last executing test programs: 2.979965714s ago: executing program 0: recvmmsg(0xffffffffffffffff, &(0x7f0000005040)=[{{0x0, 0x0, &(0x7f0000001b40)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {&(0x7f0000000980)=""/17, 0x11}], 0x7}}], 0x1, 0x0, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x24, &(0x7f0000000280)=0x1, 0x4) shutdown(r0, 0x0) recvmmsg(r0, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}}], 0x300, 0x0, 0x0) 2.966688497s ago: executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000000), 0xffffffffffffffff) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10) sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=ANY=[@ANYBLOB="c8010000", @ANYRES16=r1, @ANYBLOB="0100000000000000000001000000060006000000000024000300a0cb879a47f5bc644c0e693fa6d031c74a1553b6e901b9ff2f518c78042fb5426c010880f4000080060005000180000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff240002001bc715ee4868b12a49f4df11bc05475489f6a27c4d6483ad2fa5e45903b0ce851400040002000000ac1414aa00000000000000008c00098028000080060001000a00000014000200ff020000000000000000000000000001050003000000000028000080060001000a000000140002000000000000000000000000000000000105000300030000001c000080060001000200da0008000200e000000105000300000000001c000080060001000200000008000200ac141400050003000000000074000080200004000a004e2200000000fc0000000000000000000000000000000400000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff080003000100000024000200cde20bc0d9b90ac13642d7b66459dd9db5e20b4b16d3d23f2cb03a8aa417dce6080007000000000014000200776730"], 0x1c8}}, 0x0) 2.938890421s ago: executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'geneve1\x00', 0x112}) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1], 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000001b40)='sched_switch\x00', r2}, 0x10) ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{}]}) 2.876474321s ago: executing program 0: syz_emit_ethernet(0x6e, &(0x7f0000000a40)={@broadcast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "000210", 0x38, 0x3a, 0x0, @private1, @mcast2, {[], @time_exceed={0x3, 0x0, 0x0, 0x0, '\x00', {0x0, 0x6, "45dd6e", 0x0, 0x2f, 0x0, @empty, @private2, [@fragment={0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x68}]}}}}}}}, 0x0) 2.868709601s ago: executing program 0: mkdir(0x0, 0x0) memfd_create(&(0x7f0000000180)='-B\xd5NI\xc5j\x9appp\xf0\b\x84\xa2m\x00\v\x18\x004\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\xca\xd7Uw\x00\xbc\xfa2\xb3\xbb\x8d\xac\xacva}knh#\xcf)\x0f\xc8\xc0:\x9cc\x10d\xee\xa9\x8b\x066\xb8G\xd1c\xe1$\xff\x97k\xde\xc5\xe96\xddU)\xc98M\xcd\xfb\xcc\x82n=\x7f=\xcdJx\xaa\x8f~\xb90a\xa9\xb2\x04K\x98\x93=\xabQ\xf7\x05\x1d\xa1\xce\x8b\x19\xea\xef\xe3', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) write$FUSE_BMAP(0xffffffffffffffff, &(0x7f0000000080)={0x18}, 0x18) ioctl$FS_IOC_ENABLE_VERITY(0xffffffffffffffff, 0x40806685, 0x0) r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000180)=ANY=[@ANYBLOB="12010100000000105801000100000000000109022400010000002009040000010300000009210000000122dc0109058903"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_connect$printer(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="12011003000012002505a8a4f0"], 0x0) syz_usb_control_io(r0, &(0x7f0000000340)={0x2c, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0}, 0x0) 2.690002369s ago: executing program 2: r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000180)='ns/pid_for_children\x00') unshare(0x4020400) ioctl$NS_GET_NSTYPE(r0, 0xb703, 0x0) 2.675619751s ago: executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000440)=0x82, 0x49) ioctl$int_in(r0, 0x5452, &(0x7f0000000040)=0x401) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e21, @local}, 0x10) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f0000002180), 0x4) sendto$inet(r0, &(0x7f0000000480)="fbbf0b5044e308cb7bd572aa2b42e9678bcf30eff9f3aed14dc94a114bd2b45956aebe2b108a87e865501a5f9e0383611afdd3f8bac3d5cfd7772a3ab48d0ba4b600731e357e38716c449fae7c28548a4f2105f44b8fd9b33041270ae01f1a405e3f650fc3b0926d481c364fca00000000000000006d3a3ede9fc738b8d86209c060161d5ddb5fcf3d09001117cdb9d055aa2d89fe3458720724853a876448d4a1fe9ef0569ad98a05ab5df763923b4e2c576e00000000000000000000000000000000002090666159e3075f7244cf4ec3d7814c0c934f44e200219e6dd7bc23397d5f2f2c76a5baddd0fd8c340362691ef226f7a0ac51b74b6be5ed6737948514cd466943d08eeb3895b80499da2b209da4f3ec5e3744ce3e863b0e04d0ec2f39edf50b6e08c4b47e448a35414763d687fbe3792ee15c5b9791310a346472723c100bf77a310b0ced8004b5ac6d48c40439f512e8ef34a53d65f55563f68136a577736ca5f6f66e01ef4ec2cdc8db34f6de50713adaa3f70189958263fddc1314f8a28ccdef6e1390c5fbaeadc3035d019f0dc75de307de6c0d010000000000000027083d1d5b4b013c503b863b560688d94de886b6dc73d5da2dfeff4bed1a49a975a6c8dbb480e4415ddca5657a5a8e3b111015499e952bb5e8d8f60de3d688df7802c6e8b27b31fac4e199038b79a3999920e634a5af162a9581b0e6647e410700246548234acacf9cb43ab332a37bbc926c39897395c974fda31536be523bf4260300730ae6136fecae5f0fa6ab2df8d98128b24589e3bbe5230e07dc5e0d65cc397e3f8204d48e59e8e294a6d7008ba8fba28cd5009fe1a7c569ce740078bf1c7389a6ba0f89257f0eac417aac0d2d89b05ee5dafa2f1d936c87264d077b2c0d5abdbc64ce943f895dd4c2e9dd7393543d89b00dc6b3a25045d4ec932366c67dfad087fa8dc104644828440bdf67dd97ebccb3bd", 0xfffffea5, 0xc000, 0x0, 0xfffffcef) sendmsg$DEVLINK_CMD_SB_OCC_SNAPSHOT(0xffffffffffffffff, &(0x7f0000000980)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000800)={&(0x7f0000000a40)={0x120, 0x0, 0x400, 0x70bd2c, 0x25dfdbfb, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x40}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x4}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x3}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x2}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0xc4}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x4}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0xffffffff}}]}, 0x120}, 0x1, 0x0, 0x0, 0x20004000}, 0x40040) recvmsg(r0, &(0x7f00000033c0)={&(0x7f00000003c0)=@ethernet={0x0, @dev}, 0x80, &(0x7f0000002040)=[{&(0x7f0000000080)=""/49, 0x31}, {&(0x7f0000000f80)=""/4096, 0xffffffe1}, {0x0}, {&(0x7f0000000100)=""/102, 0x66}, {&(0x7f00000021c0)=""/4096, 0x1000}], 0x5, &(0x7f0000001f80)=""/178, 0xb2}, 0x120) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$inet(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000140)={0x2, 0x0, @private=0xa010102}, 0x10, &(0x7f0000000440)}, 0x0) socket$netlink(0x10, 0x3, 0x0) r1 = socket$inet6(0xa, 0x802, 0x0) r2 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, 0x0) sendmsg$inet(r1, &(0x7f00000001c0)={&(0x7f0000000140)={0x2, 0x4e21, @private=0xa010102}, 0x10, &(0x7f0000000440)=[{&(0x7f0000001740)="c7ce394b0ae55a03cf55ec89ed611cab086b174e981e0f1cd3e844e0de7e60e09a851e9b0108a7198e2db9551803ef8a3391cc49c7010f5a1ec2d9eb8c226353d3298054fabfd73d29c8ff0467fa5bd75c6b09190f1041a64707059927b146a632f2e4538c88e808810ce806ca3428c9fc41774c25b2012c9ab81eaa8a321890e5a11f8a7ccd541d77fcaa8be387a7c4b36a5e818b1d5b2d0d17a39abe57a91652a929a94dc493ece99a516055cc20dfb53274b09b2cb1a2c8c2a7e31c63f80ba3d953a0c3f8be1278899b1f4bee20fd2ddd6f33058eee1374230ba14f44e6455eb43c7e06e7c6630dd22119e5c0045fc876e6f6cad1d295ebb5e72868277881ba792f42ba3470a8f579b9050c44b9abe4f586b0362ff08e65baeec9de6e492fbfc70ebd4af0e86ba4aed1e558a3d953fab12d23515260c7404ca0dcad6051c8ecb1887a9f6da5b8027cf2c8620507423ee59916530cfc444a616dcfd4f2783d86bd64079e992cb9ec0dbc180b7a4c93c2ce2dea7a5e6272207b31f3c7f1f45c8b80acb560f7be0968c32a87a92a49fa71671ae41c33c18f63092c8ccca3c97eff25fc2843dd2f53e50cb376808a032015e2613e92d7c10511875f7547337f0ccdb2eb5ed1ae0959a6ecd8a71074e3e29df77a07386817bff502c9a7009aaf47645b76757f8ca9a78c4b27adafd2f64c07965bbbe54de7080129871e53dcd79547e1e11b2e4133c471d4291cec2ef176cdc5a53110842f67e09ad65f7f1612fda98236b95248b9763c1ff9b925663e7ad8dc5aecb84583c4f2416428c9cbaca1b68884f95c896247ca937f7747bfd5edd32c96227e2975996cf00ef5d86702ce107831a4fcae0fcb9936eb5b30f19d80a99e0bfd26adb600a230ee9a966c5ae718e06a2ff32278f1a0dad049f6b77c28ee58c973b66f52ddcc42afb7a90d7d1c23f2bb15a3f370ea58620d9486277a25ea093f0b388583765aeba5da28c6303613f935edc77bdf4212f98e29aa70fd7b4e45fe1010d3dba412c49662d92904c983bd81f7d58d868ebca08eac2ea75f62b1c3dd0293dbb9b6be2fe6e50559e948f6313fa87f793ad1a35289ddea74bc8dc7bb927c47e0e4fc8718b74580e43a944f20666929ce97a8f07bba214d9f133fda19b53c48405b2d9948c149fe0bac9d2e145b61d37fa99096135a49e8ce2a75189c7e4ecb2f1f4efcb2bbe89fbf419066036f5157eed26a1326f51a399213e7c3972968d3ec3c748587ffcac97a205d48b75b55ee0e185bae7416463d70c055994503bc8253e9b93d40b67eaa477f68d976d368e15c285559be0a11bdb04fbc02bd090e21a038ba4cc632e286ff6501e34e10dda5653e70841604b1547559f20541e4b04c29ee00bd44ec551b9ecd89fcfafa5e08cfdc44673c4b3f8d232376309ea19e2a971dea98e82c5a50f8255e88aeeb21dfc22e9fc371a6666f0879fe2a586fd280407e4b5902c8d11169808a3fb21a632b513a8ae85fc0c8ba64c7d78bca289fd1418e8cabba23babcfce6789b518e35c9f1e7e779c0f5701cf458b33389d041aebb87aab91e32ae26bf637156fab8ad90fff3912325cfa71690360e550c347fd58756b204e98574304b8fbd69fa507bb08d6279947f41243107f5f839a2a4149b71d20b9c129ce011ea1277de1d3f6045e49bb44cbdb8fe3d803452946f99519257f6944568b3e378bf7f6035336105bc306cd1f1382163d3247f0e9fee4c368a5c65e1a172b19b1dae5c71d27070d8d2c51b8eda8e8de20d97c6bbe2c56eb1ce5aaca88616f4f54d0b3f4769ebb344919b82754ca57cb382ca1e0f67c7ba24a66339898b684cce2da03f8cf86045364e60839145e72c73410ee5cfd03dc32b3706f54c4f7fc29af1bf2d4b940dc1fd2c57d04a2c396651611b5f973b7954211083a8a61760a6fac9053c4ee4723250bae98d2bfd43fc1c22e34c2b2de876ff8e74fb7ba9da6b508c5025862ebb755d4e6c2f472ebf0bd214438b6ad61e3699bc0bbafcc155c83f30dda5230d940478934502691ff75c84ae3c5f2b145c6c0a8f6533976708a557be7e109b5603c1f04064c109ba3b82ed758ba642f75f9b35f2f8a5f258f103eadef481c8c6fb443a45a3b71455b7b8ee0cde04f5b7d62cf22bbc7e58ce910c382a8c009f32b52e500ef7b006679027b1a69cc7410473f9d5e4ca56cf3c7f8803b2e7cc015e77a45f89e5d4bda08f19a043879244cedd1092603c6141d5313d48110e97e1c9cb9ccbfa134a5c899bbf4fbd15365de936abec944a4168335994b6498779e746279a33e33e226b18bdc61603430467a65445b3903834e72dc6140d86a36e8cde474ca151c8ffe4da6aa326b45328b150565b479fdcf9da015179c8cefabc27bb6454ff8aa3f334bdb6c6e4338890d8adddd6b2331befbc8851a6824312adb525cc0afd0983f656bd36b0bbe8f48d66a88a8296789617c6f33fafb23804480f3d48da4cc255713a71991634f2d3ecbb6b6a0fdfac18ae5426f198cad91e55e213f63672d7c670cb1687904ab85fdf940fcb06c0a7058bf66e1a73a07125fcfd756679b605509b47085de25b2732f56befabae2fbbeec6752f512b374fa0f965b53eb5e3577cca3bcf63144ae0d8ca79a6387d6b26a7bcd1737d910c5afc5d9f489c7a3d8717c08e0eaf0d16816897e1ae004b41971cc7aed4648cf4b642d0fcc8ec8b931314ca79ce5a39561b6b723ecaa17283a846144e639d0495e5e29ebdbe1154879f6f27251468a3dbe32d92f7a00f866483334a0a9463b18fea70d7754be02d909cc146ed00846dc866903ddb9e9bcc997104fea03129873d0c0d7abc221de8d103a7de4585ff11c3f6c46f1f2e74e196587d51328f3ad9461197f7fa506fe2a325af81cd4b83754606384a693f8001c6d70a5ed7d3bbdf4ec9c9fa3598d0bc4724690e4631f107e82b1768f45c119c6baeab42f4380b48c04fa9fabb6734e6f3d272031c2de84037155396b03ce131e09fd6d499cddb9b3ed7e077fc2fd5888c63d7ae24619a2f37a9223e621342725f07dde6fc0d96b3bffd4d69f659535fd5266cda683eed05d07b49879ed9d87febcf74559fab0ca24b64b34c3c0a666d6d97f3a29eea22edc2ab1b4088f369fde9d2e0d75a7fa81eed625d14d81f3b436aa3a59f62c85b79b4d3eed87ec99093bec8d0a874b41491f36cd41c1b23ea3d1d6171e8d90ad44f3c9135becb137d6587adfc82df97fec7e0beb2ec2b8482736c3a4bb20ee9551f0ccfa270a5d8262216be146b091ff205b959b4ee6f364a7d0a49ce611b0e8477c743562fa2c01b6734de3b2f0285e0a440ed7427a53c375d5ec020e5b48e4e3f3a943c6466267614920c81c7290dc6b319566b35aaa7735309a70fa1eb205e26549db77487c835952f91eecd1d3ed53ba05da61fb3c88cf877b0a225ee5af0f2dbf2f3b959a107821bc3ede20ab96925547074ae3cdd8fbcd7679ab02503c05783232e2df37487d2931554c4161b7b2e48bf08bb88256ea78500926fe6098cbea055fa3fc3d86a7cdb866b5473c754502ff7a3eba06b5423a7d3934a77ceed6bad5fde12e6bd966ee56376c04c760f69341e30f27ddd670504f7d42197473adaab0e51aa8c3b0ae7f79f845647719ae5097da717bb8506b6bed804026b8d8cbb6b49968f8c0b02e3ef0f476f924595c184d5be1252c0a8ec6adcbc81b50197a49a055d9456191ecdb5dc125375ef679551d28b36b5d5081a39418d4f13ad830db951a0d4742aa8392b1405e774a600adef1d98ec0d58857db999a034fe0e46be66b8c69a7cc564f8a723f3975df9a2b14184edaf208d88fb558ec7090ff2faa03ba80725ea1d0e705bad3c337e019efe2e639b2b5cc8fc13356ac37825b14bb3d86afd6acfcb97cdae63e68f7d7cbd4bbcedbef09816383fa24760d39261cc25cb787e41c579eb3ff31b2833f5847139cf60ab1b1d4d2a0305d80614aa6e64d214505eb8e5e7db50d7e5cf2fa03f66283c092329c9c77f748a9c3ee71fa3eb4fb9f85525e04c19c47f8e8179b6801f80274066b2b27648204460f820796794d252b9948925cf25309a665e9b19b4c978634df18818d88d8a08008f213ccb0f7464f342300fdbf71ed84ead976e05b23c666e3f100abea8b282fa7521f6f91dc8f0454d3bac28bfb95bf5c8a2badfb287acdbdf6cd7b322c3b8c708a825ac39dc457ee953d597a21a07d755f016d6a613f7a6ddb1cc5e7118176b4e2754dc27f39ce5d822f4925d2ca42437e0b6fbecec117e8ab1335bc40f7e5188d5e96d6f983eafa61892a098540390296a8dfb8620964027bb1e5435c2a78dcc4e36b5dbf45cfe8e9f8fa420bd18599c1d30269dac911d0ce7dd538e60516a54b5382cfe067d3648e60234445afbf5f1b2ae73f31b465ce4f691346fc09812d8f848a4ebccdf06534d6f48e42e83ba20449789d1c9f083ab11668dd52a276f87f6e3538e7486b4f77ec322c0842a8d57d693d7b118f10b0afdb61592b5f7dd501925fbc01e86fdfdcc1b0da297c2ca6908678cbaa19dae589ffc5515299618777ea452834d8c096f3585f581d7a0cb1a7e978c418baed0b49e28ddb1db5c9526689e9ae36065977a52dc74979d2c1d52c3ce5489161035d2e57b791017c5455935effdb953a4d718067697536b3271e8e6ce8b1eb01c2b5ec7a61a9beee2ca99395d879cc2c89d6512d92dc4906fe4c04a4fd5b40a58f82aeb678bb85528dcd1c2ce7bd975168f87dbb375213dc337f9d232f678baf43c27e0fc3b74e7a25bc883137a99bf93c59ea96f7c7462dcc145ce7dbadebb2d8b21709a994cea078acfcbb3fb5be6194f3b91f942dead0ff69e2835497bcb7da9dec14642974a21687476797e266a114731eb4acfda12447856079a447be75eedafb042642de6f8baebe36ffb5e0d5a32387e6f2285af8ff5b390326dcae79a7e91870e137f89d82fec5749a601a67ff000c47a20fc89290a2d956d50d649cea5a7851184271a97a23f49bcec1c7a5c5e707f0d3a336b0d8ee81314a185652e8443f0b9995b0c323b1a0e920868642e067f335e4835a3c538bbb00f039b9368a64e32704a46dcfcbe0c152776c851f0301b1f7dc5b85d7a60bc88beba67eaf3a140ba377784a08f4c0de340a18eb76a9b54b980958f7777cbc6557e9a9b2f00bb80bdfea43e1cf0a80f7c8459ae3bbabc2ab014bb576543a4a7fff150a7ed03263719e587a22f1764abd7553450f901c590e1f58a9d923f121b22ea6d996cc6f53dc21fb99072241d709eac86115bedb13a1ff92792b1a119ff826d40c44f9006449f0c444cac1e17eb97e4c1e2519b91fc54aace98aa1630057f2efabff2b28aeeb7d90dd5f3677a2452902d6f5c46cc71c392b31ceae401aba6d5778dba29b4", 0xefd}, {&(0x7f0000000180)="a4cfe41aa13485e8ed62336d8f5ad2f3bf38153f", 0x14}, {&(0x7f0000002740)="76805b855adf89e32622ade1e90bb55e14c938b32de8b2229d517db00c1543e66f4707c5fcfb10bf369010ab553ee370d60325b62a05d6e57cc5841a09bf4f93965530598e258a5c48cd34d559cc2ead91ed97c12bc677a594f216264437dc", 0x5f}], 0x3, &(0x7f0000000840)=ANY=[@ANYBLOB="3000080000000100000000000000000001441c26037f000001000000007f00000100000000ac141400000000000000001c0000000000000000000000080000007c25f24b44657188b5eeb8bc0e443493190a88973e02965c816d35b5a64da428544a6b5256e2a68fa35829444dc00ebd8f0a8a8eee57837e1b550d4e870113b092e8e7affca461ee5e2261a97a13288e39bb18f55a4dda82f7299b0a5348b0c6e98dfb00645ed93f277aa7058f6171212a10e9a89f288b093cfbe0ec09f017b6e58a22ff11bee551ae827e5148ab7449e7ee4c44f377c549e0587d55018d6b44306db61a1da28554a8e828287c6fe217910dbaae52db7d4909d73a3add2a3754c6c4514fcbe84e39d8f8458e8a34", @ANYRES32=0x0, @ANYBLOB="ac1414aaac1414aa00000000"], 0x50}, 0x4090) r3 = dup(r2) setsockopt$CAN_RAW_FILTER(r3, 0x65, 0x1, &(0x7f00000000c0)=[{{0x2, 0x1, 0x1, 0x1}, {0x3, 0x1}}, {{0x4, 0x1, 0x0, 0x1}, {0x2, 0x0, 0x0, 0x1}}], 0x10) r4 = socket$netlink(0x10, 0x3, 0x0) socketpair(0x1e, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCGETMIFCNT_IN6(r5, 0x89e0, 0x0) setsockopt$CAN_RAW_FILTER(r5, 0x65, 0x1, &(0x7f0000000780)=[{{0x3, 0x0, 0x1}, {0x7, 0x0, 0x0, 0x1}}, {{0x1, 0x1}, {0x3, 0x1}}], 0x10) sendmsg$nl_route_sched(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=@gettaction={0x30, 0x32, 0x727, 0x0, 0x0, {}, [@action_dump_flags=@TCA_ROOT_FLAGS={0xc}, @action_gd=@TCA_ACT_TAB={0x9, 0x1, [{0xc, 0x0, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}]}]}, 0x30}}, 0x0) getsockopt$inet6_mreq(r1, 0x29, 0x0, &(0x7f0000000280)={@mcast1, 0x0}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_LINK={0x8}]}}}]}, 0x3c}}, 0x0) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000e00)={0x0, 0x0, &(0x7f0000000d80)=[{&(0x7f00000009c0)="1358b6be93095a34d0028ecbdeccd9ac478724dafd8c0abdde489f332f606211f2d8451b784d42e5da", 0x29}, {&(0x7f0000000b80)="a331504911d3a80276101a2aafd6f172d2224d7e1a08e404760c9810bbeaafd71d649822b747053128ce9bc719440670abeeef7f3ef34bba1fe46a94aa1b4af104d29ba1a41ff845546de344beca814c19c36a0bd813e8a1364820a37c368975c3dcec4d3d9cf3c1dfce22e6c5fa758d4ad958131aaf6845f0661680244728a7881d5483cdbc8152c2b33959a5461968b25f854be33be472901606cef909701cfe165a3a40063b6d1bf834aea1c871cd5df2dec2705a992fa9a79c25f932625e20d7c048", 0xc4}, {&(0x7f0000000c80)="eca8510b676a80ac6a2933ff3c8ff9efcd6fd756d49f4eaddfeddc5d3cdaa9f875d943a2e198d14dda4001239c40e881078d96aa9d08c86bc4f8dd14df55c2b6fd39ba22c52488f6a7e7c23e4ddf41fcaed89bdbd6bcd245f5e98f30f833aa3d0195d9ba2d7b18a7b97c8aced9123555cd5d2a31e9249433d085adfbb9", 0x7d}, {&(0x7f0000000d00)="d6e6dbfb7eb1632440507167d71be16f13a4aaa2432964e04a5d91c678137fe9dc011441e8cf07bb875e55f716d210de61e685f43a3b9e1170c210d8330b7c644392679909d4918f9843b0a0393110fe06e745ebe238e184055652eb82a61e19c27c95", 0x63}], 0x4, &(0x7f0000000dc0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @loopback}}}], 0x20}, 0x800) sendmsg$nl_route_sched(r4, &(0x7f0000000740)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0xa50008c0}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)=@deltclass={0x60, 0x29, 0x1, 0x70bd26, 0x25dfdbfb, {0x0, 0x0, 0x0, r6, {0xffe5, 0x6}, {0xfff3, 0x5}, {0xe, 0xfff1}}, [@TCA_RATE={0x6, 0x5, {0x4, 0x7f}}, @TCA_RATE={0x6, 0x5, {0x40, 0x5}}, @TCA_RATE={0x6, 0x5, {0x2}}, @tclass_kind_options=@c_drr={{0x8}, {0xc, 0x2, @TCA_DRR_QUANTUM={0x8, 0x1, 0x9}}}, @TCA_RATE={0x6, 0x5, {0x3, 0x2}}, @tclass_kind_options=@c_red={0x8}]}, 0x60}, 0x1, 0x0, 0x0, 0x20000000}, 0x4040800) r7 = socket$inet6(0xa, 0x802, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000a00)={'vcan0\x00', 0x0}) sendmsg$inet(r7, &(0x7f00000001c0)={&(0x7f0000000140)={0x2, 0x4e21, @private=0xa010102}, 