last executing test programs: 5.457866963s ago: executing program 2 (id=14888): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x5}, 0x48) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r2 = socket$inet6(0xa, 0x3, 0x88) setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000280)={{{@in=@private, @in=@private, 0x0, 0x0, 0x0, 0xc6ae, 0xa}}, {{@in6=@mcast1, 0x0, 0x6c}, 0x0, @in=@multicast1}}, 0xe8) mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x2000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x3}, 0x48) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0xfffffffa, 0x6, 0x0, 0xffffffffffffffff, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x1}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r3}, &(0x7f0000000800), &(0x7f0000000840)=r4}, 0x20) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) rt_sigaction(0x19, &(0x7f0000000000)={0xfffffffffffffffc, 0x44000006, 0x0}, 0x0, 0x8, &(0x7f0000000440)) r6 = memfd_create(&(0x7f00000006c0)='\x00\xac=\x9d\xd2\xdb\xe6\xbf\xb4\xf2\xed\x04\x00\x00\x00\xd4N\x12\x9b\x1f\t\xd1Z+\x86T\x16\xf8\x01\x00\x00\x00\x9f+\x8d!\x0fG\xab\xc2\xdc\xa3\xb3\xae8\x9f9?\xefo\xa4k\x01\xb2>\xa1\x9c\x86xm\xe6\x9bZ4\x91\x1a\xdb\xdd\x89\xb9\xc0LF;\xd6\x84\x195\x06\x00\x00\x00~\xf3S\x12\"p^\xc1jP\x8a\xc6[\xbd\xe7q]\xdd\r\x1aZS\x01*\x1b\xfd\xbcMA\xdcq\xa1\x00\xb3\xf9\x91r\x7f\xdc\xf1\xc3G,\xdb\xccS\x15\x95b\x17\xab\xe4?\x96\x95\xa4kP\x99YO\xb8V\xd5p\x90X\xaaf', 0x0) fallocate(r6, 0x0, 0x400000000000000, 0x7) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x2, 0xc, &(0x7f00000008c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRESDEC=r5, @ANYBLOB="000000000008000000080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000072000000000000004300000095f44b662343dad9c3439efd19d506761a5afc13315c9d6a7ce923f430a536eb6adb15ff41083ff55473370f599d3f3db553722d5dd012d2925df38fdfe9513f6081b048d107e3ffe1e2da2e6b50ee2426f22208673f5c1c8462ad9b7daaedb98cd221bf30bce2cfa1ab8b6eb08b545d393c03fad3baf044de9a3c78776613e2bd1634ab29c1aba539f9b21498c620bd32dd2e30fc"], 0x0, 0x7, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, 0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000003c0)='rxrpc_rx_data\x00', r7}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006}]}) r8 = syz_open_procfs(0xffffffffffffffff, 0x0) syz_emit_ethernet(0x66, &(0x7f0000004680)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd6000ed0000303a00fe800000000002000000000000001cd8ff0200000000000000000000000000010300907800000000705dce0900003b00ff01000000000000000000000000000100000000000000000000ffff00000000"], 0x0) prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1) execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file2\x00', 0x0, 0x0, 0x0) r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0x0, 0x2, 0x2, 0x4, 0x5}, 0x48) r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000deffffff0000000000181100007047067e22ac9229a08fc27223c5270310756fe1dad75a902514bcabac455d9f191b3ed2a771195b6889c3aa7c755492fe8532ef39e5a4df6f7a65740c07f218c7a45e1b5d2b64ecc1e512eacc509d399bc98f797f5590420a4f6248e017bf2b6781d85520df212bc2d550427bcdf31da8cafa14fcaf7523264a7cadcb0367400b8855891b6c23c0d56a19d3a5d84f9483b070db746456e16aa1fb0b1b09e41b67230251ef035fb6608d61980dfc81ea5bbe9a00b7abb7780d6d4206fbeaf8043ef073b4ed580c4a9242a8c6d0a6157b6e6de302096e8a3bc15a1515e77cccee5233142342cc629763cf5b90f6d76d45363f792391941654baf8c98470505b7ffd5a53674a812318918a34911d8bfb620b1b07b10f", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ioctl$BTRFS_IOC_START_SYNC(r10, 0x80089418, &(0x7f0000000080)=0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x15, 0xc, &(0x7f0000000c00)=ANY=[@ANYRES8=r11, @ANYRESDEC=r4, @ANYRESDEC=r8, @ANYRESHEX=r12, @ANYBLOB="e91c97feb3e3d56474d3e40653783f429b54cea5c99f6e0e4cede324dee8bea49de0526fc00ed8aa31e0803649f89f99b7d9f99702f86861b06fd3d81fc6b12a2acb81e1ebd42d69e9a51ded007a7bd298b778", @ANYRES16=r3, @ANYRESHEX=0x0, @ANYRESHEX=r0, @ANYRESHEX=r12], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) syz_emit_ethernet(0x83, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030486dd601b8b97000288c19e9ace00000000000000002100000002ff020000000000000000000000000001"], 0x0) syz_open_pts(r1, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) 4.333501466s ago: executing program 2 (id=14896): mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x0, 0x5, 0x2, 0x1000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) pause() 3.761995692s ago: executing program 1 (id=14897): bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) syz_open_procfs(0x0, &(0x7f0000000040)='oom_score_adj\x00') write$uinput_user_dev(0xffffffffffffffff, &(0x7f00000003c0)={'syz0\x00', {0x0, 0x0, 0x0, 0x400}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x4], [0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0xd], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0xfffffffd, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x0, 0xffffffff, 0x3fffffe, 0x0, 0x7], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe]}, 0x45c) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000400)=ANY=[], 0x8) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000240)='bridge0\x00', 0x10) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000280)='fib_table_lookup\x00', r1}, 0x10) r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) r3 = dup3(0xffffffffffffffff, r2, 0x0) mmap$binder(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1, 0x11, 0xffffffffffffffff, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000040)) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000500)={0x4c, 0x0, &(0x7f0000000580)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0}) openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0) r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xb, &(0x7f0000000280)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x46, 0x0, 0x0, 0x0, 0x2000000}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10) eventfd2(0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) bind$xdp(0xffffffffffffffff, &(0x7f0000000240)={0x2c, 0x1}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10) ppoll(&(0x7f0000000500)=[{r4}], 0x1, 0x0, 0x0, 0x0) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x80000004, 0x0, 0x10000}, 0x0, &(0x7f00000003c0)={0x3ff}, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x0, 0x0, 0x4, 0x4, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000200)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x48, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 3.497770753s ago: executing program 2 (id=14898): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) r3 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$UI_SET_EVBIT(0xffffffffffffffff, 0x40045564, 0x12) ioctl$UI_DEV_SETUP(r3, 0x405c5503, &(0x7f0000000380)={{}, 'syz1\x00'}) ioctl$UI_DEV_SETUP(r3, 0x5501, 0x0) r4 = syz_open_dev$tty20(0xc, 0x4, 0x0) r5 = dup(r4) write$uinput_user_dev(r5, &(0x7f00000004c0)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff3249, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0xfffffffc], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6], [0x0, 0x80000001, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x2], [0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000]}, 0x45c) r6 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_ipv6_tunnel_SIOCGET6RD(r6, 0x8970, &(0x7f0000000200)={'gre0\x00', 0x0}) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000b80)=ANY=[@ANYBLOB="4400000000010104000000000000000002000000300002802c00018014000300ff0100000000000000000000000000010000000100"/68], 0x44}}, 0x0) r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r9 = accept4$bt_l2cap(0xffffffffffffffff, &(0x7f00000001c0), &(0x7f0000000200)=0xe, 0x400) setsockopt$bt_l2cap_L2CAP_CONNINFO(r9, 0x6, 0x2, &(0x7f0000000280)={0x4, "291709"}, 0x6) r10 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x7, 0x10000, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000024c0)={0x0, 0xc, &(0x7f0000002580)=ANY=[@ANYBLOB="077243effcc0d4d30900000000000009000000fb30d16153798ecb476518110000", @ANYRES32=r10, @ANYRES32=r6, @ANYRES32=r4, @ANYRESHEX=r7, @ANYRES8=r1, @ANYRESOCT=r7], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000dc0)={&(0x7f0000000300)='neigh_update\x00', r11}, 0x10) r12 = socket$inet_udplite(0x2, 0x2, 0x88) eventfd(0x0) r13 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='fdinfo/3\x00') read$FUSE(r13, &(0x7f0000000400)={0x2020}, 0x2020) ioctl$sock_inet_SIOCSARP(r12, 0x8955, &(0x7f0000000040)={{0x2, 0x0, @multicast2}, {}, 0x0, {0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 'ip6gre0\x00'}) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r8) 3.289364421s ago: executing program 2 (id=14901): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000800000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) lgetxattr(&(0x7f0000000240)='./file0\x00', &(0x7f00000020c0)=@known='user.incfs.metadata\x00', 0x0, 0x2) 3.288557561s ago: executing program 4 (id=14902): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500"], 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) lgetxattr(&(0x7f0000000240)='./file0\x00', &(0x7f00000020c0)=@known='user.incfs.metadata\x00', 0x0, 0x2) 3.267799143s ago: executing program 3 (id=14903): bpf$MAP_CREATE(0x0, 0x0, 0x0) mkdirat(0xffffffffffffffff, &(0x7f00000001c0)='./cgroup\x00', 0x4c) prlimit64(0x0, 0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000380)=@file={0x0, './cgroup\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r3 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket(0x10, 0x803, 0x0) sendmsg$nl_route_sched(r5, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0) write$binfmt_script(0xffffffffffffffff, &(0x7f0000000500)={'#! ', './cgroup', [{0x20, 'tbf\x00'}, {0x20, '&'}, {0x20, '\x00'}], 0xa, "67f7e97c57175ce6980bc917166b71e621221ad6bab8ebc8bebb8094b882a49b0e63cf2aef9745f50122abf6aabd04ad86f8f22ec902e3ecd5abc7e7d60c2e06363ab52a0428b007126eee300efd7764863cdbd9e22c32a56cad443dab22b64fd6c2a9637640a7819b6bba74b3ed4f3ebc59fcc46d2cc0a6280688eadd36ac9b06244ac180eab46884fe97447524499017645756445a0d1fb1d1eb764b1bb5e8e9e3be9312a1d4b68521fc9a5825e456f788a0726b14155bcc09d720dba00cde6dba6df329a91512ec"}, 0xde) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14) sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r6, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000a40)=@newqdisc={0x470, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}, {0x7}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x444, 0x2, [@TCA_TBF_RATE64={0xc, 0x4, 0xfde97aa2f3edf49}, @TCA_TBF_PTAB={0x404, 0x3, [0x7, 0x5, 0x1, 0x7, 0x2, 0x1ff, 0x80f6, 0x8, 0xc, 0x0, 0x401, 0x4, 0x1ff, 0x1000, 0xffffff00, 0x7, 0x4, 0x6, 0x7, 0xbf, 0x1, 0x5, 0x4, 0x6, 0x10, 0x4, 0x6, 0x6, 0x0, 0xdc31, 0x6, 0x100, 0x8, 0x7, 0x0, 0x3, 0x7, 0x8, 0x8, 0x5, 0x9, 0x1, 0x0, 0x82e, 0x97a, 0x3ff, 0x9, 0x6, 0x7fff, 0x8, 0x40, 0xfffffffb, 0xe0, 0x8, 0x71, 0x8, 0x0, 0x0, 0x0, 0x0, 0x400, 0x2, 0x2, 0xe, 0x1, 0x4, 0x8000, 0x80000001, 0x7, 0xd, 0x0, 0x1, 0x60, 0x400, 0x8, 0x9, 0x0, 0x6, 0x6, 0x3baa, 0x6, 0x0, 0x3, 0x2, 0x3, 0x6f3, 0x3, 0x4, 0xffffb12a, 0x6, 0x5, 0x10000, 0x4, 0x8, 0x3, 0x53c, 0xaafc, 0x0, 0x7, 0x4, 0x1000, 0x7, 0xff, 0x200000, 0x1, 0x1, 0x0, 0xa96, 0x2, 0xfffffff7, 0x7f, 0x108b, 0x6, 0x0, 0x3, 0x7ff, 0xdf49, 0x0, 0x0, 0xfffffffb, 0x0, 0xfff, 0x1e, 0x365, 0x7, 0x8, 0xf, 0x4, 0x9, 0x6, 0x3d, 0x5, 0x6, 0x0, 0x7, 0x40, 0x21, 0x8, 0x9, 0xb, 0xfffffff7, 0x7, 0x6, 0x8, 0x5, 0x0, 0xa4, 0x9, 0x4, 0xff, 0x761a, 0xffff, 0xb7c, 0x1, 0x10000, 0x2, 0x4, 0x2, 0x1, 0x7, 0x3, 0x4, 0x4, 0x6, 0x0, 0x9, 0xffffffff, 0xfffffff9, 0x0, 0x6, 0x4, 0x9, 0x0, 0x401, 0x47, 0x1, 0x4aa, 0x0, 0x8, 0x3, 0x10006, 0x124, 0xfd, 0x4, 0x8, 0x6, 0x6, 0x9, 0x9, 0x2, 0x40, 0xf86, 0x0, 0x9, 0x5, 0x2, 0xca7, 0x6, 0x100, 0x3, 0x9, 0x2, 0x1, 0x8, 0x6, 0x6, 0x4d0e, 0x9, 0x1000, 0x6, 0x9c00, 0xc, 0x5, 0x0, 0xbd3, 0xffff, 0xa95, 0xfffffff8, 0x1, 0xff, 0x36, 0x8, 0x401, 0x7, 0x5dcd3fc3, 0x0, 0xffffa81a, 0x200411, 0x4, 0x6, 0xfffffff7, 0x0, 0xe766, 0x8, 0x4, 0x0, 0x10000004, 0x8, 0x5, 0x4, 0xb, 0x4, 0x1, 0x9, 0x8, 0x8, 0x80000001, 0x9, 0x7fff, 0x5, 0xc6, 0x4000000, 0x9, 0x4, 0x0, 0x9]}, @TCA_TBF_PARMS={0x28, 0x1, {{}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x81}}, @TCA_TBF_BURST={0x8, 0x6, 0xaf}]}}]}, 0x470}}, 0x0) 3.248861444s ago: executing program 2 (id=14904): bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f000000d000)={0xa, 0x3, &(0x7f0000000b40)=ANY=[@ANYBLOB="850000002200000007000000000000089500000000000000e26c9bd1a6361b80cdd64bdf00000000000869045aac0000659f55df08f9b90788ff7f00000010000029c21ebbcde61d8ab5920aef6c3e007fe61241638962cf0b89ef506cfd3f1d4163d3cfca3733b30070a7cf53021a95fdaf3c7220a0e23db436659a8c54328a702688f92b6b71569d65e33d46f8d8ae24ba69c657afac04379cb536008c219991704f11c51b1d076f03b0f917c766f3a7598bbc00feb3bc8e88f79df517b37b56bcbc290080000000000000e675458a43b8a8935bf9cf0be7d0aeaac41405e341cd0ba0d6fd562489dad595712a4051bb6cf826ab757193fc09d305f95c55d5746419000000000000007b61803bd430ef06000000000000001e93f640f159320c8b088f4d6497682eb312d4967aff9e4c14c66c90000054ed82c7cba4c81f91d6dfed18767bf0df584b4b6c4204df411f921e3aa02a67dd324b8176020e9c024751e539c05727f82c92046bfe64babb6d7ba86526b7886a0c2481c5812812a6fa3fca3758cbd8c32b25c28be225bd1f16297baa065f5bf96330fad0aaa4388c06c0eb2ecdf829af9577fcd868cc269b740000b7ad193c5e5850df01aff96877d73a63246ce6f0467167626329ab910b7a13d9ec9a64e7f6b56aeab8c38f69a213c96e2d2ad7978c9d721c270f27e7025d576535198742d403ec43572d7d0baf00e882617b260627805ca44200335ea4363066944d0aa6feb9705b09ba40d4642519281151f875cbf13a582f90ad719f0eccf02a473dd508a16138904933689ea6050041206473075eaeff2b69c2f2bf6f691c3560e068743a08e9771280da61fd8fdc3f7a35ea352e35753c59ebc1bd27ab6603e6afb1b3f057fbb7ed3aabe702b3c6301d3f5c295d1d69d1541d0e64631c95d6c0999e27e8d1a58f6a00f19102d2bfaf53f25a45637b1c577ae50c4c5669b13a4ed999dd10d2f091dcda39d9abc40c64a20c14ff0b1bf4d23fe07ae90fa0eba9c64bf89b26e7d8d70710b04f9ece5969023acadbb4582272e5b3a0429a5645b0c824ad36f7cc8be12b3874d5a19349b0ede845e9dddcab4a78b08ed60104002aabb17eb1840bc8e0ed1dd8b9b7eeaf32a185d80250a7f2252775905eeeb756eadafe20bbc616bc44b347abc8caf722b2c3b06884c1d3690f23b06fa4541bb2a81073b452764f04bd39008b65ee222cf697ac21b087548e9708dffaff2859e973b1e88668c8022cc6dac8548167e5798ec9c7d288a7fa7749f07513187cd8f060abbbc5e37dd1ba3aab927be1b409be733b7408534e5b0951e9ecfd0a1c77e3a29be4c4093330124615056e3ce0ce6ac91b1242d3bb2e787a186dc2ec284d60e9d8a03884a22eeaa1efa497ee88c6cb565b164a260afb5157e392b1ebb1a4d4f992011ecbac4a0a7ff5bdcef7994a422bb2761edd2d8f20f5f879a88f89d48b8314f862585e4b7a9d6a6681f40e8b82cc6555dce2db951d164cc9a70e640ac8974faa2587a6e3af3b9458f7d4b4077b3002536b10ea24d73307a33090c4c270909a5322eac32cb175e68fa83457b21465c08c02dcefccc0c714c2862ddbe567755f05c1e671328d160d3752345ca1db6e74c720e42afca982ba6befd96c5575f1dd8f87ff6606301c0000000000000000000000000000000000000004d0d54b4caf78018766cdb971e8b168d4763c1f00000003d4e1d842caf457797f93db93e4f38a9dbd79f6bf5dc40b55fdbf9b856665061b2e2924f27eb2d2b5a181ccfd9eeb11dec165b6f12433f00bb06124041ffdcdcdc91f3b3b76635a689c9249cf69bcae654bfa81e75b7c7002b883c56026d83520395b7d511f607cf2f899c7b1c75e2192f775d72247167285857588ace1115fbebfee3c16b84cf7036d41c493a63c09f2ce46c1f5995c2d7fe58c15e64bb4cb7e7f336cc22fa1ea1363bce375bd3d579be1dddb08ed5147b629e4b3f0e65783ee5e20d9270802f2a7500738d95216743bc36a04ba8d486fb26252d684b84fa24639089064ca7b93057c041f12d544dab4d24a4f952b4f265a69ba279929959991b7ac63786055b3c029a0e8b6e42ad33cba2661957cff0700000000000029bb61462623a58556cd62844d4d23cc738ee5b36c71d2c010b089251d5806000b1ade92dd9f441468967c052aecd9de81b4b55d06670597991f37ddc4fa19a6369d5bf76c474633a337f676ad255869881da5cadcf49ce9188129cc978977f87b32bd4945717075cbb4d3e01e67ff087644f52fcf0a3c732b0586cb87972c43d2616bf4e521dc3126bf1760243d51a197d3ecfd74bd625e9f496175cfeaaa020817d33d513f3e97854ea76e26e96a8639a297871485a8609f8ca842b3321932c4d9e224a0cec5946cec9e359fd3687415cad5fb8c678136f36d9f781fade9f2469477748f4dfa0f56c326c89bb5d07f35aaf95303b5a620fc84e1c73557b2277831f8f633f0d293c0e3f4f93149887271e645f50a4e57010a9b76457f6ad73231a905206bbb1b95248aed85a9df9dea64cc1fd1f06a98530000000000000045fcc1fb138fce0faec0a423e860d5b308d7849381b294106af25f15fec047d5b844a99f36e342165df728e381b48c20e0900f8d265157467d3494f2b93c7f3c817688cec2d226f50edb115c2e075f3c663a4b4169bc6fd7d4fbce205f2a1ae263ae0db900fa0a13cf796e0d7a9dad86953c13ed6241206d682e194c64c491de6a531e9bd45abe705f07000a82ccd41a2c1b23bac44b7371a3a0aeab3647c56f0680cd30ca260189dffed79c2cfae39d8160d3fac695b75654a4a5695b9edec673e75d97950fd4d80bdf8e2d83a3232768b1231b09ef4d995a783eb8f731523e9f6c2ee9119d567acd471bc391bd4f07600d5b04b71c1f1fd7e219b8df5123e4c529db3ce74353e8a39e2d21ce0954334951d509cdce531fb14230fa3b7331a943e7223b0ac8725a0d45a213fa249a8801959480ecdc5999c9df72debe8510d0620fce7be7086d5b72e857243f0a7883d9749b1f40936b51631e0060a0d9901d730bc27d42c1ce06bbbb003e1e6e458a29ec6e9b4be6e1df4774d4d2d22f153a76179434a5ac05f62bcb895f4bf620161cf4016c2bdcd2c3f66c4800eed3e3ba2883c978854c53890ecd22a22a5e82efc1aa3da86cb084faddcf3e87c963ac90686c571103c3613c726ba70381be87ab717096739aa9623fff8de37eac6e3577135587951642bb0c5117518017be9737d5bd1972d6f2c5cea66c5c71"], &(0x7f0000014ff5)='GPL\x00', 