last executing test programs: 15.428309892s ago: executing program 1 (id=611): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000010004850000006d000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1) mount(&(0x7f00000001c0)=@filename='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000001200)='vfat\x00', 0x0, 0x0) 15.289603134s ago: executing program 1 (id=614): openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000280), 0x1, 0x787, &(0x7f0000001000)="$eJzs3ctrXNUfAPDvnSRNk/b3SwRB6yogaKB0YmpsFVxUXIhgoaBr22EyDTWTTMlMShMCtojgRlBxIeimax9159bHVv8LF9JSNS1WXEjkzqOdNjPppM3MBPL5wMmcc++dnPOdcx/nzr3MDWDPmkj/ZCIORcRHScRYfXoSEUPV3GDEidpyt9fX8mlKYmPjzT+S6jK31tfy0fSe1IF64cmI+PH9iMOZzfWWV1bnc8ViYalenqosnJ8qr6weObeQmyvMFRaPTc/MHD3+wvFjOxfrX7+sHrz+8WvPfnPin/eeuPrhT0mciIP1ec1x7JSJmKh/JkPpR3iPV3e6sj5L+t0AHkq6aQ7UtvI4FGMxUM21MdLLlgEA3fJuRGwAAHtM4vgPAHtM43uAW+tr+Ubq7zcSvXXjlYjYX4u/cX2zNmewfs1uf/U66Oit5J4rI0lEjO9A/RMR8cV3b3+Vpqj3g2tpQC9cuhwRZ8YnNu//k033LGzXc1vN3BiuvkzcN3mvHX+gn75Pxz8vthr/Ze6Mf6LF+Ge4xbb7MB68/Weu7UA1baXjv5eb7m273RR/3fhAvfS/6phvKDl7rlhI923/j4jJGBpOy9PVRVuP3CZv/nuzXf3N478/P3nny7T+9PXuEplrg8P3vmc2V8k9atwNNy5HPDXYKv7kTv8nbca/pzqs4/WXPvi83bw0/jTeRtocf3dtXIl4pmX/3+3LZMv7E6eqq8NUY6Vo4dtfPxttV39z/6cprb9xLtALaf+Pbh3/eNJ8v2Z5+3X8fGXsh3bzHhx/6/V/X/JWNb+vPu1irlJZmo7Yl7yxefrRu+9tlBvLp/FPPt16+69V23r9T88Jz3QY/+D1379++Pi7K41/dlv9v/3M1dvzA+3q76z/Z6q5yfqUTvZ/nTbwUT47AAAAAAAAAAAAAAAAAAAAAAAAAOhUJiIORpLJ3slnMtls7Rnej8doplgqVw6fLS0vzkb1WdnjMZRp/NTlWNPvoU7Xfw+/UT56X/n5iHgsIj4dHqmWs/lScbbfwQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA3YE2z/9P/Tbc79YBAF2zv98NAAB6zvEfAPae7R3/R7rWDgCgd5z/A8De0/Hx/0x32wEA9I7zfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrs1MmTadr4e30tn5ZnL6wsz5cuHJktlOezC8v5bL60dD47VyrNFQvZfGmh7T+6VHsplkrnZ2Jx+eJUpVCuTJVXVk8vlJYXK6fPLeTmCqcLQz2LDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6V15Znc8Vi4UlmS0zI7ujGbsmMxi7ohkyXcs07yVG+reDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjl/gsAAP//IIYqoQ==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143042, 0x0) pwritev2(r0, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5405, 0x0, 0x0) sendfile(r0, r0, 0x0, 0x7a68007c) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe2, 0x1}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_emit_ethernet(0x1f, 0x0, 0x0) 15.074312661s ago: executing program 1 (id=616): bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0) r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/image_size', 0x10b902, 0x0) write$cgroup_int(r2, &(0x7f0000000000), 0x12) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) r3 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r3, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000100)={0x2, 0x3, 0x0, 0x9, 0xe, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @private1}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @private1}}]}, 0x70}, 0x1, 0x7}, 0x0) r4 = socket$packet(0x11, 0xa, 0x300) setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000080)=[{0x80000006}]}, 0x10) r5 = open(&(0x7f0000000000)='./file1\x00', 0x109042, 0x0) getpid() r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r6}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10) socket$inet6_tcp(0xa, 0x1, 0x0) r8 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r9 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) ioctl$TIOCSETD(r9, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TCFLSH(r9, 0x400455c8, 0x0) r10 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x2, 0xfff, 0x5}, 0x48) r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000280), &(0x7f0000000380), 0xfff, r10}, 0x38) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r11}, 0x10) getitimer(0x0, &(0x7f0000000300)) ioctl$sock_bt_hci(r8, 0x400448ca, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) copy_file_range(r5, 0x0, r5, &(0x7f0000000100)=0xfffffffffffffff7, 0x0, 0x0) 4.650596351s ago: executing program 0 (id=667): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000010004850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1) mount(&(0x7f00000001c0)=@filename='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000001200)='vfat\x00', 0x0, 0x0) 4.54015476s ago: executing program 0 (id=668): r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20) r1 = socket$unix(0x1, 0x2, 0x0) bind$unix(r1, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) readv(r1, &(0x7f0000000000)=[{&(0x7f0000000200)=""/150, 0x96}], 0x1) fstat(r0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0}) stat(&(0x7f0000000500)='./file0\x00', &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r4 = socket$vsock_stream(0x28, 0x1, 0x0) sendmmsg$unix(r1, &(0x7f00000009c0)=[{{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f00000000c0)="1e8fce3c4b99b01ba586b304b7f11ad492771ecb13b3acf8da6c16ed7fa299b552ab9c86c4e9f690a3d3d63261bafc1a7674e368f033d846f18f7b78c4f1c4dd32b655db9eed572a1694d763e3794a81724a611e2663e6392ff525bc5e836412c93e63de283532b3db32ecceb840f27a2cce", 0x72}, {&(0x7f0000000340)="640e4b9d1526e2fe2f54b0c7558c66b0680b1d4dfb09c06c045bb47a8cd2b15dd18817cc1dd4ed9b26dde2e5ed249a8e1f267d6d68c6ef10a8c41631e8f2c2efe3911b2c4bf26ff059e4a8112c3b9a8f1830c5f05461797c71c048ca758b04a0b645c2a30a1b2d551a16d1d88bba8e190ba36df2ac16df99de35fbecd9e92773606765a821c8fee05d3a9389caf10851bbc84483a8e04e31b7033be20be855b85e9e6a4229e23ac8c58537393470973b18124f296313598178821ecb80b701fffdf613a217058516bec4f3cf1dbf2093a66299c9160b469f22376ae8a9489d44e760843aa9665f030a3e58a9209bb3a685938852ebdccdcc6376bebbbdb5d7", 0xff}], 0x2, &(0x7f0000000680)=[@cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, r2, r3}}}, @rights={{0x2c, 0x1, 0x1, [r0, r0, r0, r0, r0, r0, r4]}}], 0x50, 0xc8842}}, {{&(0x7f0000000700)=@abs={0x0, 0x0, 0x4e23}, 0x6e, &(0x7f0000000980)=[{&(0x7f0000000540)="ea34512c198527b319cd9d42fd357ccbd4debcc497881ff38e50a74987191611bd5a758df09f", 0x26}, {&(0x7f0000000780)="0c626f68296517e5d0ee51181626d18f2233629c47ff47dd7aa22856839d792bab880aeaea797795fb61474f47d59c8d91ba3cd191b4e7471b8bb23539fe5ba8da922607397b73e298279495eceaf16ecef006a769553cb84db0f3519456fab7e69336f403060aeead1e511edfd0cfc8ecaf66527e6df569d95c6f6518c869584479c14d3e5f9fca1f6d4503687e8ff4cd98", 0x92}, {&(0x7f0000000840)="d42eb86db4d6", 0x6}, {&(0x7f0000000880)="ac1f9add40a2bd84f5b245d2da4dcc37e670489a236313667bad3889135c463f263159ede7f3ac8411c19b9a9c6f5756f32da9e18da78ffcfb90d59c4fd7a7c8a02ebafbfb333c13f12faba05587ceffb386cb2b6eca140199a0c17ae2a27a6d0c1829dfc77004877fd8ac6a1e5206d1a3e755fb45008355b10955c14836c027520d2ab14b92613754a957f714e99f4e12042f4b3f4fad8e8492c2517b5e201f61561cabc5e03f8360fe26b56ae73125d844d04df38e6ce19d3be17984cf2975b4e2771fabceebedfd1c077e67f68d7761e2", 0xd2}], 0x4, 0x0, 0x0, 0x44080}}], 0x2, 0x4000810) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f00000001c0)='kmem_cache_free\x00'}, 0x10) syz_emit_ethernet(0x86, &(0x7f00000001c0)={@random="591a1d9a2bdb", @link_local={0x1, 0x80, 0xc2, 0x25}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x78, 0x0, 0x0, 0x0, 0x29, 0x0, @empty, @multicast1}, {0x0, 0x0, 0x64, 0x0, @wg=@response={0x220, 0x0, 0x0, "bfd8a5dd2002c02142c4391145badd28fd7f0ffc0e896f38da00", "0bb10000085b2e00", {"bb3b2195c4b058706558a70864bef1f0", "524a72fc460b8cd26e095f24ab642591"}}}}}}}, 0x0) 4.526516351s ago: executing program 2 (id=669): syz_mount_image$ext4(&(0x7f0000000300)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x804810, &(0x7f0000005440), 0x26, 0x75c, &(0x7f0000005480)="$eJzs3M1rHGUYAPBnptmkH9GNIPhxEKGFFko3SXNpT40Xb4VCwWsNm0kImWRDdlO7sWDrWajNRUEQ9ezRq1DqH+BNCgreBdEaD+JlZTablMZsum3Sbkl/P5jO+87H+zxPd3izAzsTwAvr7eKfJGI4Ii5FRLmzPY2IwXbrcMSNjePW71+PgYhqEq3W5T+S4rRYb5W3xko662PRPiVej4i7pYjTH/8/br25Oj+V59lypz/aWFgarTdXz8wtTM1ms9ni+MT5sXMTE+fGJh5Zw2s91nrivfNHbv/47traT981br01cCaJyXbdsVFbtcdhHsvG/0kpJrdtX3wawfoo6XcCAAD0pPiefyii+F4fpSjHoXYLAAAAOEhaQy0AAADgwEui3xkAAAAAT9fm7wDW71+vbi7P8vcHv78TESM7xR9oP0MccThKEXF0PXnoyYRk4zTYkxs3I+LO5Pbr75viCruxx7HHtvUffkZ6cI+jsx/uFPPP5E7zT7o1/8QO88/A5rsT9qj7/Pcg/qEu89+lHmN8/+Ubpa7xb0a8ObBT/GQrftIl/vs9xr+19sntbvtaX0ec3PHvT/JQrF3eDzE5M5fv+vqBu/+eurdb/Ue7xU92r3+px/o/XP9rvttcUsQ/dXz3z3+n+MU18WknjzQibnfWRX9tW4zjCz//sFv90xGtJ/n8v+qx/l+/HbrW46EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQlkbEcCRpZaudppVKxLGIeDWOpnmt3jg9U1tZnC72RYxEKZ2Zy7OxiChv9JOiP95uP+if3dafiIhXfjmyEXQuzyrVWj7d7+IBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYciwihiNJKxGRRsTf5TStVCIGejh36BnkBwAAAOyTkX4nAAAAADx17v8BAADg4HvS+/9kn/MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADrRLFy8WS2v9/vVq0Z++2lyZr109M53V5ysLK9VKtba8VJmt1WbzrFKtLTxqvLxWWxo/HyvXRhtZvTFab65eWaitLDauzC1MzWZXstIzqQoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDHNdxekrQSEWm7naaVSsRLETESpWRmLs/GIuLliLhXLg0V/fF+Jw0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMC+qzdX56fyPFt+bhqDncyel3w0NPa/8dFzf4X3eWICAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKAv6s3V+ak8z5br/c4EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/kp/SyKiWE6WTwxv3zuY/FNuryPigy8uf3ZtqtFYHi+2/7m1vfF5Z/vZfuQPAAAAL4QLj3Pw5n365n08AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAr+rN1fmpPM+W99a4EM3VVtLlmH7XCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPJn/AgAA///3Y8EX") bpf$MAP_CREATE(0x0, 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) ioctl$FS_IOC_ENABLE_VERITY(r0, 0x40806685, &(0x7f0000000200)={0x1, 0x2, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0}) 4.315759348s ago: executing program 2 (id=673): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_wait_time\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000180), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000480)=@ipv6_getaddrlabel={0x30, 0x1a, 0x1, 0x0, 0x0, {}, [@IFAL_ADDRESS={0x14, 0x1, @mcast2}]}, 0x30}}, 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x12, 0x9, &(0x7f0000000680)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x5}, @call={0x85, 0x0, 0x0, 0xf}, @generic={0xa7}, @initr0, @exit]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x8}, 0x80) syz_mount_image$exfat(&(0x7f00000001c0), &(0x7f0000000000)='./file1\x00', 0x8800, &(0x7f0000000540)=ANY=[@ANYBLOB='dmask=00000000000000000000002,errors=continue,namecase=1,iocharset=cp862,iocharset=cp437,discard,gid=', @ANYRESHEX=0xee01, @ANYBLOB="2c696f636861727365743d63703835372c757466382c6e616d65636173653d312c00afeb25c8d8bf6d820ca8d5b95843058cdb15a6d60184912a470be86a89b6eac3c4e6b79dc2fa753b117e9e53388343fc5e07b7bb127bacb9d8382c3e058cb9f57a56bc1b19e22474bc1032655d868d14175536dfe9252a00"], 0x5, 0x1506, &(0x7f0000002840)="$eJzs3AuYjVX7MPD7Xms9Y0zSbpLDsNa6H3ZyWCZJckiSQ5IkSZJTQtIkSUJiyClpSEJyGJLDEJLDxKRxPh9yTpKkSZKcckrWdyk+b2+9X//+/76/93rn/l3Xc+117+e5176ffe/D2s/FfNd5SI1GNas2ICL4H8Ffb5IBIBYABgDANQAQAEDZ+LLxF/bnlJj8P3sQ9vd6KO1KV8CuJO5/9sb9z964/9kb9z974/5nb9z/7I37n71x/xnLzjZNK3Atb9l34+v/2Rl///8HySo15qs1pa7v8hdSuP/ZG/f/P1bwXzmI+5+9cf+zN+5/9sb9zw5y/Ms93P/sjfvPWHZ2pa8/83Zltyv9+mOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxlj2c9pcpALg0vtJ1McYYY4wxxhhj7O/jc1zpChhjjDHGGGOMMfb/H4IACQoCiIEcEAs5IQ4EAFwNueEaiMC1EA/XQR64HvJCPsgPBSABCkIh0GDAAkEIhaEIROEGKAo3QjEoDiWgJDgoBYlwE5SGm6EM3AJl4VYoB7dBeagAFaES3A6V4Q6oAndCVbgLqkF1qAE14W6oBfdAbbgX6sB9UBfuh3rwANSHB6EBPAQN4WFoBI9AY3gUmkBTaAbNocV/K/9F6A4vQQ/oCcnQC3rDy9AH+kI/6A8D4BUYCK/CIHgNUmAwDIHXYSi8AcPgTRgOI2AkvAWj4G0YDWNgLIyDVBgPE+AdmAjvwiSYDFNgKqTBNJgO78EMmAmz4H2YDR/AHJgL82A+pMOHsAAWQgZ8BIvgY8iExbAElsIyWA4rYCWsgtWwBtbCOlgPG2AjbIJPYDNsga2wDbbDDtgJn8Iu+Ax2w+ewB774i/mn/im/CwICChSoUGEMxmAsxmIcxmEuzIW5MTdGMILxGI95MA/mxbyYH/NjAiZgISyEBg0SEhbGwhjFKBbFolgMi2EJLIEOHSZiIpbGm7EMlsGyWBbLYTksjxWwAlbCSlgZK2MVrIJVsSpWw2pYA2vg3Xg39sLaWBvrYB2si3UvXZ7CBtgAG2JDbISNsDE2xibYBJthM2yBLbAltsRW2ArbYBtsi22xHbbDJEzC9tgeO2AH7IgdsRN2ws7YGbtgV+yKL+YAfAlfwp5YTfTC3tgb+2Af7If9sT++ggPxVXwVX8MUHIxD8HV8Hd/AYXgSh+MIHIkjsbJ4G0fjGCQxDlMxFSfgBJyIE3ESTsbJOBXTcBpOx+k4A2fiTHwfZ+MH+AHOxbk4H9MxHRfgQszADFyEpzATF+MSXIrLcDkuw5W4ClfiGlyLa3A9rseNuBE/wU9wC27BbbgNd6ACwE/xM/wMU3AP7sG9uBf34T7cj/sxC7PwAB7Ag3gQD+EhPIyH8QgexWN4FE/gCTyJp/A0nsazeBbP4fMJ3zTcUXx1CogLlFAiRsSIWBEr4kScyCVyidwit4iIiIgX8SKPyCPyirwiv8gvEkSCKCQKCSOMIBHGAICIiqgoKoqKYqKYKCFKCCecSBSJorQoLcqIMqKsuFWUE7eJ8qKCaO0qiUqismjjqog7RVVRVVQT1UUNUVPUFLVELVFb1BZ1RB1RV9QV9cQDor7ohf3wIXGhM43EYGwshmAT0VTIi59gLcUwbCVaizbiCTECh2M70dIliadFezEaO4hnxRh8TnQS47CzeEF0EV1FN/Gi6C5auR6ip5iEvURvMRX7iL6in+gvZmB1caFjNcRrIkUMFkPE62I+viGGiTfFcDFCjBRviVHibTFajBFjxTiRKsaLCeIdMVG8KyaJyWKKmCrSxDQxXbwnZoiZYpZ4X8wWH4g5Yq6YJ+aLdPGhWCAWigzxkVgkPhaZYrFYIpaKZWK5WCFWilVitVgj1op1Yr3YIDaKTeITsVlsEVvFNrFd7BA7xadil/hM7Bafiz3iC7FXfCn2ia/EfvG1yBLfiAPiW3FQfCcOie/FYfGDOCKOimPiuDghfhQnxSlxWpwRZ8VP4pz4WZwXXoBEKaSUSgYyRuaQsTKnjJNXyVwyuPjsXivj5XUyj7xe5pX5ZH5ZQCbIgrKQ1NJIK0mGsrAsIqPyBllU3iiLyeKyhCwpnSwlE+VNsrS8WZaRt8iy8lZZTt4my8sKsqKsJG+XleUdsoq8U1aVd8lqsrqsIWvKu2UteY+sLe+VdeR9sq68X9aTD8j68kHZQD4kG8qHZSP5iGwsH5VNZFPZTDaXLeRjsqV8XLaSrWUb+YRsK5+U7eRTMkk+LdvLZ2QH+azsKJ+TneTzsrN8QXaRXWU3+bM8L73sIXvKZNlL9pYvyz6yr+wn+8sB8hU5UL4qB8nXZIocLIfI1+VQ+YYcJt+Uw+UIOVK+JUfJt+VoOUaOleNkqhwvJ8h35ET5rpwkJ8spcqpMk9Nkv4szzZLyT/Pf+YP8Qb88+ka5SX4iN8stcqvcJrfLHXKn3Cl3yV1yt9wt98g9cq/cK/fJfXK/3C+zZJY8IA/Ig/KgPCQPycPysDwij8oz8rg8IX+UJ+UpeUqekWflWXnu4nMACpVQUikVqBiVQ8WqnCpOXaVyqatVbnWNiqhrVby6TuVR16u8Kp/KrwqoBFVQFVJaGWUVqVAVVkVUVN2AF18wqoQqqZwqpRLVTX8lXxVVN6piqvhv8v+svhaqhWqpWqpWqpVqo9qotqqtaqfaqSSVpNqr9qqD6qA6qo6qk+qkOqvOqovqorqpbqq76q56qB4qWSWr3upl1Uf1Vf1UfzVAvaIGqoFqkBqkUlSKGqKGqKFqqBqmhqnhargaqUaqUWqUGq1Gq7FqrEpVqWqCmqAmqolqkpqkpqgpKk2lqelqupqhZqhZapaarWarOWqOmqfmqXSVrhaoBSpDZahFapHKVIvVYrVULVXL1XK1Uq1Uq9VqtVatVevVepWpNqlNarParLaqrWq72q52qp1ql9qldqvdao/ao/aqvWqf2qf2q/0qS2WpA+qAOqgOqkPqkDqsDqsj6og6po6pE+qEOqlOqtPqtDqrzqpz6pw6r85fWPYFIhCBClQQE8QEsUFsEBfEBbmCXEHuIHcQCSJBfBAf5AmuD/IG+YL8QYEgISgYFAp0YAIbiItNjwY3BEWDG4NiQfGgRFAycEGpIDG4KSgd3ByUCW4Jyga3BuWC24LyQYWgYlApuD2oHNwRVAnuDKoGdwXVgupBjaBmcHdQK7gnqB3cG9QJ7gvqBvcH9YIHgvrBg0GD4KGgYfBw0Ch4JGgcPBo0CZoGzYLmQYu/dX7vT+Z73PXQPXWy7qV765d1H91X99P99QD9ih6oX9WD9Gs6RQ/WQ/Treqh+Qw/Tb+rheoQeqd/So/TberQeo8fqcTpVj9cT9Dt6on5XT9KT9RQ9VafpaXq6fk/P0DP1LP2+nq0/0HP0XD1Pz9fp+kO9QC/UGfojvUh/rDP1Yr1EL9XL9HK9Qq/Uq/RqvUav1ev0er1Bb9Sb9Cd6s96it+pterveoXfqT/Uu/ZnerT/Xe/QXeq/+Uu/TX+n9+mudpb/RB/S3+qD+Th/S3+vD+gd9RB/Vx/RxfUL/qE/qU/q0PqPP6p/0Of2zPq/9hcX9ha93o4wyMSbGxJpYE2fiTC6Ty+Q2uU3EREy8iTd5TB6T1+Q1+U1+k2ASTCFTyFxAhkxhU9hETdQUNUVNMVPMlDAljDPOJJpEU9qUNmVMGVPWlDXlTDlT3pQ3FU1Fc7u53dxh7jB3mjvNXeYuU91UNzVNTVPL1DK1TW1Tx9QxdU1dU8/UM/VNfdPANDANTUPTyDQyjU1j08Q0Mc1MM9PCtDAtTUvTyrQybUwb09a0Ne1MO5Nkkkx70950MB1MR9PRdDKdTGfT2XQxXUw30810N91ND9PDJJtk09v0Nn1MH9PP9DMDzAAz0Aw0g8wgk2JSzBAzxAw1Q80wM8wMNyPMSPOWGWXeNqPNGDPWjDOpJtVMMBPMRDPRTDKTzBQzxaSZNDPdTDczzAwzy8wys81sM8fMMfPMPJNu0s0Cs8BkmAyzyCwymSbTLDFLzDKzzKwwK8wqs8qsMWvMOlhnNpgNZpPZZDabzWar2Wq2m+1mp9lpdpldZrfZbfaYPWav2Wv2mX1mv9lvskyWOWAOmIPmoDlkDpnD5rA5Yo6YY+aYOWFOmJPmpDltTpuzJt/FJZU3sTanjbNX2Vz2apvbXmP/Oc5vC9gEW9AWstrmtfl+ExtrbTFb3JawJa2zpWyivel3cXlbwVa0lezttrK9w1b5XVzL3mNr23ttHXufrWnv/k1c195v69lHbH1EANvUNrTNbSP7iG1sH7VNbFPbzDa3be2Ttp19yibZp217+8zv4gV2oV1lV9s1dq3dZT+zp+0Ze9B+Z8/an2wP29MOsK/YgfZVO8i+ZlPs4N/FI+1bdpR92462Y+xYO+538RQ71abZaXa6fc/OsDN/F6fbD+1sm2Hn2Ll2np3/S3yhpgz7kV1kP7aZdrFdYpfaZXa5XWFX/t9al9r1doPdaHfaT+1mu8Vutdvsdrvjl/jCeey2n9s99gt7wH5r99mv7H57yGbZb36JL5zfIfu9PWx/sEfsUXvMHrcn7I/2pD31y/lfOPfj9md73noLhCRIkqKAYigHxVJOiqOrKBddTbnpGorQtRRP11Eeup7yUj7KTwUogQpSIdJkyBJRSIWpCEXpBrq0Ti9BJclRKUqkm6g03Uxl6BYqS7dSObqNylMFqkiV6HaqTHdQFbqTqtJdVI2qUw2qSXdTLbqHatO9VIfuo7p0P9WjB6g+PUgN6CFqSA9TI3qEGtOj1ISaUjNqTi3oMWpJj1Mrak1t6AlqS09SO3qKkuhpak/PUAd6ljrSc9SJnqfO9AJ1oa7UjV6k7vQS9aCelEy9qDe9TH2oL/Wj/jSAXqGB9CoNotcohQbTEHqdhtIbNIzepOE0gkbSWzSK3qbRNIbG0jhKpfE0gd6hifQuTaLJNIWmUhpNo+n0Hs2gmTSL3qfZ9AHNobk0j+ZTOn1IC2ghZdBHtIg+pkxaTEtoKS2j5bSCVtIqWk1raC2to/W0gTbSJvqENtMW2krbaDvtoJ30Ke2iz2g3fU576AvaS1/SPvqK9tPXlEXf0AH6lg7Sd3SIvvc96Qc6QkfpGB2nE/QjnaRTdJrO0Fn6ic7Rz3SePEGIoQhlqMIgjAlzhLFhzjAuvCrMFV4d5g6vCSPhtWF8eF2YJ7w+zBvmC/OHBcKEsGBYKNShCW1IYRgWDouE0fCGsGh4Y1gsLB6WCEuGLiwVJoY3haXDm8My4S1h2fDWsFx4W1g+rBA+cl+l8PawcnhHWCW8M6wa3hVWC6uHNcKa4d1hrfCesHZ4b1gnvC8sE94f1gsfCOuHD4YNwofChuHDYaPwkbBx+GjYJGwaNgubhy3Cx8KW4eNhq7B12CZ8ImwbPhm2C58Kk8Knw/bhM3+6PznsFfYOXw5fDr2/V86Lzo+mRz+MLogujGZEP4ouin4czYwuji6JLo0uiy6ProiujK6Kro6uia6Nrouuj26Ibox6XzMHOHTCSadc4GJcDhfrcro4d5XL5a52ud01LuKudfHuOpfHXe/yunwuvyvgElxBV8hpZ5x15EJX2BVxUXeDK+pudMVccVfClXTOlXKJrrlr4Vq4lu5x18q1dm3cE+4J96R70j3lnnJPu/buGdfBPes6uudcJ/e8e9694Lq4rq6be9F1d+Nz//qeTHa9XW/Xx/Vx/Vw/N8ANcAPdQDfIDXIpLsUNcUPcUDfUDXPD3HA33I10I90oN8qNdqPdWDfWpbpUN8FNcBPdRDfJTXJT3BSX5tLcdDfdzXAzXOWZvz7KHDfHzXPzXLpLdwvchTVjhlvkFrlMl+mWuCVumVvmVrgVbpVb5da4NW6dW+c2uA1uk9vkNrvNbqvb6ra77W6n2+l2+Wt+ndTtcXvdXrfP7XP73dcuy33jDrhv3UH3nTvkvneH3Q/uiDvqjrnj7oT70Z10p9xpd8addT+5c+5nd955lxoZH5kQeScyMfJuZFJkcmRKZGokLTItMj3yXmRGZGZkVuT9yOzIB5E5kbmReZH5kfTIh5EFkYWRjMhHkUWRjyOZkcWRJZGlkWWR5RHvC24OfWFfxEf9Db6ov9EX88V9CV/SO1/KJ/qbfGl/sy/jb/Fl/a2+nL/Nl/cVfEX/qG/im/pmvrlv4R/zLf3jvpVv7dv4J3xb/6Rv55/ySf5p394/4zv4Z31H/5zv5J/3nf0Lvovv6rv5F313/5Lv4Xv6ZN/L9/Yv+z6+r+/n+/sB/hU/0L/qB/nXfIof7If41/1Q/4Yf5t/0w/0IPzLmLT/KX/p0HudT/Xg/wb/jJ/p3/SQ/2U/xU32an+an+/f8DD/Tz/Lv+9n+Az/Hz/Xz/Hyf7j/0C/xCn+E/8ov8xz7TL750Udmv8Cv9Kr/ar/Fr/Tq/3m/wG/0m/4nf7Lf4rX6b3+53+J3+U7/Lf+Z3+8/9Hv+F3+u/9Pv8V36//9pn+W/8Af+tP+i/84f89/6w/8Ef8Uf9MX/cn/A/+pP+lD/tz/iz/id/zv/sz/P/WWOMMcYY+y8Zf3ko/mh/rz+4T/zDwb0B4OotBbL+cf+FFeW6vL+O+4qEthEAeLpn54cubdWqJScnXzw2U0JQZC4ARC7nx8DleDG0gSchCVpD6T+sv6/oepb+ZP7orQBx/5ATC5fjy/N/+S/mf+yJkQvKhafj/x/zzwUoVuRyTk64HC+GNurCbWso8y/mz9fyT+rP+VUqQKt/yMkFl+PL9SfC4/AMJP3mSMYYY4wxxhhj7Fd9RcWOl35/XvoXn3/0+zxBXc7JAZfjP/t9zhhjjDHGGGOMsSvvua7dnnosKal1x78+qPLfyuLBv+vAe4BL9ygAuNL1/LsOUi6+df5517IzPoB/iwr/lsEV/mBijDHGGGOM/e0uL/p/e7+6UgUxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGPZ0P/GnxO70ufIGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMXWn/JwAA//9cqxFN") r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) getdents64(r3, &(0x7f0000000f80)=""/4096, 0x1000) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000040)={r2, 0xe0, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffe2c, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000001040), 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, 0x0, 0x0}}, 0x10) 4.034506881s ago: executing program 2 (id=675): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000002100)={0x0, 0x0, &(0x7f00000020c0)={&(0x7f0000000000)={0x14, 0x1f, 0xf09, 0x0, 0x0, {0x6}}, 0x14}}, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x87}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10) syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000406d041bc700000000000109022400010000000009042000010300000009210000000122070009058103"], 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000ffdd18110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0xcd, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000008000000000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) syz_read_part_table(0x5c3, &(0x7f00000005c0)="$eJzs2z9I22kYB/A31lBohw7XqVPbocPRpaVjM7QlSVsqhKiL3KCgiJgpghC5gKAHmkExgzi6iJDFP5Mxg5Oi4Czi4CE4uNyhi+BiDvG97e7wUI8rfD7w48n75vu+T54h4y/wXWsJvzebzUQIofnwrxPNfzjdWUtnvjzPfch3xMvCfPWXH64+Jv48HW99GdeHcb0w/6gxefY5WTtoP3/VvVlpid+PxufxYr3zDsbjni2ltp6MjRezU6XUwH62fDyxt9u2fJrO179Vqitfk596Y2471tZYh0IpjITB0BMKoRD6QvGO+s/Vjt5cPsvW1vrfX2Qa0xtvYy53yzlv2n/4xUxXtfzx9erT2Xel9Z38yYPrXOFv/l0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPy/LKW2noyNF7NTpdTAfrZ8PLG327Z8ms7Xv1WqK1+Tn3pjbjvW1liHQimMhMHQEwohEfpC8Y76z9WO3lw+y9bW+t9fZBrTG29jLnfLOW/af/jFTFe1/PH16tPZd6X1nfzJg+tc4eE9/QAAAAAAAAAAAAAAAAAAAAAIIaQzX57nPuQ7QkiEn0Jr+PG3n1uu9pvxffdEzL2M9TDuL8w/akyefU7WDtrPX3VvVn6N+6PxebxY7/zPh+Ff+yMAAP//17OV3g==") 3.848537106s ago: executing program 1 (id=664): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000040000000000080000100850000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000280)='netlink_extack\x00', r0}, 0x10) setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000040), 0x213) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x0, 0x5, 0x408, 0xcd, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r1, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x18, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b00000000001b000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000006ffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r3) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) r4 = inotify_init1(0x0) fcntl$setown(r4, 0x8, 0xffffffffffffffff) fcntl$getownex(r4, 0x10, &(0x7f0000000140)={0x0, 0x0}) r6 = syz_open_procfs(r5, &(0x7f0000000600)='fd/4\x00') ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(r6, 0x4004662b, &(0x7f0000000180)={@id={0x2, 0x0, @d}}) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r7}, 0x10) syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x20, 0xda, 0xfb, 0x20, 0x499, 0x1010, 0x5f5, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x6f, 0x2b, 0xae}}]}}]}}, 0x0) 3.692027889s ago: executing program 0 (id=679): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x0, 0x0, 0x8000}, 0x48) mkdirat(0xffffffffffffffff, &(0x7f00000001c0)='./cgroup\x00', 0x4c) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000380)=@file={0x0, './cgroup\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r3 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket(0x10, 0x803, 0x0) sendmsg$nl_route_sched(r5, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14) sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r6, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000a40)=@newqdisc={0x470, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x444, 0x2, [@TCA_TBF_RATE64={0xc, 0x4, 0xfde97aa2f3edf49}, @TCA_TBF_PTAB={0x404, 0x3, [0x7, 0x5, 0x1, 0x7, 0x2, 0x1ff, 0x80f6, 0x8, 0xc, 0x0, 0x401, 0x4, 0x1ff, 0x6, 0xffffff00, 0x7, 0x4, 0x6, 0x7, 0xbf, 0x1, 0x5, 0x4, 0x6, 0x10, 0x4000000, 0x6, 0x6, 0x8, 0xdc31, 0x6, 0x100, 0x8, 0x7, 0x2, 0x3, 0x7, 0x8, 0x8, 0x5, 0x9, 0x1, 0x4, 0x7, 0x97a, 0x3ff, 0x9, 0x6, 0x7fff, 0x8, 0x40, 0xfffffffb, 0xe0, 0x8, 0x71, 0x8, 0x1, 0x6, 0x3, 0xfffffff7, 0x400, 0x2, 0x2, 0xe, 0x1, 0x4, 0x8000, 0x80000001, 0x7, 0xd, 0x401, 0x0, 0x60, 0x400, 0x8, 0x9, 0x0, 0x6, 0x6, 0x3baa, 0x6, 0x7, 0x3, 0x2, 0x3, 0x6f3, 0x3, 0x4, 0xffffb12c, 0x9, 0x5, 0x10000, 0x4, 0x8, 0x3, 0x53c, 0xaafc, 0x0, 0x7, 0x4, 0x1000, 0x7, 0xff, 0x200000, 0x1, 0x1, 0xc, 0xa96, 0x2, 0xfffffff7, 0x7f, 0x8b, 0x6, 0x355, 0x3, 0x7ff, 0xdf49, 0x0, 0x0, 0xfffffffb, 0x0, 0xfff, 0x1e, 0x365, 0x7, 0x8, 0xf, 0x4, 0x9, 0x6, 0xb, 0x5, 0x6, 0x8, 0x7, 0x40, 0x21, 0x8, 0x9, 0x7, 0xfffffff7, 0x7, 0x6, 0x8, 0x5, 0x800, 0xa4, 0x9, 0x4, 0xff, 0x761a, 0xffff, 0xb7c, 0x1, 0x10000, 0x2, 0x4, 0x2, 0x1, 0x7, 0x3, 0x4, 0x4, 0x6, 0x0, 0x9, 0xffffffff, 0xfffffff9, 0xffffffff, 0x6, 0x4, 0x9, 0x4, 0x401, 0x47, 0x1, 0x4aa, 0x9, 0x8, 0x3, 0x6, 0x124, 0xfd, 0x4, 0x8, 0x6, 0x6, 0x9, 0x9, 0x2, 0x40, 0xf86, 0x6, 0x9, 0x5, 0x2, 0xca7, 0x6, 0x100, 0x3, 0x9, 0x2, 0x1, 0x800, 0x6, 0x6, 0x4d0e, 0x9, 0x1000, 0x6, 0x9c00, 0xc, 0x5, 0x5, 0xbd3, 0xffff, 0xa95, 0xfffffff8, 0x13c1, 0xff, 0x36, 0x8, 0x401, 0x0, 0x5dcd3fc3, 0x6, 0xffffa81a, 0x411, 0x4, 0x6, 0xfffffff7, 0xd, 0xe766, 0x8, 0x4, 0x7, 0x10000004, 0x8, 0x5, 0x4, 0xb, 0x4, 0x1, 0x9, 0x8, 0x8, 0x80000001, 0x9, 0x7fff, 0x5, 0xc6, 0x4000000, 0x9, 0x4, 0x0, 0x9]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x81}}, @TCA_TBF_BURST={0x8, 0x6, 0xaf}]}}]}, 0x470}}, 0x0) bind$packet(r3, &(0x7f0000000040)={0x11, 0x0, r6, 0x1, 0x0, 0x6, @remote}, 0x14) sendto$inet6(r3, &(0x7f0000000800)="4104082c1116480401020200c52cf7c25975e005b02f000006892f000300897c6b118777faffffff3066090cb600c5471d130a66321a54e7df305fbe258161b6fd8f2428652265d94c6fdbaefc57376a57c2feffff188be9427c323ef024a37016d2a7f9ab6e7941a6fc4f95aa73c1dfff4941f6503b5bd8c91db22cd33795481c94085fa12cdc679ac2a5d7b5d99b93fb07acb0da680e78b74c74aae8d7690d5986a9af81622a0ac210bc7b5ca5fed11cb54d046642670041e846bb184ff5d39fe8516d2d2a8d84e6e7dfcb2b8a8023444db513a3d7a124b59f0a5cd36489dbbb75cce3145d0ea3c3aa21af7cbcbc7a7575db782e757ca543109f5ddcec4930aa91f4119ea3d1f56140cb86cfe0724b23904ef5d05c725ee23918a502b1afe09fb0757d", 0xfc13, 0x880, 0x0, 