0x10, &(0x7f0000000440)=[{&(0x7f0000001740)="c7ce394b0ae55a03cf55ec89ed611cab086b174e981e0f1cd3e844e0de7e60e09a851e9b0108a7198e2db9551803ef8a3391cc49c7010f5a1ec2d9eb8c226353d3298054fabfd73d29c8ff0467fa5bd75c6b09190f1041a64707059927b146a632f2e4538c88e808810ce806ca3428c9fc41774c25b2012c9ab81eaa8a321890e5a11f8a7ccd541d77fcaa8be387a7c4b36a5e818b1d5b2d0d17a39abe57a91652a929a94dc493ece99a516055cc20dfb53274b09b2cb1a2c8c2a7e31c63f80ba3d953a0c3f8be1278899b1f4bee20fd2ddd6f33058eee1374230ba14f44e6455eb43c7e06e7c6630dd22119e5c0045fc876e6f6cad1d295ebb5e72868277881ba792f42ba3470a8f579b9050c44b9abe4f586b0362ff08e65baeec9de6e492fbfc70ebd4af0e86ba4aed1e558a3d953fab12d23515260c7404ca0dcad6051c8ecb1887a9f6da5b8027cf2c8620507423ee59916530cfc444a616dcfd4f2783d86bd64079e992cb9ec0dbc180b7a4c93c2ce2dea7a5e6272207b31f3c7f1f45c8b80acb560f7be0968c32a87a92a49fa71671ae41c33c18f63092c8ccca3c97eff25fc2843dd2f53e50cb376808a032015e2613e92d7c10511875f7547337f0ccdb2eb5ed1ae0959a6ecd8a71074e3e29df77a07386817bff502c9a7009aaf47645b76757f8ca9a78c4b27adafd2f64c07965bbbe54de7080129871e53dcd79547e1e11b2e4133c471d4291cec2ef176cdc5a53110842f67e09ad65f7f1612fda98236b95248b9763c1ff9b925663e7ad8dc5aecb84583c4f2416428c9cbaca1b68884f95c896247ca937f7747bfd5edd32c96227e2975996cf00ef5d86702ce107831a4fcae0fcb9936eb5b30f19d80a99e0bfd26adb600a230ee9a966c5ae718e06a2ff32278f1a0dad049f6b77c28ee58c973b66f52ddcc42afb7a90d7d1c23f2bb15a3f370ea58620d9486277a25ea093f0b388583765aeba5da28c6303613f935edc77bdf4212f98e29aa70fd7b4e45fe1010d3dba412c49662d92904c983bd81f7d58d868ebca08eac2ea75f62b1c3dd0293dbb9b6be2fe6e50559e948f6313fa87f793ad1a35289ddea74bc8dc7bb927c47e0e4fc8718b74580e43a944f20666929ce97a8f07bba214d9f133fda19b53c48405b2d9948c149fe0bac9d2e145b61d37fa99096135a49e8ce2a75189c7e4ecb2f1f4efcb2bbe89fbf419066036f5157eed26a1326f51a399213e7c3972968d3ec3c748587ffcac97a205d48b75b55ee0e185bae7416463d70c055994503bc8253e9b93d40b67eaa477f68d976d368e15c285559be0a11bdb04fbc02bd090e21a038ba4cc632e286ff6501e34e10dda5653e70841604b1547559f20541e4b04c29ee00bd44ec551b9ecd89fcfafa5e08cfdc44673c4b3f8d232376309ea19e2a971dea98e82c5a50f8255e88aeeb21dfc22e9fc371a6666f0879fe2a586fd280407e4b5902c8d11169808a3fb21a632b513a8ae85fc0c8ba64c7d78bca289fd1418e8cabba23babcfce6789b518e35c9f1e7e779c0f5701cf458b33389d041aebb87aab91e32ae26bf637156fab8ad90fff3912325cfa71690360e550c347fd58756b204e98574304b8fbd69fa507bb08d6279947f41243107f5f839a2a4149b71d20b9c129ce011ea1277de1d3f6045e49bb44cbdb8fe3d803452946f99519257f6944568b3e378bf7f6035336105bc306cd1f1382163d3247f0e9fee4c368a5c65e1a172b19b1dae5c71d27070d8d2c51b8eda8e8de20d97c6bbe2c56eb1ce5aaca88616f4f54d0b3f4769ebb344919b82754ca57cb382ca1e0f67c7ba24a66339898b684cce2da03f8cf86045364e60839145e72c73410ee5cfd03dc32b3706f54c4f7fc29af1bf2d4b940dc1fd2c57d04a2c396651611b5f973b7954211083a8a61760a6fac9053c4ee4723250bae98d2bfd43fc1c22e34c2b2de876ff8e74fb7ba9da6b508c5025862ebb755d4e6c2f472ebf0bd214438b6ad61e3699bc0bbafcc155c83f30dda5230d940478934502691ff75c84ae3c5f2b145c6c0a8f6533976708a557be7e109b5603c1f04064c109ba3b82ed758ba642f75f9b35f2f8a5f258f103eadef481c8c6fb443a45a3b71455b7b8ee0cde04f5b7d62cf22bbc7e58ce910c382a8c009f32b52e500ef7b006679027b1a69cc7410473f9d5e4ca56cf3c7f8803b2e7cc015e77a45f89e5d4bda08f19a043879244cedd1092603c6141d5313d48110e97e1c9cb9ccbfa134a5c899bbf4fbd15365de936abec944a4168335994b6498779e746279a33e33e226b18bdc61603430467a65445b3903834e72dc6140d86a36e8cde474ca151c8ffe4da6aa326b45328b150565b479fdcf9da015179c8cefabc27bb6454ff8aa3f334bdb6c6e4338890d8adddd6b2331befbc8851a6824312adb525cc0afd0983f656bd36b0bbe8f48d66a88a8296789617c6f33fafb23804480f3d48da4cc255713a71991634f2d3ecbb6b6a0fdfac18ae5426f198cad91e55e213f63672d7c670cb1687904ab85fdf940fcb06c0a7058bf66e1a73a07125fcfd756679b605509b47085de25b2732f56befabae2fbbeec6752f512b374fa0f965b53eb5e3577cca3bcf63144ae0d8ca79a6387d6b26a7bcd1737d910c5afc5d9f489c7a3d8717c08e0eaf0d16816897e1ae004b41971cc7aed4648cf4b642d0fcc8ec8b931314ca79ce5a39561b6b723ecaa17283a846144e639d0495e5e29ebdbe1154879f6f27251468a3dbe32d92f7a00f866483334a0a9463b18fea70d7754be02d909cc146ed00846dc866903ddb9e9bcc997104fea03129873d0c0d7abc221de8d103a7de4585ff11c3f6c46f1f2e74e196587d51328f3ad9461197f7fa506fe2a325af81cd4b83754606384a693f8001c6d70a5ed7d3bbdf4ec9c9fa3598d0bc4724690e4631f107e82b1768f45c119c6baeab42f4380b48c04fa9fabb6734e6f3d272031c2de84037155396b03ce131e09fd6d499cddb9b3ed7e077fc2fd5888c63d7ae24619a2f37a9223e621342725f07dde6fc0d96b3bffd4d69f659535fd5266cda683eed05d07b49879ed9d87febcf74559fab0ca24b64b34c3c0a666d6d97f3a29eea22edc2ab1b4088f369fde9d2e0d75a7fa81eed625d14d81f3b436aa3a59f62c85b79b4d3eed87ec99093bec8d0a874b41491f36cd41c1b23ea3d1d6171e8d90ad44f3c9135becb137d6587adfc82df97fec7e0beb2ec2b8482736c3a4bb20ee9551f0ccfa270a5d8262216be146b091ff205b959b4ee6f364a7d0a49ce611b0e8477c743562fa2c01b6734de3b2f0285e0a440ed7427a53c375d5ec020e5b48e4e3f3a943c6466267614920c81c7290dc6b319566b35aaa7735309a70fa1eb205e26549db77487c835952f91eecd1d3ed53ba05da61fb3c88cf877b0a225ee5af0f2dbf2f3b959a107821bc3ede20ab96925547074ae3cdd8fbcd7679ab02503c05783232e2df37487d2931554c4161b7b2e48bf08bb88256ea78500926fe6098cbea055fa3fc3d86a7cdb866b5473c754502ff7a3eba06b5423a7d3934a77ceed6bad5fde12e6bd966ee56376c04c760f69341e30f27ddd670504f7d42197473adaab0e51aa8c3b0ae7f79f845647719ae5097da717bb8506b6bed804026b8d8cbb6b49968f8c0b02e3ef0f476f924595c184d5be1252c0a8ec6adcbc81b50197a49a055d9456191ecdb5dc125375ef679551d28b36b5d5081a39418d4f13ad830db951a0d4742aa8392b1405e774a600adef1d98ec0d58857db999a034fe0e46be66b8c69a7cc564f8a723f3975df9a2b14184edaf208d88fb558ec7090ff2faa03ba80725ea1d0e705bad3c337e019efe2e639b2b5cc8fc13356ac37825b14bb3d86afd6acfcb97cdae63e68f7d7cbd4bbcedbef09816383fa24760d39261cc25cb787e41c579eb3ff31b2833f5847139cf60ab1b1d4d2a0305d80614aa6e64d214505eb8e5e7db50d7e5cf2fa03f66283c092329c9c77f748a9c3ee71fa3eb4fb9f85525e04c19c47f8e8179b6801f80274066b2b27648204460f820796794d252b9948925cf25309a665e9b19b4c978634df18818d88d8a08008f213ccb0f7464f342300fdbf71ed84ead976e05b23c666e3f100abea8b282fa7521f6f91dc8f0454d3bac28bfb95bf5c8a2badfb287acdbdf6cd7b322c3b8c708a825ac39dc457ee953d597a21a07d755f016d6a613f7a6ddb1cc5e7118176b4e2754dc27f39ce5d822f4925d2ca42437e0b6fbecec117e8ab1335bc40f7e5188d5e96d6f983eafa61892a098540390296a8dfb8620964027bb1e5435c2a78dcc4e36b5dbf45cfe8e9f8fa420bd18599c1d30269dac911d0ce7dd538e60516a54b5382cfe067d3648e60234445afbf5f1b2ae73f31b465ce4f691346fc09812d8f848a4ebccdf06534d6f48e42e83ba20449789d1c9f083ab11668dd52a276f87f6e3538e7486b4f77ec322c0842a8d57d693d7b118f10b0afdb61592b5f7dd501925fbc01e86fdfdcc1b0da297c2ca6908678cbaa19dae589ffc5515299618777ea452834d8c096f3585f581d7a0cb1a7e978c418baed0b49e28ddb1db5c9526689e9ae36065977a52dc74979d2c1d52c3ce5489161035d2e57b791017c5455935effdb953a4d718067697536b3271e8e6ce8b1eb01c2b5ec7a61a9beee2ca99395d879cc2c89d6512d92dc4906fe4c04a4fd5b40a58f82aeb678bb85528dcd1c2ce7bd975168f87dbb375213dc337f9d232f678baf43c27e0fc3b74e7a25bc883137a99bf93c59ea96f7c7462dcc145ce7dbadebb2d8b21709a994cea078acfcbb3fb5be6194f3b91f942dead0ff69e2835497bcb7da9dec14642974a21687476797e266a114731eb4acfda12447856079a447be75eedafb042642de6f8baebe36ffb5e0d5a32387e6f2285af8ff5b390326dcae79a7e91870e137f89d82fec5749a601a67ff000c47a20fc89290a2d956d50d649cea5a7851184271a97a23f49bcec1c7a5c5e707f0d3a336b0d8ee81314a185652e8443f0b9995b0c323b1a0e920868642e067f335e4835a3c538bbb00f039b9368a64e32704a46dcfcbe0c152776c851f0301b1f7dc5b85d7a60bc88beba67eaf3a140ba377784a08f4c0de340a18eb76a9b54b980958f7777cbc6557e9a9b2f00bb80bdfea43e1cf0a80f7c8459ae3bbabc2ab014bb576543a4a7fff150a7ed03263719e587a22f1764abd7553450f901c590e1f58a9d923f121b22ea6d996cc6f53dc21fb99072241d709eac86115bedb13a1ff92792b1a119ff826d40c44f9006449f0c444cac1e17eb97e4c1e2519b91fc54aace98aa1630057f2efabff2b28aeeb7d90dd5f3677a2452902d6f5c46cc71c392b31ceae401aba6d577", 0xef9}, {0x0}, {&(0x7f0000002740)="76805b855adf89e32622ade1e90bb55e14c938b32de8b2229d517db00c1543e66f4707c5fcfb10bf369010ab553ee370d60325b62a05d6e57cc5841a09bf4f93965530598e258a5c48cd34d559cc2ead91ed97c12bc677a594f216264437dc", 0x5f}], 0x3, &(0x7f0000003740)=[@ip_retopts={{0x30, 0x0, 0x7, {[@noop, @timestamp_prespec={0x44, 0x1c, 0x26, 0x3, 0x0, [{@loopback}, {@loopback}, {@dev}]}]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r8, @local, @empty}}}], 0x50}, 0x0) 1.678091924s ago: executing program 2: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0xc0ed0006, &(0x7f0000000140)={[{@jqfmt_vfsold}, {@resgid={'resgid', 0x3d, 0xee00}}, {@bh}, {@noload}, {@data_err_ignore}, {@usrjquota}]}, 0xfe, 0x43e, &(0x7f00000004c0)="$eJzs3MtvG0UYAPBv7SR9k1DKo6WFQEFEPJImfdADFxBIHEBCgkMRp5CkVajboCZItIogcAhHVIk74ojEX8AJLgg4IXGFO6pUoVxaOBmtvZu6iZ3GiVOX7O8nbTvjHWvm292xZ2e8CaCwBtN/koi9EfFHRPTXs7cXGKz/d3NpfuKfpfmJJKrVt/9OauVuLM1P5EXz9+2pZ6rVLL+jSb2L70WMVypTl7L8yNyFD0dmL195YfrC+Lmpc1MXx06fPnH8SN+psZMdiTON68ahT2YOH3z93atvTpy5+v4v36Xt3Zvtb4yjUwbrR7eppztdWZfta0gnPV1sCG0pR0R6unpr/b8/yrFreV9/vPZ5VxsHbKlqtVpt9v2cWagC21gS3W4B0B35F316/5tvd2nocU+4/nL9BiiN+2a21ff0RCkr07vi/raTBiPizMK/X6dbbNE8BABAox/S8c/zzcZ/pXioodx92RrKQETcHxH7I+KBiDgQEQ9G1Mo+HBGPtFn/yhWS1eOf0rUNBbZO6fjvpWxt6/bxXz76i4FylttXi783OTtdmTqWHZOh6N2R5kfXqOPHV3//stW+xvFfuqX152PBrB3XelZM0E2Oz41vJuZG1z+LONTTLP4k8mWcJCIORsShDdYx/ey3h1vtu3P8a+jAOlP1m4hn6ud/IVbEn0tark+Ovnhq7OTIzqhMHRvJr4rVfv1t8a1W9W8q/g5Iz//uptf/cvwDyc6I2ctXztfWa2fbr2Pxzy9a3tNs9PrvS96ppfuy1z4en5u7NBrRl7yx+vWxW+/N83n5NP6ho837//64dSQejYj0Ij4SEY9FxONZ25+IiCcj4uga8f/8ylMftB//GrPyHZTGP3mn8x+N57/9RPn8T9+3H38uPf8naqmh7JX1fP6tt4GbOXYAAADwf1Gq/QY+KQ0vp0ul4eH6b/gPxO5SZWZ27rmzMx9dnKz/Vn4gekv5TFd/w3zoaDY3nOfHVuSPZ/PGX5V31fLDEzOVyW4HDwW3p0X/T/1V7nbrgC3neS0oLv0fikv/h+LS/6G49H8ormb9/9MutAO4+3z/Q3Hp/1Bc+j8Ul/4PhdTy2fjSph75l9j2iSjdE83Y/omedf8xiw0mdjTd1e1PJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgM74LwAA//9wiOSH") open(&(0x7f0000000340)='./bus\x00', 0x143142, 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0xb3, 0x7f}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f0000000080)=@framed={{0x18, 0x3}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x1, 0x0, r2}, @generic={0x66}, @initr0, @exit, @alu={0x4, 0x0, 0x0, 0x3, 0x0, 0x0, 0x4}]}, &(0x7f0000000000)='GPL\x00'}, 0x90) recvmmsg$unix(r0, 0x0, 0x0, 0x0, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0) ftruncate(r3, 0xc17a) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) r4 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r4, 0x4c04, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, "ee289f413bb90152f7d6d1ce5ca93c0f7c41499dc28ac63a01000000000000004faa2ad9c084a003ea00", "03bdbcef549ba19704007ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c20c62df7a8d5da5c00000000ff030000fff2ff008900"}) bpf$PROG_LOAD(0x5, &(0x7f00000016c0)={0x0, 0x0, 0x0, 0x0}, 0x90) sendmsg$unix(r1, &(0x7f0000001600)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000300)="81", 0x1}], 0x1}, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x10, &(0x7f0000000c80), 0xff, 0x249, &(0x7f0000000880)="$eJzs3T9oM2UcB/DvXRJr3jfIqy6C+AdERAvldRNcXifhBSlFRFChIuKitEJtcWudXBx0VunkUsTN6ihdiosiOFXtUBdBi4PFQYdIcqnUNuKf1Jz0Ph+43F1yz/2e4+77JBkuCdBYV5JcS9JKMpukk6Q4ucHd1XRltLrZ3V1M+v3HfyyG21XrleN2l5NsJHkoyU5Z5MV2srb99MHPe4/e98Zq5973tp/qTvUgRw4P9h87enf+9Q+vP7j2+Zffzxe5lt4fjuv8FWOeaxfJLf9Fsf+Jol13D/g7Fl794KtB7m9Ncs8w/52UqU7emys37HTywDt/1vatH764fZp9Bc5fv98ZvAdu9IHGKZP0UpRzSarlspybqz7Df926VL60vPLK7AvLq0vP1z1SAedl+L3345mPLp/K/3etKv/AxdVL9p9Y2PpmsHzUqrs3wFTcUc0G+Z99dv3+yD80jvxDc8k/NJf8Q3PJPzTSTOQfGk3+obnkH5pL/qG55B+a62T+AYBm6c+cuSW4GP4sAHDh1T3+AAAAAAAAAAAAAAAAAAAAZ212dxePp2nV/PTt5PCRJO1x9VvD/yNObhw+XvqpGGz2u6JqNpFn7ppwBxN6v+a7r2/6tqbC3Wr22Z011R9ZX0o2Xktytd0+e/0Vo+vv37v5L17vPDdhgX+oOLX+8JPTrX/ar1v11r++l3wyGH+ujht/ytw2nI8ff3qD8zdh/Zd/mXAHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAATM1vAQAA//8mi2g4") mknod(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) open$dir(&(0x7f00000001c0)='./file0/file0\x00', 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) execve(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0) open(&(0x7f00000002c0)='./bus\x00', 0x0, 0x0) symlink(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000000)='./file0\x00') readlinkat(0xffffffffffffff9c, 0x0, 0xffffffffffffffff, 0x0) r5 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getdents(r5, 0x0, 0x0) sendmmsg$inet(0xffffffffffffffff, &(0x7f0000002f80)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) 1.423425373s ago: executing program 3: mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f00000002c0)='tmpfs\x00', 0x0, 0x0) chdir(&(0x7f0000000080)='./file1\x00') mkdir(&(0x7f0000000400)='./file1\x00', 0x0) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) chdir(&(0x7f0000000140)='./bus\x00') r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0) fallocate(r0, 0x0, 0x0, 0x1000f4) copy_file_range(r0, 0x0, r0, &(0x7f0000000080)=0x598b, 0x3, 0x0) 1.400310146s ago: executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1803000000000000000000005e002200850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x10) sendmsg$ETHTOOL_MSG_PAUSE_GET(r2, &(0x7f0000001ac0)={0x0, 0x9, &(0x7f0000001a80)={&(0x7f0000001940)={0x20, r3, 0x1, 0x0, 0x0, {0x1e}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}]}]}, 0x20}}, 0x0) 1.361521202s ago: executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'geneve1\x00', 0x112}) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1], 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000001b40)='sched_switch\x00', r2}, 0x10) ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{}]}) 1.211495065s ago: executing program 3: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='signal_generate\x00', r1}, 0x10) syz_open_procfs$namespace(0x0, 0xfffffffffffffffe) 1.141152406s ago: executing program 3: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0xe, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x0, 0x1, 0x3b}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80) 1.091207774s ago: executing program 3: r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10) syz_usb_connect(0x0, 0x36, &(0x7f00000002c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b0000100904"], 0x0) 1.090583134s ago: executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xffd, 0x2}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000080000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r1}, 0x10) pipe2$9p(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4]) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x26e1, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000800000018010000646c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000400b703000000000000850000002300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000000000fc850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xa1) write$cgroup_subtree(r6, &(0x7f0000000040)=ANY=[], 0x32600) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000080)='ext4_begin_ordered_truncate\x00', r5}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1712) 946.214866ms ago: executing program 4: r0 = syz_open_dev$usbmon(&(0x7f0000000000), 0x7fffffff, 0x0) readv(r0, &(0x7f0000000300)=[{&(0x7f0000000080)=""/243, 0xf3}], 0x1) io_uring_enter(0xffffffffffffffff, 0x2def, 0x0, 0x0, 0x0, 0x0) syz_open_dev$usbfs(&(0x7f0000000040), 0x20000007d, 0x0) 927.501979ms ago: executing program 2: bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000640), &(0x7f0000000740), 0x75, r0}, 0x38) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000818110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='scsi_dispatch_cmd_start\x00', r1}, 0x10) write$cgroup_pid(r2, &(0x7f0000000980), 0x12) 866.348578ms ago: executing program 4: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x1e, 0x0, 0x4, 0x3, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='ext4_mb_release_inode_pa\x00', r1}, 0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) write$cgroup_subtree(r2, 0x0, 0x32600) 807.118547ms ago: executing program 0: r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2f00000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000008500000006000000850000000700000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r2}, 0x10) shutdown(0xffffffffffffffff, 0x0) read(r1, &(0x7f00000002c0)=""/200, 0x39) 793.656139ms ago: executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x5, 0x4, 0x4, 0x4}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000008100000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000208500000001000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000380)='skb_copy_datagram_iovec\x00', r1}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000800)={{r0}, &(0x7f00000003c0), &(0x7f00000005c0)}, 0x20) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r3, &(0x7f00000027c0)={0x0, 0x0, 0x0}, 0x0) recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0) 776.122952ms ago: executing program 4: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) syz_mount_image$ext4(0x0, &(0x7f00000003c0)='./file0\x00', 0x2000000, 0x0, 0x4, 0x0, &(0x7f0000000000)) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018400110800395032303030"], 0x15) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000079000000090000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7040000000000008500000057"], 0x0}, 0x90) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x1e, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000070018110000", @ANYRES32=r2], 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r3}, 0x10) r4 = dup(r1) write$FUSE_BMAP(r4, &(0x7f0000000080)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r4, &(0x7f00000000c0)={0x14c}, 0x137) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) chdir(&(0x7f0000000040)='./file0\x00') syz_mount_image$fuse(0x0, &(0x7f0000006340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) unlink(&(0x7f0000000180)='./cgroup\x00') syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x20, 0x0, 0x0) 751.664536ms ago: executing program 4: r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x256c, 0x6d, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000001440)={0x24, 0x0, 0x0, &(0x7f00000013c0)=ANY=[@ANYBLOB="002205"], 0x0}, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000001840)={0x24, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="0003040000000403"], 0x0, 0x0}, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000300)={0x24, 0x0, &(0x7f0000000340)={0x0, 0x3, 0x2, @string={0x2}}, 0x0, 0x0}, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10) syz_usb_control_io$hid(r0, &(0x7f0000000000)={0x24, 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0003"], 0x0, 0x0}, 0x0) 734.048848ms ago: executing program 2: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000280)='./bus\x00', 0x1200840, &(0x7f0000000880)=ANY=[@ANYBLOB="757466383d312c636865636b3d7374726963742c73686f72746e616d653d6d697865642c6e6f6e756d7461696c3d302c73686f72746e616d653d6d697865642c73686f72746e616d653d77696e39352c696f636861727365743d73703836322c696f636861727365743d63703433372c73686f72746e616d653d77696e39352c756e695f786c6174653d312c756e695f786c6174653d302c757466383d302c756e695f786c6174653d302c003c24d06816418f4be78ed4fbfe47efc82f966a602a8db43ad053c978bbd3501706515140ef63c2a58653ced497550b22917b09702604bc162c57e05beec5bb0c11fc2f9238b25e4527e24bab534e9ba458d92a597c3fee89f57053a4a1535771c9877b3ab101fb26937779cff75a95a296fafddf11280fafeb9bd5f2da4a88b43f3e4d5b1a9aed1f659d88f914548fba990603b0d4f14adda86d459c62701d3d6f007c7e50da9608a03eff58"], 0x3, 0x377, &(0x7f00000002c0)="$eJzs3UFom+UbAPAn/dKm/bP924MgCsKnN0HLNgXRix2jg2EuU8LUgxjcptLUwYrB7tCsXsSj4FFP3jzowcNuXgRFdvPg1QkyFQ+628CxT77kS/KlSWqZdLP4+x3Cs/d9nvd9v+Rl+ZqSt6+uxNrZ2Th/48b1mJ+vRHXlxErcrMRSJNF3OcbNTWgDAA6Gm1kWf2Q9EV/upaSy/6sCAPZT9/3/9cOllne/3i0/8+4PAAde8fP/Qrkt2ZEzP634wr4tCwDYR6Of/0fEI2MppV/1V8fuDQCAg+eFl15+7ng94vk0nY9Yf6/daDfimWH/8fPxZrTiXByJxbgV0btRyB8q3ceTp+qrR9I07cTPS9HIK9qNiPVOu9G7UziedOtrcTQWY6moL+42sixLTn5RXz2adkXE5U53/livtBuzsVDM/8P/4lwcizTuG6uPOFVfPZYWAzTW+/WzEdvDzy3y9S/HYnz3WlyIVpyNvLZ/W1Nf3Tqapiey+qHKsL7TbtS6eT1TPwEBAAAAAAAAAAAAAAAAAAAAAIA7spwOLA3Oz8mG5/csL0/o756P06svzgfa7p0PlNWyyLLf33m88X4SI+cD7Tifp9NuVGPm3l46AAAAAAAAAAAAAAAAAAAA/GtsbM5Fs9U6d3Fj89JaOehc3NiciYi85a1vP/tqIUZzFooBRqtGgmqRUupKh1VZ0k/OkpGcIkjyySvVXsunVwYrLufUBlcxcRm16V2t1uGHf/po2PJQ0h/59jAniYnXdSnZsYxysP7/3pKmPy27BMf+JudalmXTyrdeGa+KSkR16lLvMMjy4JvrbzzwxEZ/E2Q9jz62eObah5/8utZs5TPnWq25ixu3srVm8e/Jm216kJT2T6XYbJXyTqg2n7x9+tCUkbdHW5rJ97+9+OAHV4uWmd1fpuzM1WHL2xNykt6kn+/smusF+TIHXc/mQf4cjY8zO2HzTwqein/0wt3/8UrzytaPv+y1qvSfhIM6AAAAAAAAAAAAAAAAAADgrih9V7xQfNl3dreqp0/v/8oAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4O4Z/v3/QRAz2zta9hb82Yl+y5nod9XyAWOuNOPSPbxaAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+q/4KAAD//1UBZGs=") r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0) ftruncate(r2, 0x6) sync_file_range(r2, 0x0, 0x0, 0x6) 578.538952ms ago: executing program 1: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000140)='syzkaller\x00'}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) close(r2) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) bpf$BPF_GET_PROG_INFO(0x1d, 0x0, 0x0) 553.452146ms ago: executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0xfff, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={&(0x7f0000000740)='ext4_allocate_blocks\x00', r1}, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000500)='ext4_allocate_blocks\x00', r3}, 0x10) mkdir(&(0x7f00000020c0)='./file0\x00', 0x0) 530.495689ms ago: executing program 1: openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'pim6reg1\x00', 0x2}) ioctl$TUNSETLINK(r0, 0x400454cd, 0x7) close(0x4) 433.781944ms ago: executing program 1: r0 = syz_open_dev$usbmon(&(0x7f0000000000), 0x7fffffff, 0x0) readv(r0, &(0x7f0000000300)=[{&(0x7f0000000080)=""/243, 0xf3}], 0x1) io_uring_enter(0xffffffffffffffff, 0x2def, 0x0, 0x0, 0x0, 0x0) syz_open_dev$usbfs(&(0x7f0000000040), 0x20000007d, 0x0) 367.893904ms ago: executing program 1: syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x90, &(0x7f0000000380)=ANY=[], 0x21, 0x553a, &(0x7f0000016d80)="$eJzs3L9vG+UbAPDHSdPf334jxMDWQxVSItVWnf4QbAVaARWtqgIDEzi2a7m1fVHsOCETAyNi4D9BIDExsrEzMLMhBhAbEsj3XqApVEKKEzfp5yOdn3vfe++59z1FkZ47ywE8sxaz336pxLk4FRHzEXE2otivlFvhegovRMT5iJh7ZKuU/X91HI+I0xFxbpI85ayUhz6/OL5w9edbv37z/YljZ774+ofZrRqYtZcior+W9jf7KeadFB+U/Y1xt4j9K+MypgP9h2U7T3GzvVpk2GzsjGsU8XInjc/XNoaTeL/XaE5ip3u/6F8bpAsOx52dPMUJDxrrRbvVXi1id5gXsbOd5rW1nf63bQ9HKU+rzPdRkT5Go52Y+ttb7bSetYdFbA5GZX/Km7faW5M4LmN5uWjmvVYxj9W93Omn2otvdwcbW9m4vT7s5oPsaq3+cq1+rVpfz1vtUftKtdFvXbuSLXV6k2HVUbvRv97J806vXWvm/eVsqdNsVuv1bOlGe7XbGGT1eu1y7VL16nK5dzF74857Wa+VLU3ia93BxqjbG2b38/UsnbGcrdQuv7KcXahn79y+m929d/Pm7bvvfnDj/Tuv3n7r9XLQP6aVLa1cWlmp1i9VV+rLe7sBh2r9n5STnuL6YU8qs54AwOGj/gdmYf/q//V7Eftf/4f6fyoOVf37dNT/392KODLrhz1R/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPLN+XPjyzWJnMbXPlP3/K7ueK9uViJiLiD/+xXwc35Vzvsyz8ITxC4/N4dtKFBkm1zhRbqcj4nq5/f7//b4LAAAAcHR99fH5z1K1nj4WZz0hDlJ6aDN39sMp5atExMLiT1PKNjf5eH5KyYq/72OxNaVsxQOsk1NKlh65HZtWtv9kflc4+UiopDD3+BlTWy0AADAzuyuBg61CAAAAOEifPvHIwwOdBwesEjuvMnfeBRffvP/7Zd+p1PbqDwAAAA6vyqwnAAAAAOy7ov73+38AAABwtKXf/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgT3buJjdtII4D6N8GF/qloqr7XqU7OEaP0GWXFQfoJTgCvUIvwBnorkdIIMLjkBCRkMRjrETvSfbYlvl5BvBiZqQBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOjSv2o5+/Pr6++2OZttO3laAwAAAByzrpaz+mCSzt831z82lz4350VElBFxrO8+iDcHmYMmp7rn/upOHf5G1Am7Z4ya7V1EfEvbNj51/S0AAADAqzTc7VbzxTT11tNu0netaO3Ub3h5c5gGbcoP3zM9uoiIavI/U1q5y/uSKaz+fw/jZ6a0egBrnCksDbkNc6U9Sv2670ftxreKIhXlw5/P1nYAAOCMBgfFeXshAAAAnNOPvitAF96evKOI66nM/VTgKBXjgwiTfQAAAPByFX1XAAAAAOhc3f9/yvp/0c/6f3Fh/T8AAAB4trT+HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF1aV8vZar6Yts3ZbNvJ0xoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAN7/7y/+JqXEmmXttLD2PJGunxtapsXduHP1hfP0aAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCLfvfL/4mpcSaZO20sHY8ka1eNravG3oPG0YPx9m8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+/eNm4oDAP5sn68/AHEEdEMQAokBFnq9lpZuiAEUMfAnIEXptYRe+dFmoFWFlIUNZe6CYEQICRS2/gNM3ZBaqUvZOtxQJBaWQ/bZOaepxIUo9iX5fKTn9z3H8fs+W4ry9XMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQGn03jROsk1nEsfFvnuPb61k/f0n+sydjQeLWcviqM6kD4ZXqh+ibnOJAAAAcHQkZX0fQniYbi5lfdzJ6/+0PCar+b9/bhKX9fyTdX/Zl7V/1n779dFLWwN1JuNkJ720Ohyc3plKa/9mOd+e/88jWvmVz5+9JPkNiT9cf3GU5tcz+vbu3ffbeXisjmwBgP/jVNkXQfn7UNb3m0wMgCOjVSm8y/o/6TSbEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAdRuvhmTKOQgiLrWmcuf/41srT+jsbDxbLdv727Y3qObNTpCGES6vDweka5zLvrt+4eWV5OBxcqz94NYTQ1OjvFtO/8vEMB4fQyPXZr+Cf8Xi8q+863nzOewri4mbPSz4HI2jwhxIAAIdSWrSsrn+Ybi5l+6KFEMY/bK//36jEYcb6/9En5+9Vx6rW//3aZjj/emtXv+hdv3HzrdWry5cHlwefvX2m/07/7IVz5y708mclPU9MAAAA2Jt20ar1f7ywc/3/ZCUOM9b/X37X/3o60h/5Vv2/03TRr+lMAAAAjrYXXvv7r+gp+6N2O3y1vLZ2rT/Zbn0+M9k2kOquHStatf5PFprOCgAAAKjDaD3atv5/sRKHGdf/n/3x5Z+r50xCCCeK9f9TK58PL9Y3nblWx58T7y6jZL+mCgAAQENOFK26/p/m7//HW688xCGEN1+fxMW/AZyp/k8++Oan6lhJ5f3/s/VNcS7F3cn1yPtuCK3uti//3lhiAAAAHErHi5YV+3+mm0uf/nLyo7b3/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADq9m8AAAD///SFQwU=") creat(&(0x7f0000000000)='./bus\x00', 