0x2, 0x103a, &(0x7f0000014000)=""/4096, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2a3}, 0x48) io_setup(0x7, &(0x7f00000001c0)=0x0) io_destroy(r0) io_setup(0x80000e, &(0x7f0000000200)) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r1 = socket$packet(0x11, 0x0, 0x300) r2 = getpid() sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000000000000000000004b84ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000400)='ext4_fc_track_range\x00', r5}, 0x10) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000340)={'bridge0\x00', 0x0}) r7 = socket(0x18, 0x3, 0x0) sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=ANY=[@ANYBLOB="440000001100290a000000000000000007000000", @ANYRES32=r6, @ANYBLOB="00000000000000001c001a800800068004001500080000003e"], 0x44}}, 0x0) openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0) r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8, 0x3191}, 0x7d) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000074140000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000140)='mm_page_alloc\x00', r9}, 0x10) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) syz_usb_connect$cdc_ecm(0x0, 0xe3, &(0x7f0000000780)=ANY=[@ANYBLOB="12011003020000102505a1a44000000001010902d1000101fe0000090400001602020000052406000005240000000d240f010000000000000000070c241b04000500a1050400041524120400a317a88b045e4f01a607c0ffcb7e392a75241309f6a9f5ce1afbc9b030b75d5e8585ea347a17571277d7852b4dfa373226516f949230b72ca1ef55606504ab7e9eb78f1109e7829e4bf82935e0a9128fac93c8e95c50bb2909ae1537b7ab4cea137ff3df72de294ec5e2c6c5d481ee3f51cfb828286b8619ec850d150201641e6b008c339e9a090582020000000000090503020800000000"], 0x0) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) r10 = open(&(0x7f0000007fc0)='./bus\x00', 0x0, 0x0) open(0x0, 0x42042, 0x0) bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000001740)={0x9c02}, 0x8) r11 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000006c0)=ANY=[@ANYBLOB="180000000500000000a400000000000085000060fe6639e4aa964978e5d9fb0a2d9d7a30ae668b41d5885c9e234c33f4d6bdeea7849d8f0fc4294324d1f217da465183814514d685dfc3f6ce04a34538db450d2e5cbd8adc9adffa483d4cefc6a37e164379b300000000", @ANYRESOCT=r1], &(0x7f0000000180)='GPL\x00', 0x4, 0x8f, &(0x7f00000002c0)=""/143, 0x0, 0x80, '\x00', 0x0, 0x0, r10, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x34}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000380)='sched_switch\x00', r11}, 0x10) socket(0x10, 0x80002, 0x4) 3.211779177s ago: executing program 4 (id=14905): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) fsopen(0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$netlink(0x10, 0x3, 0x0) bind$netlink(0xffffffffffffffff, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00'}, 0x10) bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="240000001a00010908000000000000000200000000000000"], 0x24}}, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2}) r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2}) syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0) r6 = syz_open_procfs(0x0, &(0x7f0000000240)='mountinfo\x00') r7 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mount$9p_fd(0x0, &(0x7f00000001c0)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000001400)=ANY=[@ANYBLOB='trans=f', @ANYRESHEX=r7, @ANYRESHEX=r6]) 2.783176842s ago: executing program 1 (id=14907): mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x0, 0x2, 0x1000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) pause() 2.395181044s ago: executing program 3 (id=14908): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x8000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='workqueue_activate_work\x00', r1}, 0x10) bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000200)={r2, r1, 0x4, r0}, 0x10) mkdirat(0xffffffffffffff9c, 0x0, 0x0) r3 = socket$inet(0x2, 0x3, 0x8d) setsockopt$inet_msfilter(r3, 0x0, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="8e"], 0x1) getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f00000000c0)={0x0, @local, @local}, &(0x7f0000000140)=0xc) r5 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_inet6_SIOCSIFADDR(r5, 0x8916, &(0x7f0000000000)={@dev, 0x71, r4}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r6}, 0x10) syz_emit_ethernet(0x4de, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa9cd7361987d486dd60ecea6604a82900fe8000000000000089750e6b000000aaff020000000000000000000000000001"], 0x0) r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2}) ioctl$TUNATTACHFILTER(r7, 0x401054d5, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{}]}) 2.338404888s ago: executing program 0 (id=14909): socket$packet(0x11, 0x0, 0x300) bpf$MAP_CREATE(0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0), 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x2000000000000344, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4f) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) mount$incfs(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x0, 0x0) r4 = syz_genetlink_get_family_id$tipc(&(0x7f00000003c0), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r5, &(0x7f0000000480)={0x0, 0xf00, &(0x7f0000000440)={&(0x7f0000000140)={0x30, r4, 0x1, 0x0, 0x0, {{}, {0x0, 0x3}, {0x14}}}, 0x30}}, 0x0) 2.279014123s ago: executing program 3 (id=14910): bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) lgetxattr(&(0x7f0000000240)='./file0\x00', &(0x7f00000020c0)=@known='user.incfs.metadata\x00', 0x0, 0x2) 2.266227234s ago: executing program 3 (id=14911): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000001d00"/20, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r4 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500)={0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) ioctl$TIOCSSOFTCAR(0xffffffffffffffff, 0x541a, 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x3ffffffffffffda, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000640)={{{@in6=@mcast1, @in6=@ipv4={""/10, ""/2, @dev}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@ipv4={""/10, ""/2, @local}}, 0x0, @in6=@initdev}}, &(0x7f0000000400)=0xe8) statx(0xffffffffffffffff, &(0x7f0000000340)='./file0\x00', 0x800, 0x400, &(0x7f0000000540)) write$FUSE_DIRENTPLUS(0xffffffffffffffff, &(0x7f00000009c0)=ANY=[@ANYBLOB="f8010000daffffff", @ANYRES64=0x0, @ANYRES32=r6, @ANYRESHEX=0x0, @ANYRES64, @ANYBLOB, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="02000000000000000000000002000000000000000400000000000000040000000900000047504c0000000000060000000000000001000000000000000600000000000000ffffffff00000000090000000002000000000000000000005d98000000000000003400000000000007000000000000000100000000000000020000000000000004000000020000000700000000600000ac7a0000", @ANYRES32=r7, @ANYBLOB="ffff00000100000000000000020000000000000007000000000000000d000000000000e073636865645f73776974636800"], 0x1f8) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000300)='cgroup.freeze\x00', 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) unshare(0x64000600) sendmsg$TIPC_CMD_SET_LINK_PRI(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01040000000000000000010000004000000008410000004c0018"], 0x68}}, 0x0) 2.234727507s ago: executing program 4 (id=14912): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000001d00"/20, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r4 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500)={0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) ioctl$TIOCSSOFTCAR(0xffffffffffffffff, 0x541a, 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x3ffffffffffffda, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000640)={{{@in6=@mcast1, @in6=@ipv4={""/10, ""/2, @dev}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@ipv4={""/10, ""/2, @local}}, 0x0, @in6=@initdev}}, &(0x7f0000000400)=0xe8) statx(0xffffffffffffffff, &(0x7f0000000340)='./file0\x00', 0x800, 0x400, &(0x7f0000000540)) write$FUSE_DIRENTPLUS(0xffffffffffffffff, &(0x7f00000009c0)=ANY=[@ANYBLOB="f8010000daffffff", @ANYRES64=0x0, @ANYRES32=r6, @ANYRESHEX=0x0, @ANYRES64, @ANYBLOB, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="02000000000000000000000002000000000000000400000000000000040000000900000047504c0000000000060000000000000001000000000000000600000000000000ffffffff00000000090000000002000000000000000000005d98000000000000003400000000000007000000000000000100000000000000020000000000000004000000020000000700000000600000ac7a0000", @ANYRES32=r7, @ANYBLOB="ffff00000100000000000000020000000000000007000000000000000d000000000000e073636865645f73776974636800"], 0x1f8) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000300)='cgroup.freeze\x00', 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) unshare(0x64000600) sendmsg$TIPC_CMD_SET_LINK_PRI(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01040000000000000000010000004000000008410000004c0018"], 0x68}}, 0x0) 1.980314068s ago: executing program 1 (id=14913): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r0}, &(0x7f0000000280), &(0x7f00000002c0)=r1}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f00000000c0)='./file2\x00', 0x201000, &(0x7f00000001c0)=ANY=[@ANYBLOB="6e6f696e6c696e655f78617474722c6e6f666c7573685f6d657267652c6e6f657874656e745f63616368652c6a71666d743d76667376312c66617374626f6f742c757365725f78617474722c6772706a71756f74613d00233f5b2c7768696e745f6d6f64653d757365722d62617365642c6673796e635f6d6f64653d7374726963742c6e6f657874656e0c5f63616368652cba727f3e50c9f1da74722c00"], 0x21, 0x552d, &(0x7f000000abc0)="$eJzs3EtvG1UUAODjpOmbEiEW7DqoQkqk2qrTh2BXoBUP0aoqsGAFju1abmxPFDtOyIoFS8SCf4JAYsWS38CCNTvEAsQOCeS5E2gKlZDixKT5Pml85t65c+beURTpzFgO4NhazH77pRIX4kxEzEfE+Yhiv1JuhZspvBARFyNi7pGtUvb/1XEyIs5GxIVJ8pSzUh764vL40vWf3/712+9PnTj35Tc/zG7VwKy9FBH99bS/1U8x76T4sOxvjLtF7F8blzEd6K+V7TzFrfZqkWGrsTuuUcSrnTQ+X98cTuKDXqM5iZ3ug6J/fZAuOBx3dvMUJzxsbBTtVnu1iN1hXsTOTprX9k7637YzHKU8rTLfx0X6GI12Y+pvb7fTetbXitgcjMr+lDdvtbcncVzG8nLRzHutYh6r+7nT/2svvtMdbG5n4/bGsJsPsuu1+su1+o1qfSNvtUfta9VGv3XjWrbU6U2GVUftRv9mJ887vXatmfeXs6VOs1mt17OlW+3VbmOQ1eu1q7Ur1evL5d7l7I2772e9VrY0ia91B5ujbm+YPcg3snTGcrZSu/rKcnapnr1751527/7t23fuvffhrQ/uvnrnrdfLQf+YVra0cmVlpVq/Ul2pL+/vBhyp9X9aTnqK64d9qcx6AgBHj/ofmIWDq/837kccfP0f6v+pOFL173Gv/w9g/bAv6n8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgGPrx4Wv3ix2FlP7XNn/TNn1XNmuRMRcRPzxL+bj5J6c82WehSeMX3hsDt9VosgwucapcjsbETfL7fdnD/ouAAAAwNPr608ufp6q9fSxOOsJcZjSQ5u58x9NKV8lIhYWf5pStrnJx/NTSlb8fZ+I7SllKx5gnZ5SsvTI7cS0sv0n83vC6UdCJYW5x8+Y2moBAICZ2VsJHG4VAgAAwGH67IlH1g51HhyySuy+ytx9F1x88/7vl31nUturPwAAADi6KrOeAAAAAHDgivrf7/8BAADA0y39/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH+ycy+5aQNxHID/NrjQl4qq7nuV7uAYPUKXXVYcoJfgCOQKuQBnILscIYIIj4NCRB7EY6xE3yfZgy3zmxkei5mRBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBLV9VydvHv5/+2OZttO3l6AwAAAByzrpaz+sUkXX9u7n9tbn1vrouIKCPi2Nh9EB8OMgdNTvXI89WDNlxG1Am7OkbN8SkifqVjG9+6/hQAAADgXRruTqv5YppG6+k06btVtHbCd5gmbcovvzNVXURENbnOlFbu8n5kCqt/38P4mymtnsAaZwpLU27DXGkvUv/d97N243tFkYry6fdn6zsAAHBGg4PivKMQAAAAzulP3w2gCx+ffaKIu6XM/VLgKBXjgwiLfQAAAPB2FX03AAAAAOhcPf4/Zf+/6Gf/v7ix/x8AAAC8Wtr/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC6tq+VsNV9M2+Zstu3k6Q0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADALfvzjgIhEAZhsHd9ZzL3P6w0aGpqUgXCx98YDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABc7M9LCoRAEETBnPG/k77/YSVBzyBCBDQ8qqhFAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABc7Ny/b9xUHADwZ/t8/QGII6AbghBIDLDQ67W0dEMMoIiBPwEpSq8l9MqPNgOtKqQsbChzFwQjQkigsPUfYOqG1EpdytbhhiKxsByyz845TSUuRLEvyecjPb/vOY7f99lSlK+fEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDR6bxon2aYzieNi373Ht1ay/v4TfebOxoPFrGVxVGfSB8Mr1Q9Rt7lEAAAAODqSsr4PITxMN5eyPu7k9X9aHpPV/N8/N4nLev7Jur/sy9o/a7/9+uilrYE6k3Gyk15aHQ5O70yltX+znG/P/+cRrfzK589ekvyGxB+uvzhK8+sZfXv37vvtPDxWR7YAwP9xquyLoPx9KOv7TSYGwJHRqhTeZf2fdJrNCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKAOo/XwTBlHIYTF1jTO3H98a+Vp/Z2NB4tlO3/79kb1nNkp0hDCpdXh4HSNc5l312/cvLI8HA6u1R+8GkJoavR3i+lf+XiGg0No5PrsV/DPeDze1Xcdbz7nPQVxcbPnJZ+DETT4QwkAgEMpLVpW1z9MN5eyfdFCCOMfttf/b1TiMGP9/+iT8/eqY1Xr/35tM5x/vbWrX/Su37j51urV5cuDy4PP3j7Tf6d/9sK5cxd6+bOSnicmAAAA7E27aNX6P17Yuf5/shKHGev/L7/rfz0d6Y98q/7fabro13QmAAAAR9sLr/39V/SU/VG7Hb5aXlu71p9stz6fmWwbSHXXjhWtWv8nC01nBQAAANRhtB5tW/+/WInDjOv/z/748s/VcyYhhBPF+v+plc+HF+ubzlyr48+Jm54jAAAAzTpRtOr6f5q//x9vvfIQhxDefH0SF/8GcKb6P/ngm5+qYyWV9//P1jfFuRR3J9cj77shtLrbvvx7Y4kBAABwKB0vWlbs/5luLn36y8mP2t7/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKjbvwEAAP//E41CoA==") bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x8, &(0x7f0000000040)=ANY=[@ANYBLOB="c541f7069ca9e1fc70d0035286a08ca6f0f8d600", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000500)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) listxattr(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)=""/44, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x7fffffff, 0x0, 0x0, 0x40f00, 0x6e2424b21af7d90, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x90) socket$igmp(0x2, 0x3, 0x2) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="090000001a00fbbed9dc0000000000000a0000000000000000000000f02bd4"], 0x1c}}, 0x0) r6 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000c5"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) ptrace(0x10, r6) ptrace(0x8, r6) waitid(0x0, 0x0, 0x0, 0x4, 0x0) 1.454857901s ago: executing program 0 (id=14914): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000800000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) lgetxattr(&(0x7f0000000240)='./file0\x00', &(0x7f00000020c0)=@known='user.incfs.metadata\x00', 0x0, 0x2) 1.351994249s ago: executing program 3 (id=14915): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000"], 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) lgetxattr(&(0x7f0000000240)='./file0\x00', &(0x7f00000020c0)=@known='user.incfs.metadata\x00', 0x0, 0x2) 1.350544699s ago: executing program 4 (id=14916): syz_mount_image$ext4(0x0, &(0x7f0000000500)='./file0\x00', 0x2050000, 0x0, 0x0, 0x0, &(0x7f0000000000)) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x7, 0x2, 0x4, 0x5}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r0, 0xffffffffffffffff}, &(0x7f0000000b00), &(0x7f0000000300)}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r2}, 0x10) pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15) r5 = dup(r4) write$FUSE_BMAP(r5, &(0x7f00000001c0)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r5, 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r5]) chdir(&(0x7f0000000040)='./file0\x00') mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount$incfs(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) 1.322893341s ago: executing program 0 (id=14917): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0xfffffffffffffff6, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff1d, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000cc0), 0x1c1341, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) syz_emit_ethernet(0x36, &(0x7f0000000180)={@link_local, @remote, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @dev, @private}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0) close(0xffffffffffffffff) socket$inet_udp(0x2, 0x2, 0x0) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) write$cgroup_subtree(r2, &(0x7f0000000180)=ANY=[], 0x240) 1.287393145s ago: executing program 3 (id=14918): bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0xcd, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x52) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='signal_generate\x00', r1}, 0x10) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000500)={&(0x7f0000000000)="2e09c7d03b7b663b19a770bec88fe310203ccea4c51268e96670bccc7e24e2696518ad30f1227ffdf19dabb50d3a5bb81615dc00fd23038540affc10d00bc7f37f337ee695730fbf132a0a07d9302e0f3dbfa463b79761ba77afc561380edab62aeef25c70", &(0x7f0000000680)=""/203, &(0x7f0000000300)="4c0812107e", &(0x7f0000000400)="219c5e4c38838d44616020b34de5a1a76913215c64ac0a9731e0ed5ff9a95bdce8a6b8546500784d30dffbd906117030ef78ac180b77d5d14f", 0x5a, r0, 0x4}, 0x38) timer_create(0x2, &(0x7f0000000440)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f0000000380)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000580)='kmem_cache_free\x00', r3}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) rt_sigsuspend(0x0, 0x0) syz_btf_id_by_name$bpf_lsm(0x0) r4 = syz_usb_connect(0x0, 0x10b, &(0x7f0000000000)=ANY=[@ANYBLOB="05010900b24b6a10e6040300770100000001090224000b010000000904000302ccd4280009050b02000000040009058a02"], 0x0) syz_usb_control_io$hid(r4, 0x0, 