0xfffffffffffffef0) setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000001900)=ANY=[@ANYBLOB, @ANYRESDEC], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) sendmsg(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="e8000000000000000b210000ff3f7c081e0f315b91fcaec7bf495d5c618332756cbb1bb9ce6d12b9d976d1f33aca41e50a3342bcd67c311f7885a05c3fcf2ae21f1498ec481e7ca2c3ca4c7b3bf94448f62e111e5a79929b9182cc977ba6ae766ce37bdaac6da997fbc15f0c79f42155b99a280667b51fdc7902d7be5ef41f953fedb32aceeada13250626957eff13d5b12cc916541ccbeb0d4060a4dd89664eaba2f6b4ede0c9e3dc1c9446d9284ebe0e46eee7bc145ff0a2779c025553298812978ea53a8c60f254f23344a80a0aac7b141787bad6b0ba090000005f2f3158f0d200000000000070000000000000000701000040000000afbb30c2946e41ef3167d1f6ed47aa1f52bad114a89dbed741f74a23cd8d915e2dcc74a4932646b90f90a9d3956d5cadb642ac79fcb0aae3654482188263abd27e9d57cc28032453dc75f333e1f367ab38b7e7719805a454e79802d07ec60c00b0000000000000000100000001"], 0x208}, 0x0) socketpair(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff}) sendmsg(r7, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[], 0x208}, 0x0) 2.81456523s ago: executing program 0 (id=684): openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000280), 0x1, 0x787, &(0x7f0000001000)="$eJzs3ctrXNUfAPDvnSRNk/b3SwRB6yogaKB0YmpsFVxUXIhgoaBr22EyDTWTTMlMShMCtojgRlBxIeimax9159bHVv8LF9JSNS1WXEjkzqOdNjPppM3MBPL5wMmcc++dnPOdcx/nzr3MDWDPmkj/ZCIORcRHScRYfXoSEUPV3GDEidpyt9fX8mlKYmPjzT+S6jK31tfy0fSe1IF64cmI+PH9iMOZzfWWV1bnc8ViYalenqosnJ8qr6weObeQmyvMFRaPTc/MHD3+wvFjOxfrX7+sHrz+8WvPfnPin/eeuPrhT0mciIP1ec1x7JSJmKh/JkPpR3iPV3e6sj5L+t0AHkq6aQ7UtvI4FGMxUM21MdLLlgEA3fJuRGwAAHtM4vgPAHtM43uAW+tr+Ubq7zcSvXXjlYjYX4u/cX2zNmewfs1uf/U66Oit5J4rI0lEjO9A/RMR8cV3b3+Vpqj3g2tpQC9cuhwRZ8YnNu//k033LGzXc1vN3BiuvkzcN3mvHX+gn75Pxz8vthr/Ze6Mf6LF+Ge4xbb7MB68/Weu7UA1baXjv5eb7m273RR/3fhAvfS/6phvKDl7rlhI923/j4jJGBpOy9PVRVuP3CZv/nuzXf3N478/P3nny7T+9PXuEplrg8P3vmc2V8k9atwNNy5HPDXYKv7kTv8nbca/pzqs4/WXPvi83bw0/jTeRtocf3dtXIl4pmX/3+3LZMv7E6eqq8NUY6Vo4dtfPxttV39z/6cprb9xLtALaf+Pbh3/eNJ8v2Z5+3X8fGXsh3bzHhx/6/V/X/JWNb+vPu1irlJZmo7Yl7yxefrRu+9tlBvLp/FPPt16+69V23r9T88Jz3QY/+D1379++Pi7K41/dlv9v/3M1dvzA+3q76z/Z6q5yfqUTvZ/nTbwUT47AAAAAAAAAAAAAAAAAAAAAAAAAOhUJiIORpLJ3slnMtls7Rnej8doplgqVw6fLS0vzkb1WdnjMZRp/NTlWNPvoU7Xfw+/UT56X/n5iHgsIj4dHqmWs/lScbbfwQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA3YE2z/9P/Tbc79YBAF2zv98NAAB6zvEfAPae7R3/R7rWDgCgd5z/A8De0/Hx/0x32wEA9I7zfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrs1MmTadr4e30tn5ZnL6wsz5cuHJktlOezC8v5bL60dD47VyrNFQvZfGmh7T+6VHsplkrnZ2Jx+eJUpVCuTJVXVk8vlJYXK6fPLeTmCqcLQz2LDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6V15Znc8Vi4UlmS0zI7ujGbsmMxi7ohkyXcs07yVG+reDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjl/gsAAP//IIYqoQ==") pwritev2(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5405, 0x0, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7a68007c) 2.68928185s ago: executing program 0 (id=686): bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0) r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/image_size', 0x10b902, 0x0) write$cgroup_int(r2, &(0x7f0000000000), 0x12) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) r3 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r3, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000100)={0x2, 0x3, 0x0, 0x9, 0xe, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @private1}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @private1}}]}, 0x70}, 0x1, 0x7}, 0x0) r4 = socket$packet(0x11, 0xa, 0x300) setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000080)=[{0x80000006}]}, 0x10) r5 = open(&(0x7f0000000000)='./file1\x00', 0x109042, 0x0) getpid() r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r6}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10) r8 = socket$inet6_tcp(0xa, 0x1, 0x0) r9 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r10 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) ioctl$TIOCSETD(r10, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TCFLSH(r10, 0x400455c8, 0x0) r11 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x2, 0xfff, 0x5}, 0x48) r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r11, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000280), &(0x7f0000000380), 0xfff, r11}, 0x38) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r12}, 0x10) getitimer(0x0, &(0x7f0000000300)) ioctl$sock_bt_hci(r9, 0x400448ca, 0x0) close_range(r8, 0xffffffffffffffff, 0x0) copy_file_range(0xffffffffffffffff, 0x0, r5, &(0x7f0000000100)=0xfffffffffffffff7, 0x0, 0x0) 2.543645463s ago: executing program 4 (id=687): bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000048500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c) setsockopt$inet6_int(r1, 0x29, 0xb, &(0x7f0000000b80)=0x5, 0x4) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000180)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x0, @private1, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0) 2.481936747s ago: executing program 4 (id=688): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10) utimes(&(0x7f0000000540)='./file0\x00', 0x0) (fail_nth: 2) 2.250395286s ago: executing program 4 (id=689): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) syz_genetlink_get_family_id$wireguard(0x0, 0xffffffffffffffff) syz_emit_ethernet(0xae, &(0x7f00000000c0)={@local, @broadcast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "000210", 0x78, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{0x18, 0xb, "00d414ce8ad4"}, {0x0, 0xa, "a78ce54006598080a8030037004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af1802"}, {0x0, 0x1, "005ff92900ddab4992020900"}]}}}}}}, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000009007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000002c0)="f7", 0x1}], 0x1}, 0x20004001) recvmsg$unix(r5, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10) sendmsg$unix(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)='9', 0x1}], 0x1}, 0x8841) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10) utimes(&(0x7f0000000540)='./file0\x00', 0x0) 2.249263327s ago: executing program 2 (id=690): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000005c0)={{r0}, &(0x7f0000000540), &(0x7f0000000580)='%pB \x00'}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) r2 = socket$inet_udp(0x2, 0x2, 0x0) r3 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r3, 0x0, 0x0) bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdd1}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000200)='xprtrdma_dma_maperr\x00', r4}, 0x10) connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) setsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@dev, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@dev={0xfe, 0x80, '\x00', 0x1a}, 0x0, 0x33}, 0x0, @in=@loopback, 0x0, 0x0, 0x0, 0xb7}}, 0xe8) sendmmsg(r2, &(0x7f0000007fc0), 0x800001d, 0x0) 2.242295797s ago: executing program 0 (id=691): syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./bus\x00', 0x0, &(0x7f0000000200), 0x1, 0x545, &(0x7f0000000bc0)="$eJzs3c9rHOUbAPBnNkl/pd8mXxT8cQootFC7aZqqFQTr3WJBPddlsw0lm0zJbkoTCrUHz3qoJ0+exZNnQfwfPCh48iK1RYpQvUVmM5tuk910m26y1fl8YLbvO+9s33l25nl5Z2eWBFBYU9lLKeKliPg8iZjoaBuNvHFqY7sH929U/7p/o5rE+voHfySR5Ova2yf5v+N55cWI+OHTiJOl7f02VtcWKvV6bTmvTzcXr043VtdOXVmszNfma0uz52ZfPzszc+bsuYHFWr5ZOXT3i/fv3l7+9dRHnz04nsT5OJq3dcYxKFMxlX8mY3F+S9vMoDsbsmTYO8CujOR5PhbZGDARI3nWA/99NyNiHSioRP5DQbXnAdn1b3sZ7oxkf917d+MCaHv8oxvfjcTEenZtdOTP5JEro+x6d3IA/Wd9nD958fdsiT36HgKgm09uRcTp0dHt41+Sj3+7d7qPbbb2YfyD/fN9Nv95rdv8p5Tn5qHW69b5z3iX3N2Nx+d/6c4Auukpm/+93XX+u3nTanIkr/2vNecbSy5fqdeyse1YRJyIsYNZfaf7OT8dfmuiV1vn/C9bsv7bc8F8P+6MHnz0PXOVZuVpYu5071bEy13nv8nm8U+6HP/s87jYZx/Hnnvj515tj49/b61/FXG86/F/eEcr2fn+5HTrfJhunxXbzY6svdCr/2HHnx3/IzvHP5l03q9tPHkfr34z/mOvtt2e/weSD1vlA/m665Vmc3km4kDy3vb1Zx6+t11vb5/Ff+KVnce/buf/4Yj4uM/4v5v9+pfdx7+3svjnnuj4P3nhy/Tbd3r139/xP9sqncjX9DP+9buDT/PZAQAAAAAAwLOmFBFHIymVN8ulUrm88XzH83GkVE8bzZOX05WluWj9VnYyxkrtO90THc9DzOTPw7brZ7bUZyPi/xFxe+Rwq16upvW5YQcPAAAAAAAAAAAAAAAAAAAAz4jxHr//z/w2Muy9A/acP/kNxSX/objkPxSX/Ifikv9QXPIfikv+Q3HJfygu+Q/FJf8BAAAAAAAAAAAAAAAAAAAAAAAAAABgoC5euJAt63/fv1HN6nPXVlcW0mun5mqNhfLiSrVcTZevlufTdL5eK1fTxcf9f/U0vfpmLK1cn27WGs3pxurapcV0Zal56cpiZb52qTa2L1EBAAAAAAAAAAAAAAAAAADAv0tjdW2hUq/XlhUUFBQ2C8MemQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgoX8CAAD//z8IGNY=") r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2000002, 0x40010, r0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000200)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {0x4}, {0x6, 0x0, 0xa}, {}, {}, {0x85, 0x0, 0x0, 0x33}}]}, &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r2}, 0xc) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x0, 0x0, 0x0, 0x8000}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0x8, &(0x7f0000000380)=ANY=[@ANYBLOB="fc21dbadec4cf66d6b9efa1af541dc57a6bf83f3b3b4d19c9943cbd5a1a2e6af", @ANYRES32=r3, @ANYBLOB="0000000000000000b703825b845a142602ff00000c000000b700000000000000850000002900000077093000ffffffff8d62fcff01000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x13, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r4}, 0x10) r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, "7e12ddc5a89047bf00"}) r6 = syz_open_pts(r5, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000200)=0x2) read(r6, 0x0, 0x2006) r7 = dup2(r6, r5) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffffffffe, 0x4031, 0xffffffffffffffff, 0x0) r8 = userfaultfd(0x80001) r9 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301) r10 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10) ioctl$USBDEVFS_REAPURB(r9, 0x4008550c, &(0x7f0000002680)) ioctl$USBDEVFS_FREE_STREAMS(r9, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="02002302230102090500000010000020d3"]) ioctl$UFFDIO_API(r8, 0xc018aa3f, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYRESDEC=r9, @ANYRESHEX=r10, @ANYRES16=r9, @ANYBLOB="0d31a365c0a8e38df2d133d097f438c67c7f022c547c81b634070a7ba44f6c0e7e1e192a443099f39d572edba7104ff73fe1e5d82035911bb7bb2e960de9405063f23eac27d7121257afd9fae8bf271902c3cb8f94e8cece16030e0ea6d2cceb87c1a3a63498ce7a1be92ac7a71ab9d6998c3b55169965fd2894fe8cb91154d8032e6eec85c8092b6a0b673b4ee11953a7379443f2899aa05efa62b11ddbbb85db6db98bd559d49101829da4b6cf126fe15ec348320179d158bb308ef26123dbcbbb7e2d35f9088a07", @ANYRES32=r7, @ANYRES64=r6], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x90) r11 = syz_usb_connect$hid(0x0, 0x3f, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000000000020961b0a0000000000000109022d000100000000090400000503000000092100000001220500090581034000"], 0x0) syz_usb_control_io$hid(r11, 0x0, 0x0) syz_usb_control_io(r11, &(0x7f0000000d40)={0x2c, &(0x7f0000000780)=ANY=[@ANYBLOB='\x00\x00\a\x00\x00'], 0x0, 0x0, 0x0, 0x0}, 0x0) syz_open_dev$hidraw(&(0x7f0000000180), 0x7, 0x0) r12 = syz_open_dev$hidraw(&(0x7f0000000940), 0x0, 0x0) read$hidraw(r12, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) 2.190324681s ago: executing program 2 (id=692): socket$key(0xf, 0x3, 0x2) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="9feb01001800000000000000c7000000c7000000040000000200000000000009000000000800000000000001000000000e00000000000008000000000f0000000100000f03000000020000000500000003000000d79b77080000000000000100000000750014050000000006000006040000000f000000800000000200000006000000040000002000000002000000080000000e000000200000001000000000000000ffffffff04000006040000000b0000003f0000000000000002000000090000000000000006000000080000000b0000000000000100000000720040060000302e00"], &(0x7f0000000240)=""/155, 0xe4, 0x9b, 0x0, 0x2}, 0x20) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, r1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x0, 0xb, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) epoll_create1(0x0) epoll_create1(0x0) syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000040)='./bus\x00', 0x1808014, &(0x7f0000000600)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461002018bbdecde39739fcd1df176dde746ec834120600000000003b048000000000000072462abc30ef5b65c70f73ecea54b5e5bec5aca9836c319f653557e79a002208ceae6dda659bd5ba0f4ce5c2080002223dc60000000000000044cd0a1e36868736000000f6a55493b4b81d5b9fa9b40fe4d76afc3a989c6d60044e89eb96e44d01a1174e3797ffa86870b82939f41ffa0f3d726f085663c29cbdc4c766a7eb77cc369c71e57fafab52f325ca91e684160191acf5ae7469c82ab4145b595b987d75912afdcc1c061835294cc0c618aba204f8adaa20c80108d356cd887ba217c8f569e6d0caf75052a77056b06e7068c40f807d9e539f8f5b64a8ee0725aa8d00000000007cb6ac0d90ea79b8027cf75964dd86c2ed2b5e75779677a28c76b848dd03dab190b5f02ec52830f3ff01eaae1c3df076000000000000000000000000000083a48a6b926c668b9ba42490175018ea3619f9d80a0b894e212178e1a19909d764666264fa29e2c055fd7f8e67c2acfb75f0a8d41692f4542a575ee42ed94a0014fba44985cca9df12fe93bfaccf0122a6e7e593613ac011170182f99766e86fb125cc6799c43aa4dc708dc4a00a6decad26f0378072a571da000000aec3dfbae348b5b494f6fddb9f56142a47a40ef81690a7eca421bd0ad198afa58ce69d61c29deaa93c0efea0f1415e90fd0400bad5f796374bb196e60e537b8ffca80a5ec3c5c063aab2c87a7824c4fbfab7264185e1b2e59012acbf3732abe75b848de8ec4aaba2e3c8cd14dd9bf9499952815b9fb34057a585a9c18a11f3d496825b3fcb0c8aa89e079fd78997da864b302139b2b10597100846b55f7d0b050b7b0ef7e9c897c50b53404acdd701425323201b33465fddec69c37cb13fd441a830af5ea73f4ac82d7926eb0db1141003d148473077a76c3bee7e37dc799abb47bd67cde7958c50fb2d15c9cc196e4bff1d00"/716], 0x5, 0x558b, &(0x7f00000079c0)="$eJzs3EtvG2UXAOAzTtP71y9CLNh1pAopkWqrTi+CFQVacRGtKi4LVuDYruXW9kSx64auumCJWPBPEEisWPIbWMASdogFiB1SkWcmULdJC63jQPs80vjMHL8+874jK9KZiRzAU2sp/e2XJI7FoYhYiIijSeT7SblF3I44X4x9LiKOR0Tlri0p838m9kfE4Yg4Nile1EzKtz47OT5x9uc3f/362wP7jnz+1Xd7unBgTz0fEf31Yv9mv4hZJw93Fsp8Y9zNY//MuIzrUzX6WZG/2V7LK9xsbI1r5PF0pxifrd8YTuLVXqM5iZ3u1Ty/PihOOBx3tupMPpBea2zkx632Wh67wyyPnVvFeTdvFX/bbg1HRZ1WWe+jvHyMRluxyLc328V61q/nsTkYlfmibtZqb07iuIzl6aKZ9Vr5PNYe9Sr/+73VHdzYTMftjWE3G6Rna/UXavVz1fpG1mqP2meqjX7r3Jl0udObDKuO2o3++U6WdXrtWjPrr6TLnWazWq+nyxfaa93GIK3Xa6drp6pnV8q9k+lrl99Le610eRJf6Q5ujLq9YXo120iLT6ykq7XTL66kJ+rpO5eupFfevnjx0pV3P7jw/uWXL73xajnovmmly6unVler9VPV1frKU7T+j8tJ/4P1J9unf/j+8S4bFHb4ggGws/v6/7i3/w/9PzBzD+j/49pD+v/+9fJ4d/r/2Lb/r0z3/zHL/n/SUun/H97/Vvag/10M/f8urh8ey6P1//tnPg8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAObux8UvXs93lorjI2X+f2XqmfI4iYhKRNzZxkLsn6q5UNZZ3GH84j1z+CaJvMLkHAfK7XBEnC+33/+/21cBAAAAnlxf3j7+adGtFy9Lez0h5qm4aVM5+uGM6iURsbj004yqVSYvz86oWP793hebM6qW38A6OKNixS23fbOq9rcsTIWDd4WkCJW5TgcAAJiL6U5gvl0IAAAA8/TJA999aW7zYM6S2HqUufUsOP/P+78eCB6aeg8AAAD4D0r2egIAAADArsv7f7//BwAAAE+24vf/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YOd+ctMGojgAPxsM/auiqvtepTs4Ro/QZZeFA/QSHIGeoFIvwBmolEWOkIQIe4LkBKRIjHGCvk+ynRlHP88AmzeWBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAu/a9Wsz+/vv4+Mebv7fY0maYDAAAAHLCpVrP6j0nTfp/6P6auz6ldREQZEYdq90GMWpmDlFMd+f/q0Rj+RdQJu/5xOt5FxLd03Hzq+lMAAACAy7VeLKdNtd6c0hLAVb+j4kyaRZvyw/dMeUVEVJPrTGnl7vQlU1j9+x7Gz0xp9QLWm0xhzZLb8PC9Ua6HtA1al4eZzOsvsW6V3TwXAADoU7sSOFKFAAAAcAF+9D0AzuFpaV/sT/v3jOPmkl4Ivm21AAAAgFeo6HsAAAAAQOfq+v8l7f9X2P8PAAAAsmv2/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBLm2o1Wy+W02P358/MudueJt+MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB79ucdBUIgDMJg7/rOZO5/WGnQ0NikCoSPvzEYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN787i//J6bGmWTutbH0PJKsnRpbp8beuXH0h/H1awAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYn5cUCIEgiII5438nff/DSoKeQYQIaHhUUYsGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAL/rdL/8npsaZZO60sXQ8kqxdNbauGnsPGkcPxtu/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYt2PfNqowAOCffbbbFBAhoEgEUJE6wEJTt7R0RQgUMfAnIEWpUwIuhTYDrSJKFjaUuQuCESEkUNjyP3RupC5l65AhSEwMQXe+S8+JoVFp79zm95Oe3+fz9b3vna0qn98ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKCw9W682szjJH2YHMTFsdvbKwtpv7mnT22s3ZlJWxo3Ks77CfBa+cnx6foSAQAA4PBIivo+Iu621+fSvjmZ1f/t4py05v/huUFc1PN76/7N7ZWj+UszRf3/+2/3XtqdaDLJ5kkHXVzq907tT6X1mJY49p5/4Bmt7Mpn370k2RvS/HD1xa12dj0b39269X4nC49UkS0A8DBOFn0eFH8PpX23zsQAODRapcK7qP+TyXpzAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKjC1mo8U8SNiJhp3Y9Tm9srC6P6b9buzGzk7dzNm2vlMdMh2hGxuNTvnapwLeOruJrXP5vv93tXrl6rOjgeESNeunGwf57k6f/rOZ2IGDpy4uUR43x8gLn2jLMvyD+eUe01nEjX98CTG0NHGvsu+Hs7A3V8AKoKmvn7My75PMqg+Ow9+pEr/u8IAICnXjtvaSV6t70+lx5rTEXs/Dhc/79RimOo7t+5MTgyeL5Rqv/vfXLudnmucv3frWh9T4LZ5UtfzF69dv2tpUvzF3sXe5+/fbr7TvfM+bNnz89m35XMLkbTNyYAAAD8D528lev/5tT+/f9jpTj+Y/+/XP9/+X336/Jcifp/pPubfnVnAgAAcBh1dqMXXv/rz8aIMxqdTnw1v7x8pTt43H1+evBYaboP6UjeyvV/MlV3VgAAAEAVtlYbQ/v/F0pxHHD//9mfXvmlPGYSERMRlyOid3Lhcv9CdcsZa1X8UDmbqFP3SgEAAKjLRN7K+//t7P7/5u4tD82IePNExN/5b/jjgPV/8sG3P5fnKt//f6bSVY6f5vTgemT9dERruu6MAAAAeJodzVta7P/RXp/79NdjH3Xc/w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQtX8CAAD//4ztMoY=") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r2 = getpid() sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10) getrlimit(0xd, &(0x7f0000000300)) r6 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r6, &(0x7f0000002440)=@name={0x1e, 0x2, 0x0, {{0x43}}}, 0x10) sendmsg$TIPC_CMD_GET_NODES(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000480)={0x1c, 0x0, 0x1, 0x0, 0x0, {{}, {0x0, 0x6}}}, 0xfd53}}, 0x0) r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)={0x28, r7, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_COALESCE_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @ETHTOOL_A_COALESCE_RX_MAX_FRAMES_IRQ={0x8}]}, 0x28}}, 0x20000800) 1.96356495s ago: executing program 3 (id=695): syz_mount_image$ext4(&(0x7f0000000300)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x804810, &(0x7f0000005440), 0x26, 0x75c, &(0x7f0000005480)="$eJzs3M1rHGUYAPBnptmkH9GNIPhxEKGFFko3SXNpT40Xb4VCwWsNm0kImWRDdlO7sWDrWajNRUEQ9ezRq1DqH+BNCgreBdEaD+JlZTablMZsum3Sbkl/P5jO+87H+zxPd3izAzsTwAvr7eKfJGI4Ii5FRLmzPY2IwXbrcMSNjePW71+PgYhqEq3W5T+S4rRYb5W3xko662PRPiVej4i7pYjTH/8/br25Oj+V59lypz/aWFgarTdXz8wtTM1ms9ni+MT5sXMTE+fGJh5Zw2s91nrivfNHbv/47traT981br01cCaJyXbdsVFbtcdhHsvG/0kpJrdtX3wawfoo6XcCAAD0pPiefyii+F4fpSjHoXYLAAAAOEhaQy0AAADgwEui3xkAAAAAT9fm7wDW71+vbi7P8vcHv78TESM7xR9oP0MccThKEXF0PXnoyYRk4zTYkxs3I+LO5Pbr75viCruxx7HHtvUffkZ6cI+jsx/uFPPP5E7zT7o1/8QO88/A5rsT9qj7/Pcg/qEu89+lHmN8/+Ubpa7xb0a8ObBT/GQrftIl/vs9xr+19sntbvtaX0ec3PHvT/JQrF3eDzE5M5fv+vqBu/+eurdb/Ue7xU92r3+px/o/XP9rvttcUsQ/dXz3z3+n+MU18WknjzQibnfWRX9tW4zjCz//sFv90xGtJ/n8v+qx/l+/HbrW46EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQlkbEcCRpZaudppVKxLGIeDWOpnmt3jg9U1tZnC72RYxEKZ2Zy7OxiChv9JOiP95uP+if3dafiIhXfjmyEXQuzyrVWj7d7+IBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYciwihiNJKxGRRsTf5TStVCIGejh36BnkBwAAAOyTkX4nAAAAADx17v8BAADg4HvS+/9kn/MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADrRLFy8WS2v9/vVq0Z++2lyZr109M53V5ysLK9VKtba8VJmt1WbzrFKtLTxqvLxWWxo/HyvXRhtZvTFab65eWaitLDauzC1MzWZXstIzqQoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDHNdxekrQSEWm7naaVSsRLETESpWRmLs/GIuLliLhXLg0V/fF+Jw0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMC+qzdX56fyPFt+bhqDncyel3w0NPa/8dFzf4X3eWICAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKAv6s3V+ak8z5br/c4EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/kp/SyKiWE6WTwxv3zuY/FNuryPigy8uf3ZtqtFYHi+2/7m1vfF5Z/vZfuQPAAAAL4QLj3Pw5n365n08AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAr+rN1fmpPM+W99a4EM3VVtLlmH7XCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPJn/AgAA///3Y8EX") bpf$MAP_CREATE(0x0, 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) ioctl$FS_IOC_ENABLE_VERITY(r0, 0x40806685, &(0x7f0000000200)={0x1, 0x2, 0x1000, 0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)}) 1.788860684s ago: executing program 3 (id=696): openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000280), 0x1, 0x787, &(0x7f0000001000)="$eJzs3ctrXNUfAPDvnSRNk/b3SwRB6yogaKB0YmpsFVxUXIhgoaBr22EyDTWTTMlMShMCtojgRlBxIeimax9159bHVv8LF9JSNS1WXEjkzqOdNjPppM3MBPL5wMmcc++dnPOdcx/nzr3MDWDPmkj/ZCIORcRHScRYfXoSEUPV3GDEidpyt9fX8mlKYmPjzT+S6jK31tfy0fSe1IF64cmI+PH9iMOZzfWWV1bnc8ViYalenqosnJ8qr6weObeQmyvMFRaPTc/MHD3+wvFjOxfrX7+sHrz+8WvPfnPin/eeuPrhT0mciIP1ec1x7JSJmKh/JkPpR3iPV3e6sj5L+t0AHkq6aQ7UtvI4FGMxUM21MdLLlgEA3fJuRGwAAHtM4vgPAHtM43uAW+tr+Ubq7zcSvXXjlYjYX4u/cX2zNmewfs1uf/U66Oit5J4rI0lEjO9A/RMR8cV3b3+Vpqj3g2tpQC9cuhwRZ8YnNu//k033LGzXc1vN3BiuvkzcN3mvHX+gn75Pxz8vthr/Ze6Mf6LF+Ge4xbb7MB68/Weu7UA1baXjv5eb7m273RR/3fhAvfS/6phvKDl7rlhI923/j4jJGBpOy9PVRVuP3CZv/nuzXf3N478/P3nny7T+9PXuEplrg8P3vmc2V8k9atwNNy5HPDXYKv7kTv8nbca/pzqs4/WXPvi83bw0/jTeRtocf3dtXIl4pmX/3+3LZMv7E6eqq8NUY6Vo4dtfPxttV39z/6cprb9xLtALaf+Pbh3/eNJ8v2Z5+3X8fGXsh3bzHhx/6/V/X/JWNb+vPu1irlJZmo7Yl7yxefrRu+9tlBvLp/FPPt16+69V23r9T88Jz3QY/+D1379++Pi7K41/dlv9v/3M1dvzA+3q76z/Z6q5yfqUTvZ/nTbwUT47AAAAAAAAAAAAAAAAAAAAAAAAAOhUJiIORpLJ3slnMtls7Rnej8doplgqVw6fLS0vzkb1WdnjMZRp/NTlWNPvoU7Xfw+/UT56X/n5iHgsIj4dHqmWs/lScbbfwQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA3YE2z/9P/Tbc79YBAF2zv98NAAB6zvEfAPae7R3/R7rWDgCgd5z/A8De0/Hx/0x32wEA9I7zfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrs1MmTadr4e30tn5ZnL6wsz5cuHJktlOezC8v5bL60dD47VyrNFQvZfGmh7T+6VHsplkrnZ2Jx+eJUpVCuTJVXVk8vlJYXK6fPLeTmCqcLQz2LDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6V15Znc8Vi4UlmS0zI7ujGbsmMxi7ohkyXcs07yVG+reDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjl/gsAAP//IIYqoQ==") pwritev2(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5405, 0x0, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7a68007c) 1.700695701s ago: executing program 1 (id=697): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x0, 0x0, 0x8000}, 0x48) mkdirat(0xffffffffffffffff, &(0x7f00000001c0)='./cgroup\x00', 0x4c) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000380)=@file={0x0, './cgroup\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r3 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket(0x10, 0x803, 0x0) sendmsg$nl_route_sched(r5, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14) sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r6, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000a40)=@newqdisc={0x470, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x444, 0x2, [@TCA_TBF_RATE64={0xc, 0x4, 0xfde97aa2f3edf49}, @TCA_TBF_PTAB={0x404, 0x3, [0x7, 0x5, 0x1, 0x7, 0x2, 0x1ff, 0x80f6, 0x8, 0xc, 0x0, 0x401, 0x4, 0x1ff, 0x6, 0xffffff00, 0x7, 0x4, 0x6, 0x7, 0xbf, 0x1, 0x5, 0x4, 0x6, 0x10, 0x4000000, 0x6, 0x6, 0x8, 0xdc31, 0x6, 0x100, 0x8, 0x7, 0x2, 0x3, 0x7, 0x8, 0x8, 0x5, 0x9, 0x1, 0x4, 0x7, 0x97a, 0x3ff, 0x9, 0x6, 0x7fff, 0x8, 0x40, 0xfffffffb, 0xe0, 0x8, 0x71, 0x8, 0x1, 0x6, 0x3, 0xfffffff7, 0x400, 0x2, 0x2, 0xe, 0x1, 0x4, 0x8000, 0x80000001, 0x7, 0xd, 0x401, 0x0, 0x60, 0x400, 0x8, 0x9, 0x0, 0x6, 0x6, 0x3baa, 0x6, 0x7, 0x3, 0x2, 0x3, 0x6f3, 0x3, 0x4, 0xffffb12c, 0x9, 0x5, 0x10000, 0x4, 0x8, 0x3, 0x53c, 0xaafc, 0x0, 0x7, 0x4, 0x1000, 0x7, 0xff, 0x200000, 0x1, 0x1, 0xc, 0xa96, 0x2, 0xfffffff7, 0x7f, 0x8b, 0x6, 0x355, 0x3, 0x7ff, 0xdf49, 0x0, 0x0, 0xfffffffb, 0x0, 0xfff, 0x1e, 0x365, 0x7, 0x8, 0xf, 0x4, 0x9, 0x6, 0xb, 0x5, 0x6, 0x8, 0x7, 0x40, 0x21, 0x8, 0x9, 0x7, 0xfffffff7, 0x7, 0x6, 0x8, 0x5, 0x800, 0xa4, 0x9, 0x4, 0xff, 0x761a, 0xffff, 0xb7c, 0x1, 0x10000, 0x2, 0x4, 0x2, 0x1, 0x7, 0x3, 0x4, 0x4, 0x6, 0x0, 0x9, 0xffffffff, 0xfffffff9, 0xffffffff, 0x6, 0x4, 0x9, 0x4, 0x401, 0x47, 0x1, 0x4aa, 0x9, 0x8, 0x3, 0x6, 0x124, 0xfd, 0x4, 0x8, 0x6, 0x6, 0x9, 0x9, 0x2, 0x40, 0xf86, 0x6, 0x9, 0x5, 0x2, 0xca7, 0x6, 0x100, 0x3, 0x9, 0x2, 0x1, 0x800, 0x6, 0x6, 0x4d0e, 0x9, 0x1000, 0x6, 0x9c00, 0xc, 0x5, 0x5, 0xbd3, 0xffff, 0xa95, 0xfffffff8, 0x13c1, 0xff, 0x36, 0x8, 0x401, 0x7, 0x0, 0x6, 0xffffa81a, 0x411, 0x4, 0x6, 0xfffffff7, 0xd, 0xe766, 0x8, 0x4, 0x7, 0x10000004, 0x8, 0x5, 0x4, 0xb, 0x4, 0x1, 0x9, 0x8, 0x8, 0x80000001, 0x9, 0x7fff, 0x5, 0xc6, 0x4000000, 0x9, 0x4, 0x0, 0x9]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x81}}, @TCA_TBF_BURST={0x8, 0x6, 0xaf}]}}]}, 0x470}}, 0x0) bind$packet(r3, &(0x7f0000000040)={0x11, 0x0, r6, 0x1, 0x0, 0x6, @remote}, 