0x0) linkat(0xffffffffffffff9c, &(0x7f0000000000)='./bus\x00', 0xffffffffffffff9c, &(0x7f00000000c0)='./file5\x00', 0x0) 19.001288ms ago: executing program 1: mkdir(0x0, 0x0) memfd_create(&(0x7f0000000180)='-B\xd5NI\xc5j\x9appp\xf0\b\x84\xa2m\x00\v\x18\x004\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\xca\xd7Uw\x00\xbc\xfa2\xb3\xbb\x8d\xac\xacva}knh#\xcf)\x0f\xc8\xc0:\x9cc\x10d\xee\xa9\x8b\x066\xb8G\xd1c\xe1$\xff\x97k\xde\xc5\xe96\xddU)\xc98M\xcd\xfb\xcc\x82n=\x7f=\xcdJx\xaa\x8f~\xb90a\xa9\xb2\x04K\x98\x93=\xabQ\xf7\x05\x1d\xa1\xce\x8b\x19\xea\xef\xe3', 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) write$FUSE_BMAP(0xffffffffffffffff, &(0x7f0000000080)={0x18}, 0x18) ioctl$FS_IOC_ENABLE_VERITY(0xffffffffffffffff, 0x40806685, 0x0) r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000180)=ANY=[@ANYBLOB="12010100000000105801000100000000000109022400010000002009040000010300000009210000000122dc0109058903"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_connect$printer(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="12011003000012002505a8a4f0"], 0x0) syz_usb_control_io(r0, &(0x7f0000000340)={0x2c, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0}, 0x0) 0s ago: executing program 2: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000280)='./bus\x00', 0x1200840, &(0x7f0000000880)=ANY=[@ANYBLOB="757466383d312c636865636b3d7374726963742c73686f72746e616d653d6d697865642c6e6f6e756d7461696c3d302c73686f72746e616d653d6d697865642c73686f72746e616d653d77696e39352c696f636861727365743d73703836322c696f636861727365743d63703433372c73686f72746e616d653d77696e39352c756e695f786c6174653d312c756e695f786c6174653d302c757466383d302c756e695f786c6174653d302c003c24d06816418f4be78ed4fbfe47efc82f966a602a8db43ad053c978bbd3501706515140ef63c2a58653ced497550b22917b09702604bc162c57e05beec5bb0c11fc2f9238b25e4527e24bab534e9ba458d92a597c3fee89f57053a4a1535771c9877b3ab101fb26937779cff75a95a296fafddf11280fafeb9bd5f2da4a88b43f3e4d5b1a9aed1f659d88f914548fba990603b0d4f14adda86d459c62701d3d6f007c7e50da9608a03eff58"], 0x3, 0x377, &(0x7f00000002c0)="$eJzs3UFom+UbAPAn/dKm/bP924MgCsKnN0HLNgXRix2jg2EuU8LUgxjcptLUwYrB7tCsXsSj4FFP3jzowcNuXgRFdvPg1QkyFQ+628CxT77kS/KlSWqZdLP4+x3Cs/d9nvd9v+Rl+ZqSt6+uxNrZ2Th/48b1mJ+vRHXlxErcrMRSJNF3OcbNTWgDAA6Gm1kWf2Q9EV/upaSy/6sCAPZT9/3/9cOllne/3i0/8+4PAAde8fP/Qrkt2ZEzP634wr4tCwDYR6Of/0fEI2MppV/1V8fuDQCAg+eFl15+7ng94vk0nY9Yf6/daDfimWH/8fPxZrTiXByJxbgV0btRyB8q3ceTp+qrR9I07cTPS9HIK9qNiPVOu9G7UziedOtrcTQWY6moL+42sixLTn5RXz2adkXE5U53/livtBuzsVDM/8P/4lwcizTuG6uPOFVfPZYWAzTW+/WzEdvDzy3y9S/HYnz3WlyIVpyNvLZ/W1Nf3Tqapiey+qHKsL7TbtS6eT1TPwEBAAAAAAAAAAAAAAAAAAAAAIA7spwOLA3Oz8mG5/csL0/o756P06svzgfa7p0PlNWyyLLf33m88X4SI+cD7Tifp9NuVGPm3l46AAAAAAAAAAAAAAAAAAAA/GtsbM5Fs9U6d3Fj89JaOehc3NiciYi85a1vP/tqIUZzFooBRqtGgmqRUupKh1VZ0k/OkpGcIkjyySvVXsunVwYrLufUBlcxcRm16V2t1uGHf/po2PJQ0h/59jAniYnXdSnZsYxysP7/3pKmPy27BMf+JudalmXTyrdeGa+KSkR16lLvMMjy4JvrbzzwxEZ/E2Q9jz62eObah5/8utZs5TPnWq25ixu3srVm8e/Jm216kJT2T6XYbJXyTqg2n7x9+tCUkbdHW5rJ97+9+OAHV4uWmd1fpuzM1WHL2xNykt6kn+/smusF+TIHXc/mQf4cjY8zO2HzTwqein/0wt3/8UrzytaPv+y1qvSfhIM6AAAAAAAAAAAAAAAAAADgrih9V7xQfNl3dreqp0/v/8oAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4O4Z/v3/QRAz2zta9hb82Yl+y5nod9XyAWOuNOPSPbxaAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+q/4KAAD//1UBZGs=") r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0) ftruncate(r2, 0x6) sync_file_range(r2, 0x0, 0x0, 0x6) kernel console output (not intermixed with test programs): g a program with bpf_probe_write_user helper that may corrupt user memory! [ 641.221298][T22442] syz-executor.2[22442] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 641.237976][T22442] binder: 22437:22442 ioctl c0306201 20000300 returned -22 [ 641.336187][ T9253] usb 5-1: new high-speed USB device number 51 using dummy_hcd [ 641.603213][ T9253] usb 5-1: Using ep0 maxpacket: 32 [ 641.689645][T22452] loop2: detected capacity change from 0 to 512 [ 641.701582][T22452] [EXT4 FS bs=4096, gc=1, bpg=71, ipg=32, mo=a803c019, mo2=0000] [ 641.709254][T22452] System zones: 0-2, 18-18, 34-34 [ 641.715565][T22452] EXT4-fs error (device loop2): mb_free_blocks:1813: group 0, inode 16: block 41:freeing already freed block (bit 41); block bitmap corrupt. [ 641.730166][T22452] EXT4-fs (loop2): 1 orphan inode deleted [ 641.735807][T22452] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 641.744660][T22452] ext4 filesystem being mounted at /root/syzkaller-testdir293362269/syzkaller.Wbc3h1/29/file1 supports timestamps until 2038 (0x7fffffff) [ 641.766865][T22080] EXT4-fs (loop2): unmounting filesystem. [ 641.785002][ T9253] usb 5-1: unable to get BOS descriptor or descriptor too short [ 641.786458][T22457] loop3: detected capacity change from 0 to 2048 [ 641.794759][T22460] loop2: detected capacity change from 0 to 256 [ 641.838778][T22457] loop3: p3 < > p4 < > [ 641.842787][T22457] loop3: partition table partially beyond EOD, truncated [ 641.849740][T22457] loop3: p3 start 4284289 is beyond EOD, truncated [ 641.881187][ T9253] usb 5-1: config 0 has an invalid interface number: 39 but max is 1 [ 641.889257][ T9253] usb 5-1: config 0 has no interface number 1 [ 641.895307][ T9253] usb 5-1: config 0 interface 39 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 641.905396][ T9253] usb 5-1: config 0 interface 0 altsetting 0 has a duplicate endpoint with address 0x1, skipping [ 642.095031][ T9253] usb 5-1: New USB device found, idVendor=19d2, idProduct=1003, bcdDevice=da.79 [ 642.104011][ T9253] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 642.111909][ T9253] usb 5-1: Product: syz [ 642.116121][ T9253] usb 5-1: Manufacturer: syz [ 642.120594][ T9253] usb 5-1: SerialNumber: syz [ 642.125701][ T9253] usb 5-1: config 0 descriptor?? [ 642.155175][T22471] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.3'. [ 642.180899][ T9253] usb 5-1: bad CDC descriptors [ 642.398621][ T4819] usb 5-1: USB disconnect, device number 51 [ 642.916920][T22479] loop3: detected capacity change from 0 to 512 [ 642.925197][T22479] EXT4-fs error (device loop3): ext4_orphan_get:1422: comm syz-executor.3: bad orphan inode 13 [ 642.936338][T22479] ext4_test_bit(bit=12, block=4) = 1 [ 642.941674][T22479] is_bad_inode(inode)=0 [ 642.945978][T22479] NEXT_ORPHAN(inode)=0 [ 642.950401][T22479] max_ino=32 [ 642.953520][T22479] i_nlink=1 [ 642.956504][T22479] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 642.966188][T22479] EXT4-fs warning (device loop3): dx_probe:832: inode #2: comm syz-executor.3: Unrecognised inode hash code 20 [ 642.977907][T22479] EXT4-fs warning (device loop3): dx_probe:965: inode #2: comm syz-executor.3: Corrupt directory, running e2fsck is recommended [ 642.991211][T22479] EXT4-fs warning (device loop3): dx_probe:832: inode #2: comm syz-executor.3: Unrecognised inode hash code 20 [ 643.002945][T22479] EXT4-fs warning (device loop3): dx_probe:965: inode #2: comm syz-executor.3: Corrupt directory, running e2fsck is recommended [ 643.017463][T22479] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 216 vs 220 free clusters [ 643.185879][T21673] EXT4-fs (loop3): unmounting filesystem. [ 643.194716][T22484] loop0: detected capacity change from 0 to 512 [ 643.221519][T22484] [EXT4 FS bs=4096, gc=1, bpg=71, ipg=32, mo=a803c019, mo2=0000] [ 643.224132][T22493] loop3: detected capacity change from 0 to 256 [ 643.229354][T22484] System zones: 0-2, 18-18, 34-34 [ 643.242636][T22484] EXT4-fs error (device loop0): mb_free_blocks:1813: group 0, inode 16: block 41:freeing already freed block (bit 41); block bitmap corrupt. [ 643.257290][T22484] EXT4-fs (loop0): 1 orphan inode deleted [ 643.263183][T22484] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 643.272712][T22484] ext4 filesystem being mounted at /root/syzkaller-testdir3368310169/syzkaller.fEeSsE/88/file1 supports timestamps until 2038 (0x7fffffff) [ 643.329529][T21306] EXT4-fs (loop0): unmounting filesystem. [ 643.363173][T22503] loop2: detected capacity change from 0 to 2048 [ 643.410551][T22503] loop2: p3 < > p4 < > [ 643.414733][T22503] loop2: partition table partially beyond EOD, truncated [ 643.421644][T22503] loop2: p3 start 4284289 is beyond EOD, truncated [ 643.568381][T22521] loop2: detected capacity change from 0 to 256 [ 643.602549][T18422] usb 5-1: new high-speed USB device number 52 using dummy_hcd [ 644.203290][T22542] loop0: detected capacity change from 0 to 2048 [ 644.243904][T18422] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 644.253960][T18422] usb 5-1: New USB device found, idVendor=0421, idProduct=026c, bcdDevice=1f.2f [ 644.254252][T22542] loop0: p3 < > p4 < > [ 644.262879][T18422] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 644.267193][T22542] loop0: partition table partially beyond EOD, truncated [ 644.275455][T18422] usb 5-1: config 0 descriptor?? [ 644.281855][T22542] loop0: p3 start 4284289 is beyond EOD, truncated [ 644.329716][T18422] rndis_host 5-1:0.0: skipping garbage [ 644.335034][T18422] rndis_host: probe of 5-1:0.0 failed with error -22 [ 644.341689][T18422] cdc_acm 5-1:0.0: skipping garbage [ 644.346693][T18422] cdc_acm 5-1:0.0: Control and data interfaces are not separated! [ 644.354442][T18422] cdc_acm 5-1:0.0: This needs exactly 3 endpoints [ 644.360586][T18422] cdc_acm: probe of 5-1:0.0 failed with error -22 [ 644.550849][T20393] usb 5-1: USB disconnect, device number 52 [ 644.791654][T22551] sch_fq: defrate 0 ignored. [ 645.643784][ T28] kauditd_printk_skb: 83 callbacks suppressed [ 645.643803][ T28] audit: type=1400 audit(2000000211.877:40045): avc: denied { write } for pid=22572 comm="syz-executor.0" path="socket:[118953]" dev="sockfs" ino=118953 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1 [ 646.007755][T20393] usb 1-1: new high-speed USB device number 73 using dummy_hcd [ 646.165227][ T24] usb 5-1: new high-speed USB device number 53 using dummy_hcd [ 646.297769][T22594] sch_fq: defrate 0 ignored. [ 646.446126][ T24] usb 5-1: Using ep0 maxpacket: 32 [ 646.510179][T20393] usb 1-1: Using ep0 maxpacket: 16 [ 646.574406][ T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 646.585435][ T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 646.596702][ T24] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 646.605570][ T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 646.614141][ T24] usb 5-1: config 0 descriptor?? [ 646.638564][T22590] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 646.660248][ T24] hub 5-1:0.0: USB hub found [ 646.702650][T20393] usb 1-1: unable to get BOS descriptor or descriptor too short [ 646.809540][T20393] usb 1-1: config 0 has no interfaces? [ 646.815330][T22598] loop3: detected capacity change from 0 to 40427 [ 646.822400][T22598] F2FS-fs (loop3): Wrong SSA boundary, start(3584) end(4096) blocks(0) [ 646.830505][T22598] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock [ 646.839273][T22598] F2FS-fs (loop3): invalid crc_offset: 5705724 [ 646.846523][T22598] F2FS-fs (loop3): Found nat_bits in checkpoint [ 646.881647][T22598] F2FS-fs (loop3): Try to recover 2th superblock, ret: -30 [ 646.888843][T22598] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 646.896146][ T24] hub 5-1:0.0: 2 ports detected [ 647.002016][T20393] usb 1-1: New USB device found, idVendor=17cc, idProduct=1010, bcdDevice=7d.64 [ 647.011069][T20393] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 647.014753][T22605] loop2: detected capacity change from 0 to 512 [ 647.018941][T20393] usb 1-1: Product: syz [ 647.027822][T22605] EXT4-fs error (device loop2): ext4_orphan_get:1422: comm syz-executor.2: bad orphan inode 13 [ 647.029055][T20393] usb 1-1: Manufacturer: syz [ 647.039457][T22605] ext4_test_bit(bit=12, block=4) = 1 [ 647.043554][T20393] usb 1-1: SerialNumber: syz [ 647.049240][T22605] is_bad_inode(inode)=0 [ 647.053822][T20393] usb 1-1: config 0 descriptor?? [ 647.057221][T22605] NEXT_ORPHAN(inode)=0 [ 647.065745][T22605] max_ino=32 [ 647.068868][T22605] i_nlink=1 [ 647.071803][T22605] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 647.085596][T22605] EXT4-fs warning (device loop2): dx_probe:832: inode #2: comm syz-executor.2: Unrecognised inode hash code 20 [ 647.097290][T22605] EXT4-fs warning (device loop2): dx_probe:965: inode #2: comm syz-executor.2: Corrupt directory, running e2fsck is recommended [ 647.110783][T22605] EXT4-fs warning (device loop2): dx_probe:832: inode #2: comm syz-executor.2: Unrecognised inode hash code 20 [ 647.122550][T22605] EXT4-fs warning (device loop2): dx_probe:965: inode #2: comm syz-executor.2: Corrupt directory, running e2fsck is recommended [ 647.137082][T22605] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 216 vs 220 free clusters [ 647.155991][T22080] EXT4-fs (loop2): unmounting filesystem. [ 647.237268][ T9253] usb 4-1: new high-speed USB device number 64 using dummy_hcd [ 647.327365][ T333] usb 1-1: USB disconnect, device number 73 [ 647.342230][T22620] loop2: detected capacity change from 0 to 8192 [ 647.367865][T22622] bridge0: port 3(veth1_macvtap) entered blocking state [ 647.374906][T22622] bridge0: port 3(veth1_macvtap) entered disabled state [ 647.417115][T22626] syz-executor.2[22626] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 647.417171][T22626] syz-executor.2[22626] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 647.664986][ T9253] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 647.687903][ T9253] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 647.701160][ T9253] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 647.710309][ T9253] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 647.721792][ T9253] usb 4-1: config 0 descriptor?? [ 647.880175][T22635] loop0: detected capacity change from 0 to 512 [ 647.888609][T22635] EXT4-fs error (device loop0): ext4_orphan_get:1422: comm syz-executor.0: bad orphan inode 13 [ 647.899267][T22635] ext4_test_bit(bit=12, block=4) = 1 [ 647.904560][T22635] is_bad_inode(inode)=0 [ 647.908551][T22635] NEXT_ORPHAN(inode)=0 [ 647.912679][T22635] max_ino=32 [ 647.915683][T22635] i_nlink=1 [ 647.918666][T22635] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 647.928914][T22635] EXT4-fs warning (device loop0): dx_probe:832: inode #2: comm syz-executor.0: Unrecognised inode hash code 20 [ 647.941611][T22635] EXT4-fs warning (device loop0): dx_probe:965: inode #2: comm syz-executor.0: Corrupt directory, running e2fsck is recommended [ 647.955097][T22635] EXT4-fs warning (device loop0): dx_probe:832: inode #2: comm syz-executor.0: Unrecognised inode hash code 20 [ 647.967271][T22635] EXT4-fs warning (device loop0): dx_probe:965: inode #2: comm syz-executor.0: Corrupt directory, running e2fsck is recommended [ 647.982755][T22635] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 216 vs 220 free clusters [ 648.001701][T21306] EXT4-fs (loop0): unmounting filesystem. [ 648.243069][ T9253] plantronics 0003:047F:FFFF.0082: No inputs registered, leaving [ 648.251564][ T9253] plantronics 0003:047F:FFFF.0082: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 648.330723][T22649] syz-executor.0[22649] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 648.331128][T22649] syz-executor.0[22649] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 648.481260][T22649] binder: 22646:22649 ioctl c0306201 20000300 returned -22 [ 649.162231][ T4734] usb 5-1: USB disconnect, device number 53 [ 649.493365][T20393] usb 4-1: USB disconnect, device number 64 [ 650.709591][T22691] loop3: detected capacity change from 0 to 2048 [ 650.747011][T22691] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 650.755718][T22691] ext4 filesystem being mounted at /root/syzkaller-testdir3390589521/syzkaller.dhSosr/89/file0 supports timestamps until 2038 (0x7fffffff) [ 650.780410][T21673] EXT4-fs (loop3): unmounting filesystem. [ 650.789180][ T28] audit: type=1326 audit(2000000216.694:40046): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22702 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f754e27cea9 code=0x7ffc0000 [ 650.815018][ T28] audit: type=1326 audit(2000000216.694:40047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22702 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f754e27cea9 code=0x7ffc0000 [ 650.840007][ T28] audit: type=1326 audit(2000000216.694:40048): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22702 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f754e27cea9 code=0x7ffc0000 [ 650.864462][ T28] audit: type=1326 audit(2000000216.694:40049): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22702 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=126 compat=0 ip=0x7f754e27cea9 code=0x7ffc0000 [ 650.888471][T18422] usb 1-1: new high-speed USB device number 74 using dummy_hcd [ 650.888700][ T28] audit: type=1326 audit(2000000216.694:40050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22702 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f754e27cea9 code=0x7ffc0000 [ 650.920102][ T28] audit: type=1326 audit(2000000216.694:40051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22702 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f754e27cea9 code=0x7ffc0000 [ 650.944148][ T28] audit: type=1326 audit(2000000216.722:40052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22702 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f754e27cea9 code=0x7ffc0000 [ 650.968346][ T28] audit: type=1326 audit(2000000216.722:40053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22702 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f754e27a627 code=0x7ffc0000 [ 650.992276][ T28] audit: type=1326 audit(2000000216.722:40054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22702 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f754e240309 code=0x7ffc0000 [ 651.016296][ T28] audit: type=1326 audit(2000000216.722:40055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22702 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=250 compat=0 ip=0x7f754e27cea9 code=0x7ffc0000 [ 651.040442][ T28] audit: type=1326 audit(2000000216.722:40056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22702 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f754e27a627 code=0x7ffc0000 [ 651.064442][ T9253] usb 3-1: new high-speed USB device number 67 using dummy_hcd [ 651.077100][ T28] audit: type=1326 audit(2000000216.722:40057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22702 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f754e240309 code=0x7ffc0000 [ 651.101489][ T28] audit: type=1326 audit(2000000216.722:40058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22702 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f754e27cea9 code=0x7ffc0000 [ 651.407804][ T9253] usb 3-1: Using ep0 maxpacket: 32 [ 651.547464][ T9253] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 651.558506][ T9253] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 651.569505][ T9253] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 651.578426][ T9253] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 651.586724][ T9253] usb 3-1: config 0 descriptor?? [ 651.588322][T18422] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 651.602336][T18422] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 651.609748][T22701] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 651.618853][T18422] usb 1-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00 [ 651.627727][T18422] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 651.636239][T18422] usb 1-1: config 0 descriptor?? [ 651.636564][ T9253] hub 3-1:0.0: USB hub found [ 651.855521][ T9253] hub 3-1:0.0: 2 ports detected [ 