0x0) syz_usb_control_io$uac1(r4, &(0x7f0000000580)={0x14, &(0x7f0000000780)={0x20, 0x30, 0xd1, {0xd1, 0xe, "442c16637cab8a54cea35a9a9c70de6a9bd6434aca013ce9ed05380419e6b008fd5d771d40ad90af8a60f1e103046773781d05b105698e5b6ce78ebdb554ee586c5133e96987f0b5bb8244f2e2b3487f38ceba43f881f1c3d39355116ca0c103da18ef821bd9c9e7c38b31812905d055a3f9ef53d550fb6e57a40971c8e615b035c9da149c70ee4160cbea6f8f90dda5e37d6b4d947442246fd3363bc001fb6e48359312623cad6874066a4031f49a3c4aee59186e52fd18aaf3d577a654c053a2cdc52dcaa59494e812de9bd254fd"}}, &(0x7f0000000540)={0x0, 0x3, 0x1f, @string={0x1f, 0x3, "7dfc50c77c35665e5daf09ea8c3b5213b6dbad73ae55c52de6d75e5cd1"}}}, &(0x7f0000000a80)={0x44, &(0x7f0000000880)={0x20, 0x15, 0x27, "9f29155fba6617080a61acba0135e7b68ac0c4f9f4f28594e5de773b3c0e238a5d42e527517c8f"}, &(0x7f00000008c0)={0x0, 0xa, 0x1, 0x2}, &(0x7f0000000900)={0x0, 0x8, 0x1, 0xff}, &(0x7f0000000940)={0x20, 0x81, 0x3, "87a0b1"}, &(0x7f0000000980)={0x20, 0x82, 0x2, "42d1"}, &(0x7f00000009c0)={0x20, 0x83, 0x2, "a64c"}, &(0x7f0000000a00)={0x20, 0x84, 0x1, "18"}, &(0x7f0000000a40)={0x20, 0x85, 0x3, "edbe26"}}) 1.199752591s ago: executing program 4 (id=14919): ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0), 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x2000000000000344, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r2, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4f) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) r4 = syz_genetlink_get_family_id$tipc(&(0x7f00000003c0), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r5, &(0x7f0000000480)={0x0, 0xf00, &(0x7f0000000440)={&(0x7f0000000140)={0x30, r4, 0x1, 0x0, 0x0, {{}, {0x0, 0x3}, {0x14}}}, 0x30}}, 0x0) 1.083058231s ago: executing program 1 (id=14920): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x8000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='workqueue_activate_work\x00', r1}, 0x10) bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000200)={r2, r1, 0x4, r0}, 0x10) mkdirat(0xffffffffffffff9c, 0x0, 0x0) r3 = socket$inet(0x2, 0x3, 0x8d) setsockopt$inet_msfilter(r3, 0x0, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="8e"], 0x1) getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f00000000c0)={0x0, @local, @local}, &(0x7f0000000140)=0xc) r5 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_inet6_SIOCSIFADDR(r5, 0x8916, &(0x7f0000000000)={@dev, 0x71, r4}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r6}, 0x10) syz_emit_ethernet(0x4de, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa9cd7361987d486dd60ecea6604a82900fe8000000000000089750e6b000000aaff020000000000000000000000000001"], 0x0) r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2}) ioctl$TUNATTACHFILTER(r7, 0x401054d5, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{}]}) 1.074167522s ago: executing program 0 (id=14921): bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) lgetxattr(&(0x7f0000000240)='./file0\x00', &(0x7f00000020c0)=@known='user.incfs.metadata\x00', 0x0, 0x2) 1.064795963s ago: executing program 0 (id=14922): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) fsopen(0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$netlink(0x10, 0x3, 0x0) bind$netlink(0xffffffffffffffff, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00'}, 0x10) bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="240000001a00010908000000000000000200000000000000"], 0x24}}, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2}) r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2}) syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0) r6 = syz_open_procfs(0x0, &(0x7f0000000240)='mountinfo\x00') r7 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mount$9p_fd(0x0, &(0x7f00000001c0)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000001400)=ANY=[@ANYBLOB='trans=f', @ANYRESHEX=r7, @ANYRESHEX=r6]) 918.053535ms ago: executing program 1 (id=14923): mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x0, 0x2, 0x1000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) pause() 325.905503ms ago: executing program 4 (id=14924): socket$packet(0x11, 0x0, 0x300) bpf$MAP_CREATE(0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0), 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x2000000000000344, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4f) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) mount$incfs(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x0, 0x0) r4 = syz_genetlink_get_family_id$tipc(&(0x7f00000003c0), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r5, &(0x7f0000000480)={0x0, 0xf00, &(0x7f0000000440)={&(0x7f0000000140)={0x30, r4, 0x1, 0x0, 0x0, {{}, {0x0, 0x3}, {0x14}}}, 0x30}}, 0x0) 194.874394ms ago: executing program 2 (id=14925): r0 = syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1810714, &(0x7f00000000c0)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x200000}}, {@user_xattr}, {@grpjquota_path}, {@bh}, {@prjquota}, {@usrjquota}, {@usrjquota}, {@min_batch_time={'min_batch_time', 0x3d, 0x409e}}, {@nodiscard}]}, 0xff, 0x468, &(0x7f0000000780)="$eJzs289vFFUcAPDvzG4BQdmKiIIgVTRp/NHSgsrBxGg08aCJiR7wWNtCkIUaWhMhjVZj8GhIvBuPJv4FnjwZ9WTiFY8mhoQoMQG9uGZ2Z0q77JbWbtlN9/NJBt6befve+3bmzb6dtxtA3xrK/kki7o6IyxFRaWSXFxhq/Hfj2vzk39fmJ5Oo1d78I6mXu35tfrKWK163I69zOI1IP03yRmJgabWz5y+cnqhWp8/l+dG5M++Nzp6/8PSpMxMnp09Onx0/duzokbHnnh1/pkWvf7u01jiz+K7v+3Bm/95X3770+uTxS+/8+E3W3z0HGsezONZa5+0MZYH/2fjbNB97vNONddm/tZtxJuVu94bVKkVEOR+cl6MSpbh58irxyidd7RywobJ79tb2hxdqwCaWRLd7AHRH8Uafff4ttjs09egJV19sfADK4r6Rb40j5UjzMgMb2P5QRBxf+OfLbIum5xC1Fs8NAADW67ts/vNUq/lfGnuWlNuZrw0NRsS9EbErIu6LiN0RcX9EvewDEfHgGtsfasrfOv9Mr/yvwFYpm/89n69tLZ//FbO/GCzluXvq8Q8kJ05Vpw/nf5PhGNia5cdaVV5U8fIvn7drf+n8L9uy9ou5YF7JlXLjAd22Ys/UxNxEpyalVz+O2FduFX+yuBKQRMTeiNi3tqp3FolTT3y9v12h28e/gg6sM9W+KiqZX4im+AvJyuuTo9uiOn14tLgqbvXTzxffaNf+uuLvgOz8b19+/TeVqPyVLF2vnV088MJq27j462dtP1OWV3/9L8qu/y3JW/U13S35vg8m5ubOjUVsSV6r55ftH7/52iJflM/iHz7Uevzvyl+Txf9QRGQX8YGIeDgiDubn7pGIeDQiDq0Q/w8vPfZuu2O9cP6nWt7/Fq//weXnf+2J0unvv23X/uruf0frqeF8T/3+dxvtu1PcRpuuZgAAANjE0vp345N0ZDGdpiMjje/w747taXVmdu7JEzPvn51qfId+MAbS4klXZcnz0LFkIa+xkR/PnxUXx4/kz42/KN1Vz49MzlSnuhw79LsdbcZ/5vdSt3sHbDi/14L+1Tz+0y71A7jzvP9D/zL+oX8Z/9C/Wo3/j5ry1gJgM6pVut0DoHvM/6F/Gf/Qv4x/6Evr+V3/RiXKK/x6X6JXEpH2RDd6JnGwh0ZTuQOju8s3JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgA75LwAA///foPki") fsetxattr(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) getpid() r1 = openat(r0, &(0x7f0000000040)='./file1\x00', 0x404943, 0x31) pwrite64(r1, &(0x7f0000000140)='2', 0xfdef, 0xfecc) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x5, 0x2, 0x1000}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000141007b8af8ff00000000bfa2000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r4) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xc, &(0x7f00000004c0)=ANY=[@ANYRESOCT=0x0, @ANYBLOB="cd3c89fa4951eb6b2812907b874a1a5b68de26d24b8a858e9a5fce7ce4cc629cf277305ef416754e4f5e12da4e98f415f2275472e6286dbb3fdb4a067c7e1f582e30b85a0eef8ed9ae18f5b2e89c5f7386bf4e3e665e121b28d472c36679856f19f6ad5d406c890a85934620c03b4ce1c421b2ee0c305887d914a8677069aa034e900e2bfe92dd908891407d126ae4b93a22908414e0c28fa5076f03fe6ad3671bf3895fbb76af5562b3d7147428aa7f754b5ef8"], &(0x7f0000000480)='syzkaller\x00', 0x9c8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r6}, 0x10) r7 = inotify_init1(0x0) ioctl$KVM_CAP_EXCEPTION_PAYLOAD(r4, 0x4068aea3, &(0x7f00000002c0)={0xa4, 0x0, 0x1}) fcntl$setown(r7, 0x8, 0xffffffffffffffff) fcntl$getownex(r7, 0x10, &(0x7f0000000140)={0x0, 0x0}) r9 = syz_open_procfs(r8, &(0x7f0000000600)='fd/4\x00') ioctl$EXT4_IOC_GROUP_EXTEND(r9, 0x40086607, &(0x7f0000000240)) socket$nl_generic(0x10, 0x3, 0x10) r10 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES16=r10, @ANYBLOB='ya\x00\x00\x00\x00\x00\x00\x00\x00~'], 0x1c}}, 0x0) r11 = openat$cgroup_ro(r1, &(0x7f0000000200)='blkio.throttle.io_service_bytes\x00', 0x275a, 0x0) write$binfmt_script(r9, &(0x7f0000000440)={'#! ', './file0'}, 0xb) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r11, 0x0) setxattr$trusted_overlay_origin(&(0x7f0000000080)='./file1\x00', &(0x7f0000000180), &(0x7f00000001c0), 0x2, 0x2) ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f0000000240)={0x7, 0x80, 0x4, 0x101, 0x3, [{0xa, 0x7, 0x8000000400000001, '\x00', 0x201}, {0x1, 0x7, 0x7, '\x00', 0x1005}, {0x8, 0x1, 0xf}]}) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) 118.81319ms ago: executing program 0 (id=14926): prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x0, &(0x7f0000000080)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5) getpid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f0000000580)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x0, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000008000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7020000140000fbb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000440)='sched_switch\x00', r3}, 0x10) unshare(0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c) syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x0, 0x4, 0x0, &(0x7f0000000040)='GPL\x00', 0x4, 0x1000, &(0x7f0000000300)=""/4096}, 0x90) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYBLOB="1400000042000501"], 0x14}}, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) 0s ago: executing program 1 (id=14927): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000800000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) lgetxattr(&(0x7f0000000240)='./file0\x00', &(0x7f00000020c0)=@known='user.incfs.metadata\x00', 0x0, 0x2) kernel console output (not intermixed with test programs): igh-speed USB device number 59 using dummy_hcd [ 2495.693229][ T53] usb 3-1: Using ep0 maxpacket: 16 [ 2495.852080][T15900] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=15900 comm=syz.3.14253 [ 2495.973504][ T24] kauditd_printk_skb: 5 callbacks suppressed [ 2495.973518][ T24] audit: type=1326 audit(2000001451.266:17314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15905 comm="syz.3.14256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa948493f19 code=0x7ffc0000 [ 2495.984148][T15910] netlink: 8 bytes leftover after parsing attributes in process `syz.1.14257'. [ 2496.011118][ T24] audit: type=1326 audit(2000001451.266:17315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15905 comm="syz.3.14256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa948493f19 code=0x7ffc0000 [ 2496.027023][T15910] netlink: 24 bytes leftover after parsing attributes in process `syz.1.14257'. [ 2496.284041][ T2381] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2496.315261][ T2381] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2496.347425][ T53] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 2496.356496][ T53] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2496.364562][ T53] usb 3-1: Product: syz [ 2496.368582][ T53] usb 3-1: Manufacturer: syz [ 2496.369623][ T2381] usb 5-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00 [ 2496.372995][ T53] usb 3-1: SerialNumber: syz [ 2496.386304][ T24] audit: type=1326 audit(2000001451.266:17316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15905 comm="syz.3.14256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7fa948493f19 code=0x7ffc0000 [ 2496.395384][ T2381] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2496.417942][ T53] usb 3-1: config 0 descriptor?? [ 2496.444826][ T2381] usb 5-1: config 0 descriptor?? [ 2496.905064][T15922] netlink: 8 bytes leftover after parsing attributes in process `syz.0.14259'. [ 2497.088563][T15924] x_tables: duplicate underflow at hook 3 [ 2497.124498][ T2381] lg-g15 0003:046D:C222.0180: unknown main item tag 0x0 [ 2497.150143][ T2381] lg-g15 0003:046D:C222.0180: unknown main item tag 0x0 [ 2497.191891][ T2381] lg-g15 0003:046D:C222.0180: unknown main item tag 0x0 [ 2497.240959][ T2381] lg-g15 0003:046D:C222.0180: unknown main item tag 0x0 [ 2497.249426][ T2381] lg-g15 0003:046D:C222.0180: unknown main item tag 0x0 [ 2497.257538][ T2381] lg-g15 0003:046D:C222.0180: unknown main item tag 0x0 [ 2497.265910][ T2381] lg-g15 0003:046D:C222.0180: unknown main item tag 0x0 [ 2497.272879][ T2381] lg-g15 0003:046D:C222.0180: unknown main item tag 0x0 [ 2497.281906][ T2381] lg-g15 0003:046D:C222.0180: unknown main item tag 0x0 [ 2497.289762][ T2381] lg-g15 0003:046D:C222.0180: unknown main item tag 0x0 [ 2497.297975][ T2381] lg-g15 0003:046D:C222.0180: unknown main item tag 0x0 [ 2497.309279][T19187] usb 3-1: USB disconnect, device number 80 [ 2497.343875][ T2381] lg-g15 0003:046D:C222.0180: hidraw0: USB HID v0.00 Device [HID 046d:c222] on usb-dummy_hcd.4-1/input0 [ 2497.374321][ T2381] usb 5-1: USB disconnect, device number 59 [ 2497.479971][T15931] udc-core: couldn't find an available UDC or it's busy [ 2497.486777][T15931] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 2497.730421][ T24] audit: type=1326 audit(2000001453.015:17317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15940 comm="syz.3.14266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa948493f19 code=0x7ffc0000 [ 2497.765163][ T24] audit: type=1326 audit(2000001453.055:17318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15940 comm="syz.3.14266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=192 compat=0 ip=0x7fa948493f19 code=0x7ffc0000 [ 2497.784292][T19187] usb 3-1: new high-speed USB device number 81 using dummy_hcd [ 2497.857908][T15944] 9pnet: Could not find request transport: f0x00000000000000070xffffffffffffffff [ 2498.009480][ T24] audit: type=1326 audit(2000001453.055:17319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15940 comm="syz.3.14266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa948493f19 code=0x7ffc0000 [ 2498.087356][T15949] syz.3.14267[15949] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 2498.087773][T15949] syz.3.14267[15949] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 2498.185675][T15950] x_tables: duplicate underflow at hook 3 [ 2498.518782][T19187] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2498.556424][T19187] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2498.587744][T19187] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 2498.614544][T19187] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2498.625818][T19187] usb 3-1: config 0 descriptor?? [ 2499.995456][T19187] usbhid 3-1:0.0: can't add hid device: -71 [ 2500.001331][T19187] usbhid: probe of 3-1:0.0 failed with error -71 [ 2500.009040][T19187] usb 3-1: USB disconnect, device number 81 [ 2500.076425][T15981] netlink: 8 bytes leftover after parsing attributes in process `syz.0.14275'. [ 2500.403173][ T24] audit: type=1326 audit(2000001455.684:17320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15985 comm="syz.4.14277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe883863f19 code=0x7ffc0000 [ 2500.440365][ T24] audit: type=1326 audit(2000001455.714:17321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15985 comm="syz.4.14277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=192 compat=0 ip=0x7fe883863f19 code=0x7ffc0000 [ 2500.517497][T15990] x_tables: duplicate underflow at hook 3 [ 2500.887225][ T24] audit: type=1326 audit(2000001455.714:17322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15985 comm="syz.4.14277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe883863f19 code=0x7ffc0000 [ 2500.947246][T16000] netlink: 8 bytes leftover after parsing attributes in process `syz.1.14281'. [ 2500.995844][ T7067] usb 5-1: new high-speed USB device number 60 using dummy_hcd [ 2501.004008][T16000] netlink: 24 bytes leftover after parsing attributes in process `syz.1.14281'. [ 2501.461623][T16015] netlink: 12 bytes leftover after parsing attributes in process `syz.1.14283'. [ 2501.480240][T16015] sch_tbf: peakrate 3 is lower than or equals to rate 1143518112591568713 ! [ 2501.546274][ T7067] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2501.558580][ T7067] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 8 [ 2501.689292][ T24] audit: type=1326 audit(2000001456.973:17323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16025 comm="syz.0.14289" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4dbcf8df19 code=0x7ffc0000 [ 2501.713047][ T24] audit: type=1326 audit(2000001456.973:17324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16025 comm="syz.0.14289" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4dbcf8df19 code=0x7ffc0000 [ 2501.726336][ T7067] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 2501.737353][ T24] audit: type=1326 audit(2000001456.993:17325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16025 comm="syz.0.14289" exe="/root/syz-executor" sig=0 arch=c000003e syscall=192 compat=0 ip=0x7f4dbcf8df19 code=0x7ffc0000 [ 2501.754647][ T7067] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2501.776476][ T24] audit: type=1326 