494][ T1684] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36bd6320, utbl_chksum : 0xe619d30d) [ 40.948476][ T317] asix 6-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 40.967644][ T317] asix 6-1:0.0 (unnamed net_device) (uninitialized): Failed to write RX_CTL mode to 0x0080: ffffffb9 [ 40.999728][ T1695] loop2: detected capacity change from 0 to 128 [ 41.008588][ T317] asix: probe of 6-1:0.0 failed with error -71 [ 41.016966][ T1695] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 41.021967][ T317] usb 6-1: USB disconnect, device number 3 [ 41.031619][ T1695] ext4 filesystem being mounted at /98/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 41.046911][ T1701] netlink: 16 bytes leftover after parsing attributes in process `syz.1.582'. [ 41.047315][ T1695] fscrypt (loop2, inode 12): Unsupported encryption flags (0x13) [ 41.081614][ T1706] netlink: 'syz.4.583': attribute type 15 has an invalid length. [ 41.099581][ T1708] tipc: Invalid UDP bearer configuration [ 41.099608][ T1708] tipc: Enabling of bearer rejected, failed to enable media [ 41.114513][ T291] EXT4-fs (loop2): unmounting filesystem. [ 41.195037][ T1727] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 41.303548][ T1732] loop1: detected capacity change from 0 to 128 [ 41.335149][ T1735] loop1: detected capacity change from 0 to 128 [ 41.345561][ T1735] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 41.354953][ T1735] ext4 filesystem being mounted at /99/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 41.385370][ T294] EXT4-fs (loop1): unmounting filesystem. [ 41.402035][ T28] kauditd_printk_skb: 16 callbacks suppressed [ 41.402049][ T28] audit: type=1400 audit(2000000016.149:302): avc: denied { write } for pid=1742 comm="syz.3.600" name="map_files" dev="proc" ino=22593 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1 [ 41.429908][ T28] audit: type=1400 audit(2000000016.159:303): avc: denied { add_name } for pid=1742 comm="syz.3.600" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1 [ 41.453289][ T28] audit: type=1400 audit(2000000016.159:304): avc: denied { create } for pid=1742 comm="syz.3.600" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=file permissive=1 [ 41.497183][ T28] audit: type=1400 audit(2000000016.159:305): avc: denied { associate } for pid=1742 comm="syz.3.600" name="bus" scontext=root:object_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 41.560313][ T28] audit: type=1400 audit(2000000016.309:306): avc: denied { create } for pid=1772 comm="syz.1.613" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 41.606484][ T28] audit: type=1400 audit(2000000016.339:307): avc: denied { read } for pid=1772 comm="syz.1.613" path="socket:[22629]" dev="sockfs" ino=22629 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 41.629911][ T1778] loop1: detected capacity change from 0 to 512 [ 41.647070][ T1778] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 41.663357][ T1778] EXT4-fs (loop1): 1 orphan inode deleted [ 41.670397][ T1778] EXT4-fs (loop1): 1 truncate cleaned up [ 41.675917][ T1778] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 41.702219][ T1766] loop2: detected capacity change from 0 to 40427 [ 41.716251][ T1766] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504) [ 41.723130][ T1766] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 41.724034][ T294] EXT4-fs (loop1): unmounting filesystem. [ 41.731957][ T1766] F2FS-fs (loop2): invalid crc value [ 41.752545][ T1766] F2FS-fs (loop2): Found nat_bits in checkpoint [ 41.782282][ T1766] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 41.789196][ T1766] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 41.835777][ T291] syz-executor: attempt to access beyond end of device [ 41.835777][ T291] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 42.026398][ T317] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 42.054020][ T1807] loop1: detected capacity change from 0 to 512 [ 42.063496][ T1807] EXT4-fs (loop1): Test dummy encryption mode enabled [ 42.071777][ T1807] EXT4-fs error (device loop1): __ext4_iget:5057: inode #11: block 1: comm syz.1.625: invalid block [ 42.082711][ T1807] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.625: couldn't read orphan inode 11 (err -117) [ 42.094705][ T1807] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 42.105353][ T28] audit: type=1400 audit(2000000016.859:308): avc: denied { write } for pid=1811 comm="syz.4.628" name="route" dev="proc" ino=4026532649 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1 [ 42.137125][ T1807] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni" [ 42.145458][ T1807] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 216 vs 220 free clusters [ 42.167841][ T294] EXT4-fs (loop1): unmounting filesystem. [ 42.187035][ T1821] loop1: detected capacity change from 0 to 512 [ 42.203501][ T1821] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 42.213893][ T1821] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002] [ 42.221856][ T1821] System zones: 1-12 [ 42.226846][ T1821] EXT4-fs (loop1): 1 truncate cleaned up [ 42.232334][ T1821] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 42.249524][ T317] usb 4-1: New USB device found, idVendor=077b, idProduct=2226, bcdDevice=ca.8b [ 42.263517][ T317] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 42.264268][ T294] EXT4-fs (loop1): unmounting filesystem. [ 42.275153][ T317] usb 4-1: config 0 descriptor?? [ 42.276967][ T1593] usb 6-1: new full-speed USB device number 4 using dummy_hcd [ 42.295220][ T1826] netlink: 4 bytes leftover after parsing attributes in process `syz.4.634'. [ 42.315279][ T1828] netlink: 3 bytes leftover after parsing attributes in process `syz.1.632'. [ 42.341567][ T28] audit: type=1400 audit(2000000017.089:309): avc: denied { append } for pid=1834 comm="syz.4.636" name="event2" dev="devtmpfs" ino=270 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 42.439472][ T1846] loop4: detected capacity change from 0 to 128 [ 42.452655][ T1846] EXT4-fs (loop4): Test dummy encryption mode enabled [ 42.460446][ T1846] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 42.469112][ T1846] ext4 filesystem being mounted at /166/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 42.477386][ T1593] usb 6-1: config 0 has no interfaces? [ 42.484209][ T1846] EXT4-fs (loop4): Online defrag not supported for encrypted files [ 42.497095][ T1593] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 42.505974][ T1593] usb 6-1: New USB device strings: Mfr=0, Product=4, SerialNumber=0 [ 42.514631][ T1593] usb 6-1: Product: syz [ 42.519489][ T295] EXT4-fs (loop4): unmounting filesystem. [ 42.542019][ T1593] usb 6-1: config 0 descriptor?? [ 42.726535][ T28] audit: type=1400 audit(2000000017.479:310): avc: denied { mount } for pid=1851 comm="syz.2.644" name="/" dev="pstore" ino=13649 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:pstore_t tclass=filesystem permissive=1 [ 42.748933][ T1852] loop2: detected capacity change from 0 to 512 [ 42.763689][ T19] usb 6-1: USB disconnect, device number 4 [ 42.765456][ T1852] journal_path: Lookup failure for './bus' [ 42.775386][ T1852] EXT4-fs: error: could not find journal device path [ 42.816423][ T6] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 42.829861][ T28] audit: type=1400 audit(2000000017.579:311): avc: denied { remount } for pid=1851 comm="syz.2.644" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:pstore_t tclass=filesystem permissive=1 [ 42.885573][ T1859] netlink: 296 bytes leftover after parsing attributes in process `syz.2.648'. [ 43.001320][ T6] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 43.011705][ T6] usb 5-1: New USB device found, idVendor=056a, idProduct=0094, bcdDevice= 0.00 [ 43.020972][ T6] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 43.029804][ T6] usb 5-1: config 0 descriptor?? [ 43.093113][ T1878] loop2: detected capacity change from 0 to 128 [ 43.099793][ T317] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 43.110441][ T317] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to write RX_CTL mode to 0x0080: ffffffb9 [ 43.122472][ T317] asix: probe of 4-1:0.0 failed with error -71 [ 43.132802][ T1878] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 43.136554][ T317] usb 4-1: USB disconnect, device number 3 [ 43.143720][ T1878] ext4 filesystem being mounted at /118/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 43.184016][ T1890] tc_dump_action: action bad kind [ 43.190277][ T291] EXT4-fs (loop2): unmounting filesystem. [ 43.285084][ T1900] loop5: detected capacity change from 0 to 16 [ 43.304226][ T1900] erofs: (device loop5): mounted with root inode @ nid 36. [ 43.352000][ T1912] loop2: detected capacity change from 0 to 256 [ 43.374007][ T1914] loop2: detected capacity change from 0 to 512 [ 43.382056][ T1914] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 43.438497][ T6] wacom 0003:056A:0094.0006: unknown main item tag 0x0 [ 43.449299][ T6] wacom 0003:056A:0094.0006: unknown main item tag 0x0 [ 43.456544][ T6] wacom 0003:056A:0094.0006: unknown main item tag 0x0 [ 43.463242][ T6] wacom 0003:056A:0094.0006: unknown main item tag 0x0 [ 43.470199][ T6] wacom 0003:056A:0094.0006: unknown main item tag 0x0 [ 43.477295][ T6] wacom 0003:056A:0094.0006: Using device in hidraw-only mode [ 43.495379][ T6] wacom 0003:056A:0094.0006: hidraw0: USB HID v2.00 Device [HID 056a:0094] on usb-dummy_hcd.4-1/input0 [ 43.571803][ T291] EXT4-fs (loop2): unmounting filesystem. [ 43.601365][ T1918] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.608236][ T1918] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.615343][ T1918] device bridge_slave_0 entered promiscuous mode [ 43.622439][ T1918] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.629828][ T1918] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.638757][ T312] usb 5-1: USB disconnect, device number 4 [ 43.641663][ T1918] device bridge_slave_1 entered promiscuous mode [ 43.652971][ T1926] netlink: 8 bytes leftover after parsing attributes in process `syz.2.675'. [ 43.701882][ T1932] netlink: 24 bytes leftover after parsing attributes in process `syz.2.678'. [ 43.751426][ T1918] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.758317][ T1918] bridge0: port 2(bridge_slave_1) entered forwarding state [ 43.765391][ T1918] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.772191][ T1918] bridge0: port 1(bridge_slave_0) entered forwarding state [ 43.805335][ T719] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 43.813367][ T719] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.820622][ T719] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.830384][ T719] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 43.839182][ T719] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.846067][ T719] bridge0: port 1(bridge_slave_0) entered forwarding state [ 43.865512][ T1946] loop3: detected capacity change from 0 to 512 [ 43.872786][ T719] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 43.884173][ T719] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.891042][ T719] bridge0: port 2(bridge_slave_1) entered forwarding state [ 43.899162][ T1946] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 43.914054][ T719] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 43.915373][ T1946] EXT4-fs (loop3): 1 truncate cleaned up [ 43.926883][ T719] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 43.927488][ T1946] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 43.967197][ T719] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 43.985428][ T719] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 43.994452][ T1946] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2186: inode #15: comm syz.3.685: corrupted in-inode xattr [ 44.006841][ T719] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 44.014178][ T719] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 44.021761][ T1946] EXT4-fs (loop3): Remounting filesystem read-only [ 44.022387][ T1918] device veth0_vlan entered promiscuous mode [ 44.033940][ T1946] EXT4-fs warning (device loop3): ext4_xattr_set_entry:1723: inode #15: comm syz.3.685: unable to update i_inline_off [ 44.046987][ T1946] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2186: inode #15: comm syz.3.685: corrupted in-inode xattr [ 44.058853][ T1946] EXT4-fs (loop3): Remounting filesystem read-only [ 44.065378][ T1918] device veth1_macvtap entered promiscuous mode [ 44.073267][ T290] EXT4-fs (loop3): unmounting filesystem. [ 44.079760][ T719] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 44.089450][ T404] device bridge_slave_1 left promiscuous mode [ 44.095438][ T404] bridge0: port 2(bridge_slave_1) entered disabled state [ 44.106183][ T1949] loop2: detected capacity change from 0 to 40427 [ 44.112994][ T404] device bridge_slave_0 left promiscuous mode [ 44.116146][ T1951] loop3: detected capacity change from 0 to 256 [ 44.119525][ T404] bridge0: port 1(bridge_slave_0) entered disabled state [ 44.133101][ T1949] F2FS-fs (loop2): Image doesn't support compression [ 44.140919][ T404] device veth1_macvtap left promiscuous mode [ 44.147484][ T404] device veth0_vlan left promiscuous mode [ 44.153363][ T1949] F2FS-fs (loop2): invalid crc value [ 44.174495][ T1954] Bluetooth: received HCILL_WAKE_UP_ACK in state 2 [ 44.181714][ T1949] F2FS-fs (loop2): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109) [ 44.246397][ T1949] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 44.266234][ T1967] input: syz0 as /devices/virtual/input/input15 [ 44.280472][ T291] syz-executor: attempt to access beyond end of device [ 44.280472][ T291] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 44.316635][ T719] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 44.324929][ T719] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 44.422952][ T1983] syz.6.697[1983] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 44.423025][ T1983] syz.6.697[1983] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 44.446422][ T312] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 44.566854][ T2006] SELinux: failed to load policy [ 44.590905][ T2014] loop6: detected capacity change from 0 to 128 [ 44.647631][ T2024] binder: 2023:2024 ioctl c0306201 20000940 returned -14 [ 44.647674][ T312] usb 4-1: unable to get BOS descriptor or descriptor too short [ 44.693488][ T2028] loop2: detected capacity change from 0 to 2048 [ 44.700107][ T312] usb 4-1: config 7 has an invalid interface number: 87 but max is 1 [ 44.716560][ T312] usb 4-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config [ 44.736341][ T312] usb 4-1: config 7 has 1 interface, different from the descriptor's value: 2 [ 44.755263][ T312] usb 4-1: config 7 has no interface number 0 [ 44.761224][ T312] usb 4-1: config 7 interface 87 altsetting 4 endpoint 0x3 has invalid maxpacket 1023, setting to 64 [ 44.782130][ T312] usb 4-1: config 7 interface 87 altsetting 4 has 1 endpoint descriptor, different from the interface descriptor's value: 11 [ 44.802634][ T2030] syz.2.721 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 44.826677][ T312] usb 4-1: config 7 interface 87 has no altsetting 0 [ 44.835983][ T312] usb 4-1: New USB device found, idVendor=0421, idProduct=00fc, bcdDevice=d1.2e [ 44.855175][ T312] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 44.866008][ T312] usb 4-1: Product: syz [ 44.880667][ T312] usb 4-1: Manufacturer: syz [ 44.885096][ T312] usb 4-1: SerialNumber: syz [ 44.929020][ T2033] A link change request failed with some changes committed already. Interface sit0 may have been left with an inconsistent configuration, please check. [ 44.982459][ T2014] FAT-fs (loop6): error, clusters badly computed (2 != 0) [ 44.999608][ T2014] FAT-fs (loop6): Filesystem has been set read-only [ 45.021618][ T2014] FAT-fs (loop6): error, clusters badly computed (3 != 1) [ 45.040111][ T2014] FAT-fs (loop6): error, clusters badly computed (4 != 2) [ 45.106772][ T312] rndis_host 4-1:7.87: More than one union descriptor, skipping ... [ 45.114598][ T312] usb 4-1: bad CDC descriptors [ 45.129477][ T2051] netlink: 20 bytes leftover after parsing attributes in process `syz.1.730'. [ 45.138436][ T312] cdc_acm 4-1:7.87: More than one union descriptor, skipping ... [ 45.157477][ T312] usb 4-1: USB disconnect, device number 4 [ 45.175450][ T2055] loop1: detected capacity change from 0 to 256 [ 45.283937][ T2069] netlink: 4 bytes leftover after parsing attributes in process `syz.6.739'. [ 45.324884][ T2079] netlink: 'syz.1.745': attribute type 15 has an invalid length. [ 45.393210][ T2089] loop1: detected capacity change from 0 to 512 [ 45.422136][ T2089] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 45.445772][ T2089] ext4 filesystem being mounted at /147/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 45.459757][ T2089] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 45.475553][ T2089] EXT4-fs (loop1): re-mounted. Quota mode: writeback. [ 45.491688][ T294] EXT4-fs (loop1): unmounting filesystem. [ 45.548206][ T2108] kvm [2107]: vcpu0, guest rIP: 0xfff0 vmx_set_msr: BTF|LBR in IA32_DEBUGCTLMSR 0x6, nop [ 45.576177][ T2114] loop6: detected capacity change from 0 to 512 [ 45.597253][ T2114] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002] [ 45.605324][ T2114] System zones: 0-2, 18-18, 34-34 [ 45.611069][ T2114] EXT4-fs error (device loop6): ext4_validate_block_bitmap:438: comm syz.6.758: bg 0: block 248: padding at end of block bitmap is not set [ 45.625769][ T2114] EXT4-fs error (device loop6): ext4_acquire_dquot:6781: comm syz.6.758: Failed to acquire dquot type 1 [ 45.637623][ T2114] EXT4-fs (loop6): 1 truncate cleaned up [ 45.643089][ T2114] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback. [ 45.652150][ T2114] ext4 filesystem being mounted at /20/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 45.679336][ T2114] syz.6.758 (2114) used greatest stack depth: 19432 bytes left [ 45.689886][ T1918] EXT4-fs (loop6): unmounting filesystem. [ 45.735008][ T2133] loop1: detected capacity change from 0 to 512 [ 45.750618][ T2133] EXT4-fs error (device loop1): ext4_orphan_get:1400: inode #17: comm syz.1.768: iget: bogus i_mode (0) [ 45.780221][ T2133] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.768: couldn't read orphan inode 17 (err -117) [ 45.798657][ T2133] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 45.811190][ T2133] EXT4-fs error (device loop1): ext4_validate_block_bitmap:429: comm syz.1.768: bg 0: block 7: invalid block bitmap [ 45.831314][ T294] EXT4-fs (loop1): unmounting filesystem. [ 45.888748][ T2144] loop6: detected capacity change from 0 to 128 [ 45.892623][ T2146] loop1: detected capacity change from 0 to 128 [ 45.924583][ T2144] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 45.939177][ T2144] ext4 filesystem being mounted at /22/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 45.999799][ T2165] netlink: 16 bytes leftover after parsing attributes in process `syz.1.782'. [ 46.017357][ T1918] EXT4-fs (loop6): unmounting filesystem. [ 46.157430][ T2202] loop3: detected capacity change from 0 to 128 [ 46.165518][ T2202] EXT4-fs (loop3): Test dummy encryption mode enabled [ 46.184355][ T2202] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 46.196795][ T2202] ext4 filesystem being mounted at /161/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 46.226451][ T1958] Bluetooth: hci0: command 0x1003 tx timeout [ 46.232356][ T45] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 46.241651][ T2202] EXT4-fs warning (device loop3): ext4_group_extend:1899: can't read last block, resize aborted [ 46.269185][ T290] EXT4-fs (loop3): unmounting filesystem. [ 46.310670][ T2214] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 46.422441][ T2232] loop2: detected capacity change from 0 to 128 [ 46.435660][ T2234] loop3: detected capacity change from 0 to 2048 [ 46.490088][ T28] kauditd_printk_skb: 15 callbacks suppressed [ 46.490101][ T28] audit: type=1400 audit(2000000021.239:325): avc: denied { rmdir } for pid=290 comm="syz-executor" name="lost+found" dev="loop3" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 46.560213][ T28] audit: type=1400 audit(2000000021.279:326): avc: denied { rmdir } for pid=290 comm="syz-executor" name=".index" dev="loop3" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 46.586820][ T28] audit: type=1400 audit(2000000021.279:327): avc: denied { unlink } for pid=290 comm="syz-executor" name="file0" dev="loop3" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 46.609156][ T28] audit: type=1400 audit(2000000021.279:328): avc: denied { unlink } for pid=290 comm="syz-executor" name="file1" dev="loop3" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1 [ 46.655270][ T28] audit: type=1400 audit(2000000021.279:329): avc: denied { unmount } for pid=290 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 46.675296][ T28] audit: type=1400 audit(2000000021.369:330): avc: denied { accept } for pid=2243 comm="syz.3.818" laddr=::ffff:255.255.255.255 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=udp_socket permissive=1 [ 46.763536][ T2232] FAT-fs (loop2): error, clusters badly computed (2 != 0) [ 46.772742][ T2232] FAT-fs (loop2): Filesystem has been set read-only [ 46.779724][ T2232] FAT-fs (loop2): error, clusters badly computed (3 != 1) [ 46.787617][ T2232] FAT-fs (loop2): error, clusters badly computed (4 != 2) [ 46.886677][ T28] audit: type=1326 audit(2000000021.639:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2275 comm="syz.6.833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f072b58cda9 code=0x7ffc0000 [ 46.916351][ T317] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 46.930780][ T28] audit: type=1326 audit(2000000021.639:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2275 comm="syz.6.833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=38 compat=0 ip=0x7f072b58cda9 code=0x7ffc0000 [ 46.931695][ T2279] loop2: detected capacity change from 0 to 128 [ 46.954846][ T28] audit: type=1326 audit(2000000021.639:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2275 comm="syz.6.833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f072b58cda9 