652.107071][T22729] loop3: detected capacity change from 0 to 2048 [ 652.124537][T22729] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 652.133176][T22729] ext4 filesystem being mounted at /root/syzkaller-testdir3390589521/syzkaller.dhSosr/95/file0 supports timestamps until 2038 (0x7fffffff) [ 652.155949][T18422] hid-thrustmaster 0003:044F:B65D.0083: unknown main item tag 0x0 [ 652.163678][T18422] hid-thrustmaster 0003:044F:B65D.0083: unknown main item tag 0x0 [ 652.171385][T18422] hid-thrustmaster 0003:044F:B65D.0083: unknown main item tag 0x0 [ 652.179263][T18422] hid-thrustmaster 0003:044F:B65D.0083: unbalanced collection at end of report description [ 652.197749][T18422] hid-thrustmaster 0003:044F:B65D.0083: parse failed with error -22 [ 652.205805][T18422] hid-thrustmaster: probe of 0003:044F:B65D.0083 failed with error -22 [ 652.214678][T21673] EXT4-fs (loop3): unmounting filesystem. [ 652.374065][ T24] usb 1-1: USB disconnect, device number 74 [ 652.374317][T22765] loop3: detected capacity change from 0 to 2048 [ 652.391361][T22765] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 652.399703][T22765] ext4 filesystem being mounted at /root/syzkaller-testdir3390589521/syzkaller.dhSosr/105/file0 supports timestamps until 2038 (0x7fffffff) [ 652.422849][T21673] EXT4-fs (loop3): unmounting filesystem. [ 653.187061][T22794] loop0: detected capacity change from 0 to 2048 [ 653.204365][T22794] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 653.212707][T22794] ext4 filesystem being mounted at /root/syzkaller-testdir3368310169/syzkaller.fEeSsE/123/file0 supports timestamps until 2038 (0x7fffffff) [ 653.236072][T21306] EXT4-fs (loop0): unmounting filesystem. [ 653.747766][T20393] usb 4-1: new high-speed USB device number 65 using dummy_hcd [ 653.812452][ T333] usb 3-1: USB disconnect, device number 67 [ 653.876084][ T825] usb 1-1: new high-speed USB device number 75 using dummy_hcd [ 654.143342][ T825] usb 1-1: Using ep0 maxpacket: 16 [ 654.207547][T20393] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 654.218367][T20393] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 654.227913][T20393] usb 4-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00 [ 654.236803][T20393] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 654.245436][T20393] usb 4-1: config 0 descriptor?? [ 654.335788][ T825] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 654.346534][ T825] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 654.359124][ T825] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 654.367965][ T825] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 654.372133][T22819] binder: 22818:22819 ioctl 400c620e 0 returned -14 [ 654.376539][ T825] usb 1-1: config 0 descriptor?? [ 654.389266][T22819] loop2: detected capacity change from 0 to 512 [ 654.396984][T22819] EXT4-fs error (device loop2): ext4_read_inode_bitmap:140: comm syz-executor.2: Invalid inode bitmap blk 4 in block_group 0 [ 654.410164][T22819] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 654.429385][T22080] EXT4-fs (loop2): unmounting filesystem. [ 654.446300][T22822] loop2: detected capacity change from 0 to 2048 [ 654.465694][T22822] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 654.473991][T22822] ext4 filesystem being mounted at /root/syzkaller-testdir293362269/syzkaller.Wbc3h1/72/file0 supports timestamps until 2038 (0x7fffffff) [ 654.496070][T22080] EXT4-fs (loop2): unmounting filesystem. [ 654.753411][T20393] hid-thrustmaster 0003:044F:B65D.0084: unknown main item tag 0x0 [ 654.761320][T20393] hid-thrustmaster 0003:044F:B65D.0084: unknown main item tag 0x0 [ 654.768933][T20393] hid-thrustmaster 0003:044F:B65D.0084: unknown main item tag 0x0 [ 654.776644][T20393] hid-thrustmaster 0003:044F:B65D.0084: unbalanced collection at end of report description [ 654.786833][T20393] hid-thrustmaster 0003:044F:B65D.0084: parse failed with error -22 [ 654.794661][T20393] hid-thrustmaster: probe of 0003:044F:B65D.0084 failed with error -22 [ 654.892646][ T825] microsoft 0003:045E:07DA.0085: unknown main item tag 0x0 [ 654.899717][ T825] microsoft 0003:045E:07DA.0085: unknown main item tag 0x0 [ 654.906764][ T825] microsoft 0003:045E:07DA.0085: unknown main item tag 0x0 [ 654.913768][ T825] microsoft 0003:045E:07DA.0085: unknown main item tag 0x0 [ 654.920813][ T825] microsoft 0003:045E:07DA.0085: unknown main item tag 0x0 [ 654.927892][ T825] microsoft 0003:045E:07DA.0085: unknown main item tag 0x0 [ 654.934950][ T825] microsoft 0003:045E:07DA.0085: unknown main item tag 0x0 [ 654.941969][ T825] microsoft 0003:045E:07DA.0085: unknown main item tag 0x0 [ 654.949040][ T825] microsoft 0003:045E:07DA.0085: unknown main item tag 0x0 [ 654.956223][ T825] microsoft 0003:045E:07DA.0085: unknown main item tag 0x0 [ 654.969525][ T825] input: HID 045e:07da as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:045E:07DA.0085/input/input125 [ 654.970295][ T9253] usb 4-1: USB disconnect, device number 65 [ 655.045277][T22851] device pim6reg1 entered promiscuous mode [ 655.052858][ T825] microsoft 0003:045E:07DA.0085: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0 [ 655.321959][ T4819] usb 1-1: USB disconnect, device number 75 [ 655.458303][T20393] usb 3-1: new high-speed USB device number 68 using dummy_hcd [ 655.701511][T22873] loop3: detected capacity change from 0 to 16 [ 655.708830][T22873] erofs: (device loop3): mounted with root inode @ nid 36. [ 655.846438][T22885] loop4: detected capacity change from 0 to 40427 [ 655.853419][T22885] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 655.861240][T22885] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 655.870459][T22885] F2FS-fs (loop4): invalid crc value [ 655.875817][T20393] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 655.879054][T22885] F2FS-fs (loop4): Found nat_bits in checkpoint [ 655.886626][T20393] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 655.902491][T20393] usb 3-1: New USB device found, idVendor=06cb, idProduct=73f5, bcdDevice= 0.00 [ 655.911441][T20393] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 655.920673][T20393] usb 3-1: config 0 descriptor?? [ 655.933167][T22885] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 655.940197][T22885] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 656.014142][ T9253] usb 4-1: new high-speed USB device number 66 using dummy_hcd [ 656.505972][ T9253] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 656.516754][ T9253] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 656.526240][ T9253] usb 4-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00 [ 656.535099][ T9253] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 656.543507][ T9253] usb 4-1: config 0 descriptor?? [ 656.571085][T20393] itetech 0003:06CB:73F5.0086: unbalanced collection at end of report description [ 656.580306][T20393] itetech: probe of 0003:06CB:73F5.0086 failed with error -22 [ 656.680049][ T2613] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 656.689348][ T2613] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 656.786151][ T24] usb 3-1: USB disconnect, device number 68 [ 656.856620][T22899] loop4: detected capacity change from 0 to 256 [ 657.051926][ T9253] hid-thrustmaster 0003:044F:B65D.0087: unknown main item tag 0x0 [ 657.059857][ T9253] hid-thrustmaster 0003:044F:B65D.0087: unknown main item tag 0x0 [ 657.067903][ T9253] hid-thrustmaster 0003:044F:B65D.0087: unknown main item tag 0x0 [ 657.075574][ T9253] hid-thrustmaster 0003:044F:B65D.0087: unbalanced collection at end of report description [ 657.085970][ T9253] hid-thrustmaster 0003:044F:B65D.0087: parse failed with error -22 [ 657.093848][ T9253] hid-thrustmaster: probe of 0003:044F:B65D.0087 failed with error -22 [ 657.268297][ T9253] usb 4-1: USB disconnect, device number 66 [ 657.832177][T22915] loop3: detected capacity change from 0 to 16 [ 657.839045][T22915] erofs: (device loop3): mounted with root inode @ nid 36. [ 658.505014][T18422] usb 4-1: new high-speed USB device number 67 using dummy_hcd [ 658.889945][T18422] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 658.900750][T18422] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 658.910335][T18422] usb 4-1: New USB device found, idVendor=06cb, idProduct=73f5, bcdDevice= 0.00 [ 658.919425][T18422] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 658.928152][T18422] usb 4-1: config 0 descriptor?? [ 659.212538][T22957] tipc: Failed to remove unknown binding: 66,1,1/0:2913012993/2913012995 [ 659.220872][T22957] tipc: Failed to remove unknown binding: 66,1,1/0:2913012993/2913012995 [ 659.649203][ T1381] usb 3-1: new high-speed USB device number 69 using dummy_hcd [ 659.676417][T18422] itetech 0003:06CB:73F5.0088: unbalanced collection at end of report description [ 659.685834][T18422] itetech: probe of 0003:06CB:73F5.0088 failed with error -22 [ 659.728459][ T346] usb 4-1: USB disconnect, device number 67 [ 659.937667][ T1381] usb 3-1: Using ep0 maxpacket: 16 [ 660.087316][ T1381] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024 [ 660.098549][ T1381] usb 3-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 660.107552][ T1381] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 660.115984][ T1381] usb 3-1: config 0 descriptor?? [ 660.601050][T22967] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 660.609536][T22967] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 660.623735][ T1381] hid (null): unknown global tag 0x83 [ 660.628987][ T1381] hid (null): unknown global tag 0xc [ 660.635135][ T1381] hid-generic 0003:0158:0100.0089: unknown main item tag 0x1 [ 660.642372][ T1381] hid-generic 0003:0158:0100.0089: unexpected long global item [ 660.649902][ T1381] hid-generic: probe of 0003:0158:0100.0089 failed with error -22 [ 660.839775][ T1381] usb 3-1: USB disconnect, device number 69 [ 661.203202][T23010] device pim6reg1 entered promiscuous mode [ 661.573235][T18422] usb 1-1: new high-speed USB device number 76 using dummy_hcd [ 661.669485][T20393] usb 3-1: new high-speed USB device number 70 using dummy_hcd [ 661.829829][T18422] usb 1-1: Using ep0 maxpacket: 16 [ 661.958173][T18422] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 661.969131][T18422] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 661.981744][T18422] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 661.990637][T18422] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 661.998957][T18422] usb 1-1: config 0 descriptor?? [ 662.054388][T20393] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 662.065322][T20393] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 662.074940][T20393] usb 3-1: New USB device found, idVendor=06cb, idProduct=73f5, bcdDevice= 0.00 [ 662.083869][T20393] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 662.093307][T20393] usb 3-1: config 0 descriptor?? [ 662.485202][T23024] loop3: detected capacity change from 0 to 131072 [ 662.494868][T23024] F2FS-fs (loop3): Found nat_bits in checkpoint [ 662.515383][T18422] microsoft 0003:045E:07DA.008A: unknown main item tag 0x0 [ 662.522437][T18422] microsoft 0003:045E:07DA.008A: unknown main item tag 0x0 [ 662.529606][T18422] microsoft 0003:045E:07DA.008A: unknown main item tag 0x0 [ 662.536730][T18422] microsoft 0003:045E:07DA.008A: unknown main item tag 0x0 [ 662.537141][T23024] F2FS-fs (loop3): Mounted with checkpoint version = 753bd00b [ 662.543886][T18422] microsoft 0003:045E:07DA.008A: unknown main item tag 0x0 [ 662.558785][T18422] microsoft 0003:045E:07DA.008A: unknown main item tag 0x0 [ 662.565838][T18422] microsoft 0003:045E:07DA.008A: unknown main item tag 0x0 [ 662.572986][T18422] microsoft 0003:045E:07DA.008A: unknown main item tag 0x0 [ 662.580163][T18422] microsoft 0003:045E:07DA.008A: unknown main item tag 0x0 [ 662.587230][T18422] microsoft 0003:045E:07DA.008A: unknown main item tag 0x0 [ 662.595565][T20393] itetech 0003:06CB:73F5.008B: unbalanced collection at end of report description [ 662.610527][T20393] itetech: probe of 0003:06CB:73F5.008B failed with error -22 [ 662.618556][T18422] input: HID 045e:07da as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:045E:07DA.008A/input/input127 [ 662.703910][T18422] microsoft 0003:045E:07DA.008A: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0 [ 662.811996][T18422] usb 3-1: USB disconnect, device number 70 [ 662.955584][ T1381] usb 1-1: USB disconnect, device number 76 [ 663.681115][T23077] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 663.829008][T20393] usb 1-1: new high-speed USB device number 77 using dummy_hcd [ 664.427827][T20393] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 664.438836][T20393] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 664.448496][T20393] usb 1-1: New USB device found, idVendor=06cb, idProduct=73f5, bcdDevice= 0.00 [ 664.457381][T20393] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 664.465821][T20393] usb 1-1: config 0 descriptor?? [ 664.962203][ T1381] usb 4-1: new high-speed USB device number 68 using dummy_hcd [ 664.984589][T20393] itetech 0003:06CB:73F5.008C: unbalanced collection at end of report description [ 664.994063][T20393] itetech: probe of 0003:06CB:73F5.008C failed with error -22 [ 665.110234][T23094] bridge0: port 1(bridge_slave_0) entered blocking state [ 665.117154][T23094] bridge0: port 1(bridge_slave_0) entered disabled state [ 665.124408][T23094] device bridge_slave_0 entered promiscuous mode [ 665.135570][T23094] bridge0: port 2(bridge_slave_1) entered blocking state [ 665.142588][T23094] bridge0: port 2(bridge_slave_1) entered disabled state [ 665.149814][T23094] device bridge_slave_1 entered promiscuous mode [ 665.201341][ T4819] usb 1-1: USB disconnect, device number 77 [ 665.205841][T23094] bridge0: port 2(bridge_slave_1) entered blocking state [ 665.213952][T23094] bridge0: port 2(bridge_slave_1) entered forwarding state [ 665.221176][T23094] bridge0: port 1(bridge_slave_0) entered blocking state [ 665.228044][T23094] bridge0: port 1(bridge_slave_0) entered forwarding state [ 665.235192][ T1381] usb 4-1: Using ep0 maxpacket: 16 [ 665.256571][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 665.264448][ T24] bridge0: port 1(bridge_slave_0) entered disabled state [ 665.271512][ T24] bridge0: port 2(bridge_slave_1) entered disabled state [ 665.280569][T18422] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 665.288877][T18422] bridge0: port 1(bridge_slave_0) entered blocking state [ 665.295744][T18422] bridge0: port 1(bridge_slave_0) entered forwarding state [ 665.315818][T18422] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 665.323813][T18422] bridge0: port 2(bridge_slave_1) entered blocking state [ 665.330748][T18422] bridge0: port 2(bridge_slave_1) entered forwarding state [ 665.338720][T18422] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 665.346471][T18422] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 665.360168][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 665.372004][T23094] device veth0_vlan entered promiscuous mode [ 665.379133][ T1381] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 665.379465][T18422] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 665.389966][ T1381] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 665.397956][T18422] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 665.410264][ T1381] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 665.417682][T18422] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 665.425870][ T1381] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 665.443291][ T1381] usb 4-1: config 0 descriptor?? [ 665.448670][T23094] device veth1_macvtap entered promiscuous mode [ 665.455659][T20393] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 665.467627][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 665.479486][T18422] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 665.668628][ T2613] device bridge_slave_1 left promiscuous mode [ 665.675102][ T2613] bridge0: port 2(bridge_slave_1) entered disabled state [ 665.689704][ T2613] device bridge_slave_0 left promiscuous mode [ 665.695783][ T2613] bridge0: port 1(bridge_slave_0) entered disabled state [ 665.722443][ T2613] device veth1_macvtap left promiscuous mode [ 665.731981][ T2613] device veth0_vlan left promiscuous mode [ 665.957379][ T1381] microsoft 0003:045E:07DA.008D: unknown main item tag 0x0 [ 665.964429][ T1381] microsoft 0003:045E:07DA.008D: unknown main item tag 0x0 [ 665.971536][ T1381] microsoft 0003:045E:07DA.008D: unknown main item tag 0x0 [ 665.978814][ T1381] microsoft 0003:045E:07DA.008D: unknown main item tag 0x0 [ 665.985897][ T1381] microsoft 0003:045E:07DA.008D: unknown main item tag 0x0 [ 665.993069][ T1381] microsoft 0003:045E:07DA.008D: unknown main item tag 0x0 [ 666.000153][ T1381] microsoft 0003:045E:07DA.008D: unknown main item tag 0x0 [ 666.000880][T23107] bridge0: port 1(bridge_slave_0) entered blocking state [ 666.007160][ T1381] microsoft 0003:045E:07DA.008D: unknown main item tag 0x0 [ 666.014261][T23107] bridge0: port 1(bridge_slave_0) entered disabled state [ 666.028150][ T1381] microsoft 0003:045E:07DA.008D: unknown main item tag 0x0 [ 666.028783][T23107] device bridge_slave_0 entered promiscuous mode [ 666.040729][ T1381] microsoft 0003:045E:07DA.008D: unknown main item tag 0x0 [ 666.042597][T23107] bridge0: port 2(bridge_slave_1) entered blocking state [ 666.055439][ T1381] input: HID 045e:07da as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:045E:07DA.008D/input/input128 [ 666.055551][T23107] bridge0: port 2(bridge_slave_1) entered disabled state [ 666.075317][T23107] device bridge_slave_1 entered promiscuous mode [ 666.149035][ T1381] microsoft 0003:045E:07DA.008D: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0 [ 666.188113][T20393] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 666.195519][T20393] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 666.204472][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 666.212828][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 666.224015][ T24] bridge0: port 1(bridge_slave_0) entered blocking state [ 666.230899][ T24] bridge0: port 1(bridge_slave_0) entered forwarding state [ 666.239121][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 666.256793][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 666.267504][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 666.315992][ T24] bridge0: port 2(bridge_slave_1) entered blocking state [ 666.322887][ T24] bridge0: port 2(bridge_slave_1) entered forwarding state [ 666.368728][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 666.379364][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 666.411895][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 666.422228][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 666.453451][T23107] device veth0_vlan entered promiscuous mode [ 666.466319][T23107] device veth1_macvtap entered promiscuous mode [ 666.470068][ T9253] usb 4-1: USB disconnect, device number 68 [ 666.480749][ T1381] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 666.489493][ T1381] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 666.500321][ T1381] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 666.508609][ T1381] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 666.564363][ T1381] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 666.572452][ T1381] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 666.580512][ T1381] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 666.588281][ T1381] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 666.596283][ T1381] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 666.604560][ T1381] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 666.612645][ T1381] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 666.621154][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 666.628440][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 666.970235][T23136] loop2: detected capacity change from 0 to 2048 [ 667.156472][T23136] Alternate GPT is invalid, using primary GPT. [ 667.196794][T23136] loop2: p1 p2 p3 [ 667.222341][T23143] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 667.350905][ T2613] device bridge_slave_1 left promiscuous mode [ 667.364961][ T2613] bridge0: port 2(bridge_slave_1) entered disabled state [ 667.398287][ T2613] device bridge_slave_0 left promiscuous mode [ 667.467129][ T2613] bridge0: port 1(bridge_slave_0) entered disabled state [ 667.488796][ T2613] device veth1_macvtap left promiscuous mode [ 667.506169][ T2613] device veth0_vlan left promiscuous mode [ 667.675629][T23170] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 667.855470][T23168] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 668.088963][T23182] loop1: detected capacity change from 0 to 40427 [ 668.170497][T23182] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 