audit(2000001456.993:17326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16025 comm="syz.0.14289" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4dbcf8df19 code=0x7ffc0000 [ 2501.801585][ T7067] usb 5-1: Product: syz [ 2501.801977][ T24] audit: type=1326 audit(2000001456.993:17327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16025 comm="syz.0.14289" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4dbcf8df19 code=0x7ffc0000 [ 2501.810742][ T7067] usb 5-1: Manufacturer: syz [ 2501.945065][ T7067] usb 5-1: SerialNumber: syz [ 2502.330708][T16037] netlink: 8 bytes leftover after parsing attributes in process `syz.0.14290'. [ 2502.549354][T15991] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 2502.913905][ T24] audit: type=1326 audit(2000001458.193:17328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16062 comm="syz.1.14300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d3ce9df19 code=0x7ffc0000 [ 2502.939534][ T24] audit: type=1326 audit(2000001458.193:17329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16062 comm="syz.1.14300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d3ce9df19 code=0x7ffc0000 [ 2503.017632][T16067] x_tables: duplicate underflow at hook 3 [ 2503.045214][ T24] audit: type=1326 audit(2000001458.203:17330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16062 comm="syz.1.14300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=192 compat=0 ip=0x7f4d3ce9df19 code=0x7ffc0000 [ 2503.071640][ T24] audit: type=1326 audit(2000001458.203:17331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16062 comm="syz.1.14300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d3ce9df19 code=0x7ffc0000 [ 2503.179227][ T24] audit: type=1326 audit(2000001458.203:17332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16062 comm="syz.1.14300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d3ce9df19 code=0x7ffc0000 [ 2503.234105][T15991] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 2503.644428][T16070] netlink: 8 bytes leftover after parsing attributes in process `syz.1.14301'. [ 2503.745312][T16080] FAULT_INJECTION: forcing a failure. [ 2503.745312][T16080] name failslab, interval 1, probability 0, space 0, times 0 [ 2503.757724][T16080] CPU: 1 PID: 16080 Comm: syz.3.14304 Tainted: G W 5.10.221-syzkaller-01371-g1240968f7644 #0 [ 2503.769001][T16080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 2503.778886][T16080] Call Trace: [ 2503.782030][T16080] dump_stack_lvl+0x1e2/0x24b [ 2503.786529][T16080] ? panic+0x812/0x812 [ 2503.790444][T16080] ? bfq_pos_tree_add_move+0x43b/0x43b [ 2503.795734][T16080] dump_stack+0x15/0x17 [ 2503.799743][T16080] should_fail+0x3c6/0x510 [ 2503.803973][T16080] ? radix_tree_node_alloc+0x198/0x3c0 [ 2503.809270][T16080] __should_failslab+0xa4/0xe0 [ 2503.813870][T16080] should_failslab+0x9/0x20 [ 2503.818212][T16080] kmem_cache_alloc+0x3d/0x2e0 [ 2503.822813][T16080] radix_tree_node_alloc+0x198/0x3c0 [ 2503.827928][T16080] idr_get_free+0x281/0x8e0 [ 2503.832269][T16080] idr_alloc+0x1a0/0x2f0 [ 2503.836345][T16080] ? idr_alloc_u32+0x320/0x320 [ 2503.840953][T16080] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 2503.846007][T16080] ? debug_smp_processor_id+0x17/0x20 [ 2503.851193][T16080] ? __radix_tree_preload+0x351/0x3d0 [ 2503.856574][T16080] p9_client_prepare_req+0x575/0xb50 [ 2503.861802][T16080] p9_client_rpc+0x159/0x1390 [ 2503.866308][T16080] ? __kasan_check_write+0x14/0x20 [ 2503.871252][T16080] ? node_tag_clear+0x200/0x2b0 [ 2503.875943][T16080] ? p9_fid_create+0x230/0x230 [ 2503.880537][T16080] ? idr_alloc_u32+0x20b/0x320 [ 2503.885146][T16080] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 2503.890088][T16080] ? debug_smp_processor_id+0x17/0x20 [ 2503.895296][T16080] ? __radix_tree_preload+0x351/0x3d0 [ 2503.900505][T16080] p9_client_walk+0x1fe/0x7b0 [ 2503.905014][T16080] ? p9_client_rpc+0x1390/0x1390 [ 2503.909793][T16080] ? v9fs_fid_lookup+0x118/0x160 [ 2503.914563][T16080] v9fs_vfs_lookup+0x198/0x3c0 [ 2503.919163][T16080] ? show_sid+0x250/0x250 [ 2503.923328][T16080] ? v9fs_inode_from_fid+0x2f0/0x2f0 [ 2503.928459][T16080] v9fs_vfs_atomic_open+0x77/0x5c0 [ 2503.933393][T16080] ? selinux_inode_create+0x22/0x30 [ 2503.938430][T16080] ? v9fs_vfs_getattr+0x1d0/0x1d0 [ 2503.943296][T16080] path_openat+0xff0/0x3000 [ 2503.947639][T16080] ? do_filp_open+0x460/0x460 [ 2503.952152][T16080] do_filp_open+0x21c/0x460 [ 2503.956480][T16080] ? vfs_tmpfile+0x2b0/0x2b0 [ 2503.960912][T16080] ? get_unused_fd_flags+0x94/0xa0 [ 2503.965856][T16080] do_sys_openat2+0x13f/0x6f0 [ 2503.970368][T16080] ? strncpy_from_kernel_nofault+0x169/0x1e0 [ 2503.976181][T16080] ? do_sys_open+0x220/0x220 [ 2503.980612][T16080] ? bpf_trace_run2+0xf4/0x280 [ 2503.985206][T16080] ? fput+0x1a/0x20 [ 2503.988856][T16080] ? bpf_trace_run1+0x210/0x210 [ 2503.993534][T16080] __x64_sys_creat+0x11f/0x160 [ 2503.998144][T16080] ? __x32_compat_sys_openat+0x290/0x290 [ 2504.003614][T16080] ? __bpf_trace_sys_enter+0x62/0x70 [ 2504.008721][T16080] ? syscall_enter_from_user_mode+0x144/0x1a0 [ 2504.014623][T16080] do_syscall_64+0x34/0x70 [ 2504.018888][T16080] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2504.024601][T16080] RIP: 0033:0x7fa948493f19 [ 2504.028859][T16080] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2504.048295][T16080] RSP: 002b:00007fa947715048 EFLAGS: 00000246 ORIG_RAX: 0000000000000055 [ 2504.056541][T16080] RAX: ffffffffffffffda RBX: 00007fa948623f60 RCX: 00007fa948493f19 [ 2504.064353][T16080] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000200 [ 2504.072164][T16080] RBP: 00007fa9477150a0 R08: 0000000000000000 R09: 0000000000000000 [ 2504.079976][T16080] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2504.087788][T16080] R13: 000000000000000b R14: 00007fa948623f60 R15: 00007fff26d6e468 [ 2504.808902][T16091] netlink: 8 bytes leftover after parsing attributes in process `syz.2.14305'. [ 2505.087448][T16094] netlink: 12 bytes leftover after parsing attributes in process `syz.3.14306'. [ 2505.099786][T16094] sch_tbf: peakrate 3 is lower than or equals to rate 1143518112591568713 ! [ 2505.168846][ T7067] cdc_ncm 5-1:1.0: bind() failure [ 2505.268189][ T7067] cdc_ncm: probe of 5-1:1.1 failed with error -71 [ 2505.298043][ T7067] cdc_mbim: probe of 5-1:1.1 failed with error -71 [ 2505.316082][ T7067] usb 5-1: USB disconnect, device number 60 [ 2505.746289][T16115] 9pnet: Could not find request transport: f0x000000000000000d0x000000000000000c [ 2506.680419][T16136] netlink: 8 bytes leftover after parsing attributes in process `syz.0.14320'. [ 2506.708916][ T7067] usb 3-1: new high-speed USB device number 82 using dummy_hcd [ 2507.012780][T16142] netlink: 12 bytes leftover after parsing attributes in process `syz.4.14322'. [ 2507.070600][T16142] sch_tbf: peakrate 3 is lower than or equals to rate 1143518112591568713 ! [ 2507.449177][ T7067] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2507.453395][ T24] kauditd_printk_skb: 3 callbacks suppressed [ 2507.453412][ T24] audit: type=1326 audit(2000001462.720:17336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16146 comm="syz.0.14323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4dbcf8df19 code=0x7ffc0000 [ 2507.489179][ T7067] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2507.500110][ T7067] usb 3-1: New USB device found, idVendor=046d, idProduct=c086, bcdDevice= 0.00 [ 2507.509440][ T7067] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2507.522448][ T7067] usb 3-1: config 0 descriptor?? [ 2507.555052][ T24] audit: type=1326 audit(2000001462.720:17337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16146 comm="syz.0.14323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=192 compat=0 ip=0x7f4dbcf8df19 code=0x7ffc0000 [ 2507.581556][ T24] audit: type=1326 audit(2000001462.720:17338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16146 comm="syz.0.14323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4dbcf8df19 code=0x7ffc0000 [ 2507.665713][T16155] netlink: 12 bytes leftover after parsing attributes in process `syz.0.14326'. [ 2507.677810][T16155] sch_tbf: peakrate 3 is lower than or equals to rate 1143518112591568713 ! [ 2508.090503][T16285] usb 4-1: new high-speed USB device number 54 using dummy_hcd [ 2508.343602][T16167] syz.0.14328[16167] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 2508.343678][T16167] syz.0.14328[16167] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 2508.536971][T16170] netlink: 16 bytes leftover after parsing attributes in process `syz.2.14317'. [ 2508.739735][T16285] usb 4-1: Using ep0 maxpacket: 16 [ 2508.762370][T16175] 9pnet: Could not find request transport: f0x000000000000000d0x000000000000000c [ 2509.060061][T16285] usb 4-1: New USB device found, idVendor=0456, idProduct=f000, bcdDevice=f3.7f [ 2509.069102][T16285] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2509.077261][T16285] usb 4-1: Product: syz [ 2509.081665][T16285] usb 4-1: Manufacturer: syz [ 2509.086159][T16285] usb 4-1: SerialNumber: syz [ 2509.175423][T16285] usb 4-1: config 0 descriptor?? [ 2509.181573][ T7706] device bridge_slave_1 left promiscuous mode [ 2509.187809][ T7706] bridge0: port 2(bridge_slave_1) entered disabled state [ 2509.195814][ T7706] device bridge_slave_0 left promiscuous mode [ 2509.202220][ T7706] bridge0: port 1(bridge_slave_0) entered disabled state [ 2509.211140][ T7706] device veth1_macvtap left promiscuous mode [ 2509.217141][ T7706] device veth0_vlan left promiscuous mode [ 2509.223833][T16285] ftdi_sio 4-1:0.0: Ignoring interface reserved for JTAG [ 2509.804036][ T25] usb 4-1: USB disconnect, device number 54 [ 2509.960909][ T7067] usbhid 3-1:0.0: can't add hid device: -71 [ 2509.967474][ T7067] usbhid: probe of 3-1:0.0 failed with error -71 [ 2510.054467][ T7067] usb 3-1: USB disconnect, device number 82 [ 2510.311392][T16199] binder: 16198:16199 ioctl 40046205 0 returned -22 [ 2510.318103][T16199] binder: 16198:16199 unknown command 25363 [ 2510.324652][T16199] binder: 16198:16199 ioctl c0306201 20001a80 returned -22 [ 2510.787218][ T24] audit: type=1326 audit(2000001466.069:17339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16215 comm="syz.1.14341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d3ce9df19 code=0x7ffc0000 [ 2510.821632][ T24] audit: type=1326 audit(2000001466.099:17340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16215 comm="syz.1.14341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f4d3ce9df19 code=0x7ffc0000 [ 2510.845502][ T24] audit: type=1326 audit(2000001466.099:17341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16215 comm="syz.1.14341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d3ce9df19 code=0x7ffc0000 [ 2510.885752][ T502] usb 4-1: new high-speed USB device number 55 using dummy_hcd [ 2510.893085][ T24] audit: type=1326 audit(2000001466.099:17342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16215 comm="syz.1.14341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f4d3ce9df19 code=0x7ffc0000 [ 2510.919328][ T24] audit: type=1326 audit(2000001466.099:17343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16215 comm="syz.1.14341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d3ce9df19 code=0x7ffc0000 [ 2511.030866][ T24] audit: type=1326 audit(2000001466.099:17344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16215 comm="syz.1.14341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7f4d3ce9df19 code=0x7ffc0000 [ 2511.055105][ T24] audit: type=1326 audit(2000001466.099:17345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16215 comm="syz.1.14341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=96 compat=0 ip=0xffffffffff600000 code=0x7ffc0000 [ 2511.083812][T16223] 9pnet: Could not find request transport: f0x000000000000000d0x000000000000000c [ 2511.250993][ T502] usb 4-1: Using ep0 maxpacket: 16 [ 2512.238177][T16241] udc-core: couldn't find an available UDC or it's busy [ 2512.245238][T16241] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 2512.889728][T16247] netlink: 12 bytes leftover after parsing attributes in process `syz.2.14348'. [ 2512.930709][T16247] sch_tbf: peakrate 3 is lower than or equals to rate 1143518112591568713 ! [ 2513.152937][T16248] netlink: 12 bytes leftover after parsing attributes in process `syz.4.14347'. [ 2513.217914][T16248] sch_tbf: peakrate 3 is lower than or equals to rate 1143518112591568713 ! [ 2513.251134][ T24] kauditd_printk_skb: 33 callbacks suppressed [ 2513.251160][ T24] audit: type=1326 audit(2000001468.527:17379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16254 comm="syz.2.14352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42e5d10f19 code=0x7ffc0000 [ 2513.280968][ T502] usb 4-1: New USB device found, idVendor=0456, idProduct=f000, bcdDevice=f3.7f [ 2513.294069][ T502] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2513.314406][ T502] usb 4-1: Product: syz [ 2513.321679][ T502] usb 4-1: Manufacturer: syz [ 2513.332764][ T502] usb 4-1: SerialNumber: syz [ 2513.341536][ T24] audit: type=1326 audit(2000001468.567:17380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16254 comm="syz.2.14352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f42e5d10f19 code=0x7ffc0000 [ 2513.373489][ T502] usb 4-1: config 0 descriptor?? [ 2513.392176][ T502] usb 4-1: can't set config #0, error -71 [ 2513.402850][ T502] usb 4-1: USB disconnect, device number 55 [ 2513.428940][ T24] audit: type=1326 audit(2000001468.567:17381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16254 comm="syz.2.14352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42e5d10f19 code=0x7ffc0000 [ 2513.502240][ T24] audit: type=1326 audit(2000001468.567:17382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16254 comm="syz.2.14352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f42e5d10f19 code=0x7ffc0000 [ 2513.833179][ T24] audit: type=1326 audit(2000001468.567:17383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16254 comm="syz.2.14352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42e5d10f19 code=0x7ffc0000 [ 2513.857391][ T24] audit: type=1326 audit(2000001468.567:17384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16254 comm="syz.2.14352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7f42e5d10f19 code=0x7ffc0000 [ 2513.888388][ T24] audit: type=1326 audit(2000001468.567:17385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16254 comm="syz.2.14352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=96 compat=0 ip=0xffffffffff600000 code=0x7ffc0000 [ 2513.981085][ T24] audit: type=1326 audit(2000001468.567:17386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16254 comm="syz.2.14352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42e5d10f19 code=0x7ffc0000 [ 2514.303800][ T24] audit: type=1326 audit(2000001468.567:17387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16254 comm="syz.2.14352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f42e5d10f19 code=0x7ffc0000 [ 2514.327469][ T24] audit: type=1326 audit(2000001468.567:17388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16254 comm="syz.2.14352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42e5d10f19 code=0x7ffc0000 [ 2515.649519][T16289] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 2515.885144][ T25] usb 3-1: new high-speed USB device number 83 using dummy_hcd [ 2516.243912][ T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2516.264518][ T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2516.284521][ T25] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 2516.302681][ T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2516.320158][ T25] usb 3-1: config 0 descriptor?? [ 2516.333532][T26043] usb 4-1: new high-speed USB device number 56 using dummy_hcd [ 2516.769530][T16319] udc-core: couldn't find an available UDC or it's busy [ 2516.786630][T16319] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 2516.923769][T26043] usb 4-1: Using ep0 maxpacket: 16 [ 2517.043911][T13670] usb 5-1: new high-speed USB device number 61 using dummy_hcd [ 2517.043972][T26043] usb 4-1: config 0 has an invalid interface number: 2 but max is 0 [ 2517.059196][T26043] usb 4-1: config 0 has no interface number 0 [ 2517.065094][T26043] usb 4-1: config 0 interface 2 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 2517.074629][T26043] usb 4-1: config 0 interface 2 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0 [ 2517.204003][ T25] usb 3-1: language id specifier not provided by device, defaulting to English [ 2517.234088][T26043] usb 4-1: New USB device found, idVendor=0582, idProduct=0005, bcdDevice= 0.88 [ 2517.242981][T26043] usb 4-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3 [ 2517.250965][T26043] usb 4-1: Product: syz [ 2517.255013][T26043] usb 4-1: SerialNumber: syz [ 2517.260399][T26043] usb 4-1: config 0 