code=0x7ffc0000 [ 46.971747][ T2279] EXT4-fs (loop2): Test dummy encryption mode enabled [ 46.991191][ T28] audit: type=1326 audit(2000000021.669:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2275 comm="syz.6.833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f072b58cda9 code=0x7ffc0000 [ 46.991290][ T2284] loop1: detected capacity change from 0 to 256 [ 47.017544][ T2282] netem: incorrect gi model size [ 47.025479][ T2282] netem: change failed [ 47.031811][ T2279] ext4 filesystem being mounted at /179/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 47.042533][ T2284] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 47.067583][ T2289] loop3: detected capacity change from 0 to 1024 [ 47.075910][ T2284] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe622a5da, utbl_chksum : 0xe619d30d) [ 47.086020][ T2279] EXT4-fs warning (device loop2): ext4_group_extend:1899: can't read last block, resize aborted [ 47.092011][ T2284] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 47.120026][ T317] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 47.150275][ T317] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 47.160033][ T317] usb 5-1: New USB device found, idVendor=054c, idProduct=024b, bcdDevice= 0.00 [ 47.165514][ T2295] loop6: detected capacity change from 0 to 1024 [ 47.169158][ T317] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 47.186889][ T317] usb 5-1: config 0 descriptor?? [ 47.208529][ T2300] loop2: detected capacity change from 0 to 512 [ 47.211011][ T2295] EXT4-fs error (device loop6): ext4_ext_check_inode:520: inode #11: comm syz.6.840: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512) [ 47.241849][ T2302] netlink: 'syz.3.843': attribute type 7 has an invalid length. [ 47.242209][ T2300] EXT4-fs error (device loop2): ext4_orphan_get:1400: inode #17: comm syz.2.842: iget: bogus i_mode (0) [ 47.249507][ T2302] netlink: 8 bytes leftover after parsing attributes in process `syz.3.843'. [ 47.269095][ T2295] EXT4-fs error (device loop6): ext4_orphan_get:1405: comm syz.6.840: couldn't read orphan inode 11 (err -117) [ 47.283841][ T2300] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.842: couldn't read orphan inode 17 (err -117) [ 47.298685][ T2295] EXT4-fs error (device loop6): ext4_read_block_bitmap_nowait:477: comm syz.6.840: Invalid block bitmap block 0 in block_group 0 [ 47.312351][ T2295] EXT4-fs error (device loop6): ext4_acquire_dquot:6781: comm syz.6.840: Failed to acquire dquot type 0 [ 47.344044][ T10] EXT4-fs error (device loop6): ext4_release_dquot:6804: comm kworker/u4:1: Failed to release dquot type 0 [ 47.350636][ T2300] EXT4-fs error (device loop2): ext4_validate_block_bitmap:429: comm syz.2.842: bg 0: block 7: invalid block bitmap [ 47.519014][ T2331] input: syz0 as /devices/virtual/input/input16 [ 47.595069][ T317] sony 0003:054C:024B.0007: unexpected long global item [ 47.613971][ T317] sony 0003:054C:024B.0007: parse failed [ 47.630898][ T2349] netlink: 64 bytes leftover after parsing attributes in process `syz.6.863'. [ 47.639669][ T317] sony: probe of 0003:054C:024B.0007 failed with error -22 [ 47.646952][ T2351] loop2: detected capacity change from 0 to 256 [ 47.668672][ T2351] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 47.755713][ T2363] Invalid ELF header magic: != ELF [ 47.784185][ T2367] tun0: tun_chr_ioctl cmd 1074812118 [ 47.823418][ T2335] loop3: detected capacity change from 0 to 40427 [ 47.824928][ T317] usb 5-1: USB disconnect, device number 5 [ 47.832396][ T2335] F2FS-fs (loop3): fault_injection options not supported [ 47.855012][ T2373] loop2: detected capacity change from 0 to 256 [ 47.865431][ T2335] F2FS-fs (loop3): invalid crc value [ 47.895129][ T2335] F2FS-fs (loop3): Found nat_bits in checkpoint [ 47.901153][ T2373] exfat: Deprecated parameter 'utf8' [ 47.909185][ T2373] exfat: Deprecated parameter 'utf8' [ 47.933656][ T2373] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x23a77120, utbl_chksum : 0xe619d30d) [ 47.946823][ T2387] SELinux: policydb version 0 does not match my version range 15-33 [ 47.961278][ T2387] SELinux: failed to load policy [ 47.976204][ T2335] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 48.008806][ T2392] loop2: detected capacity change from 0 to 512 [ 48.056692][ T2392] EXT4-fs error (device loop2): ext4_acquire_dquot:6781: comm syz.2.883: Failed to acquire dquot type 1 [ 48.061730][ T2402] loop1: detected capacity change from 0 to 256 [ 48.077887][ T290] syz-executor: attempt to access beyond end of device [ 48.077887][ T290] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 48.081908][ T2392] EXT4-fs (loop2): 1 truncate cleaned up [ 48.107890][ T2402] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 48.124825][ T2392] ext4 filesystem being mounted at /190/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 48.256724][ T2412] loop6: detected capacity change from 0 to 128 [ 48.300462][ T2418] loop1: detected capacity change from 0 to 128 [ 48.318508][ T2418] ext4 filesystem being mounted at /178/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 48.342398][ T2418] fscrypt (loop1, inode 12): Unsupported encryption flags (0xbf) [ 48.378692][ T2429] tun0: tun_chr_ioctl cmd 1074812118 [ 48.495970][ T2451] capability: warning: `syz.2.909' uses 32-bit capabilities (legacy support in use) [ 48.652227][ T2433] loop1: detected capacity change from 0 to 40427 [ 48.695298][ T2433] F2FS-fs (loop1): fault_injection options not supported [ 48.705595][ T2433] F2FS-fs (loop1): fault_type options not supported [ 48.712367][ T2433] F2FS-fs (loop1): Image doesn't support compression [ 48.733713][ T2433] F2FS-fs (loop1): Image doesn't support compression [ 48.743245][ T2433] F2FS-fs (loop1): invalid crc value [ 48.760551][ T2478] loop4: detected capacity change from 0 to 256 [ 48.779653][ T2478] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 48.804876][ T2433] F2FS-fs (loop1): Found nat_bits in checkpoint [ 48.867854][ T2495] loop6: detected capacity change from 0 to 256 [ 48.877085][ T2495] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 48.902572][ T2433] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 49.078259][ T2516] loop6: detected capacity change from 0 to 128 [ 49.136431][ T2516] ext4 filesystem being mounted at /63/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 49.223484][ T2530] Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 49.237076][ T2528] loop4: detected capacity change from 0 to 2048 [ 49.267383][ T2528] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.941: bg 0: block 136: padding at end of block bitmap is not set [ 49.365351][ T2546] loop1: detected capacity change from 0 to 2048 [ 49.459688][ T2534] loop2: detected capacity change from 0 to 40427 [ 49.475485][ T2534] F2FS-fs (loop2): fault_type options not supported [ 49.482664][ T2534] F2FS-fs (loop2): invalid crc value [ 49.488907][ T2534] F2FS-fs (loop2): Found nat_bits in checkpoint [ 49.506507][ T39] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 49.526824][ T2548] loop4: detected capacity change from 0 to 40427 [ 49.534557][ T2534] F2FS-fs (loop2): Start checkpoint disabled! [ 49.541287][ T2548] F2FS-fs (loop4): fault_injection options not supported [ 49.545856][ T2534] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6 [ 49.549076][ T2548] F2FS-fs (loop4): invalid crc value [ 49.565717][ T2548] F2FS-fs (loop4): Found nat_bits in checkpoint [ 49.598625][ T2548] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 49.625822][ T2548] SELinux: Context #! ./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 49.631167][ T295] syz-executor: attempt to access beyond end of device [ 49.631167][ T295] loop4: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 49.706364][ T317] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 49.746435][ T39] usb 7-1: Using ep0 maxpacket: 8 [ 49.755739][ T39] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 49.775055][ T43] kworker/u4:2: attempt to access beyond end of device [ 49.775055][ T43] loop2: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 49.789569][ T39] usb 7-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d [ 49.813959][ T39] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105 [ 49.826743][ T39] usb 7-1: SerialNumber: syz [ 49.834295][ T2562] netlink: 'syz.4.954': attribute type 2 has an invalid length. [ 49.842562][ T39] usb 7-1: config 0 descriptor?? [ 49.849172][ T39] usb 7-1: Found UVC 0.00 device (05ac:8501) [ 49.856353][ T39] usb 7-1: Failed to create links for entity 255 [ 49.867255][ T39] usb 7-1: Failed to register entities (-22). [ 49.924682][ T2572] loop2: detected capacity change from 0 to 128 [ 49.926365][ T317] usb 2-1: Using ep0 maxpacket: 16 [ 49.946054][ T2572] ext4 filesystem being mounted at /209/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 49.958257][ T317] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 49.971948][ T2579] loop3: detected capacity change from 0 to 512 [ 49.982075][ T317] usb 2-1: config 1 has 0 interfaces, different from the descriptor's value: 1 [ 50.014397][ T317] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 50.028414][ T2579] ext4 filesystem being mounted at /195/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 50.052794][ T39] usb 7-1: USB disconnect, device number 2 [ 50.069208][ T317] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 50.074659][ T2579] EXT4-fs error (device loop3): ext4_map_blocks:634: inode #2: block 18: comm syz.3.961: lblock 23 mapped to illegal pblock 18 (length 1) [ 50.080743][ T317] usb 2-1: SerialNumber: syz [ 50.185561][ T2613] loop4: detected capacity change from 0 to 256 [ 50.200064][ T2613] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 50.233501][ T2613] exFAT-fs (loop4): hint_cluster is invalid (17) [ 50.256991][ T2613] exFAT-fs (loop4): error, found bogus dentry(15) beyond unused empty group(0) (start_clu : 5, cur_clu : 5) [ 50.281627][ T2613] exFAT-fs (loop4): Filesystem has been set read-only [ 50.304765][ T2629] netlink: 104 bytes leftover after parsing attributes in process `syz.2.984'. [ 50.428130][ T1593] usb 2-1: USB disconnect, device number 4 [ 50.534300][ T2636] loop2: detected capacity change from 0 to 40427 [ 50.557427][ T2636] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 50.573986][ T2636] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 50.588824][ T2633] loop4: detected capacity change from 0 to 40427 [ 50.596064][ T2633] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 50.603852][ T2633] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 50.612820][ T2636] F2FS-fs (loop2): Found nat_bits in checkpoint [ 50.628440][ T2633] F2FS-fs (loop4): invalid crc value [ 50.655533][ T2633] F2FS-fs (loop4): Found nat_bits in checkpoint [ 50.666791][ T2636] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 50.676388][ T2636] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 50.704068][ T2633] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 50.723951][ T2661] loop3: detected capacity change from 0 to 512 [ 50.726389][ T2633] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 50.772591][ T2661] ext4 filesystem being mounted at /208/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 51.116394][ T317] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 51.136074][ T2706] loop4: detected capacity change from 0 to 256 [ 51.145575][ T2706] exFAT-fs (loop4): failed to load upcase table (idx : 0x00011a39, chksum : 0xd54015fb, utbl_chksum : 0xe619d30d) [ 51.161384][ T2706] exFAT-fs (loop4): error, invalid size(size(0) > aligned(9223372036854777344) [ 51.161384][ T2706] [ 51.175613][ T2706] exFAT-fs (loop4): Filesystem has been set read-only [ 51.202585][ T2712] loop4: detected capacity change from 0 to 16 [ 51.216997][ T2712] erofs: (device loop4): mounted with root inode @ nid 36. [ 51.225672][ T2712] erofs: (device loop4): erofs_find_target_block: corrupted dir block 8200 @ nid 36 [ 51.241889][ T2717] loop2: detected capacity change from 0 to 512 [ 51.247212][ T2712] syz.4.1016: attempt to access beyond end of device [ 51.247212][ T2712] loop4: rw=524288, sector=16, nr_sectors = 8 limit=16 [ 51.268001][ T2717] EXT4-fs error (device loop2): ext4_orphan_get:1400: inode #15: comm syz.2.1019: casefold flag without casefold feature [ 51.296353][ T317] usb 4-1: Using ep0 maxpacket: 16 [ 51.302402][ T317] usb 4-1: config index 0 descriptor too short (expected 16456, got 72) [ 51.314998][ T2717] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.1019: couldn't read orphan inode 15 (err -117) [ 51.330116][ T2729] SELinux: Context system_u:object_r:login_exec_t:s0 is not valid (left unmapped). [ 51.340276][ T317] usb 4-1: config 0 has an invalid interface number: 125 but max is 1 [ 51.361665][ T317] usb 4-1: config 0 has an invalid interface number: 125 but max is 1 [ 51.370095][ T317] usb 4-1: config 0 has an invalid interface number: 125 but max is 1 [ 51.380170][ T317] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 51.389120][ T317] usb 4-1: config 0 has no interface number 0 [ 51.395010][ T317] usb 4-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64 [ 51.406005][ T317] usb 4-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0 [ 51.415877][ T317] usb 4-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0 [ 51.425611][ T317] usb 4-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 51.438644][ T317] usb 4-1: config 0 interface 125 has no altsetting 0 [ 51.445226][ T317] usb 4-1: config 0 interface 125 has no altsetting 2 [ 51.458941][ T317] usb 4-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27 [ 51.467834][ T317] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 51.475604][ T317] usb 4-1: Product: syz [ 51.479746][ T317] usb 4-1: Manufacturer: syz [ 51.484135][ T317] usb 4-1: SerialNumber: syz [ 51.491013][ T317] usb 4-1: config 0 descriptor?? [ 51.523719][ T2741] loop6: detected capacity change from 0 to 512 [ 51.539634][ T2747] netlink: 'syz.2.1031': attribute type 1 has an invalid length. [ 51.544973][ T2743] kvm [2742]: vcpu0, guest rIP: 0xfff0 disabled perfctr wrmsr: 0xc0010007 data 0x0 [ 51.567512][ T2741] ext4 filesystem being mounted at /78/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 51.600603][ T28] kauditd_printk_skb: 113 callbacks suppressed [ 51.600619][ T28] audit: type=1400 audit(2000000026.349:443): avc: denied { module_request } for pid=2754 comm="syz.2.1034" kmod="netdev-vxcan0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 51.637761][ T2757] loop1: detected capacity change from 0 to 1024 [ 51.654209][ T2757] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869) [ 51.666894][ T28] audit: type=1400 audit(2000000026.419:444): avc: denied { ioctl } for pid=2761 comm="syz.4.1038" path="socket:[27058]" dev="sockfs" ino=27058 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 51.691997][ T2763] bridge0: the hash_elasticity option has been deprecated and is always 16 [ 51.701592][ T2763] bridge0: port 2(bridge_slave_1) entered disabled state [ 51.708635][ T2763] bridge0: port 1(bridge_slave_0) entered disabled state [ 51.715763][ T2757] EXT4-fs error (device loop1): ext4_get_journal_inode:5709: inode #32: comm syz.1.1036: iget: special inode unallocated [ 51.728694][ T2757] EXT4-fs (loop1): no journal found [ 51.733714][ T2757] EXT4-fs (loop1): can't get journal size [ 51.747693][ T28] audit: type=1400 audit(2000000026.499:445): avc: denied { create } for pid=2764 comm="syz.2.1039" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 51.758818][ T317] usb 4-1: USB disconnect, device number 5 [ 51.789456][ T28] audit: type=1400 audit(2000000026.529:446): avc: denied { setopt } for pid=2764 comm="syz.2.1039" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 51.877012][ T28] audit: type=1400 audit(2000000026.629:447): avc: denied { name_bind } for pid=2773 comm="syz.1.1043" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 51.885441][ T2770] loop4: detected capacity change from 0 to 4096 [ 51.923585][ T28] audit: type=1400 audit(2000000026.659:448): avc: denied { node_bind } for pid=2773 comm="syz.1.1043" saddr=::ffff:0.0.0.0 src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1 [ 51.967953][ T2779] netlink: 260 bytes leftover after parsing attributes in process `syz.2.1045'. [ 51.997830][ T28] audit: type=1400 audit(2000000026.749:449): avc: denied { create } for pid=2781 comm="syz.1.1046" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 52.027999][ T2782] loop1: detected capacity change from 0 to 1024 [ 52.042089][ T28] audit: type=1400 audit(2000000026.779:450): avc: denied { write } for pid=2781 comm="syz.1.1046" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 52.073310][ T2782] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (32298!=35945) [ 52.093011][ T2782] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 52.101843][ T2782] EXT4-fs (loop1): orphan cleanup on readonly fs [ 52.109136][ T2782] EXT4-fs error (device loop1): ext4_read_inode_bitmap:168: comm syz.1.1046: Inode bitmap for bg 0 marked uninitialized [ 52.114884][ T2770] SELinux: Context system_u:object_r:apt_var_lib_t:s0 is not valid (left unmapped). [ 52.145940][ T28] audit: type=1400 audit(2000000026.889:451): avc: denied { relabelto } for pid=2769 comm="syz.4.1041" name="file0" dev="loop4" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:apt_var_lib_t:s0" [ 52.199632][ T2790] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1048'. [ 52.206349][ T28] audit: type=1400 audit(2000000026.929:452): avc: denied { setattr } for pid=2769 comm="syz.4.1041" name="file0" dev="loop4" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:apt_var_lib_t:s0" [ 52.257636][ T2796] loop2: detected capacity change from 0 to 256 [ 52.328214][ T2807] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1055'. [ 52.361126][ T2811] loop4: detected capacity change from 0 to 16 [ 52.388303][ T2815] incfs: Options parsing error. -22 [ 52.392473][ T2811] erofs: (device loop4): mounted with root inode @ nid 36. [ 52.406966][ T2815] incfs: mount failed -22 [ 52.409196][ T2762] loop6: detected capacity change from 0 to 131072 [ 52.431553][ T2817] loop1: detected capacity change from 0 to 4096 [ 52.432203][ T2762] F2FS-fs (loop6): invalid crc value [ 52.458963][ T2762] F2FS-fs (loop6): Found nat_bits in checkpoint [ 52.486649][ T2828] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 52.496113][ T2828] FAT-fs (loop5): unable to read boot sector [ 52.509692][ T2762] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e4 [ 52.611661][ T312] kernel write not supported for file /515/attr/sockcreate (pid: 312 comm: kworker/1:2) [ 52.658764][ T2849] loop1: detected capacity change from 0 to 512 [ 52.677690][ T2849] EXT4-fs: Ignoring removed oldalloc option [ 52.711356][ T2849] EXT4-fs (loop1): 1 truncate cleaned up [ 52.728081][ T2856] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1077'. [ 52.971579][ T2879] loop6: detected capacity change from 0 to 256 [ 52.991097][ T2879] exfat: Deprecated parameter 'utf8' [ 52.997810][ T2879] exfat: Deprecated parameter 'namecase' [ 53.015274][ T2879] exfat: Deprecated parameter 'namecase' [ 53.029490][ T2879] exfat: Deprecated parameter 'utf8' [ 53.034024][ T2889] loop1: detected capacity change from 0 to 512 [ 53.052491][ T2879] exFAT-fs (loop6): failed to load upcase table (idx : 0x00012153, chksum : 0xc3dffc2e, utbl_chksum : 0xe619d30d) [ 53.073915][ T2889] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 53.084094][ T2889] EXT4-fs (loop1): warning: maximal mount count reached, running e2fsck is recommended [ 53.094638][ T2889] EXT4-fs error (device loop1): ext4_orphan_get:1400: comm syz.1.1092: inode #15: comm syz.1.1092: iget: illegal inode # [ 53.117511][ T2889] EXT4-fs (loop1): Remounting filesystem read-only [ 53.125513][ T2889] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.1092: couldn't read orphan inode 15 (err -117) [ 53.146766][ T2889] EXT4-fs (loop1): Remounting filesystem read-only [ 53.355365][ T312] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 53.373077][ T312] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 53.380916][ T312] hid-generic 0000:0000:0000.0008: hidraw0: HID v0.00 Device [syz0] on syz1 [ 53.410066][ T2928] loop6: detected capacity change from 0 to 2048 [ 53.467353][ T2928] loop6: p3 < > p4 < > [ 53.471349][ T2928] loop6: partition table partially beyond EOD, truncated [ 53.496266][ T2928] loop6: p3 start 4284289 is beyond EOD, truncated [ 53.558451][ T2947] tun0: tun_chr_ioctl cmd 2147767511 [ 53.635821][ T2958] loop3: detected capacity change from 0 to 1024 [ 53.739833][ T2968] loop3: detected capacity change from 0 to 256 [ 53.771734][ T2968] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe7bb9f7b, utbl_chksum : 0xe619d30d) [ 53.820182][ T2972] loop2: detected capacity change from 0 to 2048 [ 53.840043][ T2949] loop6: detected capacity change from 0 to 40427 [ 53.847572][ T2949] F2FS-fs (loop6): Invalid Fs Meta Ino: node(1) meta(2) root(0) [ 53.857658][ T2949] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock [ 53.867925][ T2949] F2FS-fs (loop6): fault_injection options not supported [ 53.876191][ T2949] F2FS-fs (loop6): invalid crc value [ 53.883187][ T2949] F2FS-fs (loop6): Found nat_bits in checkpoint [ 53.896653][ T2972] loop2: p3 < > p4 < > [ 53.900736][ T2972] loop2: partition table partially beyond EOD, truncated [ 53.916790][ T2972] loop2: p3 start 4284289 is beyond EOD, truncated [ 53.959400][ T2949] F2FS-fs (loop6): Start checkpoint disabled! [ 53.969128][ T2949] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0 [ 53.978041][ T2949] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6 [ 54.042839][ T2949] syz.6.1116: attempt to access beyond end of device [ 54.042839][ T2949] loop6: rw=10241, sector=45096, nr_sectors = 8 limit=40427 [ 54.051270][ T2970] loop1: detected capacity change from 0 to 40427 [ 54.060165][ T2949] syz.6.1116: attempt to access beyond end of device [ 54.060165][ T2949] loop6: rw=2049, sector=45104, nr_sectors = 120 limit=40427 [ 54.077267][ T2949] syz.6.1116: attempt to access beyond end of device [ 54.077267][ T2949] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 