668.185165][T23182] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 668.207852][T23182] F2FS-fs (loop1): invalid crc value [ 668.330476][T23182] F2FS-fs (loop1): Found nat_bits in checkpoint [ 668.392873][T23182] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 668.413260][T23182] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 669.027081][T23214] loop2: detected capacity change from 0 to 256 [ 669.079151][T14070] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 669.097763][T14070] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 669.108444][T23216] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'. [ 669.123017][T23159] loop0: detected capacity change from 0 to 131072 [ 669.155291][T23159] F2FS-fs (loop0): Found nat_bits in checkpoint [ 669.228007][T23159] F2FS-fs (loop0): Mounted with checkpoint version = 753bd00b [ 669.424120][ T24] usb 5-1: new high-speed USB device number 54 using dummy_hcd [ 669.826444][ T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 669.838448][ T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 669.850111][ T24] usb 5-1: New USB device found, idVendor=06cb, idProduct=73f5, bcdDevice= 0.00 [ 669.859769][ T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 669.868608][ T24] usb 5-1: config 0 descriptor?? [ 670.357617][T23260] loop0: detected capacity change from 0 to 131072 [ 670.372704][ T24] itetech 0003:06CB:73F5.008E: unknown main item tag 0x0 [ 670.379596][ T24] itetech 0003:06CB:73F5.008E: item fetching failed at offset 10/11 [ 670.387975][ T24] itetech: probe of 0003:06CB:73F5.008E failed with error -22 [ 670.396207][T23269] loop3: detected capacity change from 0 to 256 [ 670.460936][T23269] loop3: detected capacity change from 0 to 512 [ 670.510175][T23269] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 670.527453][T23269] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 670.548128][T23269] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c842e11c, mo2=0002] [ 670.557903][T23269] EXT4-fs (loop3): orphan cleanup on readonly fs [ 670.573440][T23269] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz-executor.3: bg 0: block 361: padding at end of block bitmap is not set [ 670.592262][T23269] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6157: Corrupt filesystem [ 670.601159][T23269] EXT4-fs error (device loop3): ext4_clear_blocks:883: inode #11: comm syz-executor.3: attempt to clear invalid blocks 33619980 len 1 [ 670.615797][T23269] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz-executor.3: invalid indirect mapped block 1811939328 (level 0) [ 670.630303][T23269] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz-executor.3: invalid indirect mapped block 2185560079 (level 1) [ 670.645989][T23269] EXT4-fs (loop3): 1 truncate cleaned up [ 670.651659][T23269] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 670.660776][T23269] EXT4-fs warning (device loop3): dx_probe:892: inode #2: comm syz-executor.3: dx entry: limit 0 != root limit 125 [ 670.672909][T23269] EXT4-fs warning (device loop3): dx_probe:965: inode #2: comm syz-executor.3: Corrupt directory, running e2fsck is recommended [ 670.686384][T23269] EXT4-fs warning (device loop3): dx_probe:892: inode #2: comm syz-executor.3: dx entry: limit 0 != root limit 125 [ 670.698395][T23269] EXT4-fs warning (device loop3): dx_probe:965: inode #2: comm syz-executor.3: Corrupt directory, running e2fsck is recommended [ 670.715731][T21673] EXT4-fs (loop3): unmounting filesystem. [ 671.177013][ T1381] usb 5-1: USB disconnect, device number 54 [ 671.231536][T23301] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'. [ 671.240950][T23301] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 671.250240][T23301] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 671.259404][T23301] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 671.355158][ T825] usb 3-1: new high-speed USB device number 71 using dummy_hcd [ 671.761085][T23307] loop0: detected capacity change from 0 to 16 [ 671.767793][T23307] erofs: (device loop0): mounted with root inode @ nid 36. [ 671.775632][T23307] incfs: Can't find or create .index dir in ./file0 [ 671.782179][T23307] incfs: mount failed -30 [ 671.857653][ T825] usb 3-1: Using ep0 maxpacket: 16 [ 671.986010][ T825] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 671.997450][ T825] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 672.010524][ T825] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 672.019599][ T825] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 672.028215][ T825] usb 3-1: config 0 descriptor?? [ 672.242528][ T24] usb 1-1: new high-speed USB device number 78 using dummy_hcd [ 672.345884][T23333] loop4: detected capacity change from 0 to 16 [ 672.354448][T23333] erofs: (device loop4): mounted with root inode @ nid 36. [ 672.362343][T23333] incfs: Can't find or create .index dir in ./file0 [ 672.368862][T23333] incfs: mount failed -30 [ 672.542893][ T825] microsoft 0003:045E:07DA.008F: unknown main item tag 0x0 [ 672.549956][ T825] microsoft 0003:045E:07DA.008F: unknown main item tag 0x0 [ 672.557067][ T825] microsoft 0003:045E:07DA.008F: unknown main item tag 0x0 [ 672.564161][ T825] microsoft 0003:045E:07DA.008F: unknown main item tag 0x0 [ 672.571432][ T825] microsoft 0003:045E:07DA.008F: unknown main item tag 0x0 [ 672.670276][ T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 672.681562][ T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 672.691249][ T24] usb 1-1: New USB device found, idVendor=06cb, idProduct=73f5, bcdDevice= 0.00 [ 672.701417][ T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 672.708193][ T825] microsoft 0003:045E:07DA.008F: unknown main item tag 0x0 [ 672.716556][ T825] microsoft 0003:045E:07DA.008F: unknown main item tag 0x0 [ 672.724114][ T825] microsoft 0003:045E:07DA.008F: unknown main item tag 0x0 [ 672.729446][T23347] loop4: detected capacity change from 0 to 256 [ 672.731163][ T825] microsoft 0003:045E:07DA.008F: unknown main item tag 0x0 [ 672.738376][ T24] usb 1-1: config 0 descriptor?? [ 672.744278][ T825] microsoft 0003:045E:07DA.008F: unknown main item tag 0x0 [ 672.759437][T23347] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 672.776372][ T825] input: HID 045e:07da as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:045E:07DA.008F/input/input129 [ 672.815476][T23351] loop4: detected capacity change from 0 to 1024 [ 672.822452][T23351] EXT4-fs: Ignoring removed orlov option [ 672.828293][T23351] EXT4-fs (loop4): Test dummy encryption mode enabled [ 672.839234][T23351] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 672.857577][T23094] EXT4-fs (loop4): unmounting filesystem. [ 672.868048][ T825] microsoft 0003:045E:07DA.008F: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0 [ 672.975930][T23361] loop4: detected capacity change from 0 to 16 [ 672.982175][ T9253] usb 3-1: USB disconnect, device number 71 [ 672.983785][T23361] erofs: (device loop4): mounted with root inode @ nid 36. [ 673.197047][T23361] incfs: Can't find or create .index dir in ./file0 [ 673.307363][T23361] incfs: mount failed -30 [ 673.323443][T23365] loop1: detected capacity change from 0 to 512 [ 673.331619][T23365] EXT4-fs (loop1): orphan cleanup on readonly fs [ 673.338422][T23365] Quota error (device loop1): find_block_dqentry: Quota for id 0 referenced but not present [ 673.348422][T23365] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0 [ 673.359404][T23365] EXT4-fs (loop1): 1 truncate cleaned up [ 673.365209][T23365] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 673.444824][T23374] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check. [ 673.558646][ T24] itetech 0003:06CB:73F5.0090: unknown main item tag 0x0 [ 673.565811][ T24] itetech 0003:06CB:73F5.0090: item fetching failed at offset 10/11 [ 673.574836][ T24] itetech: probe of 0003:06CB:73F5.0090 failed with error -22 [ 674.114247][T23391] loop2: detected capacity change from 0 to 512 [ 674.137026][T23391] EXT4-fs (loop2): 1 orphan inode deleted [ 674.142592][T23391] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 674.151428][T23391] ext4 filesystem being mounted at /root/syzkaller-testdir293362269/syzkaller.Wbc3h1/127/file1 supports timestamps until 2038 (0x7fffffff) [ 674.180039][T23107] EXT4-fs (loop1): unmounting filesystem. [ 675.287724][T23398] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 675.338376][ T4819] usb 1-1: USB disconnect, device number 78 [ 675.389144][T21673] ------------[ cut here ]------------ [ 675.392805][T23409] loop0: detected capacity change from 0 to 512 [ 675.394455][T21673] WARNING: CPU: 0 PID: 21673 at fs/overlayfs/util.c:484 ovl_dir_modified+0x1a5/0x1e0 [ 675.409870][T21673] Modules linked in: [ 675.413524][T21673] CPU: 0 PID: 21673 Comm: syz-executor.3 Tainted: G W 6.1.78-syzkaller-00009-g25216be1ac5e #0 [ 675.425031][T21673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 675.426061][T23409] EXT4-fs (loop0): orphan cleanup on readonly fs [ 675.434900][T21673] RIP: 0010:ovl_dir_modified+0x1a5/0x1e0 [ 675.441729][T23409] Quota error (device loop0): find_block_dqentry: Quota for id 0 referenced but not present [ 675.446593][T21673] Code: 00 00 fc ff df 80 3c 08 00 74 08 4c 89 ff e8 42 44 9d ff 49 ff 07 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 cb 46 56 ff <0f> 0b e9 06 ff ff ff e8 bf 46 56 ff 0f 0b e9 3d ff ff ff 44 89 e1 [ 675.446614][T21673] RSP: 0018:ffffc90002f6fae0 EFLAGS: 00010293 [ 675.446634][T21673] RAX: ffffffff821f2d35 RBX: 0000000000000000 RCX: ffff88811b4e8000 [ 675.446649][T21673] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 675.446661][T21673] RBP: ffffc90002f6fb10 R08: ffffffff821f2c34 R09: ffffed10289a4e7f [ 675.446676][T21673] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff888134251000 [ 675.446692][T21673] R13: ffff888134251030 R14: 1ffff1102684a206 R15: ffff888144d27350 [ 675.446707][T21673] FS: 0000555555c6a480(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 675.446726][T21673] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 675.446741][T21673] CR2: 00007ffc99532fa8 CR3: 0000000154f7b000 CR4: 00000000003506b0 [ 675.446759][T21673] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 675.446772][T21673] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 675.446787][T21673] Call Trace: [ 675.446793][T21673] [ 675.456734][T23409] Quota error (device loop0): qtree_read_dquot: Can't read quota structure for id 0 [ 675.476186][T21673] ? show_regs+0x58/0x60 [ 675.476216][T21673] ? __warn+0x160/0x3d0 [ 675.531983][T23409] EXT4-fs (loop0): 1 truncate cleaned up [ 675.536522][T21673] ? ovl_dir_modified+0x1a5/0x1e0 [ 675.536563][T21673] ? report_bug+0x4d5/0x7d0 [ 675.569303][T23412] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. [ 675.575065][T21673] ? ovl_dir_modified+0x1a5/0x1e0 [ 675.612070][T21673] ? handle_bug+0x41/0x70 [ 675.616212][T21673] ? exc_invalid_op+0x1b/0x50 [ 675.620746][T21673] ? asm_exc_invalid_op+0x1b/0x20 [ 675.625580][T21673] ? ovl_dir_modified+0xa4/0x1e0 [ 675.630440][T21673] ? ovl_dir_modified+0x1a5/0x1e0 [ 675.635333][T21673] ? ovl_dir_modified+0x1a5/0x1e0 [ 675.640165][T21673] ovl_do_remove+0x7fc/0xbf0 [ 675.644614][T21673] ? ovl_set_redirect+0x670/0x670 [ 675.649450][T21673] ? selinux_inode_rmdir+0x22/0x30 [ 675.654415][T21673] ovl_rmdir+0x1a/0x20 [ 675.658302][T21673] vfs_rmdir+0x398/0x500 [ 675.662383][T21673] incfs_kill_sb+0x113/0x230 [ 675.666826][T21673] deactivate_locked_super+0xad/0x110 [ 675.672013][T21673] deactivate_super+0xbe/0xf0 [ 675.676682][T21673] cleanup_mnt+0x485/0x510 [ 675.681001][T21673] ? user_path_at_empty+0x14e/0x1a0 [ 675.686071][T21673] __cleanup_mnt+0x19/0x20 [ 675.690287][T21673] task_work_run+0x24d/0x2e0 [ 675.694725][T21673] ? task_work_cancel+0x2b0/0x2b0 [ 675.699697][T21673] ? __x64_sys_umount+0x122/0x170 [ 675.704547][T21673] exit_to_user_mode_loop+0x94/0xa0 [ 675.709585][T21673] exit_to_user_mode_prepare+0x5a/0xa0 [ 675.714858][T21673] syscall_exit_to_user_mode+0x26/0x140 [ 675.720366][T21673] do_syscall_64+0x49/0xb0 [ 675.724598][T21673] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 675.730345][T21673] RIP: 0033:0x7f2f6707e1d7 [ 675.734577][T21673] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8 [ 675.754134][T21673] RSP: 002b:00007ffc99533758 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 675.762370][T21673] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f2f6707e1d7 [ 675.770167][T21673] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc99533810 [ 675.778018][T21673] RBP: 00007ffc99533810 R08: 0000000000000000 R09: 0000000000000000 [ 675.785804][T21673] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc995348c0 [ 675.793612][T21673] R13: 00007f2f670d9636 R14: 000000000009a6d0 R15: 0000000000000017 [ 675.801615][T21673] [ 675.804490][T21673] ---[ end trace 0000000000000000 ]--- [ 675.810322][T21673] ------------[ cut here ]------------ [ 675.815755][T21673] WARNING: CPU: 1 PID: 21673 at fs/overlayfs/util.c:484 ovl_dir_modified+0x1a5/0x1e0 [ 675.825175][T21673] Modules linked in: [ 675.829150][T21673] CPU: 1 PID: 21673 Comm: syz-executor.3 Tainted: G W 6.1.78-syzkaller-00009-g25216be1ac5e #0 [ 675.829357][T23409] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 675.840687][T21673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 675.859296][T21673] RIP: 0010:ovl_dir_modified+0x1a5/0x1e0 [ 675.864780][T21673] Code: 00 00 fc ff df 80 3c 08 00 74 08 4c 89 ff e8 42 44 9d ff 49 ff 07 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 cb 46 56 ff <0f> 0b e9 06 ff ff ff e8 bf 46 56 ff 0f 0b e9 3d ff ff ff 44 89 e1 [ 675.884510][T21673] RSP: 0018:ffffc90002f6fae0 EFLAGS: 00010293 [ 675.890465][T21673] RAX: ffffffff821f2d35 RBX: 0000000000000000 RCX: ffff88811b4e8000 [ 675.898436][T21673] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 675.906257][T21673] RBP: ffffc90002f6fb10 R08: ffffffff821f2c34 R09: ffffed10289a4e7f [ 675.914058][T21673] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff888134251000 [ 675.921877][T21673] R13: ffff888134251030 R14: 1ffff1102684a206 R15: ffff888144d27350 [ 675.929753][T21673] FS: 0000555555c6a480(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 675.938532][T21673] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 675.945144][T21673] CR2: 0000001b2fc26000 CR3: 0000000154f7b000 CR4: 00000000003506a0 [ 675.952989][T21673] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 675.960849][T21673] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 675.968885][T21673] Call Trace: [ 675.971993][T21673] [ 675.973555][ T28] audit: type=1400 audit(2000000240.173:40059): avc: denied { watch_reads } for pid=23408 comm="syz-executor.0" path="/root/syzkaller-testdir3368310169/syzkaller.fEeSsE/167/file0" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 675.974796][T21673] ? show_regs+0x58/0x60 [ 676.006703][T21673] ? __warn+0x160/0x3d0 [ 676.010913][T21673] ? ovl_dir_modified+0x1a5/0x1e0 [ 676.015797][T21673] ? report_bug+0x4d5/0x7d0 [ 676.017135][T23421] loop4: detected capacity change from 0 to 512 [ 676.020168][T21673] ? ovl_dir_modified+0x1a5/0x1e0 [ 676.031097][T21673] ? handle_bug+0x41/0x70 [ 676.035267][T21673] ? exc_invalid_op+0x1b/0x50 [ 676.039967][T21673] ? asm_exc_invalid_op+0x1b/0x20 [ 676.042094][T23421] EXT4-fs (loop4): orphan cleanup on readonly fs [ 676.045014][T21673] ? ovl_dir_modified+0xa4/0x1e0 [ 676.051463][T23421] Quota error (device loop4): find_block_dqentry: Quota for id 0 referenced but not present [ 676.055698][T21673] ? ovl_dir_modified+0x1a5/0x1e0 [ 676.055738][T21673] ? ovl_dir_modified+0x1a5/0x1e0 [ 676.065794][T23421] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0 [ 676.070489][T21673] ovl_do_remove+0x7fc/0xbf0 [ 676.075825][T23421] EXT4-fs (loop4): 1 truncate cleaned up [ 676.084556][T21673] ? ovl_set_redirect+0x670/0x670 [ 676.084589][T21673] ? selinux_inode_rmdir+0x22/0x30 [ 676.104386][T21673] ovl_rmdir+0x1a/0x20 [ 676.108264][T21673] vfs_rmdir+0x398/0x500 [ 676.112364][T21673] incfs_kill_sb+0x1b4/0x230 [ 676.112597][T23421] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 676.116858][T21673] deactivate_locked_super+0xad/0x110 [ 676.116888][T21673] deactivate_super+0xbe/0xf0 [ 676.135304][T21673] cleanup_mnt+0x485/0x510 [ 676.139547][T21673] ? user_path_at_empty+0x14e/0x1a0 [ 676.144576][T21673] __cleanup_mnt+0x19/0x20 [ 676.148793][T21673] task_work_run+0x24d/0x2e0 [ 676.153223][T21673] ? task_work_cancel+0x2b0/0x2b0 [ 676.158112][T21673] ? __x64_sys_umount+0x122/0x170 [ 676.162942][T21673] exit_to_user_mode_loop+0x94/0xa0 [ 676.167990][T21673] exit_to_user_mode_prepare+0x5a/0xa0 [ 676.173279][T21673] syscall_exit_to_user_mode+0x26/0x140 [ 676.178680][T21673] do_syscall_64+0x49/0xb0 [ 676.182914][T21673] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 676.188755][T21673] RIP: 0033:0x7f2f6707e1d7 [ 676.192992][T21673] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8 [ 676.212673][T21673] RSP: 002b:00007ffc99533758 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 676.221009][T21673] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f2f6707e1d7 [ 676.228797][T21673] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc99533810 [ 676.236624][T21673] RBP: 00007ffc99533810 R08: 0000000000000000 R09: 0000000000000000 [ 676.244702][T21673] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc995348c0 [ 676.252527][T21673] R13: 00007f2f670d9636 R14: 000000000009a6d0 R15: 0000000000000017 [ 676.260417][T21673] [ 676.263289][T21673] ---[ end trace 0000000000000000 ]--- [ 676.285557][T21306] EXT4-fs (loop0): unmounting filesystem. [ 676.304331][T22080] EXT4-fs (loop2): unmounting filesystem. [ 676.413183][T23094] EXT4-fs (loop4): unmounting filesystem. [ 676.421351][T23433] netlink: 'syz-executor.1': attribute type 4 has an invalid length. [ 676.433881][T23433] netlink: 'syz-executor.1': attribute type 4 has an invalid length. [ 676.475015][T23445] syz-executor.0[23445] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 676.475122][T23445] syz-executor.0[23445] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 676.512232][T23445] syz-executor.0[23445] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 676.523984][T23445] syz-executor.0[23445] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 676.565454][T23449] loop4: detected capacity change from 0 to 16 [ 676.584387][T23449] erofs: (device loop4): mounted with root inode @ nid 36. [ 676.743658][ T1381] usb 4-1: new high-speed USB device number 69 using dummy_hcd [ 676.910395][T23453] device pim6reg1 entered promiscuous mode [ 676.920571][T23457] loop0: detected capacity change from 0 to 512 [ 676.931740][T23459] device vlan2 entered promiscuous mode [ 676.938930][T23457] EXT4-fs (loop0): 1 orphan inode deleted [ 676.944632][T23457] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 676.953437][T23457] ext4 filesystem being mounted at /root/syzkaller-testdir3368310169/syzkaller.fEeSsE/172/file1 supports timestamps until 2038 (0x7fffffff) [ 677.039924][T23470] netlink: 'syz-executor.4': attribute type 4 has an invalid length. [ 677.051908][T23470] netlink: 'syz-executor.4': attribute type 4 has an invalid length. [ 677.194127][T23478] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 677.304068][ T1381] usb 4-1: Using ep0 maxpacket: 16 [ 677.477384][T23487] device pim6reg1 entered promiscuous mode [ 677.489808][ T28] audit: type=1400 audit(2000000241.669:40060): avc: denied { map } for pid=23490 comm="syz-executor.2" path="socket:[121982]" dev="sockfs" ino=121982 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1 [ 677.514279][ T346] usb 2-1: new high-speed USB device number 56 using dummy_hcd [ 677.566474][ T1381] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 677.577337][ T1381] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 677.590077][ T1381] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 677.599515][ T1381] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 677.608417][ T1381] usb 4-1: config 0 descriptor?? [ 677.611574][T23495] netlink: 'syz-executor.2': attribute type 4 has an invalid length. [ 677.624774][T23495] netlink: 'syz-executor.2': attribute type 4 has an invalid length. [ 677.801618][ T346] usb 2-1: Using ep0 maxpacket: 32 [ 678.310702][ T825] usb 5-1: new high-speed USB device number 55 using dummy_hcd [ 678.326248][T21306] EXT4-fs (loop0): unmounting filesystem. [ 678.347439][T23507] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 678.464518][ T346] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 678.475608][ T346] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 678.476326][T23513] syz-executor.0[23513] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 678.485196][ T346] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 678.485337][T23513] syz-executor.0[23513] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 