descriptor?? [ 2517.284064][T13670] usb 5-1: Using ep0 maxpacket: 16 [ 2517.404142][T13670] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 11 [ 2517.412993][T13670] usb 5-1: config 1 interface 0 altsetting 3 endpoint 0xB has invalid wMaxPacketSize 0 [ 2517.422671][T13670] usb 5-1: config 1 interface 0 altsetting 3 bulk endpoint 0xB has invalid maxpacket 0 [ 2517.433253][T13670] usb 5-1: config 1 interface 0 altsetting 3 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 2517.446753][T13670] usb 5-1: config 1 interface 0 has no altsetting 0 [ 2517.453303][T13670] usb 5-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77 [ 2517.463211][T13670] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2517.610555][T13670] ums-sddr09 5-1:1.0: USB Mass Storage device detected [ 2517.665053][T26043] snd-usb-audio: probe of 4-1:0.2 failed with error -12 [ 2517.673103][T26043] usb 4-1: USB disconnect, device number 56 [ 2517.724361][ T25] uclogic 0003:256C:006D.0181: failed retrieving string descriptor #200: -71 [ 2517.733048][ T25] uclogic 0003:256C:006D.0181: failed retrieving pen parameters: -71 [ 2517.741265][ T25] uclogic 0003:256C:006D.0181: failed probing pen v2 parameters: -71 [ 2517.749326][ T25] uclogic 0003:256C:006D.0181: failed probing parameters: -71 [ 2517.756731][ T25] uclogic: probe of 0003:256C:006D.0181 failed with error -71 [ 2517.772674][ T25] usb 3-1: USB disconnect, device number 83 [ 2517.945225][T16336] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 2518.763785][T16356] netlink: 12 bytes leftover after parsing attributes in process `syz.0.14379'. [ 2518.787306][T16356] sch_tbf: peakrate 3 is lower than or equals to rate 1143518112591568713 ! [ 2519.471182][T26043] usb 5-1: USB disconnect, device number 61 [ 2519.975000][T16381] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 2520.334022][ T24] kauditd_printk_skb: 142 callbacks suppressed [ 2520.334036][ T24] audit: type=1326 audit(2000001475.604:17531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16389 comm="syz.1.14390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d3ce9df19 code=0x7ffc0000 [ 2520.465906][T16393] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 2520.579733][ T502] usb 3-1: new high-speed USB device number 84 using dummy_hcd [ 2520.601995][ T24] audit: type=1326 audit(2000001475.624:17532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16389 comm="syz.1.14390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d3ce9df19 code=0x7ffc0000 [ 2520.868283][ T24] audit: type=1326 audit(2000001475.844:17533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16389 comm="syz.1.14390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7f4d3ce9df19 code=0x7ffc0000 [ 2521.256073][ T502] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2521.284375][ T502] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2521.314124][ T502] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 2521.347292][ T502] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2521.381016][ T502] usb 3-1: config 0 descriptor?? [ 2521.400516][T16405] bridge0: port 1(bridge_slave_0) entered blocking state [ 2521.408342][T16405] bridge0: port 1(bridge_slave_0) entered disabled state [ 2521.415712][T16405] device bridge_slave_0 entered promiscuous mode [ 2521.422845][T16405] bridge0: port 2(bridge_slave_1) entered blocking state [ 2521.429788][T16405] bridge0: port 2(bridge_slave_1) entered disabled state [ 2521.437080][T16405] device bridge_slave_1 entered promiscuous mode [ 2521.504766][T16405] bridge0: port 2(bridge_slave_1) entered blocking state [ 2521.511649][T16405] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2521.518768][T16405] bridge0: port 1(bridge_slave_0) entered blocking state [ 2521.525514][T16405] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2521.552857][ T7067] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 2521.553284][ T7067] bridge0: port 1(bridge_slave_0) entered disabled state [ 2521.553500][ T7067] bridge0: port 2(bridge_slave_1) entered disabled state [ 2521.556998][T13670] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 2521.557186][T13670] bridge0: port 1(bridge_slave_0) entered blocking state [ 2521.557197][T13670] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2521.559162][ T7067] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 2521.559345][ T7067] bridge0: port 2(bridge_slave_1) entered blocking state [ 2521.559355][ T7067] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2521.568747][T13670] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 2521.570789][ T7067] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 2521.581128][T13670] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 2521.585878][ T7067] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 2521.587779][ T7067] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 2521.588004][ T7067] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 2521.589655][T16405] device veth0_vlan entered promiscuous mode [ 2521.596974][T13670] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 2521.598810][T16405] device veth1_macvtap entered promiscuous mode [ 2521.604326][ T7067] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 2521.608093][T13670] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 2521.849512][T16425] netlink: 12 bytes leftover after parsing attributes in process `syz.0.14397'. [ 2522.157096][ T502] usb 3-1: language id specifier not provided by device, defaulting to English [ 2522.247033][T16438] netlink: 8 bytes leftover after parsing attributes in process `syz.4.14400'. [ 2522.756043][ T24] audit: type=1326 audit(2000001478.023:17534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16447 comm="syz.1.14405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc93036f19 code=0x7ffc0000 [ 2522.779911][ T24] audit: type=1326 audit(2000001478.023:17535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16447 comm="syz.1.14405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc93036f19 code=0x7ffc0000 [ 2522.869286][T16453] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 2523.128199][ T24] audit: type=1326 audit(2000001478.053:17536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16447 comm="syz.1.14405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=192 compat=0 ip=0x7fdc93036f19 code=0x7ffc0000 [ 2523.186978][ T502] uclogic 0003:256C:006D.0182: failed retrieving string descriptor #200: -71 [ 2523.199041][ T502] uclogic 0003:256C:006D.0182: failed retrieving pen parameters: -71 [ 2523.211865][ T24] audit: type=1326 audit(2000001478.053:17537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16447 comm="syz.1.14405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc93036f19 code=0x7ffc0000 [ 2523.217368][ T502] uclogic 0003:256C:006D.0182: failed probing pen v2 parameters: -71 [ 2523.251438][ T24] audit: type=1326 audit(2000001478.053:17538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16447 comm="syz.1.14405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc93036f19 code=0x7ffc0000 [ 2523.257237][ T502] uclogic 0003:256C:006D.0182: failed probing parameters: -71 [ 2523.283145][ T502] uclogic: probe of 0003:256C:006D.0182 failed with error -71 [ 2523.300938][ T502] usb 3-1: USB disconnect, device number 84 [ 2523.333182][T16470] udc-core: couldn't find an available UDC or it's busy [ 2523.340182][T16470] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 2523.897474][T16488] netlink: 12 bytes leftover after parsing attributes in process `syz.2.14414'. [ 2523.933557][ T24] audit: type=1326 audit(2000001479.202:17539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16490 comm="syz.1.14416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc93036f19 code=0x7ffc0000 [ 2524.003710][ T24] audit: type=1326 audit(2000001479.202:17540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16490 comm="syz.1.14416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=192 compat=0 ip=0x7fdc93036f19 code=0x7ffc0000 [ 2524.166625][T16498] netlink: 8 bytes leftover after parsing attributes in process `syz.1.14417'. [ 2525.740675][T16522] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 2525.818363][ T8075] usb 4-1: new high-speed USB device number 57 using dummy_hcd [ 2526.183461][T16529] x_tables: duplicate underflow at hook 3 [ 2526.431464][T16534] geneve1: tun_chr_ioctl cmd 1074025672 [ 2526.436900][T16534] geneve1: ignored: set checksum enabled [ 2526.438677][ T8075] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2526.462523][ T8075] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 8 [ 2526.728520][T16540] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 2526.762049][ T8075] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 2526.773436][ T8075] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2526.781338][ T8075] usb 4-1: Product: syz [ 2526.785831][ T8075] usb 4-1: Manufacturer: syz [ 2526.790332][ T8075] usb 4-1: SerialNumber: syz [ 2527.115346][T16548] overlayfs: missing 'workdir' [ 2527.132198][T16510] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 2527.669385][ T24] kauditd_printk_skb: 4 callbacks suppressed [ 2527.669401][ T24] audit: type=1326 audit(2000001482.940:17545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16557 comm="syz.2.14435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42e5d10f19 code=0x7ffc0000 [ 2527.699400][ T24] audit: type=1326 audit(2000001482.940:17546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16557 comm="syz.2.14435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42e5d10f19 code=0x7ffc0000 [ 2527.875978][T16559] x_tables: duplicate underflow at hook 3 [ 2527.976612][ T24] audit: type=1326 audit(2000001482.960:17547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16557 comm="syz.2.14435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=192 compat=0 ip=0x7f42e5d10f19 code=0x7ffc0000 [ 2528.008017][ T24] audit: type=1326 audit(2000001482.960:17548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16557 comm="syz.2.14435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42e5d10f19 code=0x7ffc0000 [ 2528.032393][ T24] audit: type=1326 audit(2000001482.960:17549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16557 comm="syz.2.14435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42e5d10f19 code=0x7ffc0000 [ 2528.704930][T16510] netlink: 160 bytes leftover after parsing attributes in process `syz.3.14422'. [ 2528.719565][T19187] usb 3-1: new high-speed USB device number 85 using dummy_hcd [ 2528.731765][T16510] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 2528.741719][T16574] geneve1: tun_chr_ioctl cmd 1074025672 [ 2528.747109][T16574] geneve1: ignored: set checksum enabled [ 2528.945491][T16581] x_tables: duplicate underflow at hook 3 [ 2529.410367][T19187] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2529.421329][T19187] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2529.435391][T19187] usb 3-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00 [ 2529.444675][T19187] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2529.457850][T19187] usb 3-1: config 0 descriptor?? [ 2529.870837][ T8075] cdc_ncm 4-1:1.0: bind() failure [ 2530.716832][ T24] audit: type=1326 audit(2000001485.989:17550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16603 comm="syz.4.14448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe883863f19 code=0x7ffc0000 [ 2530.752897][T19187] hid-multitouch 0003:1FD2:6007.0183: hidraw0: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.2-1/input0 [ 2530.780944][ T8075] cdc_ncm: probe of 4-1:1.1 failed with error -71 [ 2530.880281][ T8075] cdc_mbim: probe of 4-1:1.1 failed with error -71 [ 2530.895621][ T8075] usb 4-1: USB disconnect, device number 57 [ 2530.907520][ T24] audit: type=1326 audit(2000001486.019:17551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16603 comm="syz.4.14448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=192 compat=0 ip=0x7fe883863f19 code=0x7ffc0000 [ 2531.125197][T19187] usb 3-1: USB disconnect, device number 85 [ 2531.161917][ T24] audit: type=1326 audit(2000001486.019:17552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16603 comm="syz.4.14448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe883863f19 code=0x7ffc0000 [ 2531.331608][T16618] geneve1: tun_chr_ioctl cmd 1074025672 [ 2531.337551][T16618] geneve1: ignored: set checksum enabled [ 2531.435789][T16622] netlink: 12 bytes leftover after parsing attributes in process `syz.0.14449'. [ 2531.448247][T16622] sch_tbf: peakrate 3 is lower than or equals to rate 1143518112591568713 ! [ 2532.431341][T16628] netlink: 32 bytes leftover after parsing attributes in process `syz.1.14452'. [ 2533.295847][T16640] x_tables: duplicate underflow at hook 3 [ 2533.342063][ T24] audit: type=1326 audit(2000001488.607:17553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16651 comm="syz.0.14460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4dbcf8df19 code=0x7ffc0000 [ 2533.369429][ T24] audit: type=1326 audit(2000001488.607:17554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16651 comm="syz.0.14460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=192 compat=0 ip=0x7f4dbcf8df19 code=0x7ffc0000 [ 2533.400895][ T24] audit: type=1326 audit(2000001488.607:17555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16651 comm="syz.0.14460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4dbcf8df19 code=0x7ffc0000 [ 2534.497096][T16664] geneve1: tun_chr_ioctl cmd 1074025672 [ 2534.517766][T16664] geneve1: ignored: set checksum enabled [ 2534.609634][T16670] x_tables: duplicate underflow at hook 3 [ 2534.925596][T19187] usb 3-1: new high-speed USB device number 86 using dummy_hcd [ 2535.024173][ T24] audit: type=1400 audit(2000001490.297:17556): avc: denied { ioctl } for pid=16672 comm="syz.0.14466" path="net:[4026534474]" dev="nsfs" ino=4026534474 ioctlcmd=0xb701 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 2535.088092][T16677] 9pnet: Insufficient options for proto=fd [ 2535.297209][T16683] netlink: 12 bytes leftover after parsing attributes in process `syz.1.14468'. [ 2535.786274][T16683] sch_tbf: peakrate 3 is lower than or equals to rate 1143518112591568713 ! [ 2536.031848][T16459] usb 1-1: new high-speed USB device number 53 using dummy_hcd [ 2536.152111][T19187] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2536.174773][T19187] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 8 [ 2536.333645][ T8075] usb 4-1: new high-speed USB device number 58 using dummy_hcd [ 2536.344233][ T24] audit: type=1326 audit(2000001491.606:17557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16691 comm="syz.1.14471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc93036f19 code=0x7ffc0000 [ 2536.375039][T16694] FAULT_INJECTION: forcing a failure. [ 2536.375039][T16694] name failslab, interval 1, probability 0, space 0, times 0 [ 2536.383557][ T24] audit: type=1326 audit(2000001491.636:17558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16691 comm="syz.1.14471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=192 compat=0 ip=0x7fdc93036f19 code=0x7ffc0000 [ 2536.387817][T19187] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 2536.411475][ T24] audit: type=1326 audit(2000001491.636:17559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16691 comm="syz.1.14471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc93036f19 code=0x7ffc0000 [ 2536.420711][T16694] CPU: 1 PID: 16694 Comm: syz.2.14472 Tainted: G W 5.10.221-syzkaller-01371-g1240968f7644 #0 [ 2536.454841][T16694] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 2536.464730][T16694] Call Trace: [ 2536.467865][T16694] dump_stack_lvl+0x1e2/0x24b [ 2536.472378][T16694] ? bfq_pos_tree_add_move+0x43b/0x43b [ 2536.477677][T16694] dump_stack+0x15/0x17 [ 2536.481662][T16694] should_fail+0x3c6/0x510 [ 2536.485917][T16694] ? sidtab_sid2str_get+0x12b/0x2a0 [ 2536.490951][T16694] __should_failslab+0xa4/0xe0 [ 2536.495559][T16694] should_failslab+0x9/0x20 [ 2536.499894][T16694] __kmalloc_track_caller+0x5f/0x320 [ 2536.505010][T16694] kmemdup+0x24/0x50 [ 2536.508751][T16694] sidtab_sid2str_get+0x12b/0x2a0 [ 2536.513703][T16694] security_sid_to_context_core+0x2b5/0x490 [ 2536.519421][T16694] security_sid_to_context_force+0x36/0x40 [ 2536.525237][T16694] selinux_inode_init_security+0x6df/0xad0 [ 2536.530876][T16694] ? selinux_inode_free_security+0x200/0x200 [ 2536.536689][T16694] ? __kasan_check_write+0x14/0x20 [ 2536.541635][T16694] security_inode_init_security+0x15b/0x390 [ 2536.547358][T16694] ? shmem_tmpfile+0x100/0x100 [ 2536.551963][T16694] ? security_dentry_create_files_as+0xc0/0xc0 [ 2536.557947][T16694] ? simple_acl_create+0x29e/0x2c0 [ 2536.562892][T16694] ? shmem_get_inode+0x720/0x9e0 [ 2536.567687][T16694] shmem_mknod+0xb8/0x1c0 [ 