0x14) sendto$inet6(r3, &(0x7f0000000800)="4104082c1116480401020200c52cf7c25975e005b02f000006892f000300897c6b118777faffffff3066090cb600c5471d130a66321a54e7df305fbe258161b6fd8f2428652265d94c6fdbaefc57376a57c2feffff188be9427c323ef024a37016d2a7f9ab6e7941a6fc4f95aa73c1dfff4941f6503b5bd8c91db22cd33795481c94085fa12cdc679ac2a5d7b5d99b93fb07acb0da680e78b74c74aae8d7690d5986a9af81622a0ac210bc7b5ca5fed11cb54d046642670041e846bb184ff5d39fe8516d2d2a8d84e6e7dfcb2b8a8023444db513a3d7a124b59f0a5cd36489dbbb75cce3145d0ea3c3aa21af7cbcbc7a7575db782e757ca543109f5ddcec4930aa91f4119ea3d1f56140cb86cfe0724b23904ef5d05c725ee23918a502b1afe09fb0757d", 0xfc13, 0x880, 0x0, 0xfffffffffffffef0) setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000001900)=ANY=[@ANYBLOB, @ANYRESDEC], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) sendmsg(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="e8000000000000000b210000ff3f7c081e0f315b91fcaec7bf495d5c618332756cbb1bb9ce6d12b9d976d1f33aca41e50a3342bcd67c311f7885a05c3fcf2ae21f1498ec481e7ca2c3ca4c7b3bf94448f62e111e5a79929b9182cc977ba6ae766ce37bdaac6da997fbc15f0c79f42155b99a280667b51fdc7902d7be5ef41f953fedb32aceeada13250626957eff13d5b12cc916541ccbeb0d4060a4dd89664eaba2f6b4ede0c9e3dc1c9446d9284ebe0e46eee7bc145ff0a2779c025553298812978ea53a8c60f254f23344a80a0aac7b141787bad6b0ba090000005f2f3158f0d200000000000070000000000000000701000040000000afbb30c2946e41ef3167d1f6ed47aa1f52bad114a89dbed741f74a23cd8d915e2dcc74a4932646b90f90a9d3956d5cadb642ac79fcb0aae3654482188263abd27e9d57cc28032453dc75f333e1f367ab38b7e7719805a454e79802d07ec60c00b0000000000000000100000001"], 0x208}, 0x0) socketpair(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff}) sendmsg(r7, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[], 0x208}, 0x0) 1.626541997s ago: executing program 3 (id=698): r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r0) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) r1 = inotify_init1(0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r2}, 0x0, &(0x7f0000000040)}, 0x20) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r3}, 0x10) fcntl$setown(r1, 0x8, 0xffffffffffffffff) fcntl$getownex(r1, 0x10, &(0x7f0000000140)={0x0, 0x0}) r5 = syz_open_procfs(r4, &(0x7f0000000600)='fd/4\x00') quotactl_fd$Q_QUOTAOFF(r5, 0xffffffff80000302, 0x0, 0x0) (fail_nth: 2) 634.493768ms ago: executing program 4 (id=699): bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000048500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c) setsockopt$inet6_int(r1, 0x29, 0xb, &(0x7f0000000b80)=0x5, 0x4) listen(r1, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000180)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x0, @private1, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0) 252.441529ms ago: executing program 1 (id=700): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000002100)={0x0, 0x0, &(0x7f00000020c0)={&(0x7f0000000000)={0x14, 0x1f, 0xf09, 0x0, 0x0, {0x6}}, 0x14}}, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x87}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10) syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000406d041bc700000000000109022400010000000009042000010300000009210000000122070009058103"], 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000ffdd18110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0xcd, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000008000000000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) syz_read_part_table(0x5c3, &(0x7f00000005c0)="$eJzs2z9I22kYB/A31lBohw7XqVPbocPRpaVjM7QlSVsqhKiL3KCgiJgpghC5gKAHmkExgzi6iJDFP5Mxg5Oi4Czi4CE4uNyhi+BiDvG97e7wUI8rfD7w48n75vu+T54h4y/wXWsJvzebzUQIofnwrxPNfzjdWUtnvjzPfch3xMvCfPWXH64+Jv48HW99GdeHcb0w/6gxefY5WTtoP3/VvVlpid+PxufxYr3zDsbjni2ltp6MjRezU6XUwH62fDyxt9u2fJrO179Vqitfk596Y2471tZYh0IpjITB0BMKoRD6QvGO+s/Vjt5cPsvW1vrfX2Qa0xtvYy53yzlv2n/4xUxXtfzx9erT2Xel9Z38yYPrXOFv/l0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPy/LKW2noyNF7NTpdTAfrZ8PLG327Z8ms7Xv1WqK1+Tn3pjbjvW1liHQimMhMHQEwohEfpC8Y76z9WO3lw+y9bW+t9fZBrTG29jLnfLOW/af/jFTFe1/PH16tPZd6X1nfzJg+tc4eE9/QAAAAAAAAAAAAAAAAAAAAAIIaQzX57nPuQ7QkiEn0Jr+PG3n1uu9pvxffdEzL2M9TDuL8w/akyefU7WDtrPX3VvVn6N+6PxebxY7/zPh+Ff+yMAAP//17OV3g==") 241.63676ms ago: executing program 2 (id=701): bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0) r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/image_size', 0x10b902, 0x0) write$cgroup_int(r2, &(0x7f0000000000), 0x12) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) r3 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r3, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000100)={0x2, 0x3, 0x0, 0x9, 0xe, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @private1}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @private1}}]}, 0x70}, 0x1, 0x7}, 0x0) r4 = socket$packet(0x11, 0xa, 0x300) setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000080)=[{0x80000006}]}, 0x10) r5 = open(&(0x7f0000000000)='./file1\x00', 0x109042, 0x0) getpid() r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r6}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10) r8 = socket$inet6_tcp(0xa, 0x1, 0x0) r9 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r10 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) ioctl$TIOCSETD(r10, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TCFLSH(r10, 0x400455c8, 0x0) r11 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x2, 0xfff, 0x5}, 0x48) r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r11, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000280), &(0x7f0000000380), 0xfff, r11}, 0x38) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r12}, 0x10) getitimer(0x0, &(0x7f0000000300)) ioctl$sock_bt_hci(r9, 0x400448ca, 0x0) close_range(r8, 0xffffffffffffffff, 0x0) copy_file_range(0xffffffffffffffff, 0x0, r5, &(0x7f0000000100)=0xfffffffffffffff7, 0x0, 0x0) 240.94279ms ago: executing program 4 (id=702): r0 = socket$inet6(0xa, 0x0, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f0000000680)=ANY=[@ANYRESOCT=r0, @ANYRES64=r0, @ANYBLOB="26d2544f11fe1c4af040b88cb502b68c86638e5ba696eb4a196d2c805f3b40aaeaa2330a07f502cd26529ce1c8f346d1d171630eadf454d1aa2dff2f3b8fe86e63f506f3f71349a004ca2fe5758264033ab95d2f742e38317e99f09cd43e416f83c16ab22d8df1f1444478e1ab881e32f194159539a3c985f858b5450b06b9c3ac81385187660e50298e178ad7101db1f7366ce5a31afcdbf21807a15ac78ed509460db2757e2d2d93acd6ea8c9d6154196aa8fb1fe491c7c0a7cc51b183dbbb5403aa8d38bb871ad1c4674b6b73abc5704cfdc858f5ac43246716c7097d70b388e75f9c4ac0a2e59c9559edc35f4861af3e2c36311cf6bc3bbbbd07b414bf78429368f735b3fa21f6bc5f9e3fb8b4028f82d58979d1a5dee1e66b7b631796c0c907a4df962c577ba36b296e7dc65d7a88981550b9e88967a56064f8b8fcd4dfcd11a4ef32a01540371c5f792882dc1afd34f91bd9fe0e5dccaebd818f6c375f0a7f10834f6e4db44bfdd0b31fe676d5ba8c683219e83d4f66e20f7f18d2d1b7f1be2817a44bfcda56c0dd7a2007045d7209303922dda82a1973e9af814fe463625bb1a0b19a14b7beaf865ffdae8d1a35b848b59c5530774c6634339dc6838e0c0eb4e50250c7eaf915e65ee842b7502a4d11e73a37646cbe1107606b19d3d68a62c646f51d91fed4cd3bfc9de9b565c22edc90b75be329517e19ff94422d301bf0dd7caa32459daeefd7a19584aa865fe10b5e85751d181ac76c123015939f66ba771bb52b8866f468f89832e4654d9930cd698d433c8a2bec795156674e8ecb1daa35b990261eaab38686808b2cae7ec0c9190fca008f7f1c10df0a433a02ec51840a19f649ff9e843b738345f8bec299dab61a3bb86621777e2fef5f916178ed9670271cb564a203c4d8725fa3a32854ccd50cf81ca60755ef190a0976685278fd274c6c7dadf548595f31e6531e1cbf8b25cee9cc9251ae4c5a9d3f1d11dca06b75438e4675bcc448e0bcbcf9752322a3ee88ccd5c042ae5bf264a20663d2639f984e49888dfad69bdf7089caca0df7476a61f1f88317db6e96c42bbfbfacd0e0510fe48877d52868a69cf696469bc4ecfc603cf905457b418925713ffe890a6e431a0c8feedd8213d785dcda03ec6483cf10626facce0a300115a398ee34f9cc172a3028d92084da3db19ec8feccf753db51af4d62d968ba3a9a3f036e41e6b8ffcc0aebf74cdeba5098bf46ca85c2dbfedcbfd52ae509009e8a1a06c2c6677871e372b75cd24be6fcf54cd919f98d3e4f59b0835bc506fb7dd4473e71b4cd44ff76223854c367cf189be624739d4b94d6265bca495bb2c9e9cc69455d9e2c43db941b9d189021616b411415d89e44d2845e81ddad58cb4461b28d73ea334b39473985a62b8020297bfa6900786d029cc276f774a100e4851d2e55ec2c25be97f80575a9b7339d3b6c455246f477f5857da7405cd4de0a5b066d1f85a25450a9ef4c2826f31a2bd92acbddc26a4c9bf2a97b7e794e00e4e27ff059b26465b2aa78eda16044790a07ceebcb095a1c108983730d597a573a836f7fdecfe4eea974fe0d964dfb52b10950be45c663504d443d74ea2305beb8f0eb652b5eac85fcdd91296525c993dda13382ef67a0f293d006b41ffde2494b9c3c6344daa536a3c3f7df7fcf2d0e4b8d7b0900f5bd317ee754c976b1b871d347da5bd6e811c52256aecd6f5a69ce96264d2fc42707f679e35d164d81bf8f0f5150cbd2758dc534b5f9a014e57fb11da3b6c056319c3eff204640562cae816f3a338570d152f16b2ae92ff3a469ea5a43b704827409ebb1e465e2d108fa657ff8d9ac63632295e36ac90beeb5189926ea17c26694a8c4f83f32bb22e869a2761e3ecdd24194cdec3440f2040b73249bc35209bb23bf5bad1d0c6ae6257820e8a1cbf9aa8ab62afc629868fb852fa2c0e01f6515256aa9dba6d53a079c9277933a2fc2fd434f6ebe915f4a04d90087d29076c73f2f4a1008cceef39912f4d3c4dfb6d61ade9b99beabfb36ddf81d6624894eda2c42a79d8a7f15a72ce1a895c98528bb0c6f36a3e97db45eb46dfe962b24df99a1a16dd3a120336da29a3f72ce35b0673687ee6e6feac6cfcda9530a750b469da5ec6f1b04840eaa246faa86ac9b78feffc7e56983ff976879aaef165187d51aa9e46f9e85415144f93d001bb3430f2049df12362f8c78817fe9981bc7eb39edc13b01676867c94ae99b0ee4dd879da53650c7f3fe3f78b7624d688acbf118a7cd4bae976aaeaa3767a50c57aab9f2a8f5e7497ef3a62281139d58155b55e61d3f9f02abb07a09d8c5d06339fec64e3feab87abb52caf3fd61fbb7be51be050c84678feb60680dddc453d9e46a5180cf79a495fdbb80ba8f54dd8cfeda92cb82e075faac23421e0890585057e993082caa10315111888dacf428345a9f19446d8170bf84e827f19e81ba2cb78717890bf84e266ab1334a99936b2e1d1401b7a0cfd679823f759fe5ccb0f39fa7b26e8b784b2213defb638e79527df51328a479f3bcf96351d7c80d1a311cc35d2ce3ac02bbaa91f5340ec09e620c96420172d44851d58b198ca3c6023f79a76c18b70b634f01361c6108dd2f684d2b889447f4d6d28fc7144480cfe311cfd8c4ff7789791f3c19c153de9edcd08f669b62bd741cffd3fa635888f4890d03d80e34014a816235e5167986f78ede6989241589b4d4937d72fa858615e6cb9d2ddd8f8cd84d18357c1fa15b11e9377875a8bd5a3bf33900431bc8eba0b5ccfd759fa68c750d969ff70fbcab1a8dbffb103809f91e5215b90df7e6c3944887a0c894cfdb41b0d1de7e154772f6788142fe47fedec93b435f2f379f26e3ac873ff2fdcbd8d27e6b70382d3aac7ddeea161728f58d9ace1fe8ad92f4a3907022e8467b3be3b1e82a60e2e105367d7b18c848e73dc5854e708f4cb129a1b15bded5dbcbf268a85b37c04576e05c716f5649efb3b3b55cf8d26a05ba2b0c2d4cdaeef9c7009347bbbc3c12c6abadf97ad32721609a19216de8bdc25b1397d7dbdcec43a9ab8307542e360286dbda08de2229cac44722c38683c99d4ddfc46f939dc24710c2bbc0049b867cb2733ce8634f56691ff5375923fcaf9f2acad8c2b7f58f222f9b6550233cb8f3e93d49fe3e0ee259ca86c3cc150f415072199570eaf1f9f9d78648e4d6ccd00cd7ebe4248f0045f2869adb5fa940bc3fe7222536495266ac50c7ce586ed0411bb0f12f7bc138851a85c94db8477917937b4c433dd62e4200ab312237ab0071fa351fa097b9a47c8760bfa86521a8ae4909d3a4b837a7d0505f7049bed474db407ffbc2341c8afbe9dd8393377fd5b900bb15c6292163f6f1a1213e2ea71ae649011eba857fcad001216b798604b4208dea8fb9c72b9696844d44461cdc1779b3f66ad4363ae8722e441c80cc5929ba508f2aa2dd4758ca95e27b53861287b9e6fe56bdf4d8e0c94adc58b6919394639bc1324220f932271a69967eb079601671f30868b492475b2b85ec0f8150f7371b4c7232d30b41e6f08eccd1452e4af557caf811234e547a1e0f613b1c77543eca915d00caf02d2e238212722978dfbcdce042330e6dc1c70f69ab03c1926e135ce39b92e447bead25c0113e5a4ee770274f2667d1fdd13e7b0aa54f744c640d68e1f8b4e91f5a6c11563c015936ff27c4907cc91c3a79a6174f3d3a840133a313dfa6df6ebb5b7df9b5b55511a2ef0de73b6793a413387b1ee72ebc0d4e90c7793da5af2aa867114c3d051c61b164970193210c35e0f3de7dc213ca958d6b632adc981b2f1410c33e20adc4dc031a6f3030eb9b113391477d4998d74b597d8d74110b8309cfc7da904a6fa0724ed0a62a476e2cbcf3205388b582b8ec98372272848ae044907e8a05d708f463b086fabef7267a11f6340bab38b08f57c8f7e743368e68a5c1109c8be0ca213fb8fed0f13dce46631946974d18b96c9526277fe7a6b804eb04fde4f7aacefc26fe4a62fd9a2c99d0f32a1778ab84dd546a9037e240e49652c2f6cb1601528926411c71e554c51d44e9654cf3ab329bab9af33f0ee6b6b2136fa125f7df1d96a854424e53040f21a0a7417502c2026e9d8aba8289347fa569d35639264f0966670dbf8afd99dd3d69cf25ef710be66a3d0a5faea1d437d944ddb0443dee0bd19e0968ace2269ecc38ba10faa0c2b3e543b1bd1a2a46f615bc752982e99f88c77f663fc68f93cc9102d49fc8fcfbc3f6a4276e5e91ba0035575389a5a1ccfc9f940312ea19dd59c11b2c03accf2157d44e8d6ad689e89903c169c1caee268b37a2df82dde699f48340868a5b78e3965cb4d41c99912380ee3f96416100e4976ae6f53c9972f00f6d97325f296ae4ba4f4d1e3565ae6fcc00a512da1aa5457cc90c9f5fe701da5208e4a63d14db773d6f017a80e7024354900d711788ce061d5c138a57d01f501ac520d536b08ea3e2df2817689e31ef97f4685e55663614015dbd84fbe2d2af9b50a23b12d143cb9f7eb2cc1a286bf54dc65cc33b3645ad0d3fa13d31243e1d9e5413be84c7937b288fd3d2ad7b8b88050d8894370aaf5618c58832bfa45591d99b28f5f0486a185c9515102eb9033442f6396ae5eb06011825a709be70f1b2c735164b310667b497912c00673dc6b1f989d52cef42cd7de633d868fc9b067583aa3753b13e1487fed7901f6cf6eff11dfd5207601aa5e88408aa847a47e0004f3ce160e9ca16839c83031d18af1efdd153fe15bd640072d81e00d318f35cd5e9def7da1d855356d5d3910386a31e9043f7c9f542c8f4a5987d28ff4b7125d089b7aa540865a18772b3823b0a3f77d75505c91dba2e5b5da009dd727965395e8968e79376cd11baf156c74dbbde23b646ed13980628d39655c5c0cf3d007c311391b0c10f2fe17849b8da957c400af5cfb1c3b4e37ba7b012d1e4162001809baaa5b4c90a39ccb1c4b55043b548d8d537426f7f2e1798747ec3a3d49a2b52e171acc55e5956f7ec6c552f07b75f45288b0b13c68f6ff57386359b95ac4963657e3143e626900581632ae5958227e1fd8a402061d59ade9d4e7d3dcfe6fc8abb8220d1f2d05c1668de282f19e20c01e136a7906a068b96122231871507328c77beed8001c28d86584726ab6baaa2dbf5d8ab47b8a50cabdf8d78b314e16d3d1213837d5450bbac8b024d514599dd95a5bfc94eebb5084a38f258a8bfd57c2f8645ec372947241215aded2812d728d4055f2e7ac1ae1c138e83fef52735bdb875bf2a9351ade19f1006573f40b73f43d0c22103c84add35ffd45d4331659b9125baef86fa65721f8a8f3ae84db552f1188f1304092f404dce0f82394b2587f87426d97d815072e337f2318fbefd0621a0a8ce6f01949f04042c0d93612bf67de37c9fc9978e22eb1d035908481138d2687206c57af0d5e61d46eb5ca53ad8b9bb99b33510a940b23a32638d6c88ea31cdb2bc8ab7ded65e2e8e8632ee8ad3bec8174cf2c1716e3f2ea34e32ee52cee48500941970448f0a6c8c1f8fa806b1175fa010fef8f7ba93a9b61e97200bd15f5a10668ade6ff6a43094acd1cb8c7adde5e2a02938b6cb8ce7bcf576c16ff37a01da4301f58e4796ea33adc0400633fdbee4560998470173e96215017cca544efc6d8920d619a287388d2e568bb2dc10cc886c750b2deb65a7b257994d71dd73e62b830d4028c0d0bf936dad61b2eeb17a8077a67ad740fa3f24d6cff52a483e3e61397284aa240839fcb301cdbe79"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6a, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000005e00)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$F2FS_IOC_MOVE_RANGE(r3, 0x541b, &(0x7f0000000000)={0xffffffffffffffff}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r5, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYRESOCT=r2, @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r6}, 0x10) open(&(0x7f0000000040)='./file0\x00', 0x903840, 0x0) r7 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) fcntl$setlease(r7, 0x400, 0x0) close_range(r4, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r8 = getpid() sched_setscheduler(r8, 0x2, &(0x7f0000000280)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r9, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r10, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r9, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socketpair(0x1e, 0x0, 0x0, 0x0) socket$inet6(0xa, 0x0, 0x7) setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) 114.42943ms ago: executing program 3 (id=703): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000005c0)={{r0}, &(0x7f0000000540), &(0x7f0000000580)='%pB \x00'}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) r2 = socket$inet_udp(0x2, 0x2, 0x0) r3 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r3, 0x0, 0x0) bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdd1}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000200)='xprtrdma_dma_maperr\x00', r4}, 0x10) connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) setsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@dev, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@dev={0xfe, 0x80, '\x00', 0x1a}, 0x0, 0x33}, 0x0, @in=@loopback, 0x0, 0x0, 0x0, 0xb7}}, 0xe8) sendmmsg(r2, &(0x7f0000007fc0), 0x800001d, 0x0) 100.411621ms ago: executing program 3 (id=704): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file2\x00', 0x200801f, &(0x7f00000000c0), 0xfe, 0x4ef, &(0x7f0000000380)="$eJzs3d9rHFsdAPDvTHbvbdpcN1d9uF7w3outJEW7SRrbBh+qguhTQa3vNSbbELLJlmTTNqFoin+AIKKCL/rki+AfIEj/BBEK9l1UFNFWH3yojuzubEzT3SSl+0Oznw+czDkzs/s9J8OcnTMzzAQwsj6IiOmIyLIsuxgRpXx+mqfYa6XGes+ePlhqpCSy7OZfk0jyee3vejOfnss/diYivvbliG8mL8fd2tldW6xWK5t5eaa+njzPst1Lq+uLK5WVysb8/NzVhWsLVxZme9LOyYi4/sU//uC7P/vS9V99+t7vbv15+lutBrYcbEcvtZpebP4v2goRsdmPYENSaLaw5cqQ6wIAwNEax/sfjohPRMTFKMVY82gOAAAAOE2yz03E86R1/Q8AAAA4ndKImIgkLef3+05EmpbLrXt4Pxpn02ptq/6prLR/vmAyiunt1WplNr93YDKKSaM8l99j2y5fPlSej4i3I+L7pfFmubxUqy4P9cwHAAAAjI5zh8b//yi1xv8AAADAKTM57AoAAAAAfWf8DwAAAKef8T8AAACcal+5caORsvb7r5fv7myv1e5eWq5srZXXt5fKS7XNO+WVWm2l+cy+9eO+r1qr3flMbGzfn6lXtuozWzu7t9Zr2xv1W6svvAIbAAAAGKC333/0JImIvc+OpxGRJQeWFSOysYMrFwZfP6B/0ldZ+Q/9qwcweGPDrgAwNA7pYXQVh10BYOiO6we63rzz697XBQAA6I+pjz16Eq3r/83U8Ea+LBlmxYC+y6//J/Z1GD2u/8Pocv0PRlfxqCMAgwI49dIT7Oqvf/0/y16pUgAAQM9NNFOSlvNxwESkabkc8VbztQDF5PZqtTIbER+KiN+Wim82ynPNTyZODwAAAAAAAAAAAAAAAAAAAAAAAADACWVZElkX4/vrAAAAAP/PItI/Jfn7v6ZKFyYOnx94I/lnqTmNiHs/vvnD+4v1+uZcY/7f9ufXf5TPvzzosxcAAABAJ+1xenscDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC99Ozpg6V2GmTcv3whIiY7xS/Emeb0TBQj4uzfkygc+FwSEWM9iL/3MCLe6RQ/aVQrJvNaHI6fRsT4kOOf60F8GGWPGv3P5zvtf2l80Jx23v8KeXpd3fu/dL//G+vS/73V6QvTl2e9+/gXM13jP4x4t9C5/2nHT7rEP3/CNn7j67u73ZZlP42Y6vj7k7wQayYp3JnZ2tm9tLq+uFJZqWzMz89dXbi2cGVhdub2arWS/+0Y43sf/+W/j2r/2S7xJ49p/4UTtv9fj+8//UgrWzy0qBg/ybLp8523/ztd4rd/+z6Zb+5Geaqd32vlD3rv57957/0j2r/cpf3Hbf/pE7b/4le/8/sTrgoADMDWzu7aYrVa2ZSR6VtmPAYYdDGOWqd9EDuA+nw7D/U/sQleOTPETgkAAOiL/x70D7smAAAAAAAAAAAAAAAAAAAAMLqOewxY9OBxYodj7g2nqQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAR/pPAAAA//+e/ctD") (async, rerun: 32) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) (async, rerun: 32) socket$nl_route(0x10, 0x3, 0x0) (async) syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000080)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, &(0x7f0000000200)={[{@utf8no}, {@uni_xlate}, {@rodir}, {@shortname_lower}, {@uni_xlateno}, {@utf8no}, {@shortname_mixed}, {@rodir}, {@shortname_mixed}, {@fat=@check_strict}, {@shortname_winnt}, {@uni_xlateno}, {@rodir}, {@utf8}, {@fat=@allow_utime={'allow_utime', 0x3d, 0xee9}}, {@fat=@errors_remount}], [{@smackfsfloor={'smackfsfloor', 0x3d, 'uni_x\x9a\xfdte=1'}}]}, 0x6, 0x2d0, &(0x7f00000003c0)="$eJzs3b1uHFUUAOAz653ZBYp1QYWQGAkKqihOS7MWSiSEKyIXQAGGJBLyrpBiyRI/YklFS0NBwRNQ8SA0iBdAokWiI0iRLprZmf1xJhstYRMg39f4+N5z5p67O7bHha/ff3F6eqOMW3c+/yWGwyx64xjH3Sz2oxetL2PN+OsAAP7L7qYUv6e5beqyiBjuri0AYIe2/vn/w85bAgB27Prb77x5eHR09a2yHMa16Vfnx9Vv9tXH+fzhrfgoJnEzLsco7kXUDwp51E8LVXgtpTTrl5X9eGU6Oz+uKqfv/dhc//C3iLr+IEaxXw8tnjbq+jeOrh6Ucyv1s6qPZ5v1x1X9lRjF84vitforHfVxXMSrL6/0fylG8dOH8XFM4kbdxLL+i4OyfD1988dn71btVfXZ7Px4UOctpb3H/NYAAAAAAAAAAAAAAAAAAAAAAPA/dqk5O2cQ9fk91VBz/s7eveqTPMrW/vr5PPP6rL3Q6vlAKaVZiu/a83Uul2WZmsRlfT9e6Ef/yewaAAAAAAAAAAAAAAAAAAAA/l3OPvn09GQyuXn7Hwna0wD6EfHn9Yi/e53xyshLsTl50Kx5Mpn0mnA9pz9YGYm9NieL2NhGtYnuqZStLtF79Nfwmft6boLvP8i3vODw4Tl591oXg/4j7Ku9u05Psu7XcBDtyLC5Sb4tIpY5RTxkifZdLx6Uk2Kb26/onBptvffiuTqYbciJbFNjr/0631czkl3cRVG/qp3leRNEHt1fMsMH3M/dwf3fKzKndQAAAAAAAAAAAAAAAAAAwE5liz/67Zi8s7G0lwY7awsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHquzxf//XwQ/5xGLkXxtqglmTXHH1MWgiNtnT3iLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAX+CgAA//8wK1Yb") (async) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000880)='xprtrdma_reply\x00'}, 0x10) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) (async) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) (async, rerun: 32) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (rerun: 32) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) (async) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f00000006c0)={'ip6gre0\x00', &(0x7f0000000340)={'syztnl1\x00', 0x0, 0x4, 0x26, 0x3, 0x6, 0xd, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @private0={0xfc, 0x0, '\x00', 0x1}, 0x1, 0x1, 0x6, 0x800000}}) (async) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000003c0)=0x70, 0x4) (async) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r5 = open_tree(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x8001) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa2000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x0}, 0x90) (async) r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='smaps\x00') dup3(r6, 0xffffffffffffffff, 0x0) (async) move_mount(0xffffffffffffffff, &(0x7f00000008c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r6, &(0x7f0000000300)='./file2\x00', 0x0) (async) r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0x3, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 99.768981ms ago: executing program 4 (id=705): r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20) r1 = socket$unix(0x1, 0x2, 0x0) bind$unix(r1, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) readv(r1, &(0x7f0000000000)=[{&(0x7f0000000200)=""/150, 0x96}], 0x1) fstat(r0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0}) stat(&(0x7f0000000500)='./file0\x00', &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r4 = socket$vsock_stream(0x28, 0x1, 0x0) sendmmsg$unix(r1, &(0x7f00000009c0)=[{{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f00000000c0)="1e8fce3c4b99b01ba586b304b7f11ad492771ecb13b3acf8da6c16ed7fa299b552ab9c86c4e9f690a3d3d63261bafc1a7674e368f033d846f18f7b78c4f1c4dd32b655db9eed572a1694d763e3794a81724a611e2663e6392ff525bc5e836412c93e63de283532b3db32ecceb840f27a2cce", 0x72}, {&(0x7f0000000340)="640e4b9d1526e2fe2f54b0c7558c66b0680b1d4dfb09c06c045bb47a8cd2b15dd18817cc1dd4ed9b26dde2e5ed249a8e1f267d6d68c6ef10a8c41631e8f2c2efe3911b2c4bf26ff059e4a8112c3b9a8f1830c5f05461797c71c048ca758b04a0b645c2a30a1b2d551a16d1d88bba8e190ba36df2ac16df99de35fbecd9e92773606765a821c8fee05d3a9389caf10851bbc84483a8e04e31b7033be20be855b85e9e6a4229e23ac8c58537393470973b18124f296313598178821ecb80b701fffdf613a217058516bec4f3cf1dbf2093a66299c9160b469f22376ae8a9489d44e760843aa9665f030a3e58a9209bb3a685938852ebdccdcc6376bebbbdb5d7", 0xff}], 0x2, &(0x7f0000000680)=[@cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, r2, r3}}}, @rights={{0x2c, 0x1, 0x1, [r0, r0, r0, r0, r0, r0, r4]}}], 0x50, 0xc8842}}, {{&(0x7f0000000700)=@abs={0x0, 0x0, 0x4e23}, 0x6e, &(0x7f0000000980)=[{&(0x7f0000000540)="ea34512c198527b319cd9d42fd357ccbd4debcc497881ff38e50a74987191611bd5a758df09f", 0x26}, {&(0x7f0000000780)="0c626f68296517e5d0ee51181626d18f2233629c47ff47dd7aa22856839d792bab880aeaea797795fb61474f47d59c8d91ba3cd191b4e7471b8bb23539fe5ba8da922607397b73e298279495eceaf16ecef006a769553cb84db0f3519456fab7e69336f403060aeead1e511edfd0cfc8ecaf66527e6df569d95c6f6518c869584479c14d3e5f9fca1f6d4503687e8ff4cd98", 0x92}, {&(0x7f0000000840)="d42eb86db4d6", 0x6}, {&(0x7f0000000880)="ac1f9add40a2bd84f5b245d2da4dcc37e670489a236313667bad3889135c463f263159ede7f3ac8411c19b9a9c6f5756f32da9e18da78ffcfb90d59c4fd7a7c8a02ebafbfb333c13f12faba05587ceffb386cb2b6eca140199a0c17ae2a27a6d0c1829dfc77004877fd8ac6a1e5206d1a3e755fb45008355b10955c14836c027520d2ab14b92613754a957f714e99f4e12042f4b3f4fad8e8492c2517b5e201f61561cabc5e03f8360fe26b56ae73125d844d04df38e6ce19d3be17984cf2975b4e2771fabceebedfd1c077e67f68d7761e20d9ef2", 0xd5}], 0x4, 0x0, 0x0, 0x44080}}], 0x2, 0x4000810) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f00000001c0)='kmem_cache_free\x00'}, 0x10) syz_emit_ethernet(0x86, &(0x7f00000001c0)={@random="591a1d9a2bdb", @link_local={0x1, 0x80, 0xc2, 0x25}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x78, 0x0, 0x0, 0x0, 0x29, 0x0, @empty, @multicast1}, {0x0, 0x0, 0x64, 0x0, @wg=@response={0x220, 0x0, 0x0, "bfd8a5dd2002c02142c4391145badd28fd7f0ffc0e896f38da00", "0bb10000085b2e00", {"bb3b2195c4b058706558a70864bef1f0", "524a72fc460b8cd26e095f24ab642591"}}}}}}}, 0x0) 0s ago: executing program 3 (id=706): r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r0) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) r1 = inotify_init1(0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r2, 0xffffffffffffffff}, 0x0, &(0x7f0000000040)}, 