678.497258][ T346] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 678.561892][ T1381] microsoft 0003:045E:07DA.0091: unknown main item tag 0x0 [ 678.569443][ T346] hub 2-1:4.0: USB hub found [ 678.574366][ T1381] microsoft 0003:045E:07DA.0091: unknown main item tag 0x0 [ 678.581468][ T1381] microsoft 0003:045E:07DA.0091: unknown main item tag 0x0 [ 678.588546][ T1381] microsoft 0003:045E:07DA.0091: unknown main item tag 0x0 [ 678.596418][ T1381] microsoft 0003:045E:07DA.0091: unknown main item tag 0x0 [ 678.603550][ T1381] microsoft 0003:045E:07DA.0091: unknown main item tag 0x0 [ 678.618835][ T1381] microsoft 0003:045E:07DA.0091: unknown main item tag 0x0 [ 678.626481][ T1381] microsoft 0003:045E:07DA.0091: unknown main item tag 0x0 [ 678.633829][ T1381] microsoft 0003:045E:07DA.0091: unknown main item tag 0x0 [ 678.641348][ T1381] microsoft 0003:045E:07DA.0091: unknown main item tag 0x0 [ 678.652731][ T1381] input: HID 045e:07da as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:045E:07DA.0091/input/input130 [ 678.735521][ T1381] microsoft 0003:045E:07DA.0091: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0 [ 678.817454][ T346] hub 2-1:4.0: 2 ports detected [ 678.928384][T23526] loop0: detected capacity change from 0 to 16 [ 678.938405][T23526] erofs: (device loop0): mounted with root inode @ nid 36. [ 679.027247][T23532] loop0: detected capacity change from 0 to 512 [ 679.031124][ T825] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 679.043294][ T825] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 679.054626][T23532] EXT4-fs (loop0): 1 orphan inode deleted [ 679.060248][T23532] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 679.069060][T23532] ext4 filesystem being mounted at /root/syzkaller-testdir3368310169/syzkaller.fEeSsE/183/file1 supports timestamps until 2038 (0x7fffffff) [ 679.127268][ T825] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 679.136259][ T825] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 679.139053][ T333] usb 4-1: USB disconnect, device number 69 [ 679.144248][ T825] usb 5-1: SerialNumber: syz [ 679.289906][T23536] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 679.589260][T23538] syz-executor.2[23538] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 679.589373][T23538] syz-executor.2[23538] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 679.596624][ T825] usb 5-1: 0:2 : does not exist [ 679.672536][ T346] hub 2-1:4.0: set hub depth failed [ 679.716698][ T346] usb 2-1: USB disconnect, device number 56 [ 680.516207][ T825] usb 5-1: USB disconnect, device number 55 [ 680.542117][T21306] EXT4-fs (loop0): unmounting filesystem. [ 680.558395][T23548] loop2: detected capacity change from 0 to 512 [ 680.581836][T23548] EXT4-fs error (device loop2): ext4_ext_check_inode:520: inode #15: comm syz-executor.2: pblk 0 bad header/extent: invalid magic - magic 7973, entries 27514, max 27745(0), depth 25964(25964) [ 680.605716][T23548] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz-executor.2: couldn't read orphan inode 15 (err -117) [ 680.620320][T23548] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 680.653548][T23557] loop3: detected capacity change from 0 to 16 [ 680.660194][T23557] erofs: (device loop3): mounted with root inode @ nid 36. [ 680.667331][T23548] loop2: detected capacity change from 512 to 64 [ 680.675766][T23548] bio_check_eod: 134 callbacks suppressed [ 680.675787][T23548] syz-executor.2: attempt to access beyond end of device [ 680.675787][T23548] loop2: rw=2051, sector=98, nr_sectors = 2 limit=64 [ 680.695278][T23548] EXT4-fs (loop2): discard request in group:0 block:48 count:1 failed with -5 [ 680.703382][ T28] audit: type=1400 audit(2000000244.672:40061): avc: denied { audit_control } for pid=23558 comm="syz-executor.3" capability=30 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 680.704395][T23548] syz-executor.2: attempt to access beyond end of device [ 680.704395][T23548] loop2: rw=2051, sector=510, nr_sectors = 2 limit=64 [ 680.739620][T23548] EXT4-fs (loop2): discard request in group:0 block:254 count:1 failed with -5 [ 680.749269][T23548] syz-executor.2: attempt to access beyond end of device [ 680.749269][T23548] loop2: rw=2049, sector=74, nr_sectors = 24 limit=64 [ 680.763046][T23548] EXT4-fs warning (device loop2): ext4_end_bio:347: I/O error 10 writing to inode 18 starting block 37) [ 680.774102][T23548] buffer_io_error: 150 callbacks suppressed [ 680.774122][T23548] Buffer I/O error on device loop2, logical block 37 [ 680.786426][T23548] Buffer I/O error on device loop2, logical block 38 [ 680.792929][T23548] Buffer I/O error on device loop2, logical block 39 [ 680.799439][T23548] Buffer I/O error on device loop2, logical block 40 [ 680.880929][T23548] Buffer I/O error on device loop2, logical block 41 [ 680.887434][T23548] Buffer I/O error on device loop2, logical block 42 [ 680.894039][T23548] Buffer I/O error on device loop2, logical block 43 [ 680.900563][T23548] Buffer I/O error on device loop2, logical block 44 [ 681.151837][T23548] Buffer I/O error on device loop2, logical block 45 [ 681.158354][T23548] Buffer I/O error on device loop2, logical block 46 [ 681.203466][ T28] audit: type=1400 audit(2000000245.140:40062): avc: denied { setattr } for pid=23573 comm="syz-executor.4" name="ns" dev="proc" ino=122119 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1 [ 681.229657][T23576] syz-executor.3[23576] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 681.229741][T23576] syz-executor.3[23576] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 681.259800][T22080] EXT4-fs warning (device loop2): htree_dirblock_to_tree:1082: inode #2: lblock 0: comm syz-executor.2: error -12 reading directory block [ 681.293528][T22080] EXT4-fs (loop2): unmounting filesystem. [ 682.432952][T23597] syz-executor.0[23597] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 682.433037][T23597] syz-executor.0[23597] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 682.456658][T23094] ------------[ cut here ]------------ [ 682.473523][T23094] WARNING: CPU: 0 PID: 23094 at fs/overlayfs/util.c:484 ovl_dir_modified+0x1a5/0x1e0 [ 682.482775][T23094] Modules linked in: [ 682.486641][T23094] CPU: 0 PID: 23094 Comm: syz-executor.4 Tainted: G W 6.1.78-syzkaller-00009-g25216be1ac5e #0 [ 682.498168][T23094] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 682.508064][T23094] RIP: 0010:ovl_dir_modified+0x1a5/0x1e0 [ 682.513505][T23094] Code: 00 00 fc ff df 80 3c 08 00 74 08 4c 89 ff e8 42 44 9d ff 49 ff 07 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 cb 46 56 ff <0f> 0b e9 06 ff ff ff e8 bf 46 56 ff 0f 0b e9 3d ff ff ff 44 89 e1 [ 682.532979][T23094] RSP: 0018:ffffc900046d7ae0 EFLAGS: 00010293 [ 682.538868][T23094] RAX: ffffffff821f2d35 RBX: 0000000000000000 RCX: ffff88811e3cd100 [ 682.546653][T23094] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 682.554519][T23094] RBP: ffffc900046d7b10 R08: ffffffff821f2c34 R09: ffffed10289a467f [ 682.562303][T23094] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff888112af6220 [ 682.570116][T23094] R13: ffff888112af6250 R14: 1ffff1102255ec4a R15: ffff888144d23350 [ 682.577903][T23094] FS: 000055555714a480(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 682.586704][T23094] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 682.593133][T23094] CR2: 0000555557153818 CR3: 00000001215d4000 CR4: 00000000003506b0 [ 682.595497][T23589] loop1: detected capacity change from 0 to 40427 [ 682.600897][T23094] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 682.600912][T23094] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 682.600928][T23094] Call Trace: [ 682.626136][T23094] [ 682.628850][T23094] ? show_regs+0x58/0x60 [ 682.632930][T23094] ? __warn+0x160/0x3d0 [ 682.637052][T23094] ? ovl_dir_modified+0x1a5/0x1e0 [ 682.642050][T23094] ? report_bug+0x4d5/0x7d0 [ 682.646417][T23094] ? ovl_dir_modified+0x1a5/0x1e0 [ 682.651250][T23094] ? handle_bug+0x41/0x70 [ 682.655434][T23094] ? exc_invalid_op+0x1b/0x50 [ 682.659924][T23094] ? asm_exc_invalid_op+0x1b/0x20 [ 682.664781][T23094] ? ovl_dir_modified+0xa4/0x1e0 [ 682.664823][T23589] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 682.669574][T23094] ? ovl_dir_modified+0x1a5/0x1e0 [ 682.669609][T23094] ? ovl_dir_modified+0x1a5/0x1e0 [ 682.677377][T23589] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 682.681963][T23094] ovl_do_remove+0x7fc/0xbf0 [ 682.681996][T23094] ? ovl_set_redirect+0x670/0x670 [ 682.687894][T23589] F2FS-fs (loop1): invalid crc value [ 682.694849][T23094] ? selinux_inode_rmdir+0x22/0x30 [ 682.714180][T23094] ovl_rmdir+0x1a/0x20 [ 682.718076][T23094] vfs_rmdir+0x398/0x500 [ 682.719026][T23589] F2FS-fs (loop1): Found nat_bits in checkpoint [ 682.722174][T23094] incfs_kill_sb+0x113/0x230 [ 682.722212][T23094] deactivate_locked_super+0xad/0x110 [ 682.737862][T23094] deactivate_super+0xbe/0xf0 [ 682.742423][T23094] cleanup_mnt+0x485/0x510 [ 682.746625][T23094] ? user_path_at_empty+0x14e/0x1a0 [ 682.751676][T23094] __cleanup_mnt+0x19/0x20 [ 682.755924][T23094] task_work_run+0x24d/0x2e0 [ 682.760340][T23094] ? task_work_cancel+0x2b0/0x2b0 [ 682.765431][T23094] ? __x64_sys_umount+0x122/0x170 [ 682.770264][T23094] exit_to_user_mode_loop+0x94/0xa0 [ 682.773300][T23589] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 682.775346][T23094] exit_to_user_mode_prepare+0x5a/0xa0 [ 682.782218][T23589] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 682.787465][T23094] syscall_exit_to_user_mode+0x26/0x140 [ 682.800209][T23094] do_syscall_64+0x49/0xb0 [ 682.804596][T23094] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 682.810359][T23094] RIP: 0033:0x7f66d7a7e1d7 [ 682.814568][T23094] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8 [ 682.834029][T23094] RSP: 002b:00007ffd16ea7d98 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 682.842262][T23094] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f66d7a7e1d7 [ 682.850082][T23094] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd16ea7e50 [ 682.857885][T23094] RBP: 00007ffd16ea7e50 R08: 0000000000000000 R09: 0000000000000000 [ 682.865745][T23094] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd16ea8f00 [ 682.873532][T23094] R13: 00007f66d7ad9636 R14: 000000000009c0fd R15: 0000000000000017 [ 682.881464][T23094] [ 682.884285][T23094] ---[ end trace 0000000000000000 ]--- [ 682.890959][T23094] ------------[ cut here ]------------ [ 682.896244][T23094] WARNING: CPU: 0 PID: 23094 at fs/overlayfs/util.c:484 ovl_dir_modified+0x1a5/0x1e0 [ 682.905611][T23094] Modules linked in: [ 682.909260][T23094] CPU: 0 PID: 23094 Comm: syz-executor.4 Tainted: G W 6.1.78-syzkaller-00009-g25216be1ac5e #0 [ 682.920786][T23094] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 682.930726][T23094] RIP: 0010:ovl_dir_modified+0x1a5/0x1e0 [ 682.936189][T23094] Code: 00 00 fc ff df 80 3c 08 00 74 08 4c 89 ff e8 42 44 9d ff 49 ff 07 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 cb 46 56 ff <0f> 0b e9 06 ff ff ff e8 bf 46 56 ff 0f 0b e9 3d ff ff ff 44 89 e1 [ 682.955663][T23094] RSP: 0018:ffffc900046d7ae0 EFLAGS: 00010293 [ 682.961528][T23094] RAX: ffffffff821f2d35 RBX: 0000000000000000 RCX: ffff88811e3cd100 [ 682.969397][T23094] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 682.977152][T23094] RBP: ffffc900046d7b10 R08: ffffffff821f2c34 R09: ffffed10289a467f [ 682.984941][T23094] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff888112af6220 [ 682.992863][T23094] R13: ffff888112af6250 R14: 1ffff1102255ec4a R15: ffff888144d23350 [ 683.000726][T23094] FS: 000055555714a480(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 683.009445][T23094] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 683.015867][T23094] CR2: 0000555557153818 CR3: 00000001215d4000 CR4: 00000000003506b0 [ 683.023681][T23094] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 683.031777][T23094] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 683.039569][T23094] Call Trace: [ 683.042708][T23094] [ 683.045466][T23094] ? show_regs+0x58/0x60 [ 683.049540][T23094] ? __warn+0x160/0x3d0 [ 683.053559][T23094] ? ovl_dir_modified+0x1a5/0x1e0 [ 683.058398][T23094] ? report_bug+0x4d5/0x7d0 [ 683.062754][T23094] ? ovl_dir_modified+0x1a5/0x1e0 [ 683.067600][T23094] ? handle_bug+0x41/0x70 [ 683.071775][T23094] ? exc_invalid_op+0x1b/0x50 [ 683.076327][T23094] ? asm_exc_invalid_op+0x1b/0x20 [ 683.081138][T23094] ? ovl_dir_modified+0xa4/0x1e0 [ 683.086102][T23094] ? ovl_dir_modified+0x1a5/0x1e0 [ 683.090949][T23094] ? ovl_dir_modified+0x1a5/0x1e0 [ 683.095843][T23094] ovl_do_remove+0x7fc/0xbf0 [ 683.100233][T23094] ? ovl_set_redirect+0x670/0x670 [ 683.105119][T23094] ? selinux_inode_rmdir+0x22/0x30 [ 683.110043][T23094] ovl_rmdir+0x1a/0x20 [ 683.113949][T23094] vfs_rmdir+0x398/0x500 [ 683.118151][T23094] incfs_kill_sb+0x1b4/0x230 [ 683.122552][T23094] deactivate_locked_super+0xad/0x110 [ 683.127777][T23094] deactivate_super+0xbe/0xf0 [ 683.132271][T23094] cleanup_mnt+0x485/0x510 [ 683.136542][T23094] ? user_path_at_empty+0x14e/0x1a0 [ 683.141556][T23094] __cleanup_mnt+0x19/0x20 [ 683.145806][T23094] task_work_run+0x24d/0x2e0 [ 683.150258][T23094] ? task_work_cancel+0x2b0/0x2b0 [ 683.155096][T23094] ? __x64_sys_umount+0x122/0x170 [ 683.160070][T23094] exit_to_user_mode_loop+0x94/0xa0 [ 683.165076][T23094] exit_to_user_mode_prepare+0x5a/0xa0 [ 683.170407][T23094] syscall_exit_to_user_mode+0x26/0x140 [ 683.175751][T23094] do_syscall_64+0x49/0xb0 [ 683.180020][T23094] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 683.185821][T23094] RIP: 0033:0x7f66d7a7e1d7 [ 683.190096][T23094] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8 [ 683.209538][T23094] RSP: 002b:00007ffd16ea7d98 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 683.217951][T23094] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f66d7a7e1d7 [ 683.225766][T23094] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd16ea7e50 [ 683.233658][T23094] RBP: 00007ffd16ea7e50 R08: 0000000000000000 R09: 0000000000000000 [ 683.241453][T23094] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd16ea8f00 [ 683.249283][T23094] R13: 00007f66d7ad9636 R14: 000000000009c0fd R15: 0000000000000017 [ 683.257097][T23094] [ 683.259940][T23094] ---[ end trace 0000000000000000 ]--- [ 683.294043][T23614] loop3: detected capacity change from 0 to 512 [ 683.301975][T23614] EXT4-fs: Ignoring removed bh option [ 683.307608][T23614] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 683.307767][T23601] bridge0: port 1(bridge_slave_0) entered blocking state [ 683.317468][T23614] EXT4-fs (loop3): 1 truncate cleaned up [ 683.323339][T23601] bridge0: port 1(bridge_slave_0) entered disabled state [ 683.337434][T23601] device bridge_slave_0 entered promiscuous mode [ 683.347523][T23601] bridge0: port 2(bridge_slave_1) entered blocking state [ 683.355166][T23601] bridge0: port 2(bridge_slave_1) entered disabled state [ 683.382523][T23614] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 683.608164][T23601] device bridge_slave_1 entered promiscuous mode [ 683.756360][T23614] loop3: detected capacity change from 512 to 0 [ 683.764645][ C1] blk_print_req_error: 10 callbacks suppressed [ 683.764666][ C1] I/O error, dev loop3, sector 26 op 0x0:(READ) flags 0x3000 phys_seg 1 prio class 2 [ 683.780057][T23614] EXT4-fs error (device loop3): __ext4_find_entry:1684: inode #2: comm syz-executor.3: reading directory lblock 0 [ 683.792645][ T4819] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 683.793632][ T2613] loop: Write error at byte offset 9223372036854776831, length 1024. [ 683.805912][ T4819] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 683.810090][T14070] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 683.824042][T14070] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 683.832780][ C1] I/O error, dev loop3, sector 2 op 0x1:(WRITE) flags 0x3800 phys_seg 1 prio class 2 [ 683.842036][ C1] I/O error, dev loop3, sector 2 op 0x1:(WRITE) flags 0x3800 phys_seg 1 prio class 2 [ 683.851316][ C1] Buffer I/O error on dev loop3, logical block 1, lost sync page write [ 683.859527][T23614] EXT4-fs (loop3): I/O error while writing superblock [ 683.884093][ C0] I/O error, dev loop3, sector 26 op 0x0:(READ) flags 0x3000 phys_seg 1 prio class 2 [ 683.893608][T23625] EXT4-fs error (device loop3): __ext4_find_entry:1684: inode #2: comm syz-executor.3: reading directory lblock 0 [ 683.906032][ T2613] loop: Write error at byte offset 9223372036854776831, length 1024. [ 683.913947][ C0] I/O error, dev loop3, sector 2 op 0x1:(WRITE) flags 0x3800 phys_seg 1 prio class 2 [ 683.923556][ C0] I/O error, dev loop3, sector 2 op 0x1:(WRITE) flags 0x3800 phys_seg 1 prio class 2 [ 683.932799][ C0] Buffer I/O error on dev loop3, logical block 1, lost sync page write [ 683.940948][T23625] EXT4-fs (loop3): I/O error while writing superblock [ 683.951861][ C1] I/O error, dev loop3, sector 26 op 0x0:(READ) flags 0x3000 phys_seg 1 prio class 2 [ 683.961757][T23623] EXT4-fs error (device loop3): __ext4_find_entry:1684: inode #2: comm syz-executor.3: reading directory lblock 0 [ 683.974988][T18422] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 683.975400][ T2613] loop: Write error at byte offset 9223372036854776831, length 1024. [ 683.991313][T18422] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 683.992572][ C1] I/O error, dev loop3, sector 2 op 0x1:(WRITE) flags 0x3800 phys_seg 1 prio class 2 [ 684.008443][ C1] I/O error, dev loop3, sector 2 op 0x1:(WRITE) flags 0x3800 phys_seg 1 prio class 2 [ 684.017704][ C1] Buffer I/O error on dev loop3, logical block 1, lost sync page write [ 684.025910][T23623] EXT4-fs (loop3): I/O error while writing superblock [ 684.026139][T18422] bridge0: port 1(bridge_slave_0) entered blocking state [ 684.033206][ C1] I/O error, dev loop3, sector 26 op 0x0:(READ) flags 0x3000 phys_seg 1 prio class 2 [ 684.039403][T18422] bridge0: port 1(bridge_slave_0) entered forwarding state [ 684.048828][T23614] EXT4-fs error (device loop3): __ext4_find_entry:1684: inode #2: comm syz-executor.3: reading directory lblock 0 [ 684.068048][ T2613] loop: Write error at byte offset 9223372036854776831, length 1024. [ 684.076262][ C0] Buffer I/O error on dev loop3, logical block 1, lost sync page write [ 684.084413][T23614] EXT4-fs (loop3): I/O error while writing superblock [ 684.085602][T18422] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 684.099526][T23625] EXT4-fs error (device loop3): __ext4_find_entry:1684: inode #2: comm syz-executor.3: reading directory lblock 0 [ 684.111989][T18422] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 684.120184][ T2613] loop: Write error at byte offset 9223372036854776831, length 1024. [ 684.120452][T18422] bridge0: port 2(bridge_slave_1) entered blocking state [ 684.128132][ C1] Buffer I/O error on dev loop3, logical block 1, lost sync page write [ 684.134971][T18422] bridge0: port 2(bridge_slave_1) entered forwarding state [ 684.144004][T23625] EXT4-fs (loop3): I/O error while writing superblock [ 684.150343][T18422] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 684.165081][T18422] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 684.166941][T23623] EXT4-fs error (device loop3): __ext4_find_entry:1684: inode #2: comm syz-executor.3: reading directory lblock 0 [ 684.167042][ T8265] loop: Write error at byte offset 9223372036854776831, length 1024. [ 684.167075][ C0] Buffer I/O error on dev loop3, logical block 1, lost sync page write [ 684.167105][T23623] EXT4-fs (loop3): I/O error while writing superblock [ 684.177372][T18422] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 684.195984][T23614] EXT4-fs warning (device loop3): htree_dirblock_to_tree:1082: inode #2: lblock 0: comm syz-executor.3: error -5 reading directory block [ 684.196251][T23614] EXT4-fs error (device loop3): ext4_get_inode_loc:4635: inode #2: block 5: comm syz-executor.3: unable to read itable block [ 684.196332][ T8265] loop: Write error at byte offset 9223372036854776831, length 1024. [ 684.196355][ C0] Buffer I/O error on dev loop3, logical block 1, lost sync page write [ 684.196375][T23614] EXT4-fs (loop3): I/O error while writing superblock [ 684.196388][T23614] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5870: IO failure [ 684.196440][ T8265] loop: Write error at byte offset 9223372036854776831, length 1024. [ 684.196460][ C0] Buffer I/O error on dev loop3, logical block 1, lost sync page write [ 684.196478][T23614] EXT4-fs (loop3): I/O error while writing superblock [ 684.196489][T23614] EXT4-fs error (device loop3): ext4_dirty_inode:6074: inode #2: comm syz-executor.3: mark_inode_dirty error [ 684.196543][ T8265] loop: Write error at byte offset 9223372036854776831, length 1024. [ 684.196562][ C0] Buffer I/O error on dev loop3, logical block 1, lost sync page write [ 