2536.571847][T16694] ? selinux_inode_mkdir+0x22/0x30 [ 2536.576791][T16694] shmem_mkdir+0x2b/0x60 [ 2536.580860][T16694] vfs_mkdir+0x4cf/0x6c0 [ 2536.584940][T16694] do_mkdirat+0x1a6/0x2c0 [ 2536.589105][T16694] ? do_mknodat+0x450/0x450 [ 2536.593445][T16694] ? __bpf_trace_sys_enter+0x62/0x70 [ 2536.598563][T16694] __x64_sys_mkdirat+0x7b/0x90 [ 2536.603162][T16694] do_syscall_64+0x34/0x70 [ 2536.607505][T16694] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2536.613336][T16694] RIP: 0033:0x7f42e5d0f857 [ 2536.617584][T16694] Code: 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2536.637021][T16694] RSP: 002b:00007f42e4f91e78 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 2536.645257][T16694] RAX: ffffffffffffffda RBX: 00007f42e4f91f00 RCX: 00007f42e5d0f857 [ 2536.653156][T16694] RDX: 00000000000001ff RSI: 00000000200000c0 RDI: 00000000ffffff9c [ 2536.661148][T16694] RBP: 0000000020000080 R08: 0000000000000000 R09: 0000000000000000 [ 2536.669044][T16694] R10: 0000000020000080 R11: 0000000000000246 R12: 00000000200000c0 [ 2536.676942][T16694] R13: 00007f42e4f91ec0 R14: 0000000000000000 R15: 0000000020002280 [ 2536.691944][T19187] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2536.723793][T19187] usb 3-1: can't set config #1, error -71 [ 2536.737438][T19187] usb 3-1: USB disconnect, device number 86 [ 2536.843786][T16459] usb 1-1: Using ep0 maxpacket: 8 [ 2536.933167][T16712] 9pnet: Insufficient options for proto=fd [ 2536.963934][T16459] usb 1-1: unable to get BOS descriptor set [ 2536.963974][ T8075] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 255, using maximum allowed: 30 [ 2536.969772][T16459] usb 1-1: too many configurations: 40, using maximum allowed: 8 [ 2536.989134][ T8075] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2537.001073][ T8075] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2537.012773][ T8075] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 255 [ 2537.027645][ T8075] usb 4-1: New USB device found, idVendor=044f, idProduct=b653, bcdDevice= 0.00 [ 2537.039525][T16715] x_tables: duplicate underflow at hook 3 [ 2537.087068][ T8075] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2537.193752][ T8075] usb 4-1: config 0 descriptor?? [ 2537.264028][T16459] usb 1-1: unable to read config index 0 descriptor/start: -61 [ 2537.271598][T16459] usb 1-1: can't read configurations, error -61 [ 2537.424167][T16459] usb 1-1: new high-speed USB device number 54 using dummy_hcd [ 2537.728674][ T8075] thrustmaster 0003:044F:B653.0184: unbalanced delimiter at end of report description [ 2537.740333][ T8075] thrustmaster 0003:044F:B653.0184: parse failed [ 2537.747042][ T8075] thrustmaster: probe of 0003:044F:B653.0184 failed with error -22 [ 2537.874261][T16459] usb 1-1: Using ep0 maxpacket: 8 [ 2537.887114][T16727] udc-core: couldn't find an available UDC or it's busy [ 2537.893987][T16727] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 2537.905068][T16727] netlink: 160 bytes leftover after parsing attributes in process `syz.1.14482'. [ 2537.957413][ T24] audit: type=1326 audit(2000001493.225:17560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16730 comm="syz.4.14483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe883863f19 code=0x7ffc0000 [ 2538.046424][ T24] audit: type=1326 audit(2000001493.315:17561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16730 comm="syz.4.14483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe883863f19 code=0x7ffc0000 [ 2538.281763][T16459] usb 1-1: unable to get BOS descriptor set [ 2538.317145][ T24] audit: type=1326 audit(2000001493.545:17562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16730 comm="syz.4.14483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=192 compat=0 ip=0x7fe883863f19 code=0x7ffc0000 [ 2538.351486][T16459] usb 1-1: too many configurations: 40, using maximum allowed: 8 [ 2538.426424][ T24] audit: type=1326 audit(2000001493.545:17563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16730 comm="syz.4.14483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe883863f19 code=0x7ffc0000 [ 2538.456882][ T24] audit: type=1326 audit(2000001493.545:17564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16730 comm="syz.4.14483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe883863f19 code=0x7ffc0000 [ 2538.564691][T16459] usb 1-1: unable to read config index 0 descriptor/start: -71 [ 2538.572221][T16459] usb 1-1: can't read configurations, error -71 [ 2538.578485][T16459] usb usb1-port1: attempt power cycle [ 2538.874669][T16752] 9pnet: Insufficient options for proto=fd [ 2539.224727][ T24] audit: type=1326 audit(2000001494.484:17565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16756 comm="syz.2.14490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42e5d10f19 code=0x7ffc0000 [ 2539.385379][ T24] audit: type=1326 audit(2000001494.544:17566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16756 comm="syz.2.14490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f42e5d10f19 code=0x7ffc0000 [ 2539.435649][ T24] audit: type=1326 audit(2000001494.554:17567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16756 comm="syz.2.14490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42e5d10f19 code=0x7ffc0000 [ 2539.493359][ T24] audit: type=1326 audit(2000001494.564:17568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16756 comm="syz.2.14490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f42e5d10f19 code=0x7ffc0000 [ 2539.596663][ T24] audit: type=1326 audit(2000001494.564:17569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16756 comm="syz.2.14490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42e5d10f19 code=0x7ffc0000 [ 2539.620782][ T3293] usb 4-1: USB disconnect, device number 58 [ 2539.724693][T16765] x_tables: duplicate underflow at hook 3 [ 2540.155415][ T24] audit: type=1326 audit(2000001494.564:17570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16756 comm="syz.2.14490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f42e5d10f19 code=0x7ffc0000 [ 2540.178969][ T24] audit: type=1326 audit(2000001494.574:17571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16756 comm="syz.2.14490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42e5d10f19 code=0x7ffc0000 [ 2540.202634][ T24] audit: type=1326 audit(2000001494.574:17572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16756 comm="syz.2.14490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f42e5d10f19 code=0x7ffc0000 [ 2541.234513][T16459] usb 1-1: new high-speed USB device number 56 using dummy_hcd [ 2542.134010][T16819] x_tables: duplicate underflow at hook 3 [ 2542.267602][T16459] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2542.416526][T16459] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 8 [ 2542.825801][T16829] udc-core: couldn't find an available UDC or it's busy [ 2542.915321][T16829] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 2543.447096][T16459] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 2543.460164][T16459] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2543.557191][T16459] usb 1-1: can't set config #1, error -71 [ 2543.563480][T16459] usb 1-1: USB disconnect, device number 56 [ 2543.811826][T16846] overlayfs: failed to resolve './file2': -2 [ 2543.892761][ T24] kauditd_printk_skb: 31 callbacks suppressed [ 2543.892808][ T24] audit: type=1326 audit(2000001499.152:17604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16850 comm="syz.1.14520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc93036f19 code=0x7ffc0000 [ 2544.037494][ T24] audit: type=1326 audit(2000001499.272:17605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16850 comm="syz.1.14520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc93036f19 code=0x7ffc0000 [ 2544.561059][T16858] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 2544.615116][ T24] audit: type=1326 audit(2000001499.272:17606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16850 comm="syz.1.14520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=192 compat=0 ip=0x7fdc93036f19 code=0x7ffc0000 [ 2544.667658][ T24] audit: type=1326 audit(2000001499.272:17607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16850 comm="syz.1.14520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc93036f19 code=0x7ffc0000 [ 2544.752802][ T24] audit: type=1326 audit(2000001499.272:17608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16850 comm="syz.1.14520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc93036f19 code=0x7ffc0000 [ 2544.914619][T16876] x_tables: duplicate underflow at hook 3 [ 2545.952018][ T24] audit: type=1326 audit(2000001501.211:17609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16882 comm="syz.1.14530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc93036f19 code=0x7ffc0000 [ 2546.030112][ T24] audit: type=1326 audit(2000001501.211:17610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16882 comm="syz.1.14530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7fdc93036f19 code=0x7ffc0000 [ 2546.234932][T13954] usb 5-1: new high-speed USB device number 62 using dummy_hcd [ 2546.791617][T16900] udc-core: couldn't find an available UDC or it's busy [ 2546.798398][T16900] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 2546.858968][T13954] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2546.869913][T13954] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 8 [ 2547.048980][T13954] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 2547.058007][T13954] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2547.065773][T13954] usb 5-1: Product: syz [ 2547.069809][T13954] usb 5-1: Manufacturer: syz [ 2547.074238][T13954] usb 5-1: SerialNumber: syz [ 2547.322447][T16865] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 2547.595905][T16921] overlayfs: missing 'workdir' [ 2549.005696][T16924] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 2549.556180][T16865] netlink: 160 bytes leftover after parsing attributes in process `syz.4.14525'. [ 2549.820634][T13954] cdc_ncm 5-1:1.0: bind() failure [ 2549.827012][T13954] cdc_ncm 5-1:1.1: bind() failure [ 2549.834274][T13954] usb 5-1: USB disconnect, device number 62 [ 2549.915376][T16942] netlink: 60 bytes leftover after parsing attributes in process `syz.3.14545'. [ 2550.284306][T16966] overlayfs: missing 'workdir' [ 2551.072872][ T24] audit: type=1326 audit(2000001506.338:17611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16978 comm="syz.0.14556" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4dbcf8df19 code=0x7ffc0000 [ 2551.123886][T16981] geneve1: tun_chr_ioctl cmd 1074025672 [ 2551.133414][T16981] geneve1: ignored: set checksum enabled [ 2551.139291][ T24] audit: type=1326 audit(2000001506.358:17612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16978 comm="syz.0.14556" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7f4dbcf8df19 code=0x7ffc0000 [ 2551.403910][T16988] udc-core: couldn't find an available UDC or it's busy [ 2551.410741][T16988] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 2552.071374][ T710] usb 5-1: new high-speed USB device number 63 using dummy_hcd [ 2552.566293][T17010] x_tables: duplicate underflow at hook 3 [ 2552.742155][ T710] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2552.770966][ T710] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2552.820431][ T710] usb 5-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00 [ 2552.860373][ T710] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2552.894847][ T710] usb 5-1: config 0 descriptor?? [ 2552.906616][T17011] bridge0: port 1(bridge_slave_0) entered blocking state [ 2552.913807][T17011] bridge0: port 1(bridge_slave_0) entered disabled state [ 2552.921099][T17011] device bridge_slave_0 entered promiscuous mode [ 2552.931054][T17011] bridge0: port 2(bridge_slave_1) entered blocking state [ 2552.939406][T17011] bridge0: port 2(bridge_slave_1) entered disabled state [ 2552.947638][T17011] device bridge_slave_1 entered promiscuous mode [ 2552.954345][T17016] geneve1: tun_chr_ioctl cmd 1074025672 [ 2552.959793][T17016] geneve1: ignored: set checksum enabled [ 2553.045984][T17011] bridge0: port 2(bridge_slave_1) entered blocking state [ 2553.052963][T17011] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2553.060057][T17011] bridge0: port 1(bridge_slave_0) entered blocking state [ 2553.066856][T17011] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2553.074675][ T24] audit: type=1326 audit(2000001508.337:17613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17019 comm="syz.2.14570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42e5d10f19 code=0x7ffc0000 [ 2553.101450][ T24] audit: type=1326 audit(2000001508.357:17614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17019 comm="syz.2.14570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f42e5d10f19 code=0x7ffc0000 [ 2553.126174][ T24] audit: type=1326 audit(2000001508.357:17615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17019 comm="syz.2.14570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42e5d10f19 code=0x7ffc0000 [ 2553.157634][ T288] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 2553.165800][ T288] bridge0: port 1(bridge_slave_0) entered disabled state [ 2553.180129][ T24] audit: type=1326 audit(2000001508.357:17616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17019 comm="syz.2.14570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f42e5d10f19 code=0x7ffc0000 [ 2553.288328][ T288] bridge0: port 2(bridge_slave_1) entered disabled state [ 2553.292208][ T24] audit: type=1326 audit(2000001508.357:17617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17019 comm="syz.2.14570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42e5d10f19 code=0x7ffc0000 [ 2553.319551][ T24] audit: type=1326 audit(2000001508.357:17618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17019 comm="syz.2.14570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7f42e5d10f19 code=0x7ffc0000 [ 2553.346342][ T24] audit: type=1326 audit(2000001508.357:17619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17019 comm="syz.2.14570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=96 compat=0 ip=0xffffffffff600000 code=0x7ffc0000 [ 2553.659951][ T710] hid-multitouch 0003:1FD2:6007.0185: hidraw0: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.4-1/input0 [ 2554.296928][ T710] usb 5-1: USB disconnect, device number 63 [ 2554.350930][ T24] audit: type=1326 audit(2000001508.357:17620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17019 comm="syz.2.14570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42e5d10f19 code=0x7ffc0000 [ 2554.452175][ T7067] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 2554.507534][ T7067] bridge0: port 1(bridge_slave_0) entered blocking state [ 2554.514402][ T7067] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2555.439406][ T7067] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 2555.448927][ T7067] bridge0: port 2(bridge_slave_1) entered blocking state [ 2555.455838][ T7067] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2555.484344][T17055] fuse: Bad value for 'rootmode' [ 2555.492946][T26043] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 2555.503548][T26043] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 2555.511497][T26043] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 2555.519933][T26043] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 2555.543147][T14370] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 2555.552487][T14370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 2555.566793][T17011] device veth0_vlan entered promiscuous mode [ 2555.574539][T26043] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 2555.584342][T26043] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 2555.596087][T26043] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 2555.618941][T26043] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 2555.634306][T26043] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 2555.644427][T26043] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 2555.692457][T17011] device veth1_macvtap entered promiscuous mode [ 2555.709303][T26043] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 2555.718587][T26043] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 2555.727721][T26043] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 2555.932959][T17070] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 2555.985389][T10672] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 2555.998935][T10672] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 2556.009481][T14482] device bridge_slave_1 left promiscuous mode [ 2556.019549][T14482] bridge0: port 2(bridge_slave_1) entered disabled state [ 2556.037442][T14482] device bridge_slave_0 left promiscuous mode [ 