0x20) bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x1, 0xfff, 0x2, 0x7ff, 0x40, r3, 0x5031, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x2, 0x5}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r4}, 0x10) fcntl$setown(r1, 0x8, 0xffffffffffffffff) fcntl$getownex(r1, 0x10, &(0x7f0000000140)={0x0, 0x0}) r6 = syz_open_procfs(r5, &(0x7f0000000600)='fd/4\x00') write$FUSE_NOTIFY_STORE(r6, &(0x7f0000000200)={0x2a, 0x4, 0x0, {0x2, 0x6, 0x2, 0x0, [0x0, 0x0]}}, 0x2a) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r7 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r7, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="240000006800010400000000000000000a000000000000000800010001000000040004"], 0x24}}, 0x0) quotactl_fd$Q_QUOTAOFF(r6, 0xffffffff80000302, 0x0, 0x0) kernel console output (not intermixed with test programs): T443] device veth0_vlan left promiscuous mode [ 100.932741][ T1963] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 100.939694][ T1963] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 101.056539][ T1968] loop0: detected capacity change from 0 to 40427 [ 101.295552][ T1954] device veth0_vlan entered promiscuous mode [ 101.307544][ T1047] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 101.321358][ T1968] F2FS-fs (loop0): Found nat_bits in checkpoint [ 101.330199][ T1047] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 101.346026][ T1047] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 101.370358][ T312] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 101.381571][ T312] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 101.394549][ T1968] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 101.395293][ T1954] device veth1_macvtap entered promiscuous mode [ 101.406318][ T1968] FAULT_INJECTION: forcing a failure. [ 101.406318][ T1968] name failslab, interval 1, probability 0, space 0, times 0 [ 101.433210][ T1968] CPU: 0 PID: 1968 Comm: syz.0.454 Tainted: G W 5.15.150-syzkaller-00330-g9044d25b8ff5 #0 [ 101.444334][ T1968] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 101.454233][ T1968] Call Trace: [ 101.457420][ T1968] [ 101.460129][ T1968] dump_stack_lvl+0x151/0x1b7 [ 101.464642][ T1968] ? io_uring_drop_tctx_refs+0x190/0x190 [ 101.470109][ T1968] dump_stack+0x15/0x17 [ 101.474183][ T1968] should_fail+0x3c6/0x510 [ 101.478437][ T1968] __should_failslab+0xa4/0xe0 [ 101.483038][ T1968] ? __anon_vma_prepare+0xa0/0x430 [ 101.488000][ T1968] should_failslab+0x9/0x20 [ 101.492322][ T1968] slab_pre_alloc_hook+0x37/0xd0 [ 101.497104][ T1968] ? __anon_vma_prepare+0xa0/0x430 [ 101.502043][ T1968] kmem_cache_alloc+0x44/0x200 [ 101.506687][ T1968] __anon_vma_prepare+0xa0/0x430 [ 101.511419][ T1968] wp_page_copy+0x14a7/0x1b00 [ 101.515933][ T1968] ? __kasan_check_write+0x14/0x20 [ 101.521023][ T1968] ? insert_page_into_pte_locked+0x4e0/0x4e0 [ 101.526781][ T1968] ? __pte_map_lock+0x442/0x620 [ 101.531467][ T1968] do_wp_page+0x6fa/0xb60 [ 101.535634][ T1968] handle_pte_fault+0x7c0/0x24d0 [ 101.540408][ T1968] ? fault_around_bytes_set+0xc0/0xc0 [ 101.545615][ T1968] do_handle_mm_fault+0x1ea9/0x23a0 [ 101.550653][ T1968] ? numa_migrate_prep+0xe0/0xe0 [ 101.555422][ T1968] ? down_read+0xa9b/0x1360 [ 101.559775][ T1968] ? __stack_depot_save+0x34/0x470 [ 101.564716][ T1968] ? kmem_cache_free+0x116/0x2e0 [ 101.569495][ T1968] ? kmem_cache_free+0x116/0x2e0 [ 101.574257][ T1968] ? down_read_trylock+0x1f9/0x300 [ 101.579204][ T1968] ? vmacache_find+0x21f/0x4d0 [ 101.583803][ T1968] ? __find_vma+0x30/0x150 [ 101.588095][ T1968] exc_page_fault+0x3b5/0x830 [ 101.592675][ T1968] asm_exc_page_fault+0x27/0x30 [ 101.597358][ T1968] RIP: 0010:__put_user_nocheck_4+0x3/0x11 [ 101.602912][ T1968] Code: 00 00 48 39 d9 73 54 0f 01 cb 66 89 01 31 c9 0f 01 ca c3 0f 1f 44 00 00 48 bb fd ef ff ff ff 7f 00 00 48 39 d9 73 34 0f 01 cb <89> 01 31 c9 0f 01 ca c3 66 0f 1f 44 00 00 48 bb f9 ef ff ff ff 7f [ 101.622355][ T1968] RSP: 0018:ffffc90000c47c58 EFLAGS: 00050297 [ 101.628257][ T1968] RAX: 0000000000000000 RBX: 00007fffffffeffd RCX: 0000000020000000 [ 101.636079][ T1968] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 101.643880][ T1968] RBP: ffffc90000c47e60 R08: ffffffff83de02f1 R09: ffffffff83ddec8a [ 101.651775][ T1968] R10: 000000000000003a R11: ffff88810c78cf00 R12: 0000000000000000 [ 101.659589][ T1968] R13: dffffc0000000000 R14: 1ffff92000188f94 R15: 0000000000000000 [ 101.667402][ T1968] ? sock_getsockopt+0x19a/0x21f0 [ 101.672260][ T1968] ? sock_getsockopt+0x1801/0x21f0 [ 101.677223][ T1968] ? sock_getsockopt+0x1828/0x21f0 [ 101.682156][ T1968] ? dst_negative_advice+0x220/0x220 [ 101.687316][ T1968] ? selinux_socket_getsockopt+0x243/0x340 [ 101.692925][ T1968] ? selinux_socket_getpeername+0x340/0x340 [ 101.698648][ T1968] ? wait_for_completion_killable_timeout+0x10/0x10 [ 101.705087][ T1968] ? __fget_files+0x31e/0x380 [ 101.709582][ T1968] ? security_socket_getsockopt+0x82/0xb0 [ 101.715137][ T1968] __sys_getsockopt+0x227/0x4f0 [ 101.719917][ T1968] __x64_sys_getsockopt+0xbf/0xd0 [ 101.724771][ T1968] do_syscall_64+0x3d/0xb0 [ 101.729031][ T1968] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 101.734751][ T1968] RIP: 0033:0x7fc87f0a2bd9 [ 101.739008][ T1968] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 101.758448][ T1968] RSP: 002b:00007fc87e324048 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 101.766691][ T1968] RAX: ffffffffffffffda RBX: 00007fc87f230f60 RCX: 00007fc87f0a2bd9 [ 101.774502][ T1968] RDX: 0000000000000024 RSI: 0000000000000001 RDI: 0000000000000005 [ 101.782313][ T1968] RBP: 00007fc87e3240a0 R08: 0000000020000000 R09: 0000000000000000 [ 101.790211][ T1968] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000002 [ 101.798027][ T1968] R13: 000000000000000b R14: 00007fc87f230f60 R15: 00007ffe9d93dad8 [ 101.805842][ T1968] [ 101.820158][ T1739] attempt to access beyond end of device [ 101.820158][ T1739] loop0: rw=2049, want=45104, limit=40427 [ 101.859740][ T392] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 101.875557][ T392] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 101.890715][ T1993] loop2: detected capacity change from 0 to 2048 [ 101.892353][ T392] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 101.905577][ T392] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 101.913853][ T392] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 101.949284][ T1969] bridge0: port 1(bridge_slave_0) entered blocking state [ 101.966531][ T1969] bridge0: port 1(bridge_slave_0) entered disabled state [ 101.975697][ T1969] device bridge_slave_0 entered promiscuous mode [ 101.982530][ T1993] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 101.982967][ T1969] bridge0: port 2(bridge_slave_1) entered blocking state [ 102.000052][ T1969] bridge0: port 2(bridge_slave_1) entered disabled state [ 102.007099][ T1993] ext4 filesystem being mounted at /0/file0 supports timestamps until 2038 (0x7fffffff) [ 102.007690][ T1969] device bridge_slave_1 entered promiscuous mode [ 102.053834][ T1993] fs-verity (loop2, inode 13): fs-verity keyring is empty, rejecting signed file! [ 102.066582][ T2001] blk_update_request: I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 102.077595][ T2001] FAT-fs (loop1): unable to read boot sector [ 102.095695][ T2003] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 102.106805][ T309] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 102.189789][ T2013] fuse: Unknown parameter 'grou00000000000000000000' [ 102.286489][ T1969] bridge0: port 2(bridge_slave_1) entered blocking state [ 102.293490][ T1969] bridge0: port 2(bridge_slave_1) entered forwarding state [ 102.300570][ T1969] bridge0: port 1(bridge_slave_0) entered blocking state [ 102.307396][ T1969] bridge0: port 1(bridge_slave_0) entered forwarding state [ 102.633729][ T309] usb 2-1: Using ep0 maxpacket: 8 [ 102.642569][ T1540] bridge0: port 1(bridge_slave_0) entered disabled state [ 102.650392][ T1540] bridge0: port 2(bridge_slave_1) entered disabled state [ 102.666549][ T2019] netlink: 4 bytes leftover after parsing attributes in process `syz.2.464'. [ 102.696073][ T391] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 102.704082][ T391] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 102.721012][ T1540] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 102.729125][ T1540] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 102.737365][ T1540] bridge0: port 1(bridge_slave_0) entered blocking state [ 102.744235][ T1540] bridge0: port 1(bridge_slave_0) entered forwarding state [ 102.751627][ T1540] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 102.759749][ T1540] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 102.767931][ T1540] bridge0: port 2(bridge_slave_1) entered blocking state [ 102.774881][ T1540] bridge0: port 2(bridge_slave_1) entered forwarding state [ 102.782166][ T309] usb 2-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 102.791658][ T309] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 102.806976][ T1047] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 102.808558][ T309] usb 2-1: config 0 descriptor?? [ 102.818137][ T1047] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 102.834296][ T1047] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 102.847793][ T1047] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 102.870936][ T1320] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 102.887688][ T1320] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 102.903465][ T1969] device veth0_vlan entered promiscuous mode [ 102.910288][ T1047] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 102.918550][ T1047] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 102.934455][ T2023] loop3: detected capacity change from 0 to 1024 [ 102.948550][ T1969] device veth1_macvtap entered promiscuous mode [ 102.958398][ T1320] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 102.966388][ T1320] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 102.974011][ T1320] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 102.982804][ T1320] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 102.991144][ T1320] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 103.019987][ T1047] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 103.028556][ T2023] SELinux: security_context_str_to_sid(user_u) failed for (dev ?, type ?) errno=-22 [ 103.038268][ T1047] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 103.058418][ T1047] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 103.071708][ T2023] EXT4-fs (loop3): Unrecognized mount option "func=CREDS_CHECK" or missing value [ 103.080924][ T309] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 103.091576][ T309] asix: probe of 2-1:0.0 failed with error -71 [ 103.098793][ T309] usb 2-1: USB disconnect, device number 14 [ 103.111188][ T1047] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 103.266024][ T2037] blk_update_request: I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 103.277285][ T2037] FAT-fs (loop5): unable to read boot sector [ 103.351587][ T443] device bridge_slave_1 left promiscuous mode [ 103.360319][ T443] bridge0: port 2(bridge_slave_1) entered disabled state [ 103.397675][ T2040] loop2: detected capacity change from 0 to 2048 [ 103.408406][ T443] device bridge_slave_0 left promiscuous mode [ 103.431001][ T443] bridge0: port 1(bridge_slave_0) entered disabled state [ 103.618662][ T2040] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 103.679068][ T443] device veth1_macvtap left promiscuous mode [ 103.700513][ T2040] ext4 filesystem being mounted at /5/file0 supports timestamps until 2038 (0x7fffffff) [ 103.703734][ T2023] syz.3.467 (2023) used greatest stack depth: 18680 bytes left [ 103.723635][ T2026] loop0: detected capacity change from 0 to 40427 [ 103.733251][ T2040] fs-verity (loop2, inode 13): fs-verity keyring is empty, rejecting signed file! [ 103.745534][ T443] device veth0_vlan left promiscuous mode [ 103.758347][ T2026] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 103.786021][ T2026] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 103.810682][ T2026] F2FS-fs (loop0): invalid crc value [ 103.837952][ T2049] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 103.852690][ T2026] F2FS-fs (loop0): Found nat_bits in checkpoint [ 103.938678][ T2026] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 103.947783][ T2026] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 104.069386][ T2030] loop1: detected capacity change from 0 to 40427 [ 104.090846][ T2063] blk_update_request: I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 104.101640][ T2063] FAT-fs (loop5): unable to read boot sector [ 104.133440][ T2030] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 104.171164][ T2030] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 104.190750][ T2030] F2FS-fs (loop1): invalid crc value [ 104.229804][ T2030] F2FS-fs (loop1): Found nat_bits in checkpoint [ 104.289766][ T2030] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 104.296762][ T2030] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 104.324981][ T2074] netlink: 4 bytes leftover after parsing attributes in process `syz.4.480'. [ 104.340859][ T392] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 104.600801][ T392] usb 4-1: Using ep0 maxpacket: 16 [ 104.628666][ T2067] loop2: detected capacity change from 0 to 40427 [ 104.654824][ T2067] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 104.671350][ T2067] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 105.211384][ T392] usb 4-1: config 0 has an invalid interface number: 0 but max is -1 [ 105.219304][ T392] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 0 [ 105.240070][ T2067] F2FS-fs (loop2): invalid crc value [ 105.255534][ T392] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 105.271903][ T2067] F2FS-fs (loop2): Found nat_bits in checkpoint [ 105.276429][ T392] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 105.307883][ T392] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 105.330730][ T392] usb 4-1: New USB device found, idVendor=1e7d, idProduct=31ce, bcdDevice= 0.00 [ 105.344264][ T392] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 105.370135][ T392] usb 4-1: config 0 descriptor?? [ 105.400215][ T2067] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 105.422011][ T45] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 105.432740][ T2067] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 105.451137][ T45] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 105.533151][ T2083] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow [ 105.657054][ T2087] loop4: detected capacity change from 0 to 2048 [ 106.030432][ T1047] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 106.064190][ T2087] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 106.075539][ T2087] ext4 filesystem being mounted at /2/file0 supports timestamps until 2038 (0x7fffffff) [ 106.090383][ T2087] fs-verity (loop4, inode 13): fs-verity keyring is empty, rejecting signed file! [ 106.099552][ T392] usbhid 4-1:0.0: can't add hid device: -71 [ 106.105906][ T392] usbhid: probe of 4-1:0.0 failed with error -71 [ 106.112958][ T392] usb 4-1: USB disconnect, device number 12 [ 106.182703][ T2096] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 106.191944][ T2098] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 106.242298][ T30] kauditd_printk_skb: 38 callbacks suppressed [ 106.242314][ T30] audit: type=1326 audit(1720409646.947:556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2105 comm="syz.0.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc87f0a2bd9 code=0x7ffc0000 [ 106.274030][ T2107] blk_update_request: I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 106.363687][ T2112] netlink: 12 bytes leftover after parsing attributes in process `syz.2.489'. [ 106.375400][ T2112] sch_tbf: peakrate 3 is lower than or equals to rate 1143518112591568713 ! [ 106.405133][ T1047] usb 2-1: Using ep0 maxpacket: 32 [ 106.411289][ T2107] FAT-fs (loop1): unable to read boot sector [ 106.740291][ T30] audit: type=1326 audit(1720409646.977:557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2105 comm="syz.0.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7fc87f0a2bd9 code=0x7ffc0000 [ 106.764887][ T30] audit: type=1326 audit(1720409646.977:558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2105 comm="syz.0.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc87f0a2bd9 code=0x7ffc0000 [ 106.788940][ T30] audit: type=1326 audit(1720409646.977:559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2105 comm="syz.0.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7fc87f0a2bd9 code=0x7ffc0000 [ 106.832535][ T30] audit: type=1326 audit(1720409647.407:560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2105 comm="syz.0.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc87f0a2bd9 code=0x7ffc0000 [ 106.864696][ T30] audit: type=1326 audit(1720409647.407:561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2105 comm="syz.0.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc87f0a2bd9 code=0x7ffc0000 [ 106.888332][ T30] audit: type=1326 audit(1720409647.557:562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2117 comm="syz.3.493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4072778bd9 code=0x7ffc0000 [ 106.912985][ T30] audit: type=1326 audit(1720409647.567:563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2117 comm="syz.3.493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4072778bd9 code=0x7ffc0000 [ 106.937697][ T30] audit: type=1326 audit(1720409647.567:564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2117 comm="syz.3.493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4072778bd9 code=0x7ffc0000 [ 106.963311][ T30] audit: type=1326 audit(1720409647.567:565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2117 comm="syz.3.493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4072778bd9 code=0x7ffc0000 [ 107.008098][ T2121] fuse: Unknown parameter 'group_i00000000000000000000' [ 107.021032][ T1047] usb 2-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5 [ 107.037492][ T1047] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 107.054828][ T1047] usb 2-1: Product: syz [ 107.072449][ T1047] usb 2-1: Manufacturer: syz [ 107.077052][ T1047] usb 2-1: SerialNumber: syz [ 107.079534][ T2116] loop0: detected capacity change from 0 to 40427 [ 107.085984][ T1047] usb 2-1: config 0 descriptor?? [ 107.216847][ T2116] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 107.275261][ T2116] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 107.358792][ T1047] snd-usb-audio: probe of 2-1:0.0 failed with error -2 [ 107.381201][ T2116] F2FS-fs (loop0): invalid crc value [ 107.382268][ T2128] loop4: detected capacity change from 0 to 2048 [ 107.408036][ T2116] F2FS-fs (loop0): Found nat_bits in checkpoint [ 107.420073][ T1047] usb 2-1: USB disconnect, device number 15 [ 107.463439][ T2128] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 107.474199][ T2116] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 107.474307][ T2128] ext4 filesystem being mounted at /6/file0 supports timestamps until 2038 (0x7fffffff) [ 107.491108][ T2116] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 107.550306][ T2123] loop2: detected capacity change from 0 to 40427 [ 107.595387][ T2123] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 107.604200][ T2123] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 107.613478][ T2123] F2FS-fs (loop2): invalid crc value [ 107.620216][ T2123] F2FS-fs (loop2): Found nat_bits in checkpoint [ 107.906857][ T2144] loop4: detected capacity change from 0 to 2048 [ 107.927224][ T2123] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 107.941664][ T2123] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 108.092346][ T2144] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 108.103189][ T2144] ext4 filesystem being mounted at /7/file0 supports timestamps until 2038 (0x7fffffff) [ 108.118796][ T2144] fs-verity (loop4, inode 13): fs-verity keyring is empty, rejecting signed file! [ 108.146494][ T2154] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 108.439629][ T2162] FAULT_INJECTION: forcing a failure. [ 108.439629][ T2162] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 108.455183][ T2162] CPU: 1 PID: 2162 Comm: syz.1.505 Tainted: G W 5.15.150-syzkaller-00330-g9044d25b8ff5 #0 [ 108.466235][ T2162] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 108.476097][ T2162] Call Trace: [ 108.479224][ T2162] [ 108.482014][ T2162] dump_stack_lvl+0x151/0x1b7 [ 108.486509][ T2162] ? io_uring_drop_tctx_refs+0x190/0x190 [ 108.491979][ T2162] ? unwind_get_return_address+0x4d/0x90 [ 108.497451][ T2162] dump_stack+0x15/0x17 [ 108.501441][ T2162] should_fail+0x3c6/0x510 [ 108.505691][ T2162] should_fail_alloc_page+0x5a/0x80 [ 108.510724][ T2162] prepare_alloc_pages+0x15c/0x700 [ 108.515675][ T2162] ? stack_trace_snprint+0xf0/0xf0 [ 108.520622][ T2162] ? __alloc_pages_bulk+0xe40/0xe40 [ 108.525655][ T2162] __alloc_pages+0x18c/0x8f0 [ 108.530635][ T2162] ? lookup_one_qstr_excl+0x143/0x290 [ 108.535976][ T2162] ? prep_new_page+0x110/0x110 [ 108.540574][ T2162] new_slab+0x9a/0x4e0 [ 108.544483][ T2162] ___slab_alloc+0x39e/0x830 [ 108.548899][ T2162] ? p9_client_prepare_req+0x2eb/0xb20 [ 108.554302][ T2162] ? p9_client_prepare_req+0x2eb/0xb20 [ 108.559661][ T2162] __slab_alloc+0x4a/0x90 [ 108.563834][ T2162] ? p9_client_prepare_req+0x2eb/0xb20 [ 108.569123][ T2162] kmem_cache_alloc+0x134/0x200 [ 108.573822][ T2162] p9_client_prepare_req+0x2eb/0xb20 [ 108.578933][ T2162] p9_client_rpc+0x159/0x13a0 [ 108.583453][ T2162] ? htab_percpu_map_lookup_elem+0x1cf/0x310 [ 108.589258][ T2162] ? p9_client_clunk+0x57/0x3a0 [ 108.593944][ T2162] ? p9_fid_create+0x280/0x280 [ 108.598543][ T2162] ? bpf_trace_run3+0x123/0x250 [ 108.603231][ T2162] ? bpf_trace_run2+0x210/0x210 [ 108.607917][ T2162] ? p9_req_put+0x145/0x180 [ 108.612354][ T2162] ? p9_req_put+0x145/0x180 [ 108.616772][ T2162] ? p9_req_put+0x145/0x180 [ 108.621123][ T2162] ? __bpf_trace_kmem_cache_free+0x99/0xc0 [ 108.626857][ T2162] ? kmem_cache_free+0x2c3/0x2e0 [ 108.631621][ T2162] p9_client_clunk+0xbe/0x3a0 [ 108.636140][ T2162] p9_client_walk+0x4f2/0x7b0 [ 108.640645][ T2162] ? p9_client_rpc+0x13a0/0x13a0 [ 108.645415][ T2162] ? v9fs_fid_lookup+0x118/0x160 [ 108.650187][ T2162] v9fs_vfs_lookup+0x198/0x3d0 [ 108.654827][ T2162] ? __d_alloc+0x4ec/0x6c0 [ 108.659040][ T2162] ? v9fs_inode_from_fid+0x2f0/0x2f0 [ 108.664265][ T2162] ? _raw_spin_unlock+0x4d/0x70 [ 108.669042][ T2162] ? d_alloc+0x199/0x1d0 [ 108.673207][ T2162] lookup_one_qstr_excl+0x143/0x290 [ 108.678241][ T2162] filename_create+0x28e/0x530 [ 108.682843][ T2162] ? kern_path_create+0x1a0/0x1a0 [ 108.687719][ T2162] do_mkdirat+0xbd/0x450 [ 108.691793][ T2162] ? strncpy_from_user+0x18e/0x2d0 [ 108.696776][ T2162] ? vfs_mkdir+0x610/0x610 [ 108.700980][ T2162] ? getname_flags+0x1fd/0x520 [ 108.705590][ T2162] __x64_sys_mkdir+0x6e/0x80 [ 108.710013][ T2162] do_syscall_64+0x3d/0xb0 [ 108.714349][ T2162] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 108.720166][ T2162] RIP: 0033:0x7fbe4f135bd9 [ 108.724437][ T2162] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 108.743858][ T2162] RSP: 002b:00007fbe4e3b7048 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 108.752104][ T2162] RAX: ffffffffffffffda RBX: 00007fbe4f2c3f60 RCX: 00007fbe4f135bd9 [ 108.759914][ T2162] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000300 [ 108.767726][ T2162] RBP: 00007fbe4e3b70a0 R08: 0000000000000000 R09: 0000000000000000 [ 108.775536][ T2162] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 108.783347][ T2162] R13: 000000000000000b R14: 00007fbe4f2c3f60 R15: 00007ffe7a355d88 [ 108.791254][ T2162] [ 