684.196579][T23614] EXT4-fs (loop3): I/O error while writing superblock [ 684.196712][T23612] EXT4-fs error (device loop3): ext4_check_bdev_write_error:218: comm syz-executor.3: Error while async write back metadata [ 684.196772][ T8265] loop: Write error at byte offset 9223372036854776831, length 1024. [ 684.196793][ C0] Buffer I/O error on dev loop3, logical block 1, lost sync page write [ 684.206421][T21673] EXT4-fs warning (device loop3): htree_dirblock_to_tree:1082: inode #2: lblock 0: comm syz-executor.3: error -5 reading directory block [ 684.224771][ C0] EXT4-fs warning (device loop3): ext4_end_bio:347: I/O error 10 writing to inode 19 starting block 129) [ 684.232010][ T4819] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 684.254500][T23633] loop0: detected capacity change from 0 to 512 [ 684.258291][T23601] device veth0_vlan entered promiscuous mode [ 684.458554][T18422] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 684.472296][T18422] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 684.482628][T18422] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 684.492582][T18422] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 684.518552][T23601] device veth1_macvtap entered promiscuous mode [ 684.545717][ T4819] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 684.547769][T23641] loop1: detected capacity change from 0 to 512 [ 684.568849][ T825] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 684.577704][T23641] EXT4-fs (loop1): failed to open journal device unknown-block(0,0) -6 [ 684.743352][T23648] bridge0: port 1(bridge_slave_0) entered blocking state [ 684.750249][T23648] bridge0: port 1(bridge_slave_0) entered disabled state [ 684.757834][T23648] device bridge_slave_0 entered promiscuous mode [ 684.768602][T23648] bridge0: port 2(bridge_slave_1) entered blocking state [ 684.775688][T23648] bridge0: port 2(bridge_slave_1) entered disabled state [ 684.783232][T23648] device bridge_slave_1 entered promiscuous mode [ 684.793267][T18422] usb 5-1: new high-speed USB device number 56 using dummy_hcd [ 684.808222][ T396] device bridge_slave_1 left promiscuous mode [ 684.814543][ T396] bridge0: port 2(bridge_slave_1) entered disabled state [ 684.822287][ T396] device bridge_slave_0 left promiscuous mode [ 684.829899][ T396] bridge0: port 1(bridge_slave_0) entered disabled state [ 684.839008][ T396] device veth1_macvtap left promiscuous mode [ 684.844897][ T396] device veth0_vlan left promiscuous mode [ 684.854613][T23657] syz-executor.1[23657] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 684.854695][T23657] syz-executor.1[23657] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 684.866382][ T4734] usb 1-1: new high-speed USB device number 79 using dummy_hcd [ 685.167477][ T4734] usb 1-1: Using ep0 maxpacket: 16 [ 685.178167][T18422] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 685.188995][T18422] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 685.198599][T18422] usb 5-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00 [ 685.207543][T18422] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 685.220032][T18422] usb 5-1: config 0 descriptor?? [ 685.277656][T23648] bridge0: port 2(bridge_slave_1) entered blocking state [ 685.284794][T23648] bridge0: port 2(bridge_slave_1) entered forwarding state [ 685.308394][ T825] bridge0: port 2(bridge_slave_1) entered disabled state [ 685.311823][ T4734] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 104, changing to 10 [ 685.326817][ T4734] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 26219, setting to 1024 [ 685.338258][ T4734] usb 1-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 685.347284][ T4734] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 685.356277][ T4734] usb 1-1: config 0 descriptor?? [ 685.360159][ T825] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 685.369035][ T825] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 685.381923][T23640] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 685.390450][ T825] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 685.398711][ T825] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 685.406796][ T825] bridge0: port 1(bridge_slave_0) entered blocking state [ 685.413772][ T825] bridge0: port 1(bridge_slave_0) entered forwarding state [ 685.421025][ T825] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 685.429196][ T825] bridge0: port 2(bridge_slave_1) entered blocking state [ 685.436073][ T825] bridge0: port 2(bridge_slave_1) entered forwarding state [ 685.444098][ T825] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 685.452107][ T825] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 685.475133][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 685.486155][T23669] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 685.495651][T23669] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 685.504826][T23669] tc_dump_action: action bad kind [ 685.515448][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 685.539452][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 685.546901][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 685.555075][T23648] device veth0_vlan entered promiscuous mode [ 685.566393][ T825] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 685.575416][T23648] device veth1_macvtap entered promiscuous mode [ 685.585782][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 685.601708][ T825] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 685.619343][T23671] syz-executor.2[23671] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 685.619425][T23671] syz-executor.2[23671] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 685.633469][T23671] syz-executor.2[23671] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 685.648855][T23671] syz-executor.2[23671] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 685.734849][T23681] loop3: detected capacity change from 0 to 1024 [ 685.735043][T18422] sony 0003:054C:0268.0092: unknown main item tag 0x0 [ 685.764075][T18422] sony 0003:054C:0268.0092: hiddev96,hidraw0: USB HID v80.00 Device [HID 054c:0268] on usb-dummy_hcd.4-1/input0 [ 685.776086][T18422] sony 0003:054C:0268.0092: failed to claim input [ 685.784488][T23681] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 685.855006][T23681] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 685.870455][T23640] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 685.879022][T23640] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 685.885854][T23681] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28 [ 685.890649][T23686] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 4 with error 28 [ 685.902513][ T4734] hid-generic 0003:0158:0100.0093: unknown main item tag 0x1 [ 685.911296][T23686] EXT4-fs (loop3): This should not happen!! Data will be lost [ 685.911296][T23686] [ 685.919198][ T4734] hid-generic 0003:0158:0100.0093: unexpected long global item [ 685.928282][T23681] EXT4-fs (loop3): This should not happen!! Data will be lost [ 685.928282][T23681] [ 685.935594][ T4734] hid-generic: probe of 0003:0158:0100.0093 failed with error -22 [ 685.946344][T23686] EXT4-fs (loop3): Total free blocks count 0 [ 685.958539][T23681] EXT4-fs (loop3): Total free blocks count 0 [ 685.961045][ T333] usb 5-1: USB disconnect, device number 56 [ 685.964605][T23686] EXT4-fs (loop3): Free/Dirty block details [ 685.972958][T23681] EXT4-fs (loop3): Free/Dirty block details [ 685.976060][T23686] EXT4-fs (loop3): free_blocks=68451041280 [ 686.127003][ T346] usb 1-1: USB disconnect, device number 79 [ 686.152023][ T396] device bridge_slave_1 left promiscuous mode [ 686.157993][ T396] bridge0: port 2(bridge_slave_1) entered disabled state [ 686.165562][ T396] device bridge_slave_0 left promiscuous mode [ 686.171562][ T396] bridge0: port 1(bridge_slave_0) entered disabled state [ 686.180259][ T396] device veth1_macvtap left promiscuous mode [ 686.186218][ T396] device veth0_vlan left promiscuous mode [ 686.322087][ T4734] usb 4-1: new high-speed USB device number 70 using dummy_hcd [ 686.422312][T23691] syz-executor.1[23691] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 686.422369][T23691] syz-executor.1[23691] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 686.610646][ T4734] usb 4-1: Using ep0 maxpacket: 8 [ 686.729356][T23710] bridge0: port 1(bridge_slave_0) entered blocking state [ 686.736300][T23710] bridge0: port 1(bridge_slave_0) entered disabled state [ 686.743805][T23710] device bridge_slave_0 entered promiscuous mode [ 686.756179][T23710] bridge0: port 2(bridge_slave_1) entered blocking state [ 686.763224][ T4734] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 686.765633][T23710] bridge0: port 2(bridge_slave_1) entered disabled state [ 686.774483][ T4734] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8 [ 686.781520][T23710] device bridge_slave_1 entered promiscuous mode [ 686.790566][ T4734] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 8 [ 686.910171][ T4734] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40 [ 686.974755][ T4734] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 687.043925][ T4734] usb 4-1: SerialNumber: syz [ 687.049069][ T1381] usb 3-1: new high-speed USB device number 72 using dummy_hcd [ 687.113370][T23689] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 687.129112][T23689] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 687.194795][ T346] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 687.202582][ T346] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 687.217101][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 687.225456][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 687.233674][ T24] bridge0: port 1(bridge_slave_0) entered blocking state [ 687.240555][ T24] bridge0: port 1(bridge_slave_0) entered forwarding state [ 687.248204][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 687.256379][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 687.264603][ T24] bridge0: port 2(bridge_slave_1) entered blocking state [ 687.271447][ T24] bridge0: port 2(bridge_slave_1) entered forwarding state [ 687.287375][ T346] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 687.295142][ T346] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 687.303212][ T346] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 687.311074][ T346] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 687.319331][ T346] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 687.353253][ T346] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 687.361514][ T346] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 687.390558][T23733] bridge0: port 1(bridge_slave_0) entered blocking state [ 687.397518][T23733] bridge0: port 1(bridge_slave_0) entered disabled state [ 687.405165][T23733] device bridge_slave_0 entered promiscuous mode [ 687.413774][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 687.421668][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 687.429625][T23689] bridge: RTM_NEWNEIGH with invalid ether address [ 687.436190][T23733] bridge0: port 2(bridge_slave_1) entered blocking state [ 687.443084][T23733] bridge0: port 2(bridge_slave_1) entered disabled state [ 687.450768][T23733] device bridge_slave_1 entered promiscuous mode [ 687.457665][T23689] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 687.458680][T23710] device veth0_vlan entered promiscuous mode [ 687.470631][T23689] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 687.477753][ T1381] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 687.488605][ T1381] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 687.499027][ T1381] usb 3-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00 [ 687.507924][ T1381] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 687.515786][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 687.523155][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 687.531509][ T1381] usb 3-1: config 0 descriptor?? [ 687.553011][ T396] device bridge_slave_1 left promiscuous mode [ 687.558975][ T396] bridge0: port 2(bridge_slave_1) entered disabled state [ 687.566341][ T396] device bridge_slave_0 left promiscuous mode [ 687.572325][ T396] bridge0: port 1(bridge_slave_0) entered disabled state [ 687.581014][ T396] device veth1_macvtap left promiscuous mode [ 687.586919][ T396] device veth0_vlan left promiscuous mode [ 687.685910][T23710] device veth1_macvtap entered promiscuous mode [ 687.693255][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 687.707036][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 687.715138][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 687.742153][ T825] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 687.750582][ T825] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 687.765710][T18422] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 687.773836][T18422] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 687.822920][ T825] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 687.833438][ T9253] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 687.841916][ T9253] bridge0: port 1(bridge_slave_0) entered blocking state [ 687.848784][ T9253] bridge0: port 1(bridge_slave_0) entered forwarding state [ 687.856596][ T9253] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 687.867088][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 687.875254][ T24] bridge0: port 2(bridge_slave_1) entered blocking state [ 687.882214][ T24] bridge0: port 2(bridge_slave_1) entered forwarding state [ 687.905650][ T9253] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 687.913524][ T9253] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 687.929707][T23733] device veth0_vlan entered promiscuous mode [ 687.937868][ T9253] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 687.946095][ T9253] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 687.954170][ T9253] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 687.961302][ T4734] cdc_ether: probe of 4-1:1.0 failed with error -71 [ 687.967993][ T4734] usb-storage 4-1:1.0: USB Mass Storage device detected [ 687.975112][ T9253] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 687.984370][ T4734] usb-storage 4-1:1.0: Quirks match for vid 0525 pid a4a5: 10000 [ 687.989938][ T825] usb 1-1: new high-speed USB device number 80 using dummy_hcd [ 687.994308][T23733] device veth1_macvtap entered promiscuous mode [ 688.006461][T18422] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 688.014333][ T4734] scsi host1: usb-storage 4-1:1.0 [ 688.020528][ T4734] usb 4-1: USB disconnect, device number 70 [ 688.039152][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 688.048305][ T1381] sony 0003:054C:0268.0094: unknown main item tag 0x0 [ 688.055971][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 688.064974][ T1381] sony 0003:054C:0268.0094: hiddev96,hidraw0: USB HID v80.00 Device [HID 054c:0268] on usb-dummy_hcd.2-1/input0 [ 688.078320][ T1381] sony 0003:054C:0268.0094: failed to claim input [ 688.115657][ T1381] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0 [ 688.122922][ T1381] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0 [ 688.130732][ T1381] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0 [ 688.138129][ T1381] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0 [ 688.145339][ T1381] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0 [ 688.152518][ T1381] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0 [ 688.159726][ T1381] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0 [ 688.167032][ T1381] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0 [ 688.174426][ T1381] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0 [ 688.176933][ T28] audit: type=1326 audit(2000000251.660:40063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23750 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb58347a627 code=0x7ffc0000 [ 688.181647][ T1381] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0 [ 688.212734][ T1381] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0 [ 688.213193][ T28] audit: type=1326 audit(2000000251.697:40064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23750 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb583440309 code=0x7ffc0000 [ 688.220180][ T1381] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0 [ 688.220205][ T1381] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0 [ 688.220227][ T1381] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0 [ 688.220248][ T1381] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0 [ 688.220270][ T1381] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0 [ 688.220291][ T1381] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0 [ 688.220312][ T1381] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0 [ 688.244536][ T28] audit: type=1326 audit(2000000251.697:40065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23750 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb58347cea9 code=0x7ffc0000 [ 688.259023][ T1381] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0 [ 688.273589][ T825] usb 1-1: Using ep0 maxpacket: 16 [ 688.280448][ T1381] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0 [ 688.287568][ T28] audit: type=1326 audit(2000000251.697:40066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23750 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb58347a627 code=0x7ffc0000 [ 688.294861][ T1381] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0 [ 688.319343][ T28] audit: type=1326 audit(2000000251.697:40067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23750 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb583440309 code=0x7ffc0000 [ 688.325840][ T1381] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0 [ 688.331458][ T28] audit: type=1326 audit(2000000251.697:40068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23750 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=20 compat=0 ip=0x7fb58347cea9 code=0x7ffc0000 [ 688.338010][ T1381] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0 [ 688.338036][ T1381] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0 [ 688.364401][ T28] audit: type=1326 audit(2000000251.697:40069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23750 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb58347a627 code=0x7ffc0000 [ 688.369662][ T1381] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0 [ 688.401096][ T28] audit: type=1326 audit(2000000251.697:40070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23750 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb583440309 code=0x7ffc0000 [ 688.424100][ T1381] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0 [ 688.424127][ T1381] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0 [ 688.424149][ T1381] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0 [ 688.424170][ T1381] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0 [ 688.432065][ T28] audit: type=1326 audit(2000000251.697:40071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23750 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb58347cea9 code=0x7ffc0000 [ 688.441291][ T1381] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0 [ 688.463451][ T28] audit: type=1326 audit(2000000251.697:40072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23750 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb58347a627 code=0x7ffc0000 [ 688.471062][ T1381] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0 [ 688.494244][ T825] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 104, changing to 10 [ 688.501543][ T1381] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0 [ 688.508823][ T825] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 26219, setting to 1024 [ 688.516754][ T1381] hid-generic 0000:0000:0000.0095: unknown main item tag 0x0 [ 688.522964][ T825] usb 1-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 688.622366][ T1381] hid-generic 0000:0000:0000.0095: hidraw0: HID v0.00 Device [syz1] on syz0 [ 688.630213][ T825] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 688.686411][T18422] usb 3-1: USB disconnect, device number 72 [ 688.693050][ T825] usb 1-1: config 0 descriptor?? [ 688.712535][T23756] bpf_get_probe_write_proto: 2 callbacks suppressed [ 688.712555][T23756] syz-executor.1[23756] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 688.719334][T23756] syz-executor.1[23756] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 688.731547][T23740] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22 [ 689.225939][T23770] loop3: detected capacity change from 0 to 256 [ 689.236500][T23770] incfs: Can't find or create .incomplete dir in ./file0 [ 689.243610][T23770] incfs: mount failed -28 [ 689.249618][T23770] incfs: Can't find or create .incomplete dir in ./file0 [ 689.256868][T23770] incfs: mount failed -28 [ 689.273508][ T396] device