54.082331][ T2988] loop2: detected capacity change from 0 to 512 [ 54.108522][ T2970] F2FS-fs (loop1): fault_injection options not supported [ 54.122061][ T2970] F2FS-fs (loop1): invalid crc value [ 54.130689][ T2992] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1137'. [ 54.138914][ T322] kworker/u4:3: attempt to access beyond end of device [ 54.138914][ T322] loop6: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 54.139893][ T2992] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1137'. [ 54.167715][ T2970] F2FS-fs (loop1): Found nat_bits in checkpoint [ 54.177288][ T2988] ext4 filesystem being mounted at /262/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 54.218386][ T2988] EXT4-fs error (device loop2): ext4_empty_dir:3136: inode #12: comm syz.2.1134: invalid size [ 54.259106][ T2988] EXT4-fs (loop2): Remounting filesystem read-only [ 54.272163][ T2970] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 54.537802][ T3042] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1158'. [ 54.642376][ T3065] input: syz1 as /devices/virtual/input/input17 [ 54.690840][ T3075] loop3: detected capacity change from 0 to 128 [ 54.703076][ T3075] ext4 filesystem being mounted at /242/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 54.722084][ T3075] EXT4-fs error (device loop3): ext4_validate_block_bitmap:420: comm syz.3.1171: bg 0: bad block bitmap checksum [ 54.743600][ T3080] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1184'. [ 54.756753][ T3082] loop3: detected capacity change from 0 to 256 [ 54.763284][ T3082] exfat: Deprecated parameter 'utf8' [ 54.779601][ T3082] exfat: Deprecated parameter 'namecase' [ 54.788066][ T3082] exfat: Deprecated parameter 'namecase' [ 54.794992][ T3082] exfat: Deprecated parameter 'utf8' [ 54.801426][ T3086] loop2: detected capacity change from 0 to 1024 [ 54.814295][ T3086] EXT4-fs: Ignoring removed nobh option [ 54.816240][ T3082] exFAT-fs (loop3): failed to load upcase table (idx : 0x00012153, chksum : 0xc3dffc2e, utbl_chksum : 0xe619d30d) [ 54.820024][ T3086] EXT4-fs: Ignoring removed bh option [ 54.849639][ T3086] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 54.928361][ T3098] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 55.042430][ T3115] loop2: detected capacity change from 0 to 2048 [ 55.110160][ T3115] Alternate GPT is invalid, using primary GPT. [ 55.121811][ T3115] loop2: p2 p3 p7 [ 55.266485][ T3130] loop6: detected capacity change from 0 to 512 [ 55.292317][ T3134] loop2: detected capacity change from 0 to 128 [ 55.303174][ T3130] ext4 filesystem being mounted at /108/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 55.307555][ T3134] ext4 filesystem being mounted at /281/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 55.326168][ T3130] EXT4-fs error (device loop6): ext4_empty_dir:3136: inode #12: comm syz.6.1195: invalid size [ 55.341423][ T3134] EXT4-fs error (device loop2): ext4_validate_block_bitmap:420: comm syz.2.1198: bg 0: bad block bitmap checksum [ 55.342479][ T3130] EXT4-fs (loop6): Remounting filesystem read-only [ 55.478468][ T3161] loop6: detected capacity change from 0 to 256 [ 55.488442][ T3161] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 55.488583][ T3163] loop2: detected capacity change from 0 to 256 [ 55.508417][ T3163] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d) [ 55.647710][ T3176] loop6: detected capacity change from 0 to 512 [ 55.660209][ T3176] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 55.671725][ T3176] EXT4-fs (loop6): 1 truncate cleaned up [ 55.685513][ T3176] syz.6.1217 (pid 3176) is setting deprecated v1 encryption policy; recommend upgrading to v2. [ 55.725510][ T3187] incfs: Options parsing error. -22 [ 55.730654][ T3187] incfs: mount failed -22 [ 55.827263][ T3199] SELinux: security_context_str_to_sid (user_u) failed with errno=-22 [ 56.031849][ T3220] netlink: 'syz.6.1237': attribute type 4 has an invalid length. [ 56.138847][ T3237] netlink: 'syz.6.1245': attribute type 1 has an invalid length. [ 56.147083][ T3237] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1245'. [ 56.240430][ T3245] SELinux: failed to load policy [ 56.382618][ T3264] loop3: detected capacity change from 0 to 16 [ 56.392944][ T3264] erofs: (device loop3): mounted with root inode @ nid 36. [ 56.560777][ T3278] netlink: 'syz.4.1263': attribute type 10 has an invalid length. [ 56.636762][ T28] kauditd_printk_skb: 73 callbacks suppressed [ 56.636777][ T28] audit: type=1400 audit(2000000032.392:526): avc: denied { read write } for pid=295 comm="syz-executor" name="loop4" dev="devtmpfs" ino=118 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 56.673716][ T28] audit: type=1400 audit(2000000032.392:527): avc: denied { open } for pid=295 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=118 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 56.697949][ T28] audit: type=1400 audit(2000000032.392:528): avc: denied { ioctl } for pid=295 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=118 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 56.728155][ T39] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 56.735854][ T28] audit: type=1400 audit(2000000032.392:529): avc: denied { read write } for pid=3288 comm="syz.4.1268" name="fuse" dev="devtmpfs" ino=93 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1 [ 56.764766][ T28] audit: type=1400 audit(2000000032.392:530): avc: denied { open } for pid=3288 comm="syz.4.1268" path="/dev/fuse" dev="devtmpfs" ino=93 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1 [ 56.789364][ T28] audit: type=1400 audit(2000000032.392:531): avc: denied { mounton } for pid=3288 comm="syz.4.1268" path="/235/file0" dev="tmpfs" ino=1237 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 56.817639][ T28] audit: type=1400 audit(2000000032.392:532): avc: denied { mount } for pid=3288 comm="syz.4.1268" name="/" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 56.839806][ T28] audit: type=1400 audit(2000000032.422:533): avc: denied { append } for pid=84 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=6 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 56.862552][ T28] audit: type=1400 audit(2000000032.452:534): avc: denied { mounton } for pid=3288 comm="syz.4.1268" path="/235/file0" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 56.886978][ T28] audit: type=1400 audit(2000000032.502:535): avc: denied { bpf } for pid=3293 comm="syz.1.1270" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 56.948940][ T39] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 56.959356][ T39] usb 3-1: config 0 has no interfaces? [ 56.964704][ T39] usb 3-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 56.980079][ T39] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 56.980693][ T3302] loop1: detected capacity change from 0 to 512 [ 57.010351][ T39] usb 3-1: config 0 descriptor?? [ 57.036945][ T3302] EXT4-fs warning (device loop1): ext4_enable_quotas:7016: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 57.167322][ T3319] loop1: detected capacity change from 0 to 1024 [ 57.178505][ T3319] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 57.189304][ T3319] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 57.199257][ T3319] JBD2: no valid journal superblock found [ 57.204864][ T3319] EXT4-fs (loop1): error loading journal [ 57.310310][ T3338] loop3: detected capacity change from 0 to 512 [ 57.323417][ T3338] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2186: inode #15: comm syz.3.1289: corrupted in-inode xattr [ 57.336553][ T3341] loop1: detected capacity change from 0 to 256 [ 57.339413][ T3338] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.1289: couldn't read orphan inode 15 (err -117) [ 57.360357][ T3338] EXT4-fs (loop3): shut down requested (2) [ 57.395212][ T3345] loop1: detected capacity change from 0 to 512 [ 57.407768][ T3345] ext4 filesystem being mounted at /253/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 57.421958][ T3268] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 57.431509][ T3268] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 57.440060][ T1870] usb 3-1: USB disconnect, device number 5 [ 57.446476][ T39] usb 7-1: new full-speed USB device number 3 using dummy_hcd [ 57.627373][ T39] usb 7-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 57.635888][ T39] usb 7-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 57.645950][ T39] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 57.646388][ T6] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 57.656228][ T39] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 57.671411][ T39] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 57.679455][ T39] usb 7-1: Product: syz [ 57.683487][ T39] usb 7-1: Manufacturer: syz [ 57.687981][ T39] usb 7-1: SerialNumber: syz [ 57.796339][ T312] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 57.836344][ T6] usb 4-1: Using ep0 maxpacket: 8 [ 57.842377][ T6] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 57.853286][ T6] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 57.862877][ T6] usb 4-1: New USB device found, idVendor=09da, idProduct=022b, bcdDevice= 0.00 [ 57.871749][ T6] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 57.882471][ T6] usb 4-1: config 0 descriptor?? [ 57.912699][ T39] usb 7-1: 0:2 : does not exist [ 57.924785][ T39] usb 7-1: USB disconnect, device number 3 [ 57.988824][ T312] usb 5-1: unable to get BOS descriptor or descriptor too short [ 57.994055][ T1870] hid-generic 00A0:0006:0003.0009: unknown main item tag 0x0 [ 58.007063][ T312] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64 [ 58.014795][ T1870] hid-generic 00A0:0006:0003.0009: unknown main item tag 0x0 [ 58.023979][ T1870] hid-generic 00A0:0006:0003.0009: unknown main item tag 0x0 [ 58.034679][ T312] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 32 [ 58.041664][ T1870] hid-generic 00A0:0006:0003.0009: unknown main item tag 0x0 [ 58.055002][ T312] usb 5-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 58.062704][ T1870] hid-generic 00A0:0006:0003.0009: unknown main item tag 0x0 [ 58.069326][ T312] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 58.084484][ T1870] hid-generic 00A0:0006:0003.0009: unknown main item tag 0x0 [ 58.086946][ T312] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 58.102854][ T1870] hid-generic 00A0:0006:0003.0009: unknown main item tag 0x0 [ 58.116471][ T1870] hid-generic 00A0:0006:0003.0009: unknown main item tag 0x0 [ 58.116726][ T312] usb 5-1: SerialNumber: syz [ 58.133893][ T1870] hid-generic 00A0:0006:0003.0009: unknown main item tag 0x0 [ 58.143560][ T3365] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 58.151278][ T1870] hid-generic 00A0:0006:0003.0009: unknown main item tag 0x0 [ 58.151985][ T321] udevd[321]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory [ 58.166428][ T3365] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 58.181301][ T1870] hid-generic 00A0:0006:0003.0009: unknown main item tag 0x0 [ 58.189419][ T1870] hid-generic 00A0:0006:0003.0009: hidraw0: HID v0.05 Device [syz1] on syz0 [ 58.222877][ T3384] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.230467][ T3384] bridge0: port 1(bridge_slave_0) entered disabled state [ 58.237989][ T3384] device bridge_slave_0 entered promiscuous mode [ 58.240943][ T3383] loop2: detected capacity change from 0 to 40427 [ 58.245065][ T3384] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.262687][ T3384] bridge0: port 2(bridge_slave_1) entered disabled state [ 58.262999][ T3383] F2FS-fs (loop2): invalid crc value [ 58.270445][ T3384] device bridge_slave_1 entered promiscuous mode [ 58.276413][ T3383] F2FS-fs (loop2): Found nat_bits in checkpoint [ 58.293949][ T6] a4tech 0003:09DA:022B.000A: unknown main item tag 0x0 [ 58.304533][ T6] a4tech 0003:09DA:022B.000A: unknown main item tag 0x0 [ 58.316217][ T6] a4tech 0003:09DA:022B.000A: unknown main item tag 0x0 [ 58.320041][ T3383] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4 [ 58.324171][ T6] a4tech 0003:09DA:022B.000A: hidraw1: USB HID v0.00 Device [HID 09da:022b] on usb-dummy_hcd.3-1/input0 [ 58.397328][ T3384] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.403097][ T3365] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 58.404211][ T3384] bridge0: port 2(bridge_slave_1) entered forwarding state [ 58.418256][ T3384] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.423107][ T3365] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 58.425020][ T3384] bridge0: port 1(bridge_slave_0) entered forwarding state [ 58.490981][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 58.508997][ T3400] loop2: detected capacity change from 0 to 2048 [ 58.525519][ T43] bridge0: port 1(bridge_slave_0) entered disabled state [ 58.542869][ T43] bridge0: port 2(bridge_slave_1) entered disabled state [ 58.549333][ T24] usb 4-1: USB disconnect, device number 6 [ 58.566717][ T322] device bridge_slave_1 left promiscuous mode [ 58.574949][ T322] bridge0: port 2(bridge_slave_1) entered disabled state [ 58.583197][ T3400] ext4 filesystem being mounted at /294/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 58.595267][ T322] device bridge_slave_0 left promiscuous mode [ 58.601347][ T322] bridge0: port 1(bridge_slave_0) entered disabled state [ 58.609305][ T322] device veth1_macvtap left promiscuous mode [ 58.615145][ T322] device veth0_vlan left promiscuous mode [ 58.627689][ T3400] fs-verity: sha512 using implementation "sha512-avx2" [ 58.720631][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 58.738977][ T43] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.745990][ T43] bridge0: port 1(bridge_slave_0) entered forwarding state [ 58.755059][ T3402] loop6: detected capacity change from 0 to 40427 [ 58.765528][ T3402] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12 [ 58.773946][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 58.781931][ T3402] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock [ 58.790435][ T43] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.797309][ T43] bridge0: port 2(bridge_slave_1) entered forwarding state [ 58.818194][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 58.826813][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 58.832806][ T3412] loop2: detected capacity change from 0 to 4096 [ 58.835155][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 58.848858][ T312] cdc_ether: probe of 5-1:1.0 failed with error -22 [ 58.849767][ T3402] F2FS-fs (loop6): Found nat_bits in checkpoint [ 58.859394][ T3384] device veth0_vlan entered promiscuous mode [ 58.880666][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 58.896153][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 58.904795][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 58.912975][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 58.926567][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 58.934895][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 58.943804][ T3402] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0 [ 58.959673][ T3402] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5 [ 58.967275][ T3418] bridge0: port 2(bridge_slave_1) entered disabled state [ 58.974281][ T3418] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.034698][ T3402] syz.6.1316: attempt to access beyond end of device [ 59.034698][ T3402] loop6: rw=10241, sector=45096, nr_sectors = 8 limit=40427 [ 59.058654][ T3384] device veth1_macvtap entered promiscuous mode [ 59.123893][ T1593] usb 5-1: USB disconnect, device number 6 [ 59.149870][ T719] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 59.172135][ T719] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 59.186759][ T719] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 59.211784][ T719] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 59.227830][ T719] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 60.008205][ T3501] loop3: detected capacity change from 0 to 1024 [ 60.020097][ T3501] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 60.031373][ T3501] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 60.051065][ T3501] EXT4-fs (loop3): re-mounted. Quota mode: writeback. [ 60.090856][ T3505] loop3: detected capacity change from 0 to 256 [ 60.109049][ T3505] exfat: Deprecated parameter 'utf8' [ 60.116706][ T3505] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 60.276904][ T3514] loop3: detected capacity change from 0 to 1024 [ 60.290996][ T3514] EXT4-fs error (device loop3): ext4_expand_extra_isize_ea:2739: inode #13: comm syz.3.1359: corrupted in-inode xattr [ 60.340482][ T3523] mmap: syz.7.1363 (3523): VmData 28962816 exceed data ulimit 3626. Update limits or use boot option ignore_rlimit_data. [ 60.368914][ T3528] loop7: detected capacity change from 0 to 512 [ 60.387948][ T3528] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode [ 60.399923][ T3528] EXT4-fs (loop7): 1 orphan inode deleted [ 60.406929][ T3528] EXT4-fs (loop7): 1 truncate cleaned up [ 60.415350][ T3528] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 60.432962][ T3528] EXT4-fs (loop7): Remounting filesystem read-only [ 60.440977][ T3528] incfs: Can't find or create .index dir in ./file0 [ 60.447706][ T3528] incfs: mount failed -28 [ 60.505815][ T3540] loop3: detected capacity change from 0 to 2048 [ 60.548472][ T3540] Alternate GPT is invalid, using primary GPT. [ 60.558222][ T3540] loop3: p2 p3 p7 [ 60.590738][ T102] Alternate GPT is invalid, using primary GPT. [ 60.596950][ T102] loop3: p2 p3 p7 [ 60.602745][ T3556] input: syz1 as /devices/virtual/input/input18 [ 60.609316][ T3556] input: failed to attach handler leds to device input18, error: -6 [ 60.629112][ T3558] loop2: detected capacity change from 0 to 512 [ 60.635744][ T3558] EXT4-fs: Ignoring removed nomblk_io_submit option [ 60.657829][ T764] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 60.672702][ T3558] EXT4-fs error (device loop2): ext4_acquire_dquot:6781: comm syz.2.1378: Failed to acquire dquot type 0 [ 60.685995][ T3558] EXT4-fs (loop2): Remounting filesystem read-only [ 60.693414][ T3558] EXT4-fs error (device loop2): ext4_acquire_dquot:6781: comm syz.2.1378: Failed to acquire dquot type 0 [ 60.699596][ T764] udevd[764]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory [ 60.714741][ T3558] EXT4-fs (loop2): Remounting filesystem read-only [ 60.717063][ T321] udevd[321]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory [ 60.732480][ T767] udevd[767]: inotify_add_watch(7, /dev/loop3p7, 10) failed: No such file or directory [ 60.742275][ T3558] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2925: inode #16: comm syz.2.1378: corrupted xattr block 8 [ 60.766638][ T3558] EXT4-fs (loop2): Remounting filesystem read-only [ 60.776240][ T3558] EXT4-fs warning (device loop2): ext4_evict_inode:299: xattr delete (err -117) [ 60.785151][ T3558] EXT4-fs (loop2): 1 orphan inode deleted [ 60.791752][ T3558] ext4 filesystem being mounted at /315/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 60.825142][ T3576] loop7: detected capacity change from 0 to 256 [ 60.859257][ T3576] FAT-fs (loop7): Directory bread(block 64) failed [ 60.874835][ T3576] FAT-fs (loop7): Directory bread(block 65) failed [ 60.883126][ T3576] FAT-fs (loop7): Directory bread(block 66) failed [ 60.890456][ T3576] FAT-fs (loop7): Directory bread(block 67) failed [ 60.907567][ T3576] FAT-fs (loop7): Directory bread(block 68) failed [ 60.918799][ T3576] FAT-fs (loop7): Directory bread(block 69) failed [ 60.925179][ T3576] FAT-fs (loop7): Directory bread(block 70) failed [ 60.934317][ T3594] input: syz0 as /devices/virtual/input/input19 [ 60.937199][ T3576] FAT-fs (loop7): Directory bread(block 71) failed [ 60.947157][ T3576] FAT-fs (loop7): Directory bread(block 72) failed [ 60.953599][ T3576] FAT-fs (loop7): Directory bread(block 73) failed [ 60.973510][ T3597] loop3: detected capacity change from 0 to 256 [ 61.072457][ T10] kworker/u4:1: attempt to access beyond end of device [ 61.072457][ T10] loop7: rw=1, sector=1224, nr_sectors = 12 limit=256 [ 61.081757][ T3613] netlink: 50 bytes leftover after parsing attributes in process `syz.3.1405'. [ 61.249612][ T3646] netlink: 'syz.4.1419': attribute type 1 has an invalid length. [ 61.257536][ T3646] netlink: 'syz.4.1419': attribute type 2 has an invalid length. [ 61.285775][ T3651] tun0: tun_chr_ioctl cmd 1074025675 [ 61.296502][ T3651] tun0: persist enabled [ 61.307402][ T3651] tun0: tun_chr_ioctl cmd 1074025675 [ 61.315717][ T3651] tun0: persist disabled [ 61.338158][ T3659] xt_hashlimit: size too large, truncated to 1048576 [ 61.346347][ T1958] Bluetooth: hci0: command 0x1003 tx timeout [ 61.352200][ T45] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 61.362610][ T3441] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 61.402987][ T3664] loop2: detected capacity change from 0 to 256 [ 61.404196][ T3666] loop7: detected capacity change from 0 to 512 [ 61.423126][ T3664] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 61.474244][ T3666] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode [ 61.491768][ T3671] loop6: detected capacity change from 0 to 128 [ 61.517596][ T3666] EXT4-fs (loop7): 1 truncate cleaned up [ 61.517599][ T3671] ext4 filesystem being mounted at /151/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 61.744290][ T3695] loop2: detected capacity change from 0 to 2048 [ 61.789129][ T3695] Alternate GPT is invalid, using primary GPT. [ 61.805917][ T3695] loop2: p2 p3 p7 [ 61.968827][ T3698] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.018551][ T3698] bridge0: port 1(bridge_slave_0) entered disabled state [ 62.046167][ T3698] device bridge_slave_0 entered promiscuous mode [ 62.073927][ T3698] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.113006][ T3698] bridge0: port 2(bridge_slave_1) entered disabled state [ 62.124459][ T3710] loop2: detected capacity change from 0 to 512 [ 62.145135][ T3698] device bridge_slave_1 entered promiscuous mode [ 62.217759][ T3710] ext4 filesystem being mounted at /333/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 62.272159][ T3710] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 62.337645][ T3710] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 23 with error 28 [ 62.393103][ T3698] ================================================================== [ 62.399666][ T3717] input: syz0 as /devices/virtual/input/input20 [ 62.400988][ T3698] BUG: KASAN: use-after-free in enqueue_timer+0xa6/0x480 [ 62.410096][ T3710] EXT4-fs (loop2): This should not happen!! Data will be lost [ 62.410096][ T3710] [ 62.413921][ T3698] Write of size 8 at addr ffff888126688a00 by task syz-executor/3698 [ 62.431286][ T3698] [ 62.432188][ T3710] EXT4-fs (loop2): Total free blocks count 0 Connection to 10.128.1.135 closed by remote host. [ 62.433448][ T3698] CPU: 1 PID: 3698 Comm: syz-executor Not tainted 6.1.124-syzkaller-00114-g2055772eada0 #0 [ 62.441702][ T3710] EXT4-fs (loop2): Free/Dirty block details [ 62.449072][ T3698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 62.449086][ T3698] Call Trace: [ 62.449092][ T3698] [ 62.449098][ T3698] dump_stack_lvl+0x151/0x1b7 [ 62.449122][ T3698] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 62.449138][ T3698] ? _printk+0xd1/0x111 [ 62.449153][ T3698] ? __virt_addr_valid+0x242/0x2f0 [ 62.449174][ T3698] print_report+0x158/0x4e0 [ 62.449192][ T3698] ? __virt_addr_valid+0x242/0x2f0 [ 62.449211][ T3698] ? kasan_complete_mode_report_info+0x90/0x1b0 [ 62.464438][ T28] kauditd_printk_skb: 162 callbacks suppressed [ 62.464454][ T28] audit: type=1400 audit(2000000038.202:693): avc: denied { write } for pid=281 comm="syz-executor" path="pipe:[13883]" dev="pipefs" ino=13883 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 62.464798][ T3698] ? enqueue_timer+0xa6/0x480 [ 62.538308][ T3698] kasan_report+0x13c/0x170 [ 62.542651][ T3698] ? enqueue_timer+0xa6/0x480 [ 62.547156][ T3698] __asan_report_store8_noabort+0x17/0x20 [ 62.552710][ T3698] enqueue_timer+0xa6/0x480 [ 62.557050][ T3698] __mod_timer+0x8d3/0xcf0 [ 62.561329][ T3698] ? mod_timer_pending+0x30/0x30 [ 62.566075][ T3698] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 62.571462][ T3698] ? _raw_spin_lock+0x1b0/0x1b0 [ 62.576152][ T3698] ? __stack_depot_save+0x36/0x480 [ 62.581098][ T3698] add_timer+0x68/0x80 [ 62.585000][ T3698] __queue_delayed_work+0x16d/0x1f0 [ 62.590036][ T3698] queue_delayed_work_on+0x10f/0x180 [ 62.595156][ T3698] ? linkwatch_fire_event+0x1e4/0x240 [ 62.600364][ T3698] ? delayed_work_timer_fn+0x80/0x80 [ 62.605483][ T3698] ? netlink_unicast+0x906/0xab0 [ 62.610259][ T3698] ? __sys_sendto+0x480/0x600 [ 62.614770][ T3698] ? __x64_sys_sendto+0xe5/0x100 [ 62.619546][ T3698] ? x64_sys_call+0x15c/0x9a0 [ 62.624090][ T3698] ? entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 62.629960][ T3698] linkwatch_schedule_work+0x168/0x190 [ 62.635253][ T3698] linkwatch_fire_event+0x211/0x240 [ 62.640288][ T3698] register_vlan_dev+0x36f/0x5e0 [ 62.645063][ T3698] vlan_newlink+0x45c/0x5a0 [ 62.649408][ T3698] ? vlan_validate+0x670/0x670 [ 62.653999][ T3698] rtnl_newlink+0x14c6/0x2030 [ 62.658515][ T3698] ? rtnl_newlink+0x461/0x2030 [ 62.663116][ T3698] ? rtnl_setlink+0x560/0x560 [ 62.667626][ T3698] ? selinux_capable+0x2f1/0x430 [ 62.672404][ T3698] ? __mutex_lock_slowpath+0xe/0x10 [ 62.677436][ T3698] ? bit_wait_io_timeout+0x120/0x120 [ 62.682557][ T3698] ? ns_capable+0x89/0xe0 [ 62.686723][ T3698] ? netlink_net_capable+0x125/0x160 [ 62.691839][ T3698] ? rtnl_setlink+0x560/0x560 [ 62.696353][ T3698] rtnetlink_rcv_msg+0x9a5/0xca0 [ 62.701131][ T3698] ? 0xffffffffa0000954 [ 62.705120][ T3698] ? rtnetlink_bind+0x80/0x80 [ 62.709903][ T3698] ? kernel_text_address+0xa9/0xe0 [ 62.715113][ T3698] ? __kernel_text_address+0xd/0x40 [ 62.720135][ T3698] ? unwind_get_return_address+0x4d/0x90 [ 62.725603][ T3698] ? arch_stack_walk+0xf3/0x140 [ 62.730294][ T3698] ? avc_has_perm_noaudit+0x348/0x430 [ 62.735504][ T3698] ? memcpy+0x56/0x70 [ 62.739316][ T3698] ? avc_has_perm_noaudit+0x2dd/0x430 [ 62.744523][ T3698] ? avc_denied+0x1b0/0x1b0 [ 62.748865][ T3698] ? avc_has_perm+0x16f/0x260 [ 62.753375][ T3698] ? __alloc_skb+0x125/0x2d0 [ 62.757803][ T3698] ? netlink_sendmsg+0x7a6/0xd30 [ 62.762576][ T3698] ? avc_has_perm_noaudit+0x430/0x430 [ 62.767784][ T3698] netlink_rcv_skb+0x1cd/0x410 [ 62.772384][ T3698] ? rtnetlink_bind+0x80/0x80 [ 62.776897][ T3698] ? netlink_ack+0x12a0/0x12a0 [ 62.781502][ T3698] ? __netlink_lookup+0x37b/0x3a0 [ 62.786359][ T3698] rtnetlink_rcv+0x1c/0x20 [ 62.790610][ T3698] netlink_unicast+0x906/0xab0 [ 62.795220][ T3698] ? netlink_detachskb+0x90/0x90 [ 62.799985][ T3698] ? security_netlink_send+0x7b/0xa0 [ 62.805103][ T3698] netlink_sendmsg+0xa15/0xd30 [ 62.809707][ T3698] ? netlink_getsockopt+0x540/0x540 [ 62.814743][ T3698] ? security_socket_sendmsg+0x82/0xb0 [ 62.820032][ T3698] ? netlink_getsockopt+0x540/0x540 [ 62.825066][ T3698] __sys_sendto+0x480/0x600 [ 62.829405][ T3698] ? __ia32_sys_getpeername+0x90/0x90 [ 62.834614][ T3698] ? unlock_page_memcg+0x160/0x160 [ 62.839566][ T3698] ? debug_smp_processor_id+0x17/0x20 [ 62.844866][ T3698] __x64_sys_sendto+0xe5/0x100 [ 62.849458][ T3698] x64_sys_call+0x15c/0x9a0 [ 62.853796][ T3698] do_syscall_64+0x3b/0xb0 [ 62.858052][ T3698] ? clear_bhb_loop+0x55/0xb0 [ 62.862564][ T3698] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 62.868300][ T3698] RIP: 0033:0x7fb50d58ebe3 [ 62.872542][ T3698] Code: 64 89 02 48 c7 c0 ff ff ff ff eb b7 66 2e 0f 1f 84 00 00 00 00 00 90 80 3d 61 e9 1e 00 00 41 89 ca 74 14 b8 2c 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 75 c3 0f 1f 40 00 55 48 83 ec 30 44 89 4c 24 [ 62.891985][ T3698] RSP: 002b:00007ffd64f465b8 EFLAGS: 00000202 ORIG_RAX: 000000000000002c [ 62.900232][ T3698] RAX: ffffffffffffffda RBX: 00007fb50e2d4620 RCX: 00007fb50d58ebe3 [ 62.908043][ T3698] RDX: 0000000000000054 RSI: 00007fb50e2d4670 RDI: 0000000000000003 [ 62.916376][ T3698] RBP: 0000000000000001 R08: 00007ffd64f465d4 R09: 000000000000000c [ 62.924189][ T3698] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000003 [ 62.932001][ T3698] R13: 0000000000000000 R14: 00007fb50e2d4670 R15: 0000000000000000 [ 62.939923][ T3698] [ 62.942774][ T3698] [ 62.944945][ T3698] Allocated by task 3441: [ 62.949111][ T3698] kasan_set_track+0x4b/0x70 [ 62.953538][ T3698] kasan_save_alloc_info+0x1f/0x30 [ 62.958484][ T3698] __kasan_kmalloc+0x9c/0xb0 [ 62.962910][ T3698] __kmalloc+0xb4/0x1e0 [ 62.966900][ T3698] hci_alloc_dev_priv+0x27/0x1c00 [ 62.971762][ T3698] hci_uart_tty_ioctl+0x401/0xa70 [ 62.976630][ T3698] tty_ioctl+0x903/0xc50 [ 62.980710][ T3698] __se_sys_ioctl+0x114/0x190 [ 62.985221][ T3698] __x64_sys_ioctl+0x7b/0x90 [ 62.989643][ T3698] x64_sys_call+0x98/0x9a0 [ 62.993895][ T3698] do_syscall_64+0x3b/0xb0 [ 62.998147][ T3698] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 63.003877][ T3698] [ 63.006046][ T3698] Freed by task 3441: [ 63.009866][ T3698] kasan_set_track+0x4b/0x70 [ 63.014295][ T3698] kasan_save_free_info+0x2b/0x40 [ 63.019157][ T3698] ____kasan_slab_free+0x131/0x180 [ 63.024096][ T3698] __kasan_slab_free+0x11/0x20 [ 63.028697][ T3698] __kmem_cache_free+0x21d/0x410 [ 63.033473][ T3698] kfree+0x7a/0xf0 [ 63.037029][ T3698] hci_release_dev+0x14d3/0x1640 [ 63.041804][ T3698] bt_host_release+0x83/0xa0 [ 63.046230][ T3698] device_release+0x95/0x1c0 [ 63.050656][ T3698] kobject_put+0x178/0x260 [ 63.054907][ T3698] put_device+0x1f/0x30 [ 63.058908][ T3698] hci_dev_cmd+0x2be/0x9b0 [ 63.063153][ T3698] hci_sock_ioctl+0x415/0x7f0 [ 63.067674][ T3698] sock_do_ioctl+0x152/0x450 [ 63.072102][ T3698] sock_ioctl+0x455/0x740 [ 63.076294][ T3698] __se_sys_ioctl+0x114/0x190 [ 63.080774][ T3698] __x64_sys_ioctl+0x7b/0x90 [ 63.085202][ T3698] x64_sys_call+0x98/0x9a0 [ 63.089455][ T3698] do_syscall_64+0x3b/0xb0 [ 63.093705][ T3698] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 63.099432][ T3698] [ 63.101602][ T3698] Last potentially related work creation: [ 63.107158][ T3698] kasan_save_stack+0x3b/0x60 [ 63.111672][ T3698] __kasan_record_aux_stack+0xb4/0xc0 [ 63.116877][ T3698] kasan_record_aux_stack_noalloc+0xb/0x10 [ 63.122518][ T3698] insert_work+0x56/0x310 [ 63.126684][ T3698] __queue_work+0x9b6/0xd70 [ 63.131024][ T3698] queue_work_on+0x105/0x170 [ 63.135449][ T3698] __hci_cmd_sync_sk+0xc2a/0xf70 [ 63.140238][ T3698] hci_cmd_sync_status+0x52/0x130 [ 63.145087][ T3698] hci_dev_cmd+0x39e/0x9b0 [ 63.149340][ T3698] hci_sock_ioctl+0x415/0x7f0 [ 63.153852][ T3698] sock_do_ioctl+0x152/0x450 [ 63.158276][ T3698] sock_ioctl+0x455/0x740 [ 63.162442][ T3698] __se_sys_ioctl+0x114/0x190 [ 63.166958][ T3698] __x64_sys_ioctl+0x7b/0x90 [ 63.171384][ T3698] x64_sys_call+0x98/0x9a0 [ 63.175636][ T3698] do_syscall_64+0x3b/0xb0 [ 63.179888][ T3698] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 63.185618][ T3698] [ 63.187784][ T3698] Second to last potentially related work creation: [ 63.194212][ T3698] kasan_save_stack+0x3b/0x60 [ 63.198724][ T3698] __kasan_record_aux_stack+0xb4/0xc0 [ 63.203931][ T3698] kasan_record_aux_stack_noalloc+0xb/0x10 [ 63.209570][ T3698] insert_work+0x56/0x310 [ 63.213738][ T3698] __queue_work+0x9b6/0xd70 [ 63.218076][ T3698] queue_work_on+0x105/0x170 [ 63.222500][ T3698] hci_cmd_timeout+0x199/0x200 [ 63.227102][ T3698] process_one_work+0x73d/0xcb0 [ 63.231788][ T3698] worker_thread+0xa60/0x1260 [ 63.236302][ T3698] kthread+0x26d/0x300 [ 63.240208][ T3698] ret_from_fork+0x1f/0x30 [ 63.244467][ T3698] [ 63.246630][ T3698] The buggy address belongs to the object at ffff888126688000 [ 63.246630][ T3698] which belongs to the cache kmalloc-8k of size 8192 [ 63.260522][ T3698] The buggy address is located 2560 bytes inside of [ 63.260522][ T3698] 8192-byte region [ffff888126688000, ffff88812668a000) [ 63.273796][ T3698] [ 63.275972][ T3698] The buggy address belongs to the physical page: [ 63.282227][ T3698] page:ffffea000499a200 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x126688 [ 63.292282][ T3698] head:ffffea000499a200 order:3 compound_mapcount:0 compound_pincount:0 [ 63.300443][ T3698] flags: 0x4000000000010200(slab|head|zone=1) [ 63.306349][ T3698] raw: 4000000000010200 ffffea0004c3ec00 dead000000000002 ffff888100043500 [ 63.314781][ T3698] raw: 0000000000000000 0000000000020002 00000001ffffffff 0000000000000000 [ 63.323274][ T3698] page dumped because: kasan: bad access detected [ 63.329531][ T3698] page_owner tracks the page as allocated [ 63.335070][ T3698] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 2949, tgid 2948 (syz.6.1116), ts 53882096458, free_ts 53729339084 [ 63.357466][ T3698] post_alloc_hook+0x213/0x220 [ 63.362065][ T3698] prep_new_page+0x1b/0x110 [ 63.366402][ T3698] get_page_from_freelist+0x2f41/0x2fc0 [ 63.371796][ T3698] __alloc_pages+0x234/0x610 [ 63.376210][ T3698] alloc_slab_page+0x6c/0xf0 [ 63.380637][ T3698] new_slab+0x90/0x3e0 [ 63.384540][ T3698] ___slab_alloc+0x6f9/0xb80 [ 63.388969][ T3698] __slab_alloc+0x5d/0xa0 [ 63.393134][ T3698] __kmem_cache_alloc_node+0x207/0x2a0 [ 63.398427][ T3698] __kmalloc_node+0xa3/0x1e0 [ 63.402857][ T3698] kvmalloc_node+0x221/0x640 [ 63.407281][ T3698] f2fs_build_segment_manager+0xf8a/0x2a10 [ 63.412922][ T3698] f2fs_fill_super+0x4ff3/0x6dc0 [ 63.417695][ T3698] mount_bdev+0x282/0x3b0 [ 63.421863][ T3698] f2fs_mount+0x34/0x40 [ 63.425861][ T3698] legacy_get_tree+0xf1/0x190 [ 63.430372][ T3698] page last free stack trace: [ 63.434890][ T3698] free_unref_page_prepare+0x9f1/0xa00 [ 63.440175][ T3698] free_unref_page+0xb2/0x5c0 [ 63.444690][ T3698] __free_pages+0x61/0xf0 [ 63.448886][ T3698] __free_slab+0xce/0x1a0 [ 63.453026][ T3698] __unfreeze_partials+0x165/0x1a0 [ 63.457969][ T3698] put_cpu_partial+0xa9/0x100 [ 63.462482][ T3698] __slab_free+0x1c8/0x280 [ 63.466735][ T3698] ___cache_free+0xc6/0xd0 [ 63.470987][ T3698] qlist_free_all+0xc5/0x140 [ 63.475413][ T3698] kasan_quarantine_reduce+0x15a/0x180 [ 63.480708][ T3698] __kasan_slab_alloc+0x24/0x80 [ 63.485396][ T3698] slab_post_alloc_hook+0x53/0x2c0 [ 63.490373][ T3698] kmem_cache_alloc+0x175/0x320 [ 63.495027][ T3698] getname_flags+0xba/0x520 [ 63.499366][ T3698] __x64_sys_rename+0x5f/0x90 [ 63.503888][ T3698] x64_sys_call+0x266/0x9a0 [ 63.508220][ T3698] [ 63.510389][ T3698] Memory state around the buggy address: [ 63.515865][ T3698] ffff888126688900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 63.523758][ T3698] ffff888126688980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 63.531655][ T3698] >ffff888126688a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 63.539553][ T3698] ^ [ 63.543580][ T3698] ffff888126688a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 63.551478][ T3698] ffff888126688b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 63.559363][ T3698] ================================================================== [ 63.567262][ T3698] Disabling lock debugging due to kernel taint [ 63.573739][ C1] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN [ 63.585273][ C1] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] [ 63.593517][ C1] CPU: 1 PID: 3698 Comm: syz-executor Tainted: G B 6.1.124-syzkaller-00114-g2055772eada0 #0 [ 63.604796][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 63.614690][ C1] RIP: 0010:__queue_work+0x4f1/0xd70 [ 63.619811][ C1] Code: 39 03 0f 84 40 01 00 00 e8 5c 6c 2a 00 4c 89 e7 e8 34 29 d7 03 49 bd 00 00 00 00 00 fc ff df 4c 8b 65 d0 4c 89 f0 48 c1 e8 03 <42> 80 3c 28 00 74 08 4c 89 f7 e8 70 f2 71 00 49 8b 3e e8 e8 21 d7 [ 63.639254][ C1] RSP: 0018:ffffc900001b0c78 EFLAGS: 00010046 [ 63.645151][ C1] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffff888112819440 [ 63.652973][ C1] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff [ 63.660949][ C1] RBP: ffffc900001b0d00 R08: ffffffff814b261b R09: 0000000000000007 [ 63.668763][ C1] R10: ffffffffffffffff R11: dffffc0000000001 R12: ffff8881266889c8 [ 63.676571][ C1] R13: dffffc0000000000 R14: 0000000000000000 R15: ffff8881266889e0 [ 63.684381][ C1] FS: 000055556f7fc500(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 63.693150][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 63.699571][ C1] CR2: 00007f0f6014dd58 CR3: 000000013c422000 CR4: 00000000003506a0 [ 63.707383][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 63.715193][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 63.723006][ C1] Call Trace: [ 63.726129][ C1] [ 63.728823][ C1] ? __die_body+0x62/0xb0 [ 63.732986][ C1] ? die_addr+0x9f/0xd0 [ 63.736978][ C1] ? exc_general_protection+0x317/0x4c0 [ 63.742362][ C1] ? cpu_curr_snapshot+0x200/0x200 [ 63.747308][ C1] ? asm_exc_general_protection+0x27/0x30 [ 63.752861][ C1] ? __queue_work+0x28b/0xd70 [ 63.757389][ C1] ? __queue_work+0x4f1/0xd70 [ 63.761888][ C1] ? __queue_work+0x29c/0xd70 [ 63.766402][ C1] delayed_work_timer_fn+0x61/0x80 [ 63.771360][ C1] ? queue_work_node+0x1d0/0x1d0 [ 63.776119][ C1] call_timer_fn+0x3b/0x2d0 [ 63.780465][ C1] ? queue_work_node+0x1d0/0x1d0 [ 63.785234][ C1] __run_timers+0x756/0xa10 [ 63.789625][ C1] ? calc_index+0x270/0x270 [ 63.793932][ C1] ? asm_common_interrupt+0x27/0x40 [ 63.798947][ C1] run_timer_softirq+0x69/0xf0 [ 63.803554][ C1] handle_softirqs+0x1db/0x650 [ 63.808152][ C1] ? irqtime_account_irq+0xdc/0x260 [ 63.813183][ C1] __irq_exit_rcu+0x52/0xf0 [ 63.817530][ C1] irq_exit_rcu+0x9/0x10 [ 63.821611][ C1] sysvec_apic_timer_interrupt+0xa9/0xc0 [ 63.827072][ C1] [ 63.829845][ C1] [ 63.832632][ C1] asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 63.838441][ C1] RIP: 0010:preempt_schedule_irq+0xc2/0x140 [ 63.844794][ C1] Code: 4c 89 e7 e8 10 93 9c fc f6 44 24 21 02 74 0b 0f 0b 48 f7 03 08 00 00 00 74 4d bf 01 00 00 00 e8 24 22 2f fc fb bf 01 00 00 00 99 e4 ff ff fa bf 01 00 00 00 e8 ae 23 2f fc 65 48 8b 1d 96 e5 [ 63.864215][ C1] RSP: 0018:ffffc9000bd66f00 EFLAGS: 00000246 [ 63.870111][ C1] RAX: 1ffff110225033e1 RBX: 1ffff920017acde4 RCX: ffffffff85228700 [ 63.877923][ C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 63.885734][ C1] RBP: ffffc9000bd66f80 R08: dffffc0000000000 R09: ffffed1022503289 [ 63.893547][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: ffffc9000bd66f20 [ 63.901361][ C1] R13: 0000000000000000 R14: dffffc0000000000 R15: 1ffff920017acde0 [ 63.909174][ C1] ? queued_write_lock_slowpath+0x490/0x547 [ 63.914899][ C1] ? preempt_schedule_notrace+0x140/0x140 [ 63.920460][ C1] ? mod_timer_pending+0x30/0x30 [ 63.925224][ C1] raw_irqentry_exit_cond_resched+0x2a/0x30 [ 63.930957][ C1] irqentry_exit+0x30/0x40 [ 63.935208][ C1] sysvec_reschedule_ipi+0x8f/0x170 [ 63.940242][ C1] asm_sysvec_reschedule_ipi+0x1b/0x20 [ 63.945536][ C1] RIP: 0010:queue_delayed_work_on+0x142/0x180 [ 63.951443][ C1] Code: 00 31 ff e8 90 64 2a 00 49 81 e4 00 02 00 00 49 be 00 00 00 00 00 fc ff df 75 07 e8 38 60 2a 00 eb 06 e8 31 60 2a 00 fb 84 db <0f> 94 c0 48 c7 44 24 20 0e 36 e0 45 4b c7 04 3e 00 00 00 00 65 48 [ 63.970891][ C1] RSP: 0018:ffffc9000bd67080 EFLAGS: 00000246 [ 63.976778][ C1] RAX: ffffffff814b348f RBX: 0000000000000000 RCX: ffff888112819440 [ 63.984589][ C1] RDX: 0000000000000000 RSI: 0000000000000200 RDI: 0000000000000000 [ 63.992408][ C1] RBP: ffffc9000bd67140 R08: ffffffff814b3470 R09: ffffed103ede4f77 [ 64.000212][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000200 [ 64.008023][ C1] R13: ffffffff877841c0 R14: dffffc0000000000 R15: 1ffff920017ace14 [ 64.015842][ C1] ? queue_delayed_work_on+0x120/0x180 [ 64.021144][ C1] ? queue_delayed_work_on+0x13f/0x180 [ 64.026431][ C1] ? linkwatch_fire_event+0x1e4/0x240 [ 64.031635][ C1] ? delayed_work_timer_fn+0x80/0x80 [ 64.036754][ C1] ? netlink_unicast+0x906/0xab0 [ 64.041646][ C1] ? __sys_sendto+0x480/0x600 [ 64.046259][ C1] ? __x64_sys_sendto+0xe5/0x100 [ 64.051028][ C1] ? x64_sys_call+0x15c/0x9a0 [ 64.055545][ C1] ? entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 64.061447][ C1] linkwatch_schedule_work+0x168/0x190 [ 64.066738][ C1] linkwatch_fire_event+0x211/0x240 [ 64.071773][ C1] register_vlan_dev+0x36f/0x5e0 [ 64.076549][ C1] vlan_newlink+0x45c/0x5a0 [ 64.080885][ C1] ? vlan_validate+0x670/0x670 [ 64.085483][ C1] rtnl_newlink+0x14c6/0x2030 [ 64.090009][ C1] ? rtnl_newlink+0x461/0x2030 [ 64.094602][ C1] ? rtnl_setlink+0x560/0x560 [ 64.099110][ C1] ? selinux_capable+0x2f1/0x430 [ 64.103885][ C1] ? __mutex_lock_slowpath+0xe/0x10 [ 64.108919][ C1] ? bit_wait_io_timeout+0x120/0x120 [ 64.114040][ C1] ? ns_capable+0x89/0xe0 [ 64.118293][ C1] ? netlink_net_capable+0x125/0x160 [ 64.123410][ C1] ? rtnl_setlink+0x560/0x560 [ 64.127926][ C1] rtnetlink_rcv_msg+0x9a5/0xca0 [ 64.132700][ C1] ? 0xffffffffa0000954 [ 64.136692][ C1] ? rtnetlink_bind+0x80/0x80 [ 64.141206][ C1] ? kernel_text_address+0xa9/0xe0 [ 64.146152][ C1] ? __kernel_text_address+0xd/0x40 [ 64.151185][ C1] ? unwind_get_return_address+0x4d/0x90 [ 64.156652][ C1] ? arch_stack_walk+0xf3/0x140 [ 64.161345][ C1] ? avc_has_perm_noaudit+0x348/0x430 [ 64.166548][ C1] ? memcpy+0x56/0x70 [ 64.170366][ C1] ? avc_has_perm_noaudit+0x2dd/0x430 [ 64.175576][ C1] ? avc_denied+0x1b0/0x1b0 [ 64.179917][ C1] ? avc_has_perm+0x16f/0x260 [ 64.184426][ C1] ? __alloc_skb+0x125/0x2d0 [ 64.188853][ C1] ? netlink_sendmsg+0x7a6/0xd30 [ 64.193626][ C1] ? avc_has_perm_noaudit+0x430/0x430 [ 64.198835][ C1] netlink_rcv_skb+0x1cd/0x410 [ 64.203436][ C1] ? rtnetlink_bind+0x80/0x80 [ 64.207950][ C1] ? netlink_ack+0x12a0/0x12a0 [ 64.212555][ C1] ? __netlink_lookup+0x37b/0x3a0 [ 64.217407][ C1] rtnetlink_rcv+0x1c/0x20 [ 64.221660][ C1] netlink_unicast+0x906/0xab0 [ 64.226261][ C1] ? netlink_detachskb+0x90/0x90 [ 64.231033][ C1] ? security_netlink_send+0x7b/0xa0 [ 64.236155][ C1] netlink_sendmsg+0xa15/0xd30 [ 64.241278][ C1] ? netlink_getsockopt+0x540/0x540 [ 64.246311][ C1] ? security_socket_sendmsg+0x82/0xb0 [ 64.251604][ C1] ? netlink_getsockopt+0x540/0x540 [ 64.256723][ C1] __sys_sendto+0x480/0x600 [ 64.261062][ C1] ? __ia32_sys_getpeername+0x90/0x90 [ 64.266275][ C1] ? unlock_page_memcg+0x160/0x160 [ 64.271217][ C1] ? debug_smp_processor_id+0x17/0x20 [ 64.276431][ C1] __x64_sys_sendto+0xe5/0x100 [ 64.281026][ C1] x64_sys_call+0x15c/0x9a0 [ 64.285362][ C1] do_syscall_64+0x3b/0xb0 [ 64.289617][ C1] ? clear_bhb_loop+0x55/0xb0 [ 64.294130][ C1] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 64.299858][ C1] RIP: 0033:0x7fb50d58ebe3 [ 64.304111][ C1] Code: 64 89 02 48 c7 c0 ff ff ff ff eb b7 66 2e 0f 1f 84 00 00 00 00 00 90 80 3d 61 e9 1e 00 00 41 89 ca 74 14 b8 2c 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 75 c3 0f 1f 40 00 55 48 83 ec 30 44 89 4c 24 [ 64.323554][ C1] RSP: 002b:00007ffd64f465b8 EFLAGS: 00000202 ORIG_RAX: 000000000000002c [ 64.331796][ C1] RAX: ffffffffffffffda RBX: 00007fb50e2d4620 RCX: 00007fb50d58ebe3 [ 64.339609][ C1] RDX: 0000000000000054 RSI: 00007fb50e2d4670 RDI: 0000000000000003 [ 64.347950][ C1] RBP: 0000000000000001 R08: 00007ffd64f465d4 R09: 000000000000000c [ 64.355846][ C1] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000003 [ 64.363658][ C1] R13: 0000000000000000 R14: 00007fb50e2d4670 R15: 0000000000000000 [ 64.371472][ C1] [ 64.374331][ C1] Modules linked in: [ 64.378068][ C1] ---[ end trace 0000000000000000 ]--- [ 64.383357][ C1] RIP: 0010:__queue_work+0x4f1/0xd70 [ 64.388481][ C1] Code: 39 03 0f 84 40 01 00 00 e8 5c 6c 2a 00 4c 89 e7 e8 34 29 d7 03 49 bd 00 00 00 00 00 fc ff df 4c 8b 65 d0 4c 89 f0 48 c1 e8 03 <42> 80 3c 28 00 74 08 4c 89 f7 e8 70 f2 71 00 49 8b 3e e8 e8 21 d7 [ 64.407920][ C1] RSP: 0018:ffffc900001b0c78 EFLAGS: 00010046 [ 64.413819][ C1] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffff888112819440 [ 64.421630][ C1] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff [ 64.429444][ C1] RBP: ffffc900001b0d00 R08: ffffffff814b261b R09: 0000000000000007 [ 64.437357][ C1] R10: ffffffffffffffff R11: dffffc0000000001 R12: ffff8881266889c8 [ 64.445159][ C1] R13: dffffc0000000000 R14: 0000000000000000 R15: ffff8881266889e0 [ 64.452973][ C1] FS: 000055556f7fc500(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 64.461824][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 64.468511][ C1] CR2: 00007f0f6014dd58 CR3: 000000013c422000 CR4: 00000000003506a0 [ 64.476321][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 64.484129][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 64.491956][ C1] Kernel panic - not syncing: Fatal exception in interrupt [ 64.499564][ C1] Kernel Offset: disabled [ 64.503679][ C1] Rebooting in 86400 seconds..