108.859309][ T2164] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow [ 108.961683][ T2175] netlink: 12 bytes leftover after parsing attributes in process `syz.3.507'. [ 108.987735][ T2175] sch_tbf: peakrate 3 is lower than or equals to rate 1143518112591568713 ! [ 109.669061][ T2179] blk_update_request: I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 109.680043][ T2179] FAT-fs (loop1): unable to read boot sector [ 109.725040][ T2181] 9pnet: Insufficient options for proto=fd [ 109.774037][ T2185] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 109.840518][ T2190] loop1: detected capacity change from 0 to 2048 [ 109.860938][ T1320] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 109.951382][ T2190] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 109.969698][ T2190] ext4 filesystem being mounted at /35/file0 supports timestamps until 2038 (0x7fffffff) [ 109.992430][ T2190] fs-verity (loop1, inode 13): fs-verity keyring is empty, rejecting signed file! [ 110.070916][ T26] usb 1-1: new high-speed USB device number 15 using dummy_hcd [ 110.075206][ T2193] loop3: detected capacity change from 0 to 40427 [ 110.101062][ T1320] usb 5-1: Using ep0 maxpacket: 32 [ 110.156445][ T2193] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 110.164618][ T2193] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 110.173700][ T2193] F2FS-fs (loop3): invalid crc value [ 110.180209][ T2193] F2FS-fs (loop3): Found nat_bits in checkpoint [ 110.203977][ T2193] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 110.211106][ T2193] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 110.394742][ T397] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 110.421196][ T312] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 110.422006][ T1320] usb 5-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5 [ 110.439258][ T1320] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 110.450012][ T1320] usb 5-1: Product: syz [ 110.454962][ T1320] usb 5-1: Manufacturer: syz [ 110.459792][ T1320] usb 5-1: SerialNumber: syz [ 110.468818][ T1320] usb 5-1: config 0 descriptor?? [ 110.480943][ T26] usb 1-1: config 0 has an invalid interface number: 32 but max is 0 [ 110.489067][ T26] usb 1-1: config 0 has no interface number 0 [ 110.495019][ T26] usb 1-1: config 0 interface 32 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 110.505963][ T26] usb 1-1: config 0 interface 32 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 110.516401][ T1320] snd-usb-audio: probe of 5-1:0.0 failed with error -2 [ 110.523196][ T26] usb 1-1: New USB device found, idVendor=046d, idProduct=c71b, bcdDevice= 0.00 [ 110.533407][ T26] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 110.541949][ T26] usb 1-1: config 0 descriptor?? [ 110.680996][ T312] usb 3-1: Using ep0 maxpacket: 8 [ 110.723480][ T1320] usb 5-1: USB disconnect, device number 9 [ 110.760976][ T397] usb 2-1: config 0 has an invalid interface number: 32 but max is 0 [ 110.769185][ T397] usb 2-1: config 0 has no interface number 0 [ 110.775328][ T397] usb 2-1: config 0 interface 32 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 110.786345][ T397] usb 2-1: config 0 interface 32 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 110.798941][ T2187] loop0: detected capacity change from 0 to 2048 [ 110.800293][ T397] usb 2-1: New USB device found, idVendor=046d, idProduct=c71b, bcdDevice= 0.00 [ 110.814375][ T312] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 110.825806][ T312] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 110.835722][ T397] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 110.843967][ T312] usb 3-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00 [ 110.847803][ T2209] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 110.853659][ T397] usb 2-1: config 0 descriptor?? [ 110.868761][ T312] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 110.877660][ T2187] Alternate GPT is invalid, using primary GPT. [ 110.877883][ T312] usb 3-1: config 0 descriptor?? [ 110.891420][ T2187] loop0: p1 p2 p3 [ 111.007289][ T2211] loop3: detected capacity change from 0 to 40427 [ 111.013608][ T26] usbhid 1-1:0.32: can't add hid device: -71 [ 111.019371][ T26] usbhid: probe of 1-1:0.32 failed with error -71 [ 111.028070][ T26] usb 1-1: USB disconnect, device number 15 [ 111.061566][ T2211] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 111.069207][ T2211] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 111.078380][ T2211] F2FS-fs (loop3): invalid crc value [ 111.085002][ T2211] F2FS-fs (loop3): Found nat_bits in checkpoint [ 111.109625][ T2211] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 111.116721][ T2211] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 111.136497][ T2199] loop1: detected capacity change from 0 to 2048 [ 111.181796][ T2199] Alternate GPT is invalid, using primary GPT. [ 111.187870][ T2199] loop1: p1 p2 p3 [ 111.320988][ T397] usbhid 2-1:0.32: can't add hid device: -71 [ 111.329430][ T397] usbhid: probe of 2-1:0.32 failed with error -71 [ 111.406846][ T312] steelseries_srws1 0003:1038:1410.0009: unknown main item tag 0xd [ 111.421676][ T312] steelseries_srws1 0003:1038:1410.0009: item fetching failed at offset 6/7 [ 111.430833][ T30] kauditd_printk_skb: 17 callbacks suppressed [ 111.430849][ T30] audit: type=1326 audit(1720409652.127:583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2218 comm="syz.4.519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36d52edbd9 code=0x7ffc0000 [ 111.432150][ T2219] blk_update_request: I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 111.436752][ T30] audit: type=1326 audit(1720409652.137:584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2218 comm="syz.4.519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7f36d52edbd9 code=0x7ffc0000 [ 111.436781][ T30] audit: type=1326 audit(1720409652.137:585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2218 comm="syz.4.519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36d52edbd9 code=0x7ffc0000 [ 111.459884][ T2219] FAT-fs (loop9): unable to read boot sector [ 111.472843][ T397] usb 2-1: USB disconnect, device number 16 [ 111.498416][ T30] audit: type=1326 audit(1720409652.137:586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2218 comm="syz.4.519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f36d52edbd9 code=0x7ffc0000 [ 111.517299][ T312] steelseries_srws1 0003:1038:1410.0009: parse failed [ 111.558350][ T30] audit: type=1326 audit(1720409652.197:587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2218 comm="syz.4.519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36d52edbd9 code=0x7ffc0000 [ 111.558380][ T30] audit: type=1326 audit(1720409652.197:588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2218 comm="syz.4.519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36d52edbd9 code=0x7ffc0000 [ 111.644218][ T312] steelseries_srws1: probe of 0003:1038:1410.0009 failed with error -22 [ 111.660295][ T312] usb 3-1: USB disconnect, device number 11 [ 112.114559][ T2226] netlink: 12 bytes leftover after parsing attributes in process `syz.0.521'. [ 112.267019][ T2226] sch_tbf: peakrate 3 is lower than or equals to rate 1143518112591568713 ! [ 112.394338][ T2228] netlink: 4 bytes leftover after parsing attributes in process `syz.4.520'. [ 112.478791][ T2230] loop1: detected capacity change from 0 to 2048 [ 112.530056][ T2232] loop3: detected capacity change from 0 to 1024 [ 112.601186][ T2230] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 112.610844][ T2239] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 112.620878][ T2230] ext4 filesystem being mounted at /37/file0 supports timestamps until 2038 (0x7fffffff) [ 112.636550][ T2232] loop3: detected capacity change from 0 to 512 [ 112.651695][ T2230] fs-verity (loop1, inode 13): fs-verity keyring is empty, rejecting signed file! [ 112.740603][ T2247] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 112.758626][ T30] audit: type=1326 audit(1720409653.457:589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2248 comm="syz.4.530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36d52edbd9 code=0x7ffc0000 [ 112.759506][ T2249] blk_update_request: I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 112.782249][ T30] audit: type=1326 audit(1720409653.457:590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2248 comm="syz.4.530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36d52edbd9 code=0x7ffc0000 [ 112.801065][ T2249] FAT-fs (loop9): unable to read boot sector [ 112.926935][ T2253] sit: Dst spoofed 0.0.0.0/2002::bfd8:a5dd -> 224.0.0.1/2002:c021:42c4:3911:45ba:dd28:fd7f:ffc [ 113.082059][ T30] audit: type=1326 audit(1720409653.457:591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2248 comm="syz.4.530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7f36d52edbd9 code=0x7ffc0000 [ 113.104299][ T2256] blk_update_request: I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 113.105691][ T30] audit: type=1326 audit(1720409653.457:592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2248 comm="syz.4.530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36d52edbd9 code=0x7ffc0000 [ 113.140264][ T2256] FAT-fs (loop5): unable to read boot sector [ 113.364891][ T2259] loop4: detected capacity change from 0 to 40427 [ 113.378761][ T2259] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 113.387853][ T2259] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 113.402177][ T2259] F2FS-fs (loop4): invalid crc value [ 113.409215][ T2259] F2FS-fs (loop4): Found nat_bits in checkpoint [ 113.448651][ T2259] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 113.455783][ T2259] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 113.462892][ T2261] loop2: detected capacity change from 0 to 40427 [ 113.485802][ T2261] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 113.493711][ T2261] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 113.502839][ T2261] F2FS-fs (loop2): invalid crc value [ 113.527307][ T2261] F2FS-fs (loop2): Found nat_bits in checkpoint [ 113.569256][ T2261] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 113.576254][ T2261] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 113.670825][ T312] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 113.913898][ T2281] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 113.945123][ T2284] loop0: detected capacity change from 0 to 2048 [ 114.805251][ T2284] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 114.817328][ T2284] ext4 filesystem being mounted at /38/file0 supports timestamps until 2038 (0x7fffffff) [ 114.901698][ T2297] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 114.912817][ T2297] FAT-fs (loop3): unable to read boot sector [ 114.930040][ T312] usb 4-1: config 0 has an invalid interface number: 32 but max is 0 [ 114.941266][ T312] usb 4-1: config 0 has no interface number 0 [ 114.947630][ T312] usb 4-1: config 0 interface 32 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 114.959512][ T312] usb 4-1: config 0 interface 32 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 114.969651][ T312] usb 4-1: New USB device found, idVendor=046d, idProduct=c71b, bcdDevice= 0.00 [ 114.979133][ T312] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 114.994184][ T312] usb 4-1: config 0 descriptor?? [ 115.010104][ T318] Bluetooth: hci0: Frame reassembly failed (-84) [ 115.062212][ T2305] loop2: detected capacity change from 0 to 2048 [ 115.095030][ T2308] netlink: 4 bytes leftover after parsing attributes in process `syz.4.540'. [ 115.120255][ T2305] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 115.140947][ T2305] ext4 filesystem being mounted at /17/file0 supports timestamps until 2038 (0x7fffffff) [ 115.196056][ T2313] sit: Dst spoofed 0.0.0.0/2002::bfd8:a5dd -> 224.0.0.1/2002:c021:42c4:3911:45ba:dd28:fd7f:ffc [ 115.245160][ T45] Bluetooth: hci1: Frame reassembly failed (-84) [ 115.255541][ T2263] loop3: detected capacity change from 0 to 2048 [ 115.301672][ T2263] Alternate GPT is invalid, using primary GPT. [ 115.309071][ T2263] loop3: p1 p2 p3 [ 115.371002][ T100] Alternate GPT is invalid, using primary GPT. [ 115.377139][ T100] loop3: p1 p2 p3 [ 115.450855][ T312] usbhid 4-1:0.32: can't add hid device: -71 [ 115.456703][ T312] usbhid: probe of 4-1:0.32 failed with error -71 [ 115.467271][ T312] usb 4-1: USB disconnect, device number 13 [ 115.932593][ T2326] sit: Dst spoofed 0.0.0.0/2002::bfd8:a5dd -> 224.0.0.1/2002:c021:42c4:3911:45ba:dd28:fd7f:ffc [ 115.961883][ T2323] loop4: detected capacity change from 0 to 40427 [ 115.984077][ T2328] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow [ 116.007103][ T2323] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 116.023907][ T2323] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 116.032950][ T2323] F2FS-fs (loop4): invalid crc value [ 116.039468][ T2323] F2FS-fs (loop4): Found nat_bits in checkpoint [ 116.062019][ T2323] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 116.068982][ T2323] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 116.280845][ T312] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 116.540843][ T312] usb 1-1: Using ep0 maxpacket: 32 [ 116.731508][ T30] kauditd_printk_skb: 18 callbacks suppressed [ 116.731524][ T30] audit: type=1400 audit(1720409657.437:611): avc: denied { read } for pid=2334 comm="syz.3.554" name="ptp0" dev="devtmpfs" ino=168 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 116.732942][ T2335] IPv6: NLM_F_CREATE should be specified when creating new route [ 116.737441][ T30] audit: type=1400 audit(1720409657.437:612): avc: denied { open } for pid=2334 comm="syz.3.554" path="/dev/ptp0" dev="devtmpfs" ino=168 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 116.760321][ T2335] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 116.792857][ T30] audit: type=1400 audit(1720409657.437:613): avc: denied { ioctl } for pid=2334 comm="syz.3.554" path="socket:[25038]" dev="sockfs" ino=25038 ioctlcmd=0x7437 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 116.797685][ T2335] IPv6: NLM_F_CREATE should be set when creating new route [ 116.829220][ T2335] IPv6: NLM_F_CREATE should be set when creating new route [ 116.869723][ T2343] loop4: detected capacity change from 0 to 2048 [ 116.900996][ T312] usb 1-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5 [ 116.910091][ T312] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 116.918335][ T312] usb 1-1: Product: syz [ 116.922408][ T2343] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 116.922418][ T312] usb 1-1: Manufacturer: syz [ 116.922437][ T312] usb 1-1: SerialNumber: syz [ 116.933382][ T2343] ext4 filesystem being mounted at /20/file0 supports timestamps until 2038 (0x7fffffff) [ 116.941124][ T312] usb 1-1: config 0 descriptor?? [ 116.945518][ T2343] fs-verity (loop4, inode 13): fs-verity keyring is empty, rejecting signed file! [ 117.001235][ T2348] FAULT_INJECTION: forcing a failure. [ 117.001235][ T2348] name failslab, interval 1, probability 0, space 0, times 0 [ 117.001529][ T312] snd-usb-audio: probe of 1-1:0.0 failed with error -2 [ 117.014079][ T2348] CPU: 0 PID: 2348 Comm: syz.4.556 Tainted: G W 5.15.150-syzkaller-00330-g9044d25b8ff5 #0 [ 117.031829][ T2348] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 117.041830][ T2348] Call Trace: [ 117.044932][ T2348] [ 117.047712][ T2348] dump_stack_lvl+0x151/0x1b7 [ 117.052336][ T2348] ? io_uring_drop_tctx_refs+0x190/0x190 [ 117.057817][ T2348] dump_stack+0x15/0x17 [ 117.061887][ T2348] should_fail+0x3c6/0x510 [ 117.066144][ T2348] __should_failslab+0xa4/0xe0 [ 117.070738][ T2348] ? __alloc_file+0x29/0x2a0 [ 117.071009][ T312] Bluetooth: hci0: command 0x1003 tx timeout [ 117.075166][ T2348] should_failslab+0x9/0x20 [ 117.075189][ T2348] slab_pre_alloc_hook+0x37/0xd0 [ 117.081106][ T1570] Bluetooth: hci0: sending frame failed (-49) [ 117.085320][ T2348] ? __alloc_file+0x29/0x2a0 [ 117.100511][ T2348] kmem_cache_alloc+0x44/0x200 [ 117.105122][ T2348] __alloc_file+0x29/0x2a0 [ 117.109369][ T2348] alloc_empty_file+0x95/0x180 [ 117.113962][ T2348] path_openat+0xfe/0x2f40 [ 117.118315][ T2348] ? stack_trace_snprint+0xf0/0xf0 [ 117.123249][ T2348] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 117.128551][ T2348] ? kmem_cache_free+0x116/0x2e0 [ 117.133454][ T2348] ? __kasan_slab_alloc+0xc3/0xe0 [ 117.138304][ T2348] ? __kasan_slab_alloc+0xb1/0xe0 [ 117.143697][ T2348] ? slab_post_alloc_hook+0x53/0x2c0 [ 117.148956][ T2348] ? kmem_cache_alloc+0xf5/0x200 [ 117.153934][ T2348] ? getname_flags+0xba/0x520 [ 117.158573][ T2348] ? getname+0x19/0x20 [ 117.162470][ T2348] ? do_sys_openat2+0xd7/0x830 [ 117.167157][ T2348] ? __x64_sys_openat+0x243/0x290 [ 117.171358][ T1320] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 117.172019][ T2348] ? do_syscall_64+0x3d/0xb0 [ 117.184027][ T2348] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 117.190080][ T2348] ? do_filp_open+0x460/0x460 [ 117.194587][ T2348] do_filp_open+0x21c/0x460 [ 117.198934][ T2348] ? vfs_tmpfile+0x2c0/0x2c0 [ 117.203359][ T2348] do_sys_openat2+0x13f/0x830 [ 117.207896][ T2348] ? __kasan_check_write+0x14/0x20 [ 117.212813][ T2348] ? mutex_unlock+0xb2/0x260 [ 117.217236][ T2348] ? wait_for_completion_killable_timeout+0x10/0x10 [ 117.223661][ T2348] ? do_sys_open+0x220/0x220 [ 117.228270][ T2348] ? __kasan_check_write+0x14/0x20 [ 117.233206][ T2348] ? fput_many+0x160/0x1b0 [ 117.237457][ T2348] ? fput+0x1a/0x20 [ 117.241104][ T2348] __x64_sys_openat+0x243/0x290 [ 117.245798][ T2348] ? __ia32_sys_open+0x270/0x270 [ 117.250564][ T2348] ? debug_smp_processor_id+0x17/0x20 [ 117.255774][ T2348] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 117.261675][ T2348] ? exit_to_user_mode_prepare+0x39/0xa0 [ 117.267140][ T2348] do_syscall_64+0x3d/0xb0 [ 117.271393][ T2348] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 117.277120][ T2348] RIP: 0033:0x7f36d52edbd9 [ 117.281490][ T2348] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 117.301160][ T2348] RSP: 002b:00007f36d456f048 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 117.309504][ T2348] RAX: ffffffffffffffda RBX: 00007f36d547bf60 RCX: 00007f36d52edbd9 [ 117.317315][ T2348] RDX: 0000000000000000 RSI: 0000000020004280 RDI: ffffffffffffff9c [ 117.325376][ T2348] RBP: 00007f36d456f0a0 R08: 0000000000000000 R09: 0000000000000000 [ 117.333182][ T2348] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 117.342123][ T2348] R13: 000000000000000b R14: 00007f36d547bf60 R15: 00007ffda1589d48 [ 117.349922][ T2348] [ 117.353436][ T20] Bluetooth: hci1: command 0x1003 tx timeout [ 117.359283][ T1570] Bluetooth: hci1: sending frame failed (-49) [ 117.363542][ T392] usb 1-1: USB disconnect, device number 16 [ 117.411728][ T2350] loop4: detected capacity change from 0 to 2048 [ 117.512157][ T2350] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 117.522710][ T2350] ext4 filesystem being mounted at /22/file0 supports timestamps until 2038 (0x7fffffff) [ 117.591013][ T2354] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow [ 117.631043][ T1320] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 117.651135][ T1320] usb 4-1: New USB device found, idVendor=050d, idProduct=011b, bcdDevice=6f.a4 [ 117.660097][ T1320] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 117.668602][ T1320] usb 4-1: config 0 descriptor?? [ 117.711344][ T1320] rndis_host: probe of 4-1:0.0 failed with error -22 [ 117.890838][ T312] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 117.913777][ T392] usb 4-1: USB disconnect, device number 14 [ 118.130907][ T312] usb 5-1: Using ep0 maxpacket: 32 [ 118.290864][ T1320] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 118.433687][ T2365] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 118.441014][ T312] usb 5-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5 [ 118.453905][ T312] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 118.467170][ T312] usb 5-1: Product: syz [ 118.471432][ T312] usb 5-1: Manufacturer: syz [ 118.475843][ T312] usb 5-1: SerialNumber: syz [ 118.484607][ T312] usb 5-1: config 0 descriptor?? [ 118.521778][ T312] snd-usb-audio: probe of 5-1:0.0 failed with error -2 [ 118.574124][ T2367] loop3: detected capacity change from 0 to 40427 [ 118.660883][ T1320] usb 1-1: config 0 has an invalid interface number: 32 but max is 0 [ 118.669262][ T1320] usb 1-1: config 0 has no interface number 0 [ 118.670642][ T2367] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 118.675364][ T1320] usb 1-1: config 0 interface 32 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 118.683258][ T2367] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 118.693760][ T1320] usb 1-1: config 0 interface 32 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 118.703146][ T2367] F2FS-fs (loop3): invalid crc value [ 118.711586][ T1320] usb 1-1: New USB device found, idVendor=046d, idProduct=c71b, bcdDevice= 0.00 [ 118.718265][ T2367] F2FS-fs (loop3): Found nat_bits in checkpoint [ 118.733761][ T1320] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 118.746103][ T1320] usb 1-1: config 0 descriptor?? [ 118.757806][ T312] usb 5-1: USB disconnect, device number 10 [ 118.761415][ T2367] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 118.770402][ T2367] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 118.997061][ T2363] loop0: detected capacity change from 0 to 2048 [ 119.051778][ T2363] Alternate GPT is invalid, using primary GPT. [ 119.057923][ T2363] loop0: p1 p2 p3 [ 119.150943][ T1320] usbhid 1-1:0.32: can't add hid device: -71 [ 119.156858][ T1320] usbhid: probe of 1-1:0.32 failed with error -71 [ 119.164388][ T1320] usb 1-1: USB disconnect, device number 17 [ 119.171546][ T397] Bluetooth: hci0: command 0x1001 tx timeout [ 119.177409][ T1570] Bluetooth: hci0: sending frame failed (-49) [ 119.400886][ T397] Bluetooth: hci1: command 0x1001 tx timeout [ 119.406810][ T1570] Bluetooth: hci1: sending frame failed (-49) [ 119.463167][ T2377] loop3: detected capacity change from 0 to 2048 [ 119.661326][ T2377] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 119.671933][ T2377] ext4 filesystem being mounted at /53/file0 supports timestamps until 2038 (0x7fffffff) [ 119.684553][ T2377] fs-verity (loop3, inode 13): fs-verity keyring is empty, rejecting signed file! [ 119.747726][ T2389] loop3: detected capacity change from 0 to 2048 [ 119.792472][ T2389] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 119.803055][ T2389] ext4 filesystem being mounted at /54/file0 supports timestamps until 2038 (0x7fffffff) [ 119.857276][ T2394] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow [ 119.871004][ T2387] loop0: detected capacity change from 0 to 40427 [ 119.963864][ T2387] F2FS-fs (loop0): Found nat_bits in checkpoint [ 119.991790][ T2387] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 120.006129][ T2387] input: syz1 as /devices/virtual/input/input18 [ 120.013042][ T30] audit: type=1400 audit(1720409660.717:614): avc: denied { ioctl } for pid=85 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=1067 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 120.084313][ T1739] attempt to access beyond end of device [ 120.084313][ T1739] loop0: rw=2049, want=45104, limit=40427 [ 120.152479][ T397] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 120.214960][ T2403] loop4: detected capacity change from 0 to 2048 [ 120.240845][ T2405] FAULT_INJECTION: forcing a failure. [ 120.240845][ T2405] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 120.255307][ T2405] CPU: 0 PID: 2405 Comm: syz.0.573 Tainted: G W 5.15.150-syzkaller-00330-g9044d25b8ff5 #0 [ 120.266545][ T2405] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 120.276525][ T2405] Call Trace: [ 120.279658][ T2405] [ 120.282431][ T2405] dump_stack_lvl+0x151/0x1b7 [ 