bridge_slave_1 left promiscuous mode [ 689.279942][ T396] bridge0: port 2(bridge_slave_1) entered disabled state [ 689.287817][ T396] device bridge_slave_0 left promiscuous mode [ 689.296819][ T396] bridge0: port 1(bridge_slave_0) entered disabled state [ 689.305182][ T396] device veth1_macvtap left promiscuous mode [ 689.311322][ T396] device veth0_vlan left promiscuous mode [ 689.412327][T23740] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 689.420589][T23740] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 689.436568][ T825] hid-generic 0003:0158:0100.0096: unknown main item tag 0x1 [ 689.444141][ T825] hid-generic 0003:0158:0100.0096: unexpected long global item [ 689.451759][ T825] hid-generic: probe of 0003:0158:0100.0096 failed with error -22 [ 689.482418][T23774] bridge0: port 1(bridge_slave_0) entered blocking state [ 689.489328][T23774] bridge0: port 1(bridge_slave_0) entered disabled state [ 689.496778][T23774] device bridge_slave_0 entered promiscuous mode [ 689.503875][T23774] bridge0: port 2(bridge_slave_1) entered blocking state [ 689.510904][T23774] bridge0: port 2(bridge_slave_1) entered disabled state [ 689.518921][T23774] device bridge_slave_1 entered promiscuous mode [ 689.594361][T23774] bridge0: port 2(bridge_slave_1) entered blocking state [ 689.601268][T23774] bridge0: port 2(bridge_slave_1) entered forwarding state [ 689.608378][T23774] bridge0: port 1(bridge_slave_0) entered blocking state [ 689.615244][T23774] bridge0: port 1(bridge_slave_0) entered forwarding state [ 689.669606][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 689.671591][T20393] usb 1-1: USB disconnect, device number 80 [ 689.677562][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 689.691511][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 689.701186][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 689.709228][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 689.723770][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 689.731957][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 689.744573][T23774] device veth0_vlan entered promiscuous mode [ 689.750875][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 689.758642][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 689.767289][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 689.774559][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 689.789209][T23774] device veth1_macvtap entered promiscuous mode [ 689.797004][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 689.805086][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 689.813128][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 689.829798][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 689.837908][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 689.846234][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 689.854319][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 689.989350][ T4734] usb 2-1: new high-speed USB device number 57 using dummy_hcd [ 690.266887][ T4734] usb 2-1: Using ep0 maxpacket: 8 [ 690.416530][ T4734] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 690.437881][ T4734] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8 [ 690.448089][ T4734] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 8 [ 690.458480][ T396] device bridge_slave_1 left promiscuous mode [ 690.466338][ T396] bridge0: port 2(bridge_slave_1) entered disabled state [ 690.476012][ T396] device bridge_slave_0 left promiscuous mode [ 690.483203][ T396] bridge0: port 1(bridge_slave_0) entered disabled state [ 690.485129][T23826] overlayfs: statfs failed on './file0' [ 690.503476][ T396] device veth1_macvtap left promiscuous mode [ 690.509438][ T396] device veth0_vlan left promiscuous mode [ 690.555630][ T4734] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40 [ 690.564631][ T4734] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 690.573212][ T4734] usb 2-1: SerialNumber: syz [ 690.598398][T23783] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 690.605618][T23783] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 690.641327][T20393] usb 1-1: new high-speed USB device number 81 using dummy_hcd [ 690.663950][T23835] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 690.673213][T23835] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 690.682225][T23835] tc_dump_action: action bad kind [ 690.834960][T23783] bridge: RTM_NEWNEIGH with invalid ether address [ 690.841848][T23783] syz-executor.1[23783] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 690.841905][T23783] syz-executor.1[23783] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 690.854991][T23783] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 690.873672][T23783] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 690.898177][T20393] usb 1-1: Using ep0 maxpacket: 16 [ 691.026324][T20393] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 104, changing to 10 [ 691.039147][T20393] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 26219, setting to 1024 [ 691.050235][T20393] usb 1-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 691.059142][T20393] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 691.067851][T20393] usb 1-1: config 0 descriptor?? [ 691.090101][T23818] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 691.400386][ T4734] cdc_ether: probe of 2-1:1.0 failed with error -71 [ 691.407952][ T4734] usb-storage 2-1:1.0: USB Mass Storage device detected [ 691.421027][ T4734] usb-storage 2-1:1.0: Quirks match for vid 0525 pid a4a5: 10000 [ 691.479498][ T4734] scsi host1: usb-storage 2-1:1.0 [ 691.500400][ T4734] usb 2-1: USB disconnect, device number 57 [ 691.543228][T23858] loop2: detected capacity change from 0 to 512 [ 691.550007][T23858] EXT4-fs: Ignoring removed bh option [ 691.555521][T23858] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 691.563976][T23818] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 691.565918][T23858] EXT4-fs (loop2): 1 truncate cleaned up [ 691.572260][T23818] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 691.586959][T23858] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 691.598798][T20393] hid-generic 0003:0158:0100.0097: unknown main item tag 0x1 [ 691.612804][T20393] hid-generic 0003:0158:0100.0097: unexpected long global item [ 691.620442][T20393] hid-generic: probe of 0003:0158:0100.0097 failed with error -22 [ 691.656844][T23858] loop2: detected capacity change from 512 to 0 [ 691.663786][ C0] blk_print_req_error: 65 callbacks suppressed [ 691.663806][ C0] I/O error, dev loop2, sector 18 op 0x0:(READ) flags 0x3000 phys_seg 1 prio class 2 [ 691.679112][ C0] I/O error, dev loop2, sector 26 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 691.679132][T23857] EXT4-fs error (device loop2): ext4_get_inode_loc:4635: inode #19: block 9: comm syz-executor.2: unable to read itable block [ 691.688543][ C0] I/O error, dev loop2, sector 24 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 691.688573][ C0] I/O error, dev loop2, sector 22 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 691.702024][ T2613] lo_write_bvec: 19 callbacks suppressed [ 691.702042][ T2613] loop: Write error at byte offset 9223372036854776831, length 1024. [ 691.710955][ C0] I/O error, dev loop2, sector 20 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 691.720819][ C1] I/O error, dev loop2, sector 2 op 0x1:(WRITE) flags 0x3800 phys_seg 1 prio class 2 [ 691.725801][ C0] I/O error, dev loop2, sector 16 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 691.733698][ C1] I/O error, dev loop2, sector 2 op 0x1:(WRITE) flags 0x3800 phys_seg 1 prio class 2 [ 691.743068][ C0] I/O error, dev loop2, sector 14 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 691.752320][ C1] buffer_io_error: 18 callbacks suppressed [ 691.752332][ C1] Buffer I/O error on dev loop2, logical block 1, lost sync page write [ 691.761800][ C0] I/O error, dev loop2, sector 12 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 691.771242][T23857] EXT4-fs (loop2): I/O error while writing superblock [ 691.812147][T23857] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: IO failure [ 691.825338][ T346] usb 1-1: USB disconnect, device number 81 [ 691.832260][ T2613] loop: Write error at byte offset 9223372036854776831, length 1024. [ 691.840760][ C0] Buffer I/O error on dev loop2, logical block 1, lost sync page write [ 691.848878][T23857] EXT4-fs (loop2): I/O error while writing superblock [ 691.855879][T23857] EXT4-fs error (device loop2): ext4_dirty_inode:6074: inode #19: comm syz-executor.2: mark_inode_dirty error [ 691.867741][ T2613] loop: Write error at byte offset 9223372036854776831, length 1024. [ 691.875843][ C1] Buffer I/O error on dev loop2, logical block 1, lost sync page write [ 691.884006][T23857] EXT4-fs (loop2): I/O error while writing superblock [ 691.891001][T23857] EXT4-fs error (device loop2): ext4_get_inode_loc:4635: inode #19: block 9: comm syz-executor.2: unable to read itable block [ 691.904411][ T2613] loop: Write error at byte offset 9223372036854776831, length 1024. [ 691.912543][ C0] Buffer I/O error on dev loop2, logical block 1, lost sync page write [ 691.920754][T23857] EXT4-fs (loop2): I/O error while writing superblock [ 691.929658][T23857] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: IO failure [ 691.943709][ T396] loop: Write error at byte offset 9223372036854776831, length 1024. [ 691.959679][ C0] Buffer I/O error on dev loop2, logical block 1, lost sync page write [ 691.967925][T23857] EXT4-fs (loop2): I/O error while writing superblock [ 691.974626][T23857] EXT4-fs error (device loop2): ext4_dirty_inode:6074: inode #19: comm syz-executor.2: mark_inode_dirty error [ 691.986975][ T396] loop: Write error at byte offset 9223372036854776831, length 1024. [ 691.999881][ C1] Buffer I/O error on dev loop2, logical block 1, lost sync page write [ 692.008092][T23857] EXT4-fs (loop2): I/O error while writing superblock [ 692.015729][T23857] EXT4-fs error (device loop2): ext4_check_bdev_write_error:218: comm syz-executor.2: Error while async write back metadata [ 692.029085][ T396] loop: Write error at byte offset 9223372036854776831, length 1024. [ 692.037277][ C1] Buffer I/O error on dev loop2, logical block 1, lost sync page write [ 692.048610][T23857] EXT4-fs (loop2): I/O error while writing superblock [ 692.055279][T23857] EXT4-fs error (device loop2): ext4_check_bdev_write_error:218: comm syz-executor.2: Error while async write back metadata [ 692.068043][ T396] loop: Write error at byte offset 9223372036854776831, length 1024. [ 692.084466][ C1] Buffer I/O error on dev loop2, logical block 1, lost sync page write [ 692.092617][T23857] EXT4-fs (loop2): I/O error while writing superblock [ 692.115101][T23857] EXT4-fs error (device loop2): ext4_get_inode_loc:4635: inode #19: block 9: comm syz-executor.2: unable to read itable block [ 692.156037][ T396] loop: Write error at byte offset 9223372036854776831, length 1024. [ 692.165300][ C1] Buffer I/O error on dev loop2, logical block 1, lost sync page write [ 692.173417][T23857] EXT4-fs (loop2): I/O error while writing superblock [ 692.180089][T23857] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: IO failure [ 692.189569][ T396] loop: Write error at byte offset 9223372036854776831, length 1024. [ 692.192889][T23881] loop1: detected capacity change from 0 to 40427 [ 692.197595][ C1] Buffer I/O error on dev loop2, logical block 1, lost sync page write [ 692.205151][T23881] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) [ 692.219512][T23881] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 692.228413][T23881] F2FS-fs (loop1): invalid crc value [ 692.229043][T23858] EXT4-fs warning (device loop2): htree_dirblock_to_tree:1082: inode #2: lblock 0: comm syz-executor.2: error -5 reading directory block [ 692.238297][T23881] F2FS-fs (loop1): Found nat_bits in checkpoint [ 692.278746][T23601] EXT4-fs warning (device loop2): htree_dirblock_to_tree:1082: inode #2: lblock 0: comm syz-executor.2: error -5 reading directory block [ 692.297735][ C1] EXT4-fs warning (device loop2): ext4_end_bio:347: I/O error 10 writing to inode 19 starting block 129) [ 692.302510][T23881] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 692.308841][ C1] buffer_io_error: 14 callbacks suppressed [ 692.308858][ C1] Buffer I/O error on device loop2, logical block 129 [ 692.315765][T23881] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 692.321363][ C1] Buffer I/O error on device loop2, logical block 130 [ 692.321377][ C1] Buffer I/O error on device loop2, logical block 131 [ 692.321388][ C1] Buffer I/O error on device loop2, logical block 132 [ 692.321435][ C1] Buffer I/O error on device loop2, logical block 133 [ 692.332451][T23891] f2fs_ckpt-7:1: attempt to access beyond end of device [ 692.332451][T23891] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 692.335361][ C1] Buffer I/O error on device loop2, logical block 134 [ 692.335377][ C1] Buffer I/O error on device loop2, logical block 135 [ 692.388744][ C1] Buffer I/O error on device loop2, logical block 136 [ 692.395395][ C1] Buffer I/O error on device loop2, logical block 137 [ 692.401938][ C1] Buffer I/O error on device loop2, logical block 138 [ 692.490529][ T333] usb 4-1: new high-speed USB device number 71 using dummy_hcd [ 692.627814][T23914] bridge0: port 1(bridge_slave_0) entered blocking state [ 692.634743][T23914] bridge0: port 1(bridge_slave_0) entered disabled state [ 692.643404][T23914] device bridge_slave_0 entered promiscuous mode [ 692.653518][T23914] bridge0: port 2(bridge_slave_1) entered blocking state [ 692.660383][T23914] bridge0: port 2(bridge_slave_1) entered disabled state [ 692.667980][T23914] device bridge_slave_1 entered promiscuous mode [ 692.738030][T23914] bridge0: port 2(bridge_slave_1) entered blocking state [ 692.744944][T23914] bridge0: port 2(bridge_slave_1) entered forwarding state [ 692.752004][T23914] bridge0: port 1(bridge_slave_0) entered blocking state [ 692.757751][ T825] usb 5-1: new high-speed USB device number 57 using dummy_hcd [ 692.758789][T23914] bridge0: port 1(bridge_slave_0) entered forwarding state [ 692.794807][T20393] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 692.803219][T20393] bridge0: port 1(bridge_slave_0) entered disabled state [ 692.810350][T20393] bridge0: port 2(bridge_slave_1) entered disabled state [ 692.830899][T20393] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 692.838979][T20393] bridge0: port 1(bridge_slave_0) entered blocking state [ 692.845838][T20393] bridge0: port 1(bridge_slave_0) entered forwarding state [ 692.854077][T20393] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 692.862200][T20393] bridge0: port 2(bridge_slave_1) entered blocking state [ 692.869083][T20393] bridge0: port 2(bridge_slave_1) entered forwarding state [ 692.908385][ T346] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 692.939667][ T333] usb 4-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config [ 692.951201][ T346] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 692.959124][ T346] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 692.967184][ T333] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 692.976146][ T333] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 692.986959][T23914] device veth0_vlan entered promiscuous mode [ 693.005811][ T4734] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 693.013833][ T4734] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 693.021442][T23929] loop1: detected capacity change from 0 to 40427 [ 693.022381][ T4734] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 693.028980][T23929] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) [ 693.035382][ T4734] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 693.049227][T23929] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 693.051492][T23914] device veth1_macvtap entered promiscuous mode [ 693.058554][T23929] F2FS-fs (loop1): invalid crc value [ 693.069987][ T333] snd-usb-audio: probe of 4-1:27.0 failed with error -2 [ 693.071665][T23929] F2FS-fs (loop1): Found nat_bits in checkpoint [ 693.109915][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 693.118662][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 693.127087][T23929] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 693.127217][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 693.137729][T23929] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 693.142225][ T333] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 693.149446][ T825] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 693.149481][ T825] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 693.149516][ T825] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 693.173499][T23930] f2fs_ckpt-7:1: attempt to access beyond end of device [ 693.173499][T23930] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 693.177675][ T825] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 693.217586][ T825] usb 5-1: config 0 descriptor?? [ 693.231387][T23935] loop2: detected capacity change from 0 to 256 [ 693.243273][T23935] FAT-fs (loop2): Directory bread(block 64) failed [ 693.249812][ C1] softirq: huh, entered softirq 9 RCU ffffffff8160d1a0 with preempt_count 00000103, exited with 00000102? [ 693.250012][T23935] FAT-fs (loop2): Directory bread(block 65) failed [ 693.260987][T23648] BUG: scheduling while atomic: syz-executor.3/23648/0x00000002 [ 693.261009][T23648] Modules linked in: [ 693.261019][T23648] Preemption disabled at: [ 693.261025][T23648] [] schedule+0xbc/0x180 [ 693.261060][T23648] CPU: 1 PID: 23648 Comm: syz-executor.3 Tainted: G W 6.1.78-syzkaller-00009-g25216be1ac5e #0 [ 693.268575][T23935] FAT-fs (loop2): Directory bread(block 66) failed [ 693.274878][T23648] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 693.274897][T23648] Call Trace: [ 693.274905][T23648] [ 693.274914][T23648] dump_stack_lvl+0x151/0x1b7 [ 693.274950][T23648] ? schedule+0xbc/0x180 [ 693.278850][T23935] FAT-fs (loop2): Directory bread(block 67) failed [ 693.282776][T23648] ? schedule+0xbc/0x180 [ 693.282806][T23648] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 693.282831][T23648] ? schedule+0xbc/0x180 [ 693.282854][T23648] dump_stack+0x15/0x1b [ 693.282874][T23648] __schedule_bug+0x195/0x260 [ 693.288712][T23935] FAT-fs (loop2): Directory bread(block 68) failed [ 693.299972][T23648] ? __ia32_sys_waitid+0xd0/0xd0 [ 693.300003][T23648] ? cpu_util_update_eff+0x10e0/0x10e0 [ 693.300025][T23648] ? kernel_waitid+0x520/0x520 [ 693.300050][T23648] __schedule+0xcf7/0x1550 [ 693.300074][T23648] ? __x64_sys_wait4+0x181/0x1e0 [ 693.300098][T23648] ? __sched_text_start+0x8/0x8 [ 693.300123][T23648] schedule+0xc3/0x180 [ 693.300146][T23648] exit_to_user_mode_loop+0x4e/0xa0 [ 693.300171][T23648] exit_to_user_mode_prepare+0x5a/0xa0 [ 693.300197][T23648] syscall_exit_to_user_mode+0x26/0x140 [ 693.413508][T23648] do_syscall_64+0x49/0xb0 [ 693.417758][T23648] ? sysvec_apic_timer_interrupt+0x55/0xc0 [ 693.423398][T23648] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 693.429124][T23648] RIP: 0033:0x7fbdcf279893 [ 693.433377][T23648] Code: 00 00 0f 1f 44 00 00 31 c9 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 80 3d 71 e6 10 00 00 49 89 ca 74 14 b8 3d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 5d c3 0f 1f 40 00 48 83 ec 28 89 54 24 14 48 [ 693.452820][T23648] RSP: 002b:00007fff5f3a02f8 EFLAGS: 00000202 ORIG_RAX: 000000000000003d 2033/05/18 03:37:36 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF [ 693.461236][T23648] RAX: 0000000000000000 RBX: 000000000000003c RCX: 00007fbdcf279893 [ 693.469051][T23648] RDX: 0000000040000001 RSI: 00007fff5f3a034c RDI: 00000000ffffffff [ 693.476861][T23648] RBP: 00007fff5f3a034c R08: 00007fff5f3b3080 R09: 00007fff5f3b30b0 [ 693.484671][T23648] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000032 [ 693.492493][T23648] R13: 000000000009e860 R14: 000000000009e856 R15: 0000000000000004 [ 693.500309][T23648] [ 693.520566][ T2613] device bridge_slave_1 left promiscuous mode [ 693.522358][T23935] FAT-fs (loop2): Directory bread(block 69) failed [ 693.526693][ T2613] bridge0: port 2(bridge_slave_1) entered disabled state [ 693.549686][T18422] usb 4-1: USB disconnect, device number 71 [ 693.584268][T23935] FAT-fs (loop2): Directory bread(block 70) failed [ 693.590626][T23935] FAT-fs (loop2): Directory bread(block 71) failed [ 693.597853][ T2613] device bridge_slave_0 left promiscuous mode [ 693.613113][ T2613] bridge0: port 1(bridge_slave_0) entered disabled state [ 693.634492][T23935] FAT-fs (loop2): Directory bread(block 72) failed [ 693.640860][T23935] FAT-fs (loop2): Directory bread(block 73) failed [ 693.693247][ T2613] device veth1_macvtap left promiscuous mode [ 693.720350][ T2613] device veth0_vlan left promiscuous mode