120.286936][ T2405] ? io_uring_drop_tctx_refs+0x190/0x190 [ 120.292433][ T2405] ? __mod_memcg_lruvec_state+0x11c/0x1b0 [ 120.297958][ T2405] dump_stack+0x15/0x17 [ 120.301954][ T2405] should_fail+0x3c6/0x510 [ 120.306204][ T2405] should_fail_alloc_page+0x5a/0x80 [ 120.311243][ T2405] prepare_alloc_pages+0x15c/0x700 [ 120.312599][ T2403] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 120.316190][ T2405] ? __alloc_pages_bulk+0xe40/0xe40 [ 120.316218][ T2405] __alloc_pages+0x18c/0x8f0 [ 120.336151][ T2405] ? prep_new_page+0x110/0x110 [ 120.340753][ T2405] ? __pte_map_lock+0x442/0x620 [ 120.345440][ T2405] ? do_wp_page+0x6fa/0xb60 [ 120.349793][ T2403] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 120.349958][ T2405] handle_pte_fault+0xea0/0x24d0 [ 120.349986][ T2405] ? fault_around_bytes_set+0xc0/0xc0 [ 120.365212][ T2403] EXT4-fs (loop4): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28 [ 120.369304][ T2405] ? trace_raw_output_vm_unmapped_area+0x220/0x220 [ 120.393468][ T2405] ? do_handle_mm_fault+0x1578/0x23a0 [ 120.398641][ T2405] ? memcpy+0x56/0x70 [ 120.402486][ T2405] do_handle_mm_fault+0x1ea9/0x23a0 [ 120.407495][ T2405] ? numa_migrate_prep+0xe0/0xe0 [ 120.412265][ T2405] ? memset+0x35/0x40 [ 120.416087][ T2405] ? get_unmapped_area+0x31d/0x380 [ 120.421032][ T2405] ? userfaultfd_unmap_prep+0x4a0/0x4a0 [ 120.426423][ T2405] ? debug_smp_processor_id+0x17/0x20 [ 120.431619][ T2405] ? exc_page_fault+0x222/0x830 [ 120.436308][ T2405] ? access_error+0x246/0x270 [ 120.440823][ T2405] exc_page_fault+0x26f/0x830 [ 120.445348][ T2405] asm_exc_page_fault+0x27/0x30 [ 120.450134][ T2405] RIP: 0033:0x7fc87ef68500 [ 120.454379][ T2405] Code: 39 4f 08 72 4c 8d 4d ff 85 ed 74 33 66 0f 1f 44 00 00 48 39 f0 72 1b 4d 8b 07 49 89 c1 49 29 f1 47 0f b6 0c 08 45 84 c9 74 08 <45> 88 0c 00 49 8b 47 10 48 83 c0 01 49 89 47 10 83 e9 01 73 d3 41 [ 120.473958][ T2405] RSP: 002b:00007fc87e3234b0 EFLAGS: 00010286 [ 120.479849][ T2405] RAX: 0000000000001000 RBX: 00007fc87e323550 RCX: 0000000000000001 [ 120.487660][ T2405] RDX: 0000000000000009 RSI: 0000000000000001 RDI: 00007fc87e3235f0 [ 120.495478][ T2405] RBP: 00000000000000db R08: 00007fc875f04000 R09: 00000000000000ff [ 120.503281][ T2405] R10: 0000000000000000 R11: 00007fc87e323560 R12: 0000000000000001 [ 120.511287][ T2405] R13: 00007fc87f122fa0 R14: 0000000000000000 R15: 00007fc87e3235f0 [ 120.519186][ T2405] [ 120.522494][ T2405] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 120.522621][ T2403] EXT4-fs (loop4): This should not happen!! Data will be lost [ 120.522621][ T2403] [ 120.542543][ T2405] loop0: detected capacity change from 0 to 512 [ 120.558955][ T2403] EXT4-fs (loop4): Total free blocks count 0 [ 120.564907][ T2403] EXT4-fs (loop4): Free/Dirty block details [ 120.571257][ T397] usb 4-1: Using ep0 maxpacket: 32 [ 120.571266][ T2403] EXT4-fs (loop4): free_blocks=2415919104 [ 120.571284][ T2403] EXT4-fs (loop4): dirty_blocks=16 [ 120.571295][ T2403] EXT4-fs (loop4): Block reservation details [ 120.585614][ T2405] EXT4-fs (loop0): 1 truncate cleaned up [ 120.587091][ T2403] EXT4-fs (loop4): i_reserved_data_blocks=1 [ 120.593813][ T2405] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 120.599925][ T2408] EXT4-fs (loop4): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28 [ 120.627389][ T2408] EXT4-fs (loop4): This should not happen!! Data will be lost [ 120.627389][ T2408] [ 120.692630][ T2412] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 120.906159][ T2421] FAULT_INJECTION: forcing a failure. [ 120.906159][ T2421] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 120.919199][ T2421] CPU: 1 PID: 2421 Comm: syz.0.577 Tainted: G W 5.15.150-syzkaller-00330-g9044d25b8ff5 #0 [ 120.930157][ T2421] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 120.940054][ T2421] Call Trace: [ 120.943176][ T2421] [ 120.945958][ T2421] dump_stack_lvl+0x151/0x1b7 [ 120.950473][ T2421] ? io_uring_drop_tctx_refs+0x190/0x190 [ 120.956025][ T2421] dump_stack+0x15/0x17 [ 120.960015][ T2421] should_fail+0x3c6/0x510 [ 120.964270][ T2421] should_fail_usercopy+0x1a/0x20 [ 120.969122][ T2421] _copy_to_user+0x20/0x90 [ 120.973385][ T2421] simple_read_from_buffer+0xc7/0x150 [ 120.978685][ T2421] proc_fail_nth_read+0x1a3/0x210 [ 120.983541][ T2421] ? proc_fault_inject_write+0x390/0x390 [ 120.984108][ T2416] loop4: detected capacity change from 0 to 40427 [ 120.989000][ T2421] ? proc_fault_inject_write+0x390/0x390 [ 120.989024][ T2421] vfs_read+0x27d/0xd40 [ 120.989041][ T2421] ? kernel_read+0x1f0/0x1f0 [ 121.009199][ T2421] ? __kasan_check_write+0x14/0x20 [ 121.014174][ T2421] ? mutex_lock+0xb6/0x1e0 [ 121.018466][ T2421] ? wait_for_completion_killable_timeout+0x10/0x10 [ 121.024850][ T2421] ? __fdget_pos+0x2e7/0x3a0 [ 121.029270][ T2421] ? ksys_read+0x77/0x2c0 [ 121.033439][ T2421] ksys_read+0x199/0x2c0 [ 121.037537][ T2421] ? vfs_write+0x1110/0x1110 [ 121.041944][ T2421] ? __kasan_check_read+0x11/0x20 [ 121.046824][ T2421] __x64_sys_read+0x7b/0x90 [ 121.051148][ T2421] do_syscall_64+0x3d/0xb0 [ 121.055398][ T2421] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 121.061284][ T2421] RIP: 0033:0x7fc87f0a16bc [ 121.065542][ T2421] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48 [ 121.084979][ T2421] RSP: 002b:00007fc87e2e2040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 121.093217][ T2421] RAX: ffffffffffffffda RBX: 00007fc87f231110 RCX: 00007fc87f0a16bc [ 121.101029][ T2421] RDX: 000000000000000f RSI: 00007fc87e2e20b0 RDI: 0000000000000009 [ 121.108847][ T2421] RBP: 00007fc87e2e20a0 R08: 0000000000000000 R09: 0000000000000000 [ 121.116653][ T2421] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 121.124466][ T2421] R13: 000000000000006e R14: 00007fc87f231110 R15: 00007ffe9d93dad8 [ 121.132491][ T2421] [ 121.164290][ T2416] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 121.171985][ T2416] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 121.181212][ T2416] F2FS-fs (loop4): invalid crc value [ 121.187835][ T2416] F2FS-fs (loop4): Found nat_bits in checkpoint [ 121.200957][ T397] usb 4-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5 [ 121.210562][ T397] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 121.218875][ T397] usb 4-1: Product: syz [ 121.221938][ T2416] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 121.222947][ T397] usb 4-1: Manufacturer: syz [ 121.230179][ T2416] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 121.234313][ T397] usb 4-1: SerialNumber: syz [ 121.249848][ T397] usb 4-1: config 0 descriptor?? [ 121.254803][ T1320] Bluetooth: hci0: command 0x1009 tx timeout [ 121.301556][ T397] snd-usb-audio: probe of 4-1:0.0 failed with error -2 [ 121.440898][ T1320] usb 1-1: new high-speed USB device number 18 using dummy_hcd [ 121.470887][ T397] Bluetooth: hci1: command 0x1009 tx timeout [ 121.505668][ T397] usb 4-1: USB disconnect, device number 15 [ 121.626400][ T2430] loop4: detected capacity change from 0 to 2048 [ 121.722773][ T2430] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 121.733465][ T2430] ext4 filesystem being mounted at /28/file0 supports timestamps until 2038 (0x7fffffff) [ 121.746655][ T2430] fs-verity (loop4, inode 13): fs-verity keyring is empty, rejecting signed file! [ 121.810924][ T1320] usb 1-1: config 0 has an invalid interface number: 32 but max is 0 [ 121.818978][ T1320] usb 1-1: config 0 has no interface number 0 [ 121.824920][ T1320] usb 1-1: config 0 interface 32 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 121.835774][ T1320] usb 1-1: config 0 interface 32 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 121.845728][ T1320] usb 1-1: New USB device found, idVendor=046d, idProduct=c71b, bcdDevice= 0.00 [ 121.854676][ T1320] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 121.860563][ T2437] sit: Dst spoofed 0.0.0.0/2002::bfd8:a5dd -> 224.0.0.1/2002:c021:42c4:3911:45ba:dd28:fd7f:ffc [ 121.863279][ T1320] usb 1-1: config 0 descriptor?? [ 122.174213][ T2441] input: syz1 as /devices/virtual/input/input19 [ 122.299570][ T2423] loop0: detected capacity change from 0 to 2048 [ 122.332265][ T2423] Alternate GPT is invalid, using primary GPT. [ 122.338526][ T2423] loop0: p1 p2 p3 [ 122.470879][ T1320] usbhid 1-1:0.32: can't add hid device: -71 [ 122.476912][ T1320] usbhid: probe of 1-1:0.32 failed with error -71 [ 122.484546][ T1320] usb 1-1: USB disconnect, device number 18 [ 122.792219][ T2445] FAULT_INJECTION: forcing a failure. [ 122.792219][ T2445] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 122.805393][ T2445] CPU: 1 PID: 2445 Comm: syz.4.582 Tainted: G W 5.15.150-syzkaller-00330-g9044d25b8ff5 #0 [ 122.816358][ T2445] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 122.826225][ T2445] Call Trace: [ 122.829347][ T2445] [ 122.832129][ T2445] dump_stack_lvl+0x151/0x1b7 [ 122.836651][ T2445] ? io_uring_drop_tctx_refs+0x190/0x190 [ 122.842108][ T2445] ? __kasan_check_read+0x11/0x20 [ 122.846968][ T2445] ? preempt_schedule_irq+0xe7/0x140 [ 122.852096][ T2445] ? __cond_resched+0x20/0x20 [ 122.856599][ T2445] dump_stack+0x15/0x17 [ 122.860685][ T2445] should_fail+0x3c6/0x510 [ 122.864935][ T2445] should_fail_alloc_page+0x5a/0x80 [ 122.869967][ T2445] prepare_alloc_pages+0x15c/0x700 [ 122.874912][ T2445] ? __alloc_pages_bulk+0xe40/0xe40 [ 122.879951][ T2445] ? kasan_check_range+0x7e/0x2a0 [ 122.884814][ T2445] __alloc_pages+0x18c/0x8f0 [ 122.889329][ T2445] ? prep_new_page+0x110/0x110 [ 122.893933][ T2445] ? __kasan_check_read+0x11/0x20 [ 122.898892][ T2445] ? __mod_node_page_state+0xac/0xf0 [ 122.904017][ T2445] kmalloc_order+0x4a/0x160 [ 122.908378][ T2445] ? sysvec_reschedule_ipi+0x7d/0x150 [ 122.913565][ T2445] kmalloc_order_trace+0x1a/0xb0 [ 122.918335][ T2445] __kmalloc+0x19c/0x270 [ 122.922709][ T2445] input_register_device+0x84a/0x10c0 [ 122.927965][ T2445] uinput_create_device+0x413/0x630 [ 122.933052][ T2445] uinput_ioctl_handler+0xa63/0x16a0 [ 122.938119][ T2445] ? uinput_release+0x50/0x50 [ 122.942761][ T2445] ? selinux_file_ioctl+0x3cc/0x540 [ 122.947773][ T2445] ? __fget_files+0x31e/0x380 [ 122.952255][ T2445] uinput_ioctl+0x28/0x30 [ 122.956419][ T2445] ? uinput_poll+0x120/0x120 [ 122.960853][ T2445] __se_sys_ioctl+0x114/0x190 [ 122.965370][ T2445] __x64_sys_ioctl+0x7b/0x90 [ 122.969791][ T2445] do_syscall_64+0x3d/0xb0 [ 122.974134][ T2445] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 122.979948][ T2445] RIP: 0033:0x7f36d52edbd9 [ 122.984204][ T2445] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 123.003654][ T2445] RSP: 002b:00007f36d452d048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 123.011895][ T2445] RAX: ffffffffffffffda RBX: 00007f36d547c110 RCX: 00007f36d52edbd9 [ 123.019710][ T2445] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000003 [ 123.027514][ T2445] RBP: 00007f36d452d0a0 R08: 0000000000000000 R09: 0000000000000000 [ 123.035471][ T2445] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 123.043276][ T2445] R13: 000000000000006e R14: 00007f36d547c110 R15: 00007ffda1589d48 [ 123.051269][ T2445] [ 123.104150][ T2448] loop3: detected capacity change from 0 to 2048 [ 123.142862][ T2448] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 123.157014][ T2448] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 123.171867][ T2448] EXT4-fs (loop3): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28 [ 123.184688][ T2448] EXT4-fs (loop3): This should not happen!! Data will be lost [ 123.184688][ T2448] [ 123.194825][ T2448] EXT4-fs (loop3): Total free blocks count 0 [ 123.200981][ T2448] EXT4-fs (loop3): Free/Dirty block details [ 123.206795][ T2448] EXT4-fs (loop3): free_blocks=2415919104 [ 123.213072][ T2448] EXT4-fs (loop3): dirty_blocks=16 [ 123.218072][ T2448] EXT4-fs (loop3): Block reservation details [ 123.223921][ T2448] EXT4-fs (loop3): i_reserved_data_blocks=1 [ 123.231019][ T2459] EXT4-fs (loop3): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28 [ 123.243343][ T2459] EXT4-fs (loop3): This should not happen!! Data will be lost [ 123.243343][ T2459] [ 123.468627][ T2463] input: syz1 as /devices/virtual/input/input21 [ 123.629763][ T2465] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 123.703114][ T2468] sit: Dst spoofed 0.0.0.0/2002::bfd8:a5dd -> 224.0.0.1/2002:c021:42c4:3911:45ba:dd28:fd7f:ffc [ 124.220812][ T312] usb 1-1: new high-speed USB device number 19 using dummy_hcd [ 124.289919][ T2473] loop3: detected capacity change from 0 to 40427 [ 124.381208][ T2473] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 124.388845][ T2473] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 124.398367][ T2473] F2FS-fs (loop3): invalid crc value [ 124.405385][ T2473] F2FS-fs (loop3): Found nat_bits in checkpoint [ 124.429602][ T2473] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 124.436810][ T2473] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 124.485657][ T312] usb 1-1: Using ep0 maxpacket: 8 [ 124.497292][ T30] audit: type=1326 audit(1720409665.197:615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2478 comm="syz.4.591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36d52edbd9 code=0x7ffc0000 [ 124.498006][ T2479] blk_update_request: I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 124.520974][ T30] audit: type=1326 audit(1720409665.197:616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2478 comm="syz.4.591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7f36d52edbd9 code=0x7ffc0000 [ 124.532249][ T2479] FAT-fs (loop9): unable to read boot sector [ 124.601009][ T312] usb 1-1: unable to get BOS descriptor or descriptor too short [ 124.711166][ T312] usb 1-1: config index 0 descriptor too short (expected 16914, got 18) [ 124.727452][ T312] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 124.761397][ T30] audit: type=1326 audit(1720409665.197:617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2478 comm="syz.4.591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36d52edbd9 code=0x7ffc0000 [ 124.764189][ T2483] loop4: detected capacity change from 0 to 2048 [ 124.784879][ T312] usb 1-1: config 0 has no interfaces? [ 124.790889][ T30] audit: type=1326 audit(1720409665.197:618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2478 comm="syz.4.591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f36d52edbd9 code=0x7ffc0000 [ 124.819542][ T30] audit: type=1326 audit(1720409665.267:619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2478 comm="syz.4.591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36d52edbd9 code=0x7ffc0000 [ 124.902208][ T2483] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 124.913147][ T2483] ext4 filesystem being mounted at /34/file0 supports timestamps until 2038 (0x7fffffff) [ 125.011015][ T2489] bridge0: port 1(bridge_slave_0) entered blocking state [ 125.022883][ T2489] bridge0: port 1(bridge_slave_0) entered disabled state [ 125.030470][ T2489] device bridge_slave_0 entered promiscuous mode [ 125.037692][ T2489] bridge0: port 2(bridge_slave_1) entered blocking state [ 125.044721][ T2489] bridge0: port 2(bridge_slave_1) entered disabled state [ 125.052161][ T2489] device bridge_slave_1 entered promiscuous mode [ 125.056135][ T312] usb 1-1: New USB device found, idVendor=0bb4, idProduct=0a9b, bcdDevice=30.9b [ 125.072570][ T312] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 125.080449][ T312] usb 1-1: Product: syz [ 125.085389][ T312] usb 1-1: Manufacturer: syz [ 125.089827][ T312] usb 1-1: SerialNumber: syz [ 125.096920][ T312] usb 1-1: config 0 descriptor?? [ 125.123787][ T2494] netlink: 4 bytes leftover after parsing attributes in process `syz.4.594'. [ 125.190395][ T2489] bridge0: port 2(bridge_slave_1) entered blocking state [ 125.197319][ T2489] bridge0: port 2(bridge_slave_1) entered forwarding state [ 125.204603][ T2489] bridge0: port 1(bridge_slave_0) entered blocking state [ 125.211682][ T2489] bridge0: port 1(bridge_slave_0) entered forwarding state [ 125.239187][ T391] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 125.248077][ T391] bridge0: port 1(bridge_slave_0) entered disabled state [ 125.255533][ T391] bridge0: port 2(bridge_slave_1) entered disabled state [ 125.275551][ T391] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 125.275741][ T391] bridge0: port 1(bridge_slave_0) entered blocking state [ 125.275756][ T391] bridge0: port 1(bridge_slave_0) entered forwarding state [ 125.284180][ T391] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 125.306515][ T391] bridge0: port 2(bridge_slave_1) entered blocking state [ 125.313374][ T391] bridge0: port 2(bridge_slave_1) entered forwarding state [ 125.337119][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 125.362792][ T397] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 125.407652][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 125.425347][ T2489] device veth0_vlan entered promiscuous mode [ 125.432193][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 125.456826][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 125.464260][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 125.477303][ T2500] bridge0: port 1(bridge_slave_0) entered blocking state [ 125.484548][ T2500] bridge0: port 1(bridge_slave_0) entered disabled state [ 125.494822][ T2500] device bridge_slave_0 entered promiscuous mode [ 125.517166][ T397] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 125.528831][ T2500] bridge0: port 2(bridge_slave_1) entered blocking state [ 125.536636][ T2500] bridge0: port 2(bridge_slave_1) entered disabled state [ 125.547058][ T2500] device bridge_slave_1 entered promiscuous mode [ 125.584201][ T2489] device veth1_macvtap entered promiscuous mode [ 125.763282][ T391] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 125.772772][ T391] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 125.827788][ T2500] bridge0: port 2(bridge_slave_1) entered blocking state [ 125.834677][ T2500] bridge0: port 2(bridge_slave_1) entered forwarding state [ 125.841776][ T2500] bridge0: port 1(bridge_slave_0) entered blocking state [ 125.848541][ T2500] bridge0: port 1(bridge_slave_0) entered forwarding state [ 125.875628][ T397] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 125.883592][ T397] bridge0: port 1(bridge_slave_0) entered disabled state [ 125.890869][ T397] bridge0: port 2(bridge_slave_1) entered disabled state [ 125.902254][ T391] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 125.910300][ T391] bridge0: port 1(bridge_slave_0) entered blocking state [ 125.917259][ T391] bridge0: port 1(bridge_slave_0) entered forwarding state [ 125.953557][ T397] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 125.962815][ T397] bridge0: port 2(bridge_slave_1) entered blocking state [ 125.969761][ T397] bridge0: port 2(bridge_slave_1) entered forwarding state [ 126.008518][ T2521] netlink: 12 bytes leftover after parsing attributes in process `syz.4.600'. [ 126.029994][ T2521] FAULT_INJECTION: forcing a failure. [ 126.029994][ T2521] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 126.043079][ T2521] CPU: 1 PID: 2521 Comm: syz.4.600 Tainted: G W 5.15.150-syzkaller-00330-g9044d25b8ff5 #0 [ 126.054199][ T2521] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 126.064073][ T2521] Call Trace: [ 126.067197][ T2521] [ 126.069975][ T2521] dump_stack_lvl+0x151/0x1b7 [ 126.074487][ T2521] ? io_uring_drop_tctx_refs+0x190/0x190 [ 126.079953][ T2521] ? find_lock_lowest_rq+0x75/0x480 [ 126.084990][ T2521] dump_stack+0x15/0x17 [ 126.088980][ T2521] should_fail+0x3c6/0x510 [ 126.093234][ T2521] should_fail_usercopy+0x1a/0x20 [ 126.098181][ T2521] _copy_from_user+0x20/0xd0 [ 126.102694][ T2521] __copy_msghdr_from_user+0xaf/0x7c0 [ 126.107954][ T2521] ? __ia32_sys_shutdown+0x70/0x70 [ 126.112851][ T2521] ? __sched_text_start+0x8/0x8 [ 126.117536][ T2521] ___sys_sendmsg+0x166/0x2e0 [ 126.122161][ T2521] ? rcu_preempt_deferred_qs_irqrestore+0x709/0x9f0 [ 126.128710][ T2521] ? __sys_sendmsg+0x260/0x260 [ 126.133296][ T2521] ? rcu_read_unlock_special+0xdb/0x4c0 [ 126.138777][ T2521] ? __fdget+0x1bc/0x240 [ 126.142843][ T2521] __se_sys_sendmsg+0x19a/0x260 [ 126.147527][ T2521] ? __x64_sys_sendmsg+0x90/0x90 [ 126.152300][ T2521] ? switch_fpu_return+0x1ed/0x3d0 [ 126.157250][ T2521] ? __kasan_check_read+0x11/0x20 [ 126.162113][ T2521] __x64_sys_sendmsg+0x7b/0x90 [ 126.166709][ T2521] do_syscall_64+0x3d/0xb0 [ 126.170962][ T2521] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 126.176691][ T2521] RIP: 0033:0x7f36d52edbd9 [ 126.180948][ T2521] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 126.200392][ T2521] RSP: 002b:00007f36d452d048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 126.208639][ T2521] RAX: ffffffffffffffda RBX: 00007f36d547c110 RCX: 00007f36d52edbd9 [ 126.216525][ T2521] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000005 [ 126.224426][ T2521] RBP: 00007f36d452d0a0 R08: 0000000000000000 R09: 0000000000000000 [ 126.232435][ T2521] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 126.240244][ T2521] R13: 000000000000006e R14: 00007f36d547c110 R15: 00007ffda1589d48 [ 126.248152][ T2521] [ 126.401272][ T1320] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 126.473150][ T397] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 126.482529][ T397] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 126.483055][ T2523] fuse: Bad value for 'user_id' [ 126.497549][ T397] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 126.505782][ T397] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 126.527357][ T2500] device veth0_vlan entered promiscuous mode [ 126.541246][ T2500] device veth1_macvtap entered promiscuous mode [ 126.570402][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 126.588414][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 126.597107][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 126.606010][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 126.614514][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 126.623042][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 126.631367][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 126.904887][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 126.913173][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 126.921442][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 126.929574][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 126.937536][ T1320] usb 2-1: Using ep0 maxpacket: 16 [ 126.945470][ T10] Bluetooth: hci0: Frame reassembly failed (-84) [ 126.960866][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 126.972851][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 126.980454][ T312] usb 1-1: USB disconnect, device number 19 [ 127.010545][ T2535] sit: Dst spoofed 0.0.0.0/2002::bfd8:a5dd -> 224.0.0.1/2002:c021:42c4:3911:45ba:dd28:fd7f:ffc [ 127.041703][ T45] device bridge_slave_1 left promiscuous mode [ 127.047955][ T45] bridge0: port 2(bridge_slave_1) entered disabled state [ 127.055908][ T45] device bridge_slave_0 left promiscuous mode [ 127.062041][ T1320] usb 2-1: New USB device found, idVendor=0582, idProduct=007d, bcdDevice=a3.85 [ 127.071786][ T45] bridge0: port 1(bridge_slave_0) entered disabled state [ 127.078872][ T1320] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 127.087760][ T1320] usb 2-1: config 0 descriptor?? [ 127.094071][ T45] device veth1_macvtap left promiscuous mode [ 127.116959][ T45] device veth0_vlan left promiscuous mode [ 127.158590][ T2534] loop0: detected capacity change from 0 to 40427 [ 127.203726][ T2534] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 127.216536][ T2534] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 127.232362][ T2534] F2FS-fs (loop0): invalid crc value [ 127.248353][ T2534] F2FS-fs (loop0): Found nat_bits in checkpoint [ 127.333304][ T391] usb 2-1: USB disconnect, device number 17 [ 127.346245][ T2534] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 127.353448][ T2534] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 127.364113][ T10] Bluetooth: hci0: Frame reassembly failed (-84) [ 127.810132][ T2552] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow [ 128.073305][ T2560] netlink: 4 bytes leftover after parsing attributes in process `syz.0.609'. [ 128.130868][ T26] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 128.130919][ T392] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 128.321601][ T45] device bridge_slave_1 left promiscuous mode [ 128.327601][ T45] bridge0: port 2(bridge_slave_1) entered disabled state [ 128.334981][ T45] device bridge_slave_0 left promiscuous mode [ 128.341343][ T45] bridge0: port 1(bridge_slave_0) entered disabled state [ 128.349410][ T45] device veth1_macvtap left promiscuous mode [ 128.355588][ T45] device veth0_vlan left promiscuous mode [ 128.370848][ T26] usb 3-1: Using ep0 maxpacket: 32 [ 128.410909][ T392] usb 5-1: Using ep0 maxpacket: 8 [ 128.560952][ T392] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 128.571819][ T392] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 128.581456][ T392] usb 5-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00 [ 128.590489][ T392] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 128.599412][ T392] usb 5-1: config 0 descriptor?? [ 128.650881][ T26] usb 3-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5 [ 128.659944][ T26] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 128.667726][ T26] usb 3-1: Product: syz [ 128.671913][ T26] usb 3-1: Manufacturer: syz [ 128.676415][ T26] usb 3-1: SerialNumber: syz [ 128.681535][ T26] usb 3-1: config 0 descriptor?? [ 128.721639][ T26] snd-usb-audio: probe of 3-1:0.0 failed with error -2 [ 128.805589][ T30] audit: type=1326 audit(1720409669.507:620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2561 comm="syz.1.611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d8c632bd9 code=0x7ffc0000 [ 128.836284][ T30] audit: type=1326 audit(1720409669.537:621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2561 comm="syz.1.611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d8c632bd9 code=0x7ffc0000 [ 128.860549][ T2562] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 128.878361][ T2562] FAT-fs (loop3): unable to read boot sector [ 128.879882][ T30] audit: type=1326 audit(1720409669.567:622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2561 comm="syz.1.611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7f4d8c632bd9 code=0x7ffc0000 [ 128.908194][ T30] audit: type=1326 audit(1720409669.567:623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2561 comm="syz.1.611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d8c632bd9 code=0x7ffc0000 [ 128.944038][ T30] audit: type=1326 audit(1720409669.567:624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2561 comm="syz.1.611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f4d8c632bd9 code=0x7ffc0000 [ 128.956030][ T26] usb 3-1: USB disconnect, device number 12 [ 128.979432][ T2571] loop1: detected capacity change from 0 to 2048 [ 129.002438][ T2571] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 129.019227][ T2573] loop0: detected capacity change from 0 to 512 [ 129.027437][ T2571] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 129.042601][ T2571] EXT4-fs (loop1): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28 [ 129.054956][ T2571] EXT4-fs (loop1): This should not happen!! Data will be lost [ 129.054956][ T2571] [ 129.065170][ T2571] EXT4-fs (loop1): Total free blocks count 0 [ 129.071417][ T2571] EXT4-fs (loop1): Free/Dirty block details [ 129.078927][ T2571] EXT4-fs (loop1): free_blocks=2415919104 [ 129.084864][ T2571] EXT4-fs (loop1): dirty_blocks=16 [ 129.089806][ T2571] EXT4-fs (loop1): Block reservation details [ 129.096032][ T2571] EXT4-fs (loop1): i_reserved_data_blocks=1 [ 129.104133][ T2577] EXT4-fs (loop1): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28 [ 129.116525][ T2577] EXT4-fs (loop1): This should not happen!! Data will be lost [ 129.116525][ T2577] [ 129.131714][ T392] steelseries_srws1 0003:1038:1410.000A: unknown main item tag 0xd [ 129.139418][ T2573] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpid,grpquota,,errors=continue. Quota mode: writeback. [ 129.140016][ T392] steelseries_srws1 0003:1038:1410.000A: item fetching failed at offset 6/7 [ 129.161064][ T392] steelseries_srws1 0003:1038:1410.000A: parse failed [ 129.162465][ T2573] ext4 filesystem being mounted at /60/file0 supports timestamps until 2038 (0x7fffffff) [ 129.167807][ T392] steelseries_srws1: probe of 0003:1038:1410.000A failed with error -22 [ 129.229709][ T440] Bluetooth: hci1: Frame reassembly failed (-84) [ 129.280087][ T2585] fuse: Bad value for 'fd' [ 129.345682][ T392] usb 5-1: USB disconnect, device number 11 [ 129.596326][ T292] Bluetooth: hci0: command 0x1003 tx timeout [ 129.603132][ T1570] Bluetooth: hci0: sending frame failed (-49) [ 129.673745][ T2590] sit: Dst spoofed 0.0.0.0/2002::bfd8:a5dd -> 224.0.0.1/2002:c021:42c4:3911:45ba:dd28:fd7f:ffc [ 130.252687][ T2593] loop4: detected capacity change from 0 to 40427 [ 130.341184][ T2593] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 130.349188][ T2593] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 130.358326][ T2593] F2FS-fs (loop4): invalid crc value [ 130.365070][ T2593] F2FS-fs (loop4): Found nat_bits in checkpoint [ 130.389649][ T2593] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 130.396641][ T2593] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 130.604430][ T2602] netlink: 4 bytes leftover after parsing attributes in process `syz.2.622'. [ 131.046462][ T30] kauditd_printk_skb: 1 callbacks suppressed [ 131.046478][ T30] audit: type=1326 audit(1720409671.747:626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2610 comm="syz.0.625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc87f0a2bd9 code=0x7ffc0000 [ 131.077937][ T2611] blk_update_request: I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 131.083798][ T30] audit: type=1326 audit(1720409671.777:627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2610 comm="syz.0.625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc87f0a2bd9 code=0x7ffc0000 [ 131.112104][ T2611] FAT-fs (loop1): unable to read boot sector [ 131.123020][ T2614] loop4: detected capacity change from 0 to 2048 [ 131.131888][ T30] audit: type=1326 audit(1720409671.777:628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2610 comm="syz.0.625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7fc87f0a2bd9 code=0x7ffc0000 [ 131.142263][ T2616] loop0: detected capacity change from 0 to 2048 [ 131.155360][ T30] audit: type=1326 audit(1720409671.777:629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2610 comm="syz.0.625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc87f0a2bd9 code=0x7ffc0000 [ 131.184553][ T30] audit: type=1326 audit(1720409671.777:630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2610 comm="syz.0.625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc87f0a2bd9 code=0x7ffc0000 [ 131.208013][ T30] audit: type=1326 audit(1720409671.777:631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2610 comm="syz.0.625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7fc87f0a2bd9 code=0x7ffc0000 [ 131.231930][ T30] audit: type=1326 audit(1720409671.817:632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2610 comm="syz.0.625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc87f0a2bd9 code=0x7ffc0000 [ 131.231936][ T26] Bluetooth: hci1: command 0x1003 tx timeout [ 131.232594][ T1570] Bluetooth: hci1: sending frame failed (-49) [ 131.275602][ T2616] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 131.286514][ T2614] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 131.309351][ T2616] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 131.310883][ T2614] ext4 filesystem being mounted at /42/file0 supports timestamps until 2038 (0x7fffffff) [ 131.325503][ T2616] EXT4-fs (loop0): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28 [ 131.347464][ T2616] EXT4-fs (loop0): This should not happen!! Data will be lost [ 131.347464][ T2616] [ 131.365418][ T2616] EXT4-fs (loop0): Total free blocks count 0 [ 131.372156][ T2614] fs-verity (loop4, inode 13): fs-verity keyring is empty, rejecting signed file! [ 131.381352][ T2616] EXT4-fs (loop0): Free/Dirty block details [ 131.387159][ T2616] EXT4-fs (loop0): free_blocks=2415919104 [ 131.393444][ T2616] EXT4-fs (loop0): dirty_blocks=16 [ 131.398657][ T2616] EXT4-fs (loop0): Block reservation details [ 131.404811][ T2616] EXT4-fs (loop0): i_reserved_data_blocks=1 [ 131.413052][ T2622] EXT4-fs (loop0): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28 [ 131.420024][ T2626] fuse: Bad value for 'user_id' [ 131.430066][ T2622] EXT4-fs (loop0): This should not happen!! Data will be lost [ 131.430066][ T2622] [ 131.510177][ T2630] fuse: Bad value for 'fd' [ 131.571884][ T2632] netlink: 12 bytes leftover after parsing attributes in process `syz.4.629'. [ 131.583545][ T2632] sch_tbf: peakrate 3 is lower than or equals to rate 1143518112591568713 ! [ 131.632816][ T26] Bluetooth: hci0: command 0x1001 tx timeout [ 133.351189][ T1570] Bluetooth: hci0: sending frame failed (-49) [ 133.358802][ T292] Bluetooth: hci1: command 0x1001 tx timeout [ 133.364458][ T2639] loop0: detected capacity change from 0 to 8 [ 133.365363][ T1570] Bluetooth: hci1: sending frame failed (-49) [ 133.371443][ C0] blk_update_request: I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 133.387479][ C0] Buffer I/O error on dev loop0, logical block 0, async page read [ 133.395612][ C1] blk_update_request: I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 133.407042][ C1] Buffer I/O error on dev loop0, logical block 0, async page read [ 133.415129][ T2639] loop0: unable to read partition table [ 133.421072][ T2639] loop_reread_partitions: partition scan of loop0 (被xڬdƤݡ [ 133.421072][ T2639] ) failed (rc=-5) [ 133.498689][ C1] blk_update_request: I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 133.509671][ C1] Buffer I/O error on dev loop0, logical block 0, async page read [ 133.518284][ C1] blk_update_request: I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 133.529004][ C1] Buffer I/O error on dev loop0, logical block 0, async page read [ 133.536640][ T100] loop0: unable to read partition table [ 133.549857][ C1] blk_update_request: I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 133.560777][ C1] Buffer I/O error on dev loop0, logical block 0, async page read [ 133.568486][ C0] blk_update_request: I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 133.579209][ C0] Buffer I/O error on dev loop0, logical block 0, async page read [ 133.587306][ C0] blk_update_request: I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 133.598017][ C0] Buffer I/O error on dev loop0, logical block 0, async page read [ 133.606091][ C0] blk_update_request: I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 133.616916][ C0] Buffer I/O error on dev loop0, logical block 0, async page read [ 133.629717][ C0] blk_update_request: I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 133.640475][ C0] Buffer I/O error on dev loop0, logical block 0, async page read [ 133.688895][ T2644] loop2: detected capacity change from 0 to 40427 [ 133.781194][ T2644] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 133.788917][ T2644] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 133.798356][ T2644] F2FS-fs (loop2): invalid crc value [ 133.803672][ T26] usb 1-1: new high-speed USB device number 20 using dummy_hcd [ 133.805482][ T2644] F2FS-fs (loop2): Found nat_bits in checkpoint [ 133.833641][ T2644] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 133.840515][ T2644] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 134.060822][ T26] usb 1-1: Using ep0 maxpacket: 16 [ 134.190976][ T26] usb 1-1: New USB device found, idVendor=0582, idProduct=007d, bcdDevice=a3.85 [ 134.200136][ T26] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 134.208552][ T26] usb 1-1: config 0 descriptor?? [ 134.463638][ T391] usb 1-1: USB disconnect, device number 20 [ 134.545561][ T2664] loop2: detected capacity change from 0 to 2048 [ 134.820459][ T2664] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 134.831915][ T2664] ext4 filesystem being mounted at /11/file0 supports timestamps until 2038 (0x7fffffff) [ 134.847837][ T2664] fs-verity (loop2, inode 13): fs-verity keyring is empty, rejecting signed file! [ 134.925126][ T2671] loop2: detected capacity change from 0 to 2048 [ 134.972291][ T2671] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 135.142934][ T2679] netlink: 12 bytes leftover after parsing attributes in process `syz.2.642'. [ 135.152210][ T2679] sch_tbf: peakrate 3 is lower than or equals to rate 1143518112591568713 ! [ 135.314816][ T2681] fuse: Bad value for 'fd' [ 135.427015][ T312] Bluetooth: hci1: command 0x1009 tx timeout [ 135.446969][ T312] Bluetooth: hci0: command 0x1009 tx timeout [ 135.456310][ T2684] loop4: detected capacity change from 0 to 512 [ 135.493529][ T2684] EXT4-fs (loop4): bad geometry: first data block 1 is beyond end of filesystem (1) [ 135.734601][ T2688] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow [ 135.989771][ T2690] loop2: detected capacity change from 0 to 40427 [ 136.020860][ T391] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 136.081203][ T2690] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 136.088882][ T2690] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 136.100171][ T2690] F2FS-fs (loop2): invalid crc value [ 136.122767][ T2690] F2FS-fs (loop2): Found nat_bits in checkpoint [ 136.135754][ T2695] loop0: detected capacity change from 0 to 512 [ 136.156648][ T2690] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 136.163593][ T2690] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 136.164213][ T2695] EXT4-fs (loop0): Quota format mount options ignored when QUOTA feature is enabled [ 136.181966][ T2695] [EXT4 FS bs=4096, gc=1, bpg=71, ipg=32, mo=a842c09c, mo2=0000] [ 136.189691][ T2695] System zones: 0-2, 18-18, 34-34 [ 136.196298][ T2695] EXT4-fs (loop0): 1 orphan inode deleted [ 136.202057][ T2695] EXT4-fs (loop0): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000001,stripe=0x0000000000000000,nolazytime,noquota,jqfmt=vfsold,minixdf,nodiscard,grpid,debug,,errors=continue. Quota mode: writeback. [ 136.224082][ T2695] ext4 filesystem being mounted at /71/file1 supports timestamps until 2038 (0x7fffffff) [ 136.245363][ T30] audit: type=1400 audit(1720409676.947:633): avc: denied { ioctl } for pid=2694 comm="syz.0.648" path="/71/file1/file0/.log" dev="incremental-fs" ino=3 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 136.270894][ T391] usb 5-1: Using ep0 maxpacket: 32 [ 136.272963][ T1739] EXT4-fs error (device loop0): ext4_empty_dir:3093: inode #11: comm syz-executor: Directory hole found for htree leaf block [ 136.290294][ T1739] EXT4-fs error (device loop0): ext4_empty_dir:3093: inode #11: comm syz-executor: Directory hole found for htree leaf block [ 136.304057][ T1739] EXT4-fs error (device loop0): ext4_empty_dir:3093: inode #11: comm syz-executor: Directory hole found for htree leaf block [ 136.317305][ T1739] EXT4-fs error (device loop0): ext4_empty_dir:3093: inode #11: comm syz-executor: Directory hole found for htree leaf block [ 136.330837][ T1739] EXT4-fs error (device loop0): ext4_empty_dir:3093: inode #11: comm syz-executor: Directory hole found for htree leaf block [ 136.344959][ T1739] EXT4-fs error (device loop0): ext4_empty_dir:3093: inode #11: comm syz-executor: Directory hole found for htree leaf block [ 136.358465][ T1739] EXT4-fs error (device loop0): ext4_empty_dir:3093: inode #11: comm syz-executor: Directory hole found for htree leaf block [ 136.372482][ T1739] EXT4-fs error (device loop0): ext4_empty_dir:3093: inode #11: comm syz-executor: Directory hole found for htree leaf block [ 136.385752][ T1739] EXT4-fs error (device loop0): ext4_empty_dir:3093: inode #11: comm syz-executor: Directory hole found for htree leaf block [ 136.398982][ T1739] EXT4-fs error (device loop0): ext4_empty_dir:3093: inode #11: comm syz-executor: Directory hole found for htree leaf block [ 136.590883][ T391] usb 5-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5 [ 136.599894][ T391] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 136.608007][ T391] usb 5-1: Product: syz [ 136.612091][ T391] usb 5-1: Manufacturer: syz [ 136.616472][ T391] usb 5-1: SerialNumber: syz [ 136.621767][ T391] usb 5-1: config 0 descriptor?? [ 136.631133][ T2702] bridge0: port 1(bridge_slave_0) entered blocking state [ 136.638320][ T2702] bridge0: port 1(bridge_slave_0) entered disabled state [ 136.645823][ T2702] device bridge_slave_0 entered promiscuous mode [ 136.654432][ T2702] bridge0: port 2(bridge_slave_1) entered blocking state [ 136.661410][ T2702] bridge0: port 2(bridge_slave_1) entered disabled state [ 136.662230][ T391] snd-usb-audio: probe of 5-1:0.0 failed with error -2 [ 136.669418][ T2702] device bridge_slave_1 entered promiscuous mode [ 136.720735][ T2702] bridge0: port 2(bridge_slave_1) entered blocking state [ 136.727653][ T2702] bridge0: port 2(bridge_slave_1) entered forwarding state [ 136.734797][ T2702] bridge0: port 1(bridge_slave_0) entered blocking state [ 136.741652][ T2702] bridge0: port 1(bridge_slave_0) entered forwarding state [ 136.767023][ T292] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 136.776042][ T292] bridge0: port 1(bridge_slave_0) entered disabled state [ 136.783369][ T292] bridge0: port 2(bridge_slave_1) entered disabled state [ 136.803958][ T312] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 136.812563][ T312] bridge0: port 1(bridge_slave_0) entered blocking state [ 136.819434][ T312] bridge0: port 1(bridge_slave_0) entered forwarding state [ 136.826812][ T312] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 136.835061][ T312] bridge0: port 2(bridge_slave_1) entered blocking state [ 136.842196][ T312] bridge0: port 2(bridge_slave_1) entered forwarding state [ 136.849382][ T312] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 136.864660][ T392] usb 5-1: USB disconnect, device number 12 [ 136.869311][ T2702] device veth0_vlan entered promiscuous mode [ 136.879921][ T312] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 136.888328][ T312] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 136.896437][ T312] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 136.903754][ T312] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 136.911004][ T312] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 136.923950][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 136.935078][ T2702] device veth1_macvtap entered promiscuous mode [ 136.945798][ T312] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 136.956308][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 137.021648][ T440] device bridge_slave_1 left promiscuous mode [ 137.027592][ T440] bridge0: port 2(bridge_slave_1) entered disabled state [ 137.035375][ T440] device bridge_slave_0 left promiscuous mode [ 137.035549][ T2710] sit: Dst spoofed 0.0.0.0/2002::bfd8:a5dd -> 224.0.0.1/2002:c021:42c4:3911:45ba:dd28:fd7f:ffc [ 137.041637][ T440] bridge0: port 1(bridge_slave_0) entered disabled state [ 137.059240][ T440] device veth1_macvtap left promiscuous mode [ 137.065193][ T440] device veth0_vlan left promiscuous mode [ 137.120816][ T6] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 137.423476][ T2713] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 137.448211][ T30] audit: type=1326 audit(1720409678.147:634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2715 comm="syz.4.655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36d52edbd9 code=0x7ffc0000 [ 137.468193][ T2716] blk_update_request: I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 137.472293][ T30] audit: type=1326 audit(1720409678.167:635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2715 comm="syz.4.655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36d52edbd9 code=0x7ffc0000 [ 137.482660][ T6] usb 3-1: config 0 has an invalid interface number: 32 but max is 0 [ 137.514080][ T2716] FAT-fs (loop9): unable to read boot sector [ 137.520065][ T30] audit: type=1326 audit(1720409678.167:636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2715 comm="syz.4.655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7f36d52edbd9 code=0x7ffc0000 [ 137.524763][ T6] usb 3-1: config 0 has no interface number 0 [ 137.549974][ T6] usb 3-1: config 0 interface 32 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 137.562564][ T6] usb 3-1: config 0 interface 32 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 137.572523][ T6] usb 3-1: New USB device found, idVendor=046d, idProduct=c71b, bcdDevice= 0.00 [ 137.581432][ T6] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 137.587878][ T30] audit: type=1326 audit(1720409678.167:637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2715 comm="syz.4.655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36d52edbd9 code=0x7ffc0000 [ 137.591747][ T6] usb 3-1: config 0 descriptor?? [ 137.622628][ T2721] loop4: detected capacity change from 0 to 2048 [ 137.622724][ T30] audit: type=1326 audit(1720409678.167:638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2715 comm="syz.4.655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36d52edbd9 code=0x7ffc0000 [ 137.652387][ T30] audit: type=1326 audit(1720409678.167:639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2715 comm="syz.4.655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f36d52edbd9 code=0x7ffc0000 [ 137.678882][ T30] audit: type=1326 audit(1720409678.217:640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2715 comm="syz.4.655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36d52edbd9 code=0x7ffc0000 [ 137.702113][ T30] audit: type=1326 audit(1720409678.217:641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2715 comm="syz.4.655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36d52edbd9 code=0x7ffc0000 [ 137.702851][ T2714] bridge0: port 1(bridge_slave_0) entered blocking state [ 137.732409][ T2714] bridge0: port 1(bridge_slave_0) entered disabled state [ 137.739835][ T2714] device bridge_slave_0 entered promiscuous mode [ 137.747412][ T2714] bridge0: port 2(bridge_slave_1) entered blocking state [ 137.754533][ T2714] bridge0: port 2(bridge_slave_1) entered disabled state [ 137.755915][ T2721] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 137.762002][ T2714] device bridge_slave_1 entered promiscuous mode [ 137.771964][ T2721] ext4 filesystem being mounted at /51/file0 supports timestamps until 2038 (0x7fffffff) [ 137.796756][ T2721] fs-verity (loop4, inode 13): fs-verity keyring is empty, rejecting signed file! [ 137.849727][ T2728] loop0: detected capacity change from 0 to 2048 [ 137.867091][ T2730] loop4: detected capacity change from 0 to 1024 [ 137.885726][ T2707] loop2: detected capacity change from 0 to 2048 [ 137.899204][ T2714] bridge0: port 2(bridge_slave_1) entered blocking state [ 137.902268][ T2728] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 137.906135][ T2714] bridge0: port 2(bridge_slave_1) entered forwarding state [ 137.923530][ T2714] bridge0: port 1(bridge_slave_0) entered blocking state [ 137.930388][ T2714] bridge0: port 1(bridge_slave_0) entered forwarding state [ 137.933687][ T2728] ext4 filesystem being mounted at /2/file0 supports timestamps until 2038 (0x7fffffff) [ 137.953639][ T2730] EXT4-fs error (device loop4): ext4_fill_super:4831: inode #2: comm syz.4.657: casefold flag without casefold feature [ 137.961804][ T2707] Alternate GPT is invalid, using primary GPT. [ 137.970596][ T392] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 137.972723][ T2730] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended [ 137.979863][ T2707] loop2: p1 p2 p3 [ 137.992955][ T392] bridge0: port 1(bridge_slave_0) entered disabled state [ 138.000604][ T392] bridge0: port 2(bridge_slave_1) entered disabled state [ 138.018830][ T2730] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 138.043548][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 138.052111][ T60] bridge0: port 1(bridge_slave_0) entered blocking state [ 138.058966][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state [ 138.070727][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 138.079043][ T60] bridge0: port 2(bridge_slave_1) entered blocking state [ 138.085915][ T60] bridge0: port 2(bridge_slave_1) entered forwarding state [ 138.096265][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 138.104182][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 138.111891][ T6] usbhid 3-1:0.32: can't add hid device: -71 [ 138.117880][ T6] usbhid: probe of 3-1:0.32 failed with error -71 [ 138.125688][ T6] usb 3-1: USB disconnect, device number 13 [ 138.140719][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 138.149316][ T2743] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 138.157807][ T2714] device veth0_vlan entered promiscuous mode [ 138.165106][ T312] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 138.176204][ T312] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 138.184869][ T312] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 138.200562][ T2714] device veth1_macvtap entered promiscuous mode [ 138.212875][ T292] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 138.229796][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 138.241883][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 138.282886][ T2745] loop3: detected capacity change from 0 to 2048 [ 138.323805][ T2742] loop0: detected capacity change from 0 to 40427 [ 138.352171][ T2742] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 138.360056][ T2742] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 138.362432][ T2745] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 138.369570][ T2742] F2FS-fs (loop0): invalid crc value [ 138.386013][ T2742] F2FS-fs (loop0): Found nat_bits in checkpoint [ 138.411755][ T2742] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 138.418670][ T2742] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 138.485247][ T312] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 138.512182][ T10] device bridge_slave_1 left promiscuous mode [ 138.518245][ T10] bridge0: port 2(bridge_slave_1) entered disabled state [ 138.525689][ T10] device bridge_slave_0 left promiscuous mode [ 138.531780][ T10] bridge0: port 1(bridge_slave_0) entered disabled state [ 138.539650][ T10] device veth1_macvtap left promiscuous mode [ 138.545688][ T10] device veth0_vlan left promiscuous mode [ 139.476265][ T2764] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 139.504405][ T2767] loop2: detected capacity change from 0 to 2048 [ 139.580895][ T312] usb 5-1: Using ep0 maxpacket: 32 [ 139.606231][ T2767] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 139.622464][ T30] audit: type=1326 audit(1720409680.327:642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2772 comm="syz.0.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b69426bd9 code=0x7ffc0000 [ 139.627966][ T2767] ext4 filesystem being mounted at /17/file0 supports timestamps until 2038 (0x7fffffff) [ 139.647496][ T2773] blk_update_request: I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 139.667076][ T2773] FAT-fs (loop1): unable to read boot sector [ 139.686709][ T2767] fs-verity (loop2, inode 13): fs-verity keyring is empty, rejecting signed file! [ 139.701298][ T312] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 139.711697][ T312] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 139.722848][ T312] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 139.735789][ T312] usb 5-1: New USB device found, idVendor=1b96, idProduct=000a, bcdDevice= 0.00 [ 139.744862][ T312] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 139.745128][ T2759] netlink: 12 bytes leftover after parsing attributes in process `syz.3.663'. [ 139.753410][ T2776] sit: Dst spoofed 0.0.0.0/2002::bfd8:a5dd -> 224.0.0.1/2002:c021:42c4:3911:45ba:dd28:fd7f:ffc [ 139.771895][ T2762] sch_tbf: peakrate 3 is lower than or equals to rate 1143518112591568713 ! [ 139.797142][ T312] usb 5-1: config 0 descriptor?? [ 139.808035][ T2778] loop2: detected capacity change from 0 to 2048 [ 139.855921][ T2785] loop3: detected capacity change from 0 to 2048 [ 139.867546][ T2765] bridge0: port 1(bridge_slave_0) entered blocking state [ 139.872399][ T2778] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 139.874747][ T2765] bridge0: port 1(bridge_slave_0) entered disabled state [ 139.885133][ T2778] ext4 filesystem being mounted at /18/file0 supports timestamps until 2038 (0x7fffffff) [ 139.892349][ T2765] device bridge_slave_0 entered promiscuous mode [ 139.909401][ T2765] bridge0: port 2(bridge_slave_1) entered blocking state [ 139.916314][ T2765] bridge0: port 2(bridge_slave_1) entered disabled state [ 139.923855][ T2765] device bridge_slave_1 entered promiscuous mode [ 139.966310][ T2785] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 140.025647][ T2765] bridge0: port 2(bridge_slave_1) entered blocking state [ 140.026134][ T2793] loop2: detected capacity change from 0 to 256 [ 140.032696][ T2765] bridge0: port 2(bridge_slave_1) entered forwarding state [ 140.032798][ T2765] bridge0: port 1(bridge_slave_0) entered blocking state [ 140.043322][ T2793] exfat: Deprecated parameter 'namecase' [ 140.045864][ T2765] bridge0: port 1(bridge_slave_0) entered forwarding state [ 140.053012][ T2793] exfat: Deprecated parameter 'utf8' [ 140.084503][ T45] Bluetooth: hci0: Frame reassembly failed (-84) [ 140.084689][ T2793] exfat: Deprecated parameter 'namecase' [ 140.098980][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 140.108602][ T60] bridge0: port 1(bridge_slave_0) entered disabled state [ 140.116587][ T60] bridge0: port 2(bridge_slave_1) entered disabled state [ 140.125362][ T2793] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d) [ 140.144441][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 140.152770][ T6] bridge0: port 1(bridge_slave_0) entered blocking state [ 140.159712][ T6] bridge0: port 1(bridge_slave_0) entered forwarding state [ 140.167990][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 140.176063][ T6] bridge0: port 2(bridge_slave_1) entered blocking state [ 140.182932][ T6] bridge0: port 2(bridge_slave_1) entered forwarding state [ 140.209176][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 140.217989][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 140.226573][ T2798] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 140.247828][ T2765] device veth0_vlan entered promiscuous mode [ 140.256249][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 140.264960][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 140.273414][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 140.275211][ T2802] blk_update_request: I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 140.281622][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 140.292646][ T2802] FAT-fs (loop7): unable to read boot sector [ 140.306253][ T312] ntrig 0003:1B96:000A.000B: unknown main item tag 0x0 [ 140.318444][ T312] ntrig 0003:1B96:000A.000B: unknown main item tag 0x0 [ 140.336619][ T2765] device veth1_macvtap entered promiscuous mode [ 140.342867][ T312] ntrig 0003:1B96:000A.000B: unknown main item tag 0x0 [ 140.349503][ T312] ntrig 0003:1B96:000A.000B: unknown main item tag 0x0 [ 140.385336][ T312] ntrig 0003:1B96:000A.000B: unknown main item tag 0x0 [ 140.393077][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 140.405086][ T312] ntrig 0003:1B96:000A.000B: hidraw0: USB HID v0.00 Device [HID 1b96:000a] on usb-dummy_hcd.4-1/input0 [ 140.417145][ T2806] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow [ 140.417420][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 140.436084][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 140.504450][ T2804] loop3: detected capacity change from 0 to 40427 [ 140.551614][ T2804] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 140.566672][ T2804] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 140.577234][ T2804] F2FS-fs (loop3): invalid crc value [ 140.584301][ T2804] F2FS-fs (loop3): Found nat_bits in checkpoint [ 140.591175][ T26] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 140.627684][ T312] usb 5-1: USB disconnect, device number 13 [ 140.696544][ T2815] netlink: 12 bytes leftover after parsing attributes in process `syz.0.679'. [ 140.770675][ T2804] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 140.778905][ T2804] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 140.817180][ T2816] sch_tbf: peakrate 3 is lower than or equals to rate 1143518112591568713 ! [ 140.890893][ T20] usb 2-1: new high-speed USB device number 18 using dummy_hcd [ 141.011633][ T10] device bridge_slave_1 left promiscuous mode [ 141.018775][ T10] bridge0: port 2(bridge_slave_1) entered disabled state [ 141.027268][ T10] device bridge_slave_0 left promiscuous mode [ 141.033885][ T26] usb 3-1: config 0 has an invalid interface number: 32 but max is 0 [ 141.033982][ T10] bridge0: port 1(bridge_slave_0) entered disabled state [ 141.042488][ T26] usb 3-1: config 0 has no interface number 0 [ 141.056958][ T26] usb 3-1: config 0 interface 32 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 141.068728][ T26] usb 3-1: config 0 interface 32 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 141.069028][ T10] device veth1_macvtap left promiscuous mode [ 141.078767][ T26] usb 3-1: New USB device found, idVendor=046d, idProduct=c71b, bcdDevice= 0.00 [ 141.085256][ T10] device veth0_vlan left promiscuous mode [ 141.093895][ T26] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 141.109182][ T26] usb 3-1: config 0 descriptor?? [ 141.151165][ T20] usb 2-1: Using ep0 maxpacket: 32 [ 141.274800][ T2828] loop4: detected capacity change from 0 to 2048 [ 141.352719][ T2828] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 141.361855][ T2800] loop2: detected capacity change from 0 to 2048 [ 141.364145][ T2828] ext4 filesystem being mounted at /55/file0 supports timestamps until 2038 (0x7fffffff) [ 141.406961][ T2800] Alternate GPT is invalid, using primary GPT. [ 141.413135][ T2800] loop2: p1 p2 p3 [ 141.423077][ T2834] loop0: detected capacity change from 0 to 2048 [ 141.461904][ T2836] loop4: detected capacity change from 0 to 512 [ 141.463014][ T2834] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 141.479944][ T2836] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 141.494543][ T2836] EXT4-fs error (device loop4): ext4_orphan_get:1397: inode #15: comm syz.4.685: casefold flag without casefold feature [ 141.507153][ T20] usb 2-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5 [ 141.518577][ T2836] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: inode #12: comm syz.4.685: missing EA_INODE flag [ 141.531312][ T26] usbhid 3-1:0.32: can't add hid device: -71 [ 141.537392][ T26] usbhid: probe of 3-1:0.32 failed with error -71 [ 141.542717][ T20] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 141.553474][ T2836] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.685: error while reading EA inode 12 err=-117 [ 141.558459][ T26] usb 3-1: USB disconnect, device number 14 [ 141.568874][ T20] usb 2-1: Product: syz [ 141.574888][ T2836] EXT4-fs (loop4): 1 orphan inode deleted [ 141.577399][ T20] usb 2-1: Manufacturer: syz [ 141.582990][ T2836] EXT4-fs (loop4): mounted filesystem without journal. Opts: dioread_nolock,journal_dev=0x0000000000000006,quota,noinit_itable,errors=continue,errors=continue,errors=remount-ro,delalloc,auto_da_alloc,norecovery,errors=continue,journal_ioprio=0x0000000000000001,. Quota mode: writeback. [ 141.589336][ T20] usb 2-1: SerialNumber: syz [ 141.629555][ T20] usb 2-1: config 0 descriptor?? [ 141.687959][ T20] snd-usb-audio: probe of 2-1:0.0 failed with error -2 [ 141.701450][ T318] Bluetooth: hci0: Frame reassembly failed (-84) [ 141.729524][ T2844] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 141.750189][ T2846] FAULT_INJECTION: forcing a failure. [ 141.750189][ T2846] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 141.763641][ T2846] CPU: 0 PID: 2846 Comm: syz.4.688 Tainted: G W 5.15.150-syzkaller-00330-g9044d25b8ff5 #0 [ 141.774965][ T2846] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 141.784881][ T2846] Call Trace: [ 141.787972][ T2846] [ 141.790760][ T2846] dump_stack_lvl+0x151/0x1b7 [ 141.795329][ T2846] ? io_uring_drop_tctx_refs+0x190/0x190 [ 141.800742][ T2846] dump_stack+0x15/0x17 [ 141.804746][ T2846] should_fail+0x3c6/0x510 [ 141.808978][ T2846] should_fail_usercopy+0x1a/0x20 [ 141.813836][ T2846] strncpy_from_user+0x24/0x2d0 [ 141.818881][ T2846] ? kmem_cache_alloc+0xf5/0x200 [ 141.823643][ T2846] getname_flags+0xf2/0x520 [ 141.827983][ T2846] ? mutex_unlock+0xb2/0x260 [ 141.832407][ T2846] user_path_at_empty+0x2d/0x1a0 [ 141.837177][ T2846] __se_sys_utimes+0x128/0x380 [ 141.841775][ T2846] ? __x64_sys_utimes+0x70/0x70 [ 141.846464][ T2846] ? ksys_write+0x260/0x2c0 [ 141.850943][ T2846] ? debug_smp_processor_id+0x17/0x20 [ 141.856150][ T2846] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 141.862047][ T2846] __x64_sys_utimes+0x5b/0x70 [ 141.866652][ T2846] do_syscall_64+0x3d/0xb0 [ 141.871199][ T2846] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 141.876927][ T2846] RIP: 0033:0x7f36d52edbd9 [ 141.880895][ T26] usb 2-1: USB disconnect, device number 18 [ 141.881290][ T2846] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 141.906544][ T2846] RSP: 002b:00007f36d456f048 EFLAGS: 00000246 ORIG_RAX: 00000000000000eb [ 141.914777][ T2846] RAX: ffffffffffffffda RBX: 00007f36d547bf60 RCX: 00007f36d52edbd9 [ 141.922675][ T2846] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000540 [ 141.930600][ T2846] RBP: 00007f36d456f0a0 R08: 0000000000000000 R09: 0000000000000000 [ 141.938431][ T2846] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 141.946227][ T2846] R13: 000000000000000b R14: 00007f36d547bf60 R15: 00007ffda1589d48 [ 141.954035][ T2846] [ 141.992147][ T2851] loop0: detected capacity change from 0 to 1024 [ 142.069378][ T2851] EXT4-fs error (device loop0): ext4_fill_super:4831: inode #2: comm syz.0.691: casefold flag without casefold feature [ 142.082633][ T2851] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended [ 142.093637][ T2851] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 142.163564][ T30] kauditd_printk_skb: 11 callbacks suppressed [ 142.163581][ T30] audit: type=1326 audit(1720409682.867:654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2862 comm="syz.3.694" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa96a658bd9 code=0x7ffc0000 [ 142.196558][ T2864] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 142.197236][ T2863] blk_update_request: I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 142.218041][ T2863] FAT-fs (loop7): unable to read boot sector [ 142.224056][ T30] audit: type=1326 audit(1720409682.897:655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2862 comm="syz.3.694" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7fa96a658bd9 code=0x7ffc0000 [ 142.273002][ T2856] loop2: detected capacity change from 0 to 40427 [ 142.279567][ T30] audit: type=1326 audit(1720409682.897:656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2862 comm="syz.3.694" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa96a658bd9 code=0x7ffc0000 [ 142.304684][ T30] audit: type=1326 audit(1720409682.897:657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2862 comm="syz.3.694" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7fa96a658bd9 code=0x7ffc0000 [ 142.329350][ T30] audit: type=1326 audit(1720409682.947:658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2862 comm="syz.3.694" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa96a658bd9 code=0x7ffc0000 [ 142.353963][ T2866] loop3: detected capacity change from 0 to 2048 [ 142.372559][ T2856] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 142.380268][ T2856] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 142.390405][ T2856] F2FS-fs (loop2): invalid crc value [ 142.397969][ T2866] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 142.398204][ T2856] F2FS-fs (loop2): Found nat_bits in checkpoint [ 142.409165][ T2866] ext4 filesystem being mounted at /13/file0 supports timestamps until 2038 (0x7fffffff) [ 142.446771][ T2856] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 142.453801][ T2856] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 142.487697][ T2874] loop3: detected capacity change from 0 to 2048 [ 142.526403][ T292] usb 1-1: new high-speed USB device number 21 using dummy_hcd [ 142.544653][ T2874] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 143.568291][ T2881] netlink: 12 bytes leftover after parsing attributes in process `syz.1.697'. [ 143.577403][ T2881] sch_tbf: peakrate 3 is lower than or equals to rate 1143518112591568713 ! [ 143.599139][ T2887] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 143.611615][ T2884] FAULT_INJECTION: forcing a failure. [ 143.611615][ T2884] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 143.624455][ T2884] CPU: 0 PID: 2884 Comm: syz.3.698 Tainted: G W 5.15.150-syzkaller-00330-g9044d25b8ff5 #0 [ 143.635908][ T2884] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 143.645806][ T2884] Call Trace: [ 143.648926][ T2884] [ 143.651708][ T2884] dump_stack_lvl+0x151/0x1b7 [ 143.656215][ T2884] ? io_uring_drop_tctx_refs+0x190/0x190 [ 143.661685][ T2884] ? __update_load_avg_cfs_rq+0xb1/0x2f0 [ 143.667159][ T2884] dump_stack+0x15/0x17 [ 143.671170][ T2884] should_fail+0x3c6/0x510 [ 143.676094][ T2884] should_fail_usercopy+0x1a/0x20 [ 143.680952][ T2884] strncpy_from_user+0x24/0x2d0 [ 143.685638][ T2884] ? update_load_avg+0x43a/0x1150 [ 143.690511][ T2884] strncpy_from_user_nofault+0x73/0x150 [ 143.695887][ T2884] bpf_probe_read_compat_str+0xec/0x180 [ 143.701264][ T2884] bpf_prog_e42f6260c1b72fb3+0x35/0xc5c [ 143.706649][ T2884] bpf_trace_run3+0x11e/0x250 [ 143.711235][ T2884] ? bpf_trace_run2+0x210/0x210 [ 143.715848][ T2884] ? __this_cpu_preempt_check+0x13/0x20 [ 143.721225][ T2884] ? tracing_record_taskinfo_sched_switch+0x84/0x390 [ 143.727735][ T2884] ? __bpf_trace_sched_wakeup_template+0x10/0x10 [ 143.733895][ T2884] __bpf_trace_sched_switch+0xb/0x10 [ 143.739043][ T2884] __traceiter_sched_switch+0x85/0xc0 [ 143.744226][ T2884] __schedule+0x134b/0x1590 [ 143.748571][ T2884] ? __sched_text_start+0x8/0x8 [ 143.753253][ T2884] ? _raw_spin_unlock_irqrestore+0x5c/0x80 [ 143.758896][ T2884] ? prepare_to_wait_event+0x3e6/0x420 [ 143.764189][ T2884] schedule+0x11f/0x1e0 [ 143.768185][ T2884] wb_wait_for_completion+0x151/0x270 [ 143.773389][ T2884] ? __bpf_trace_writeback_inode_template+0x30/0x30 [ 143.779811][ T2884] ? io_schedule+0x120/0x120 [ 143.784248][ T2884] ? avc_has_perm_noaudit+0x2dd/0x430 [ 143.789560][ T2884] __writeback_inodes_sb_nr+0x2ce/0x370 [ 143.794951][ T2884] ? writeback_inodes_sb_nr+0x30/0x30 [ 143.800148][ T2884] ? avc_has_perm+0x16f/0x260 [ 143.804671][ T2884] ? cpumask_next+0x8a/0xb0 [ 143.809004][ T2884] ? get_nr_dirty_inodes+0x278/0x300 [ 143.814127][ T2884] writeback_inodes_sb+0x74/0x80 [ 143.818901][ T2884] sync_filesystem+0xa8/0x250 [ 143.823409][ T2884] ? cap_capable+0x1d2/0x270 [ 143.827850][ T2884] ext4_quota_off+0xd5/0x3f0 [ 143.832261][ T2884] ? ext4_quota_on+0x680/0x680 [ 143.836883][ T2884] quota_quotaoff+0x102/0x150 [ 143.841375][ T2884] do_quotactl+0x403/0x620 [ 143.845629][ T2884] __se_sys_quotactl_fd+0x271/0x3c0 [ 143.850767][ T2884] __x64_sys_quotactl_fd+0x9b/0xb0 [ 143.855701][ T2884] do_syscall_64+0x3d/0xb0 [ 143.859951][ T2884] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 143.865679][ T2884] RIP: 0033:0x7fa96a658bd9 [ 143.869932][ T2884] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 143.889372][ T2884] RSP: 002b:00007fa9698da048 EFLAGS: 00000246 ORIG_RAX: 00000000000001bb [ 143.897616][ T2884] RAX: ffffffffffffffda RBX: 00007fa96a7e6f60 RCX: 00007fa96a658bd9 [ 143.905429][ T2884] RDX: 0000000000000000 RSI: ffffffff80000302 RDI: 0000000000000008 [ 143.913241][ T2884] RBP: 00007fa9698da0a0 R08: 0000000000000000 R09: 0000000000000000 [ 143.921050][ T2884] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 143.928862][ T2884] R13: 000000000000000b R14: 00007fa96a7e6f60 R15: 00007fff6d9a4ef8 [ 143.936678][ T2884] [ 144.020816][ T292] usb 1-1: Using ep0 maxpacket: 32 [ 144.137155][ T45] Bluetooth: hci0: Frame reassembly failed (-84) [ 144.143596][ T292] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 144.162150][ T292] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 144.173420][ T292] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 SYZFAIL: bad allocate request allocated=0 size=18446744073709551130/18446744073709551136 (errno 11: Resource temporarily unavailable) [ 144.186570][ T292] usb 1-1: New USB device found, idVendor=1b96, idProduct=000a, bcdDevice= 0.00 [ 144.187072][ T2906] sit: Dst spoofed 0.0.0.0/2002::bfd8:a5dd -> 224.0.0.1/2002:c021:42c4:3911:45ba:dd28:fd7f:ffc [ 144.195829][ T292] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 144.218675][ T292] usb 1-1: config 0 descriptor?? [ 144.271634][ T60] usb 2-1: new high-speed USB device number 19 using dummy_hcd [ 144.480874][ T292] usbhid 1-1:0.0: can't add hid device: -71 [ 144.486616][ T292] usbhid: probe of 1-1:0.0 failed with error -71 [ 144.496375][ T292] usb 1-1: USB disconnect, device number 21 [ 145.351926][ T10] device bridge_slave_1 left promiscuous mode [ 145.358018][ T10] bridge0: port 2(bridge_slave_1) entered disabled state [ 145.365350][ T10] device bridge_slave_0 left promiscuous mode [ 145.371299][ T10] bridge0: port 1(bridge_slave_0) entered disabled state [ 145.378966][ T10] device bridge_slave_1 left promiscuous mode [ 145.384967][ T10] bridge0: port 2(bridge_slave_1) entered disabled state [ 145.392288][ T10] device bridge_slave_0 left promiscuous mode [ 145.398201][ T10] bridge0: port 1(bridge_slave_0) entered disabled state [ 145.405844][ T10] device bridge_slave_1 left promiscuous mode [ 145.411805][ T10] bridge0: port 2(bridge_slave_1) entered disabled state [ 145.418937][ T10] device bridge_slave_0 left promiscuous mode [ 145.424951][ T10] bridge0: port 1(bridge_slave_0) entered disabled state [ 145.432787][ T10] device veth1_macvtap left promiscuous mode [ 145.438580][ T10] device veth0_vlan left promiscuous mode [ 145.444459][ T10] device veth1_macvtap left promiscuous mode [ 145.450264][ T10] device veth0_vlan left promiscuous mode [ 145.456071][ T10] device veth1_macvtap left promiscuous mode [ 145.461907][ T10] device veth0_vlan left promiscuous mode [ 147.671554][ T10] device bridge_slave_1 left promiscuous mode [ 147.677502][ T10] bridge0: port 2(bridge_slave_1) entered disabled state [ 147.684856][ T10] device bridge_slave_0 left promiscuous mode [ 147.690847][ T10] bridge0: port 1(bridge_slave_0) entered disabled state [ 147.698561][ T10] device bridge_slave_1 left promiscuous mode [ 147.704606][ T10] bridge0: port 2(bridge_slave_1) entered disabled state [ 147.712066][ T10] device bridge_slave_0 left promiscuous mode [ 147.717985][ T10] bridge0: port 1(bridge_slave_0) entered disabled state [ 147.725662][ T10] device veth1_macvtap left promiscuous mode [ 147.731481][ T10] device veth0_vlan left promiscuous mode [ 147.737127][ T10] device veth1_macvtap left promiscuous mode [ 147.742879][ T10] device veth0_vlan left promiscuous mode