2556.050187][T14482] bridge0: port 1(bridge_slave_0) entered disabled state [ 2556.072669][T14482] device veth1_macvtap left promiscuous mode [ 2556.089617][T14482] device veth0_vlan left promiscuous mode [ 2556.213500][T17080] x_tables: duplicate underflow at hook 3 [ 2557.437281][T17077] netlink: 12 bytes leftover after parsing attributes in process `syz.1.14567'. [ 2557.447268][T17078] sch_tbf: peakrate 3 is lower than or equals to rate 1143518112591568713 ! [ 2557.515431][T14370] usb 4-1: new high-speed USB device number 59 using dummy_hcd [ 2557.532166][T17105] udc-core: couldn't find an available UDC or it's busy [ 2557.539656][T17105] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 2557.949005][T17110] 9pnet: Could not find request transport: f0x00000000000000080xffffffffffffffff [ 2558.024447][ T24] kauditd_printk_skb: 24 callbacks suppressed [ 2558.024484][ T24] audit: type=1400 audit(2000001513.245:17645): avc: denied { read } for pid=78 comm="acpid" name="event-" dev="devtmpfs" ino=5075 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1 [ 2558.059315][ T24] audit: type=1400 audit(2000001513.245:17646): avc: denied { open } for pid=78 comm="acpid" path="/dev/input/event-" dev="devtmpfs" ino=5075 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1 [ 2558.084375][ T24] audit: type=1400 audit(2000001513.245:17647): avc: denied { ioctl } for pid=78 comm="acpid" path="/dev/input/event-" dev="devtmpfs" ino=5075 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1 [ 2558.314917][T14370] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2558.328293][T14370] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 2558.341498][T14370] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 2558.350426][T14370] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2558.647840][T14370] usb 4-1: config 0 descriptor?? [ 2558.674671][ T710] usb 1-1: new high-speed USB device number 57 using dummy_hcd [ 2558.785138][T17121] netlink: 12 bytes leftover after parsing attributes in process `syz.2.14595'. [ 2558.797701][T17121] sch_tbf: peakrate 3 is lower than or equals to rate 1143518112591568713 ! [ 2558.857696][T14370] usbhid 4-1:0.0: couldn't find an input interrupt endpoint [ 2558.887810][T14370] usb 4-1: USB disconnect, device number 59 [ 2558.921527][T17123] geneve1: tun_chr_ioctl cmd 1074025672 [ 2558.927457][T17123] geneve1: ignored: set checksum enabled [ 2559.245421][ T710] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2559.256683][ T710] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2559.269242][ T710] usb 1-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00 [ 2559.279909][ T710] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2559.316739][ T710] usb 1-1: config 0 descriptor?? [ 2559.355263][ T2381] usb 5-1: new high-speed USB device number 64 using dummy_hcd [ 2559.968334][ T2381] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2560.501815][ T710] hid-multitouch 0003:1FD2:6007.0186: hidraw0: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.0-1/input0 [ 2560.514925][ T2381] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2560.535078][ T710] usb 1-1: USB disconnect, device number 57 [ 2560.541122][ T2381] usb 5-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00 [ 2560.664806][ T2381] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2560.675608][ T2381] usb 5-1: config 0 descriptor?? [ 2561.318951][ T24] audit: type=1326 audit(2000001516.573:17648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17127 comm="syz.4.14598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe883863f19 code=0x7ffc0000 [ 2561.354182][ T24] audit: type=1326 audit(2000001516.573:17649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17127 comm="syz.4.14598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe883863f19 code=0x7ffc0000 [ 2561.368818][T17146] FAULT_INJECTION: forcing a failure. [ 2561.368818][T17146] name fail_futex, interval 1, probability 0, space 0, times 0 [ 2561.396609][T17146] CPU: 0 PID: 17146 Comm: syz.3.14602 Tainted: G W 5.10.221-syzkaller-01371-g1240968f7644 #0 [ 2561.407880][T17146] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 2561.417766][T17146] Call Trace: [ 2561.420903][T17146] dump_stack_lvl+0x1e2/0x24b [ 2561.425429][T17146] ? panic+0x812/0x812 [ 2561.429316][T17146] ? bfq_pos_tree_add_move+0x43b/0x43b [ 2561.434621][T17146] dump_stack+0x15/0x17 [ 2561.438607][T17146] should_fail+0x3c6/0x510 [ 2561.442864][T17146] get_futex_key+0x183/0xe70 [ 2561.447287][T17146] ? futex_wait_restart+0x250/0x250 [ 2561.452312][T17146] ? 0xffffffffa0028000 [ 2561.456313][T17146] futex_wake+0x162/0x790 [ 2561.460478][T17146] ? unwind_get_return_address+0x4d/0x90 [ 2561.465946][T17146] ? futex_wait+0x7c0/0x7c0 [ 2561.466176][ T24] audit: type=1326 audit(2000001516.603:17650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17127 comm="syz.4.14598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=100 compat=0 ip=0x7fe883863f19 code=0x7ffc0000 [ 2561.470293][T17146] ? stack_trace_save+0x113/0x1c0 [ 2561.470308][T17146] ? stack_trace_snprint+0xf0/0xf0 [ 2561.470331][T17146] do_futex+0x13c5/0x17b0 [ 2561.507706][T17146] ? __kasan_check_write+0x14/0x20 [ 2561.512643][T17146] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 2561.517944][T17146] ? task_work_run+0x129/0x190 [ 2561.522534][T17146] ? get_signal+0x138d/0x1410 [ 2561.524294][ T24] audit: type=1326 audit(2000001516.603:17651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17127 comm="syz.4.14598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe883863f19 code=0x7ffc0000 [ 2561.527040][T17146] ? arch_do_signal_or_restart+0xbd/0x17c0 [ 2561.527054][T17146] ? __kasan_check_write+0x14/0x20 [ 2561.527069][T17146] ? futex_exit_release+0x1e0/0x1e0 [ 2561.527082][T17146] ? __kasan_check_write+0x14/0x20 [ 2561.527095][T17146] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 2561.527114][T17146] ? _raw_spin_lock+0x1b0/0x1b0 [ 2561.571423][ T24] audit: type=1326 audit(2000001516.603:17652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17127 comm="syz.4.14598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe883863f19 code=0x7ffc0000 [ 2561.576521][T17146] ? __kasan_check_write+0x14/0x20 [ 2561.576543][T17146] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 2561.586287][ T24] audit: type=1326 audit(2000001516.603:17653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17127 comm="syz.4.14598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=85 compat=0 ip=0x7fe883863f19 code=0x7ffc0000 [ 2561.604904][T17146] ? uprobe_free_utask+0x82/0x150 [ 2561.604916][T17146] mm_release+0x1d4/0x320 [ 2561.604927][T17146] ? exit_mm_release+0x30/0x30 [ 2561.604947][T17146] ? mutex_unlock+0x1c/0x40 [ 2561.638522][ T24] audit: type=1326 audit(2000001516.603:17654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17127 comm="syz.4.14598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe883863f19 code=0x7ffc0000 [ 2561.638588][T17146] ? futex_exit_release+0x121/0x1e0 [ 2561.685194][T17146] exit_mm_release+0x25/0x30 [ 2561.689621][T17146] do_exit+0x605/0x2a50 [ 2561.693615][T17146] ? rcu_gp_kthread_wake+0x90/0x90 [ 2561.698556][T17146] ? put_task_struct+0x80/0x80 [ 2561.703175][T17146] ? percpu_counter_add_batch+0x13d/0x160 [ 2561.708707][T17146] ? cgroup_freezing+0x88/0xb0 [ 2561.713300][T17146] do_group_exit+0x141/0x310 [ 2561.717815][T17146] get_signal+0x10a0/0x1410 [ 2561.722157][T17146] arch_do_signal_or_restart+0xbd/0x17c0 [ 2561.727624][T17146] ? __do_sys_rt_sigreturn+0x1e0/0x1e0 [ 2561.732913][T17146] ? __kasan_check_write+0x14/0x20 [ 2561.737867][T17146] ? __sys_accept4+0x15c/0x180 [ 2561.742462][T17146] exit_to_user_mode_loop+0x9b/0xd0 [ 2561.747502][T17146] syscall_exit_to_user_mode+0xa2/0x1a0 [ 2561.753313][T17146] do_syscall_64+0x40/0x70 [ 2561.757567][T17146] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2561.763287][T17146] RIP: 0033:0x7fa948493f19 [ 2561.767542][T17146] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2561.786982][T17146] RSP: 002b:00007fa9476f4048 EFLAGS: 00000246 ORIG_RAX: 0000000000000120 [ 2561.795226][T17146] RAX: fffffffffffffe00 RBX: 00007fa948624038 RCX: 00007fa948493f19 [ 2561.803037][T17146] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 2561.810852][T17146] RBP: 00007fa9476f40a0 R08: 0000000000000000 R09: 0000000000000000 [ 2561.818663][T17146] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2561.826471][T17146] R13: 000000000000006e R14: 00007fa948624038 R15: 00007fff26d6e468 [ 2561.834499][ T2381] usbhid 5-1:0.0: can't add hid device: -71 [ 2561.845436][ T2381] usbhid: probe of 5-1:0.0 failed with error -71 [ 2561.891599][T17157] usb usb8: usbfs: process 17157 (syz.1.14606) did not claim interface 0 before use [ 2561.940213][ T2381] usb 5-1: USB disconnect, device number 64 [ 2563.611711][T17198] FAULT_INJECTION: forcing a failure. [ 2563.611711][T17198] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2563.642881][T17198] CPU: 1 PID: 17198 Comm: syz.0.14619 Tainted: G W 5.10.221-syzkaller-01371-g1240968f7644 #0 [ 2563.654149][T17198] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 2563.664041][T17198] Call Trace: [ 2563.667170][T17198] dump_stack_lvl+0x1e2/0x24b [ 2563.671679][T17198] ? bfq_pos_tree_add_move+0x43b/0x43b [ 2563.677065][T17198] ? memset+0x35/0x40 [ 2563.680877][T17198] dump_stack+0x15/0x17 [ 2563.684871][T17198] should_fail+0x3c6/0x510 [ 2563.689124][T17198] should_fail_usercopy+0x1a/0x20 [ 2563.693986][T17198] _copy_from_user+0x20/0xd0 [ 2563.698501][T17198] ___sys_recvmsg+0x150/0x690 [ 2563.703012][T17198] ? __sys_recvmsg+0x270/0x270 [ 2563.707660][T17198] ? __fdget+0x1bc/0x240 [ 2563.711689][T17198] __x64_sys_recvmsg+0x1ee/0x2c0 [ 2563.716464][T17198] ? bpf_trace_run1+0x210/0x210 [ 2563.721149][T17198] ? ___sys_recvmsg+0x690/0x690 [ 2563.726013][T17198] ? __bpf_trace_sys_enter+0x62/0x70 [ 2563.731139][T17198] ? syscall_enter_from_user_mode+0x144/0x1a0 [ 2563.737121][T17198] do_syscall_64+0x34/0x70 [ 2563.741375][T17198] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2563.747099][T17198] RIP: 0033:0x7f4dbcf8df19 [ 2563.751358][T17198] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2563.770796][T17198] RSP: 002b:00007f4dbc20f048 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2563.779124][T17198] RAX: ffffffffffffffda RBX: 00007f4dbd11df60 RCX: 00007f4dbcf8df19 [ 2563.786932][T17198] RDX: 0000000000000000 RSI: 0000000020001500 RDI: 0000000000000005 [ 2563.794750][T17198] RBP: 00007f4dbc20f0a0 R08: 0000000000000000 R09: 0000000000000000 [ 2563.802733][T17198] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2563.810632][T17198] R13: 000000000000000b R14: 00007f4dbd11df60 R15: 00007ffd02650418 [ 2564.217453][T13953] usb 3-1: new high-speed USB device number 87 using dummy_hcd [ 2564.605940][ T24] kauditd_printk_skb: 19 callbacks suppressed [ 2564.605956][ T24] audit: type=1326 audit(2000001519.852:17674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17215 comm="syz.4.14624" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe883863f19 code=0x7ffc0000 [ 2564.648266][ T24] audit: type=1326 audit(2000001519.892:17675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17215 comm="syz.4.14624" exe="/root/syz-executor" sig=0 arch=c000003e syscall=192 compat=0 ip=0x7fe883863f19 code=0x7ffc0000 [ 2564.673424][ T24] audit: type=1326 audit(2000001519.892:17676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17215 comm="syz.4.14624" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe883863f19 code=0x7ffc0000 [ 2564.781468][T13625] usb 1-1: new high-speed USB device number 58 using dummy_hcd [ 2564.837909][T13953] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2564.848933][ T3293] usb 4-1: new high-speed USB device number 60 using dummy_hcd [ 2564.856552][T13953] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2564.866504][T13953] usb 3-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00 [ 2564.875563][T13953] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2564.885699][T13953] usb 3-1: config 0 descriptor?? [ 2564.917774][ T710] usb 5-1: new high-speed USB device number 65 using dummy_hcd [ 2565.298924][ T3293] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2565.310584][ T3293] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2565.322567][ T3293] usb 4-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00 [ 2565.332936][ T3293] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2565.341565][ T710] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 2565.365262][T13625] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2565.371623][ T3293] usb 4-1: config 0 descriptor?? [ 2565.376012][T13625] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2565.382133][ T710] usb 5-1: New USB device found, idVendor=5543, idProduct=0781, bcdDevice= 0.00 [ 2565.390539][T13625] usb 1-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00 [ 2565.402153][T13953] hid-multitouch 0003:1FD2:6007.0187: hidraw0: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.2-1/input0 [ 2565.408330][T13625] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2565.421157][ T710] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2565.437053][T13625] usb 1-1: config 0 descriptor?? [ 2565.443505][ T710] usb 5-1: config 0 descriptor?? [ 2565.604655][T22971] usb 3-1: USB disconnect, device number 87 [ 2565.660423][ T24] audit: type=1326 audit(2000001520.911:17677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17212 comm="syz.3.14623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa948493f19 code=0x7ffc0000 [ 2565.684370][ T24] audit: type=1326 audit(2000001520.911:17678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17212 comm="syz.3.14623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa948493f19 code=0x7ffc0000 [ 2565.708817][ T24] audit: type=1326 audit(2000001520.911:17679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17212 comm="syz.3.14623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=100 compat=0 ip=0x7fa948493f19 code=0x7ffc0000 [ 2565.732573][ T24] audit: type=1326 audit(2000001520.911:17680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17212 comm="syz.3.14623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa948493f19 code=0x7ffc0000 [ 2565.756432][ T24] audit: type=1326 audit(2000001520.911:17681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17212 comm="syz.3.14623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa948493f19 code=0x7ffc0000 [ 2565.780225][ T24] audit: type=1326 audit(2000001520.911:17682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17212 comm="syz.3.14623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=85 compat=0 ip=0x7fa948493f19 code=0x7ffc0000 [ 2565.803708][ T24] audit: type=1326 audit(2000001520.911:17683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17212 comm="syz.3.14623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa948493f19 code=0x7ffc0000 [ 2565.919525][T17225] udc-core: couldn't find an available UDC or it's busy [ 2565.926311][T17225] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 2565.939921][T13625] hid-multitouch 0003:1FD2:6007.0188: hidraw0: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.0-1/input0 [ 2566.011267][ T3293] usbhid 4-1:0.0: can't add hid device: -71 [ 2566.017401][ T3293] usbhid: probe of 4-1:0.0 failed with error -71 [ 2566.024753][ T3293] usb 4-1: USB disconnect, device number 60 [ 2566.356111][ T3293] usb 1-1: USB disconnect, device number 58 [ 2566.540839][ T710] usbhid 5-1:0.0: couldn't find an input interrupt endpoint [ 2566.698375][T17237] udc-core: couldn't find an available UDC or it's busy [ 2566.705910][T17237] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 2566.739916][T17218] udc-core: couldn't find an available UDC or it's busy [ 2566.747102][T17218] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 2566.766047][T22971] usb 5-1: USB disconnect, device number 65 [ 2568.049333][ T710] usb 4-1: new high-speed USB device number 61 using dummy_hcd [ 2568.658426][T17263] 9pnet: Insufficient options for proto=fd [ 2568.673906][T17265] FAULT_INJECTION: forcing a failure. [ 2568.673906][T17265] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2568.686875][T17265] CPU: 1 PID: 17265 Comm: syz.2.14635 Tainted: G W 5.10.221-syzkaller-01371-g1240968f7644 #0 [ 2568.698138][T17265] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 2568.708263][T17265] Call Trace: [ 2568.711395][T17265] dump_stack_lvl+0x1e2/0x24b [ 2568.715915][T17265] ? panic+0x812/0x812 [ 2568.719806][T17265] ? bfq_pos_tree_add_move+0x43b/0x43b [ 2568.725103][T17265] dump_stack+0x15/0x17 [ 2568.729090][T17265] should_fail+0x3c6/0x510 [ 2568.733348][T17265] should_fail_usercopy+0x1a/0x20 [ 2568.738209][T17265] strncpy_from_user+0x24/0x2d0 [ 2568.742894][T17265] ? getname_flags+0xba/0x520 [ 2568.747405][T17265] getname_flags+0xf2/0x520 [ 2568.751749][T17265] user_path_at_empty+0x2d/0x50 [ 2568.756433][T17265] __se_sys_mount+0x285/0x3b0 [ 2568.760948][T17265] ? __x64_sys_mount+0xd0/0xd0 [ 2568.765547][T17265] ? __bpf_trace_sys_enter+0x62/0x70 [ 2568.770667][T17265] __x64_sys_mount+0xbf/0xd0 [ 2568.775102][T17265] do_syscall_64+0x34/0x70 [ 2568.779366][T17265] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2568.785095][T17265] RIP: 0033:0x7f42e5d10f19 [ 2568.789331][T17265] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2568.808779][T17265] RSP: 002b:00007f42e4f50048 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 2568.817210][T17265] RAX: ffffffffffffffda RBX: 00007f42e5ea1110 RCX: 00007f42e5d10f19 [ 2568.825010][T17265] RDX: 0000000020000100 RSI: 00000000200020c0 RDI: 0000000000000000 [ 2568.832827][T17265] RBP: 00007f42e4f500a0 R08: 0000000020002140 R09: 0000000000000000 [ 2568.840799][T17265] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2568.848620][T17265] R13: 000000000000006e R14: 00007f42e5ea1110 R15: 00007ffeb4c80818 [ 2568.885836][ T710] usb 4-1: Using ep0 maxpacket: 8 [ 2569.025732][ T710] usb 4-1: New USB device found, idVendor=0403, idProduct=f0c8, bcdDevice= 2.56 [ 2569.050265][ T710] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2569.063181][ T710] usb 4-1: config 0 descriptor?? [ 2569.096085][T17289] geneve1: tun_chr_ioctl cmd 1074025672 [ 2569.102842][ T710] ftdi_sio 4-1:0.0: FTDI USB Serial Device converter detected [ 2569.111154][T17289] geneve1: ignored: set checksum enabled [ 2569.310921][ T710] usb 4-1: Detected FT232BM [ 2569.350029][ T288] usb 3-1: new high-speed USB device number 88 using dummy_hcd [ 2569.710350][ T288] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2569.721442][ T288] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2569.731788][ T288] usb 3-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00 [ 2569.740800][ T288] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2569.755218][ T288] usb 3-1: config 0 descriptor?? [ 2570.090904][T17300] 9pnet: Insufficient options for proto=fd [ 2570.133786][T17304] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=0 sclass=netlink_xfrm_socket pid=17304 comm=syz.1.14649 [ 2570.192878][ T24] kauditd_printk_skb: 38 callbacks suppressed [ 2570.192891][ T24] audit: type=1400 audit(2000001525.439:17722): avc: denied { shutdown } for pid=17236 comm="syz.3.14630" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 2570.231472][ T710] ftdi_sio ttyUSB0: Unable to write latency timer: -71 [ 2570.242436][ T710] usb 4-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 2570.328866][ T288] hid-multitouch 0003:1FD2:6007.0189: hidraw0: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.2-1/input0 [ 2570.341041][ T710] usb 4-1: USB disconnect, device number 61 [ 2570.349757][ T710] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 2570.362747][ T710] ftdi_sio 4-1:0.0: device disconnected [ 2570.452655][T17312] x_tables: duplicate underflow at hook 3 [ 2570.625013][ T710] usb 3-1: USB disconnect, device number 88 [ 2571.205030][T17325] FAULT_INJECTION: forcing a failure. [ 2571.205030][T17325] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2571.219090][T17325] CPU: 0 PID: 17325 Comm: syz.2.14655 Tainted: G W 5.10.221-syzkaller-01371-g1240968f7644 #0 [ 2571.230355][T17325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 2571.240251][T17325] Call Trace: [ 2571.243384][T17325] dump_stack_lvl+0x1e2/0x24b [ 2571.247886][T17325] ? bfq_pos_tree_add_move+0x43b/0x43b [ 2571.253184][T17325] dump_stack+0x15/0x17 [ 2571.257170][T17325] should_fail+0x3c6/0x510 [ 2571.261433][T17325] should_fail_alloc_page+0x52/0x60 [ 2571.266464][T17325] __alloc_pages_nodemask+0x1b3/0xaf0 [ 2571.271692][T17325] ? gfp_pfmemalloc_allowed+0x120/0x120 [ 2571.277138][T17325] ? __kasan_kmalloc+0x9/0x10 [ 2571.281652][T17325] ? __kmalloc+0x1aa/0x330 [ 2571.286014][T17325] ? __vmalloc_node_range+0x2a9/0x7c0 [ 2571.291219][T17325] __vmalloc_node_range+0x36c/0x7c0 [ 2571.296246][T17325] ? kvm_dev_ioctl+0x165/0x16a0 [ 2571.300933][T17325] __vmalloc+0x7a/0x90 [ 2571.304849][T17325] ? kvm_dev_ioctl+0x165/0x16a0 [ 2571.309522][T17325] kvm_dev_ioctl+0x165/0x16a0 [ 2571.314052][T17325] ? selinux_file_alloc_security+0x120/0x120 [ 2571.319863][T17325] ? __fget_files+0x31e/0x380 [ 2571.324371][T17325] ? kvm_reboot+0x40/0x40 [ 2571.328540][T17325] ? security_file_ioctl+0x84/0xb0 [ 2571.333484][T17325] ? kvm_reboot+0x40/0x40 [ 2571.337641][T17325] __se_sys_ioctl+0x114/0x190 [ 2571.342157][T17325] __x64_sys_ioctl+0x7b/0x90 [ 2571.346580][T17325] do_syscall_64+0x34/0x70 [ 2571.350836][T17325] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2571.356559][T17325] RIP: 0033:0x7f42e5d10f19 [ 2571.360823][T17325] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2571.380340][T17325] RSP: 002b:00007f42e4f92048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2571.388590][T17325] RAX: ffffffffffffffda RBX: 00007f42e5ea0f60 RCX: 00007f42e5d10f19 [ 2571.396396][T17325] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000008 [ 2571.404210][T17325] RBP: 00007f42e4f920a0 R08: 0000000000000000 R09: 0000000000000000 [ 2571.412017][T17325] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2571.419834][T17325] R13: 000000000000000b R14: 00007f42e5ea0f60 R15: 00007ffeb4c80818 [ 2571.437075][T17327] geneve1: tun_chr_ioctl cmd 1074025672 [ 2571.442776][T17327] geneve1: ignored: set checksum enabled [ 2571.711236][ T288] usb 3-1: new high-speed USB device number 89 using dummy_hcd [ 2571.733097][T17336] 9pnet: Insufficient options for proto=fd [ 2572.133995][ T288] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2572.565210][ T288] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2572.769038][ T288] usb 3-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00 [ 2572.836716][ T288] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2572.859785][ T288] usb 3-1: config 0 descriptor?? [ 2572.901510][T17349] device syzkaller0 entered promiscuous mode [ 2573.056636][ T24] audit: type=1326 audit(2000001528.297:17723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17353 comm="syz.4.14666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe883863f19 code=0x7ffc0000 [ 2573.081579][ T24] audit: type=1326 audit(2000001528.297:17724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17353 comm="syz.4.14666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7fe883863f19 code=0x7ffc0000 [ 2573.109714][ T24] audit: type=1326 audit(2000001528.297:17725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17353 comm="syz.4.14666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe883863f19 code=0x7ffc0000 [ 2573.136178][ T24] audit: type=1326 audit(2000001528.297:17726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17353 comm="syz.4.14666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7fe883863f19 code=0x7ffc0000 [ 2573.170222][ T24] audit: type=1326 audit(2000001528.297:17727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17353 comm="syz.4.14666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe883863f19 code=0x7ffc0000 [ 2573.210341][T17360] x_tables: duplicate underflow at hook 3 [ 2573.260485][ T24] audit: type=1326 audit(2000001528.297:17728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17353 comm="syz.4.14666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7fe883863f19 code=0x7ffc0000 [ 2573.342236][T17359] geneve1: tun_chr_ioctl cmd 1074025672 [ 2573.348499][T17359] geneve1: ignored: set checksum enabled [ 2573.407363][ T288] hid-multitouch 0003:1FD2:6007.018A: hidraw0: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.2-1/input0 [ 2573.421010][ T24] audit: type=1326 audit(2000001528.297:17729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17353 comm="syz.4.14666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe883863f19 code=0x7ffc0000 [ 2573.462647][ T24] audit: type=1326 audit(2000001528.297:17730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17353 comm="syz.4.14666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe883863f19 code=0x7ffc0000 [ 2573.486680][ T24] audit: type=1326 audit(2000001528.297:17731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17353 comm="syz.4.14666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe883863f19 code=0x7ffc0000 [ 2573.622936][ T288] usb 3-1: USB disconnect, device number 89 [ 2573.906631][T17371] udc-core: couldn't find an available UDC or it's busy [ 2573.914030][T17371] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 2574.248869][T17385] fuse: Unknown parameter 'user_id00000000000000000000' [ 2574.551844][T17392] geneve1: tun_chr_ioctl cmd 1074025672 [ 2574.557742][T17392] geneve1: ignored: set checksum enabled [ 2575.113080][T17398] netlink: 24 bytes leftover after parsing attributes in process `syz.4.14683'. [ 2575.495847][T17412] x_tables: duplicate underflow at hook 3 [ 2576.028708][T17420] fuse: Unknown parameter 'posixacl' [ 2576.133728][T17426] udc-core: couldn't find an available UDC or it's busy [ 2576.158629][T17426] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 2576.251704][ T24] kauditd_printk_skb: 11 callbacks suppressed [ 2576.251719][ T24] audit: type=1326 audit(2000001531.496:17743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17429 comm="syz.4.14693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe883863f19 code=0x7ffc0000 [ 2576.283493][ T24] audit: type=1326 audit(2000001531.496:17744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17429 comm="syz.4.14693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7fe883863f19 code=0x7ffc0000 [ 2576.719758][T17441] x_tables: duplicate underflow at hook 3 [ 2577.741161][T17463] udc-core: couldn't find an available UDC or it's busy [ 2577.749038][T17463] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 2577.816396][T14482] device bridge_slave_1 left promiscuous mode [ 2577.822512][T14482] bridge0: port 2(bridge_slave_1) entered disabled state [ 2578.244880][T14482] device bridge_slave_0 left promiscuous mode [ 2578.251680][T14482] bridge0: port 1(bridge_slave_0) entered disabled state [ 2578.327136][T17467] x_tables: duplicate underflow at hook 3 [ 2578.337434][T19187] usb 4-1: new high-speed USB device number 62 using dummy_hcd [ 2578.352090][T14482] device veth1_macvtap left promiscuous mode [ 2578.359490][T14482] device veth0_vlan left promiscuous mode [ 2578.795392][T19187] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2578.812191][T19187] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2578.822031][T19187] usb 4-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00 [ 2578.831128][T19187] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2578.842110][T19187] usb 4-1: config 0 descriptor?? [ 2578.928600][T17475] netlink: 12 bytes leftover after parsing attributes in process `syz.0.14705'. [ 2578.970777][ T24] audit: type=1326 audit(2000001534.215:17745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17477 comm="syz.1.14707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad7ccedf19 code=0x7ffc0000 [ 2579.003921][ T24] audit: type=1326 audit(2000001534.245:17746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17477 comm="syz.1.14707" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7fad7ccedf19 code=0x7ffc0000 [ 2579.200599][T17490] x_tables: duplicate underflow at hook 3 [ 2579.295024][ T7721] usb 5-1: new high-speed USB device number 66 using dummy_hcd [ 2579.339398][T19187] hid-multitouch 0003:1FD2:6007.018B: hidraw0: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.3-1/input0 [ 2579.537867][T19187] usb 4-1: USB disconnect, device number 62 [ 2579.815610][ T7721] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 2579.825746][ T7721] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 2579.919692][ T7721] usb 5-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00 [ 2579.928650][ T7721] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2580.060888][ T7721] usb 5-1: config 0 descriptor?? [ 2580.383994][ T7721] usbhid 5-1:0.0: couldn't find an input interrupt endpoint [ 2580.595316][T17507] device pim6reg1 entered promiscuous mode [ 2581.271538][T17519] x_tables: duplicate underflow at hook 3 [ 2581.279325][T17520] netlink: 12 bytes leftover after parsing attributes in process `syz.1.14719'. [ 2581.292986][T17520] sch_tbf: peakrate 3 is lower than or equals to rate 1143518112591568713 ! [ 2581.489664][ T24] audit: type=1326 audit(2000001536.733:17747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17530 comm="syz.1.14724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad7ccedf19 code=0x7ffc0000 [ 2581.513669][ T24] audit: type=1326 audit(2000001536.763:17748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17530 comm="syz.1.14724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7fad7ccedf19 code=0x7ffc0000 [ 2582.115532][T17540] x_tables: duplicate underflow at hook 3 [ 2582.444743][ T24] audit: type=1326 audit(2000001537.683:17749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17546 comm="syz.3.14728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa948493f19 code=0x7ffc0000 [ 2582.512137][ T24] audit: type=1326 audit(2000001537.683:17750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17546 comm="syz.3.14728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=192 compat=0 ip=0x7fa948493f19 code=0x7ffc0000 [ 2582.836626][T13670] usb 5-1: USB disconnect, device number 66 [ 2582.886821][ T24] audit: type=1326 audit(2000001537.683:17751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17546 comm="syz.3.14728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa948493f19 code=0x7ffc0000 [ 2582.910771][ T24] audit: type=1400 audit(2000001538.113:17752): avc: denied { map } for pid=17559 comm="syz.2.14733" path="/dev/binderfs/binder0" dev="binder" ino=70 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 2582.936270][T17560] binder: 17559:17560 ioctl c0306201 20000380 returned -14 [ 2582.959624][ T24] audit: type=1400 audit(2000001538.173:17753): avc: denied { call } for pid=17559 comm="syz.2.14733" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1 [ 2583.739701][T17575] x_tables: duplicate underflow at hook 3 [ 2583.755641][ T24] audit: type=1326 audit(2000001538.992:17754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17576 comm="syz.4.14737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe883863f19 code=0x7ffc0000 [ 2583.820853][ T24] audit: type=1326 audit(2000001539.032:17755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17576 comm="syz.4.14737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7fe883863f19 code=0x7ffc0000 [ 2583.999343][ T24] audit: type=1326 audit(2000001539.242:17756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17582 comm="syz.2.14739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42e5d10f19 code=0x7ffc0000 [ 2584.617678][ T922] usb 1-1: new high-speed USB device number 59 using dummy_hcd [ 2584.819163][T17596] FAULT_INJECTION: forcing a failure. [ 2584.819163][T17596] name failslab, interval 1, probability 0, space 0, times 0 [ 2584.836981][T17596] CPU: 0 PID: 17596 Comm: syz.4.14744 Tainted: G W 5.10.221-syzkaller-01371-g1240968f7644 #0 [ 2584.848249][T17596] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 2584.858153][T17596] Call Trace: [ 2584.861274][T17596] dump_stack_lvl+0x1e2/0x24b [ 2584.865788][T17596] ? bfq_pos_tree_add_move+0x43b/0x43b [ 2584.871074][T17596] dump_stack+0x15/0x17 [ 2584.875066][T17596] should_fail+0x3c6/0x510 [ 2584.879332][T17596] ? p9_client_prepare_req+0x313/0xb50 [ 2584.884701][T17596] __should_failslab+0xa4/0xe0 [ 2584.889309][T17596] should_failslab+0x9/0x20 [ 2584.893642][T17596] kmem_cache_alloc+0x3d/0x2e0 [ 2584.898241][T17596] ? do_filp_open+0x21c/0x460 [ 2584.902752][T17596] ? p9_client_prepare_req+0x150/0xb50 [ 2584.908048][T17596] p9_client_prepare_req+0x313/0xb50 [ 2584.913172][T17596] p9_client_rpc+0x159/0x1390 [ 2584.917685][T17596] ? bpf_trace_run2+0xf4/0x280 [ 2584.922283][T17596] ? p9_fid_create+0x230/0x230 [ 2584.926882][T17596] ? kmem_cache_free+0xa9/0x1e0 [ 2584.931572][T17596] ? p9_req_put+0x145/0x180 [ 2584.935910][T17596] ? ____kasan_slab_free+0xd2/0x160 [ 2584.940953][T17596] ? p9_req_put+0x145/0x180 [ 2584.945281][T17596] ? __bpf_trace_kmem_free+0x6f/0x90 [ 2584.950407][T17596] ? kmem_cache_free+0x1c0/0x1e0 [ 2584.955174][T17596] ? p9_req_put+0x145/0x180 [ 2584.959521][T17596] ? p9_client_walk+0x558/0x7b0 [ 2584.964206][T17596] p9_client_open+0x1cc/0x560 [ 2584.968723][T17596] ? p9_client_clunk+0x330/0x330 [ 2584.973493][T17596] ? v9fs_fid_lookup+0x118/0x160 [ 2584.978263][T17596] v9fs_file_open+0x258/0x6a0 [ 2584.982780][T17596] ? v9fs_fid_readpage+0x440/0x440 [ 2584.987726][T17596] do_dentry_open+0x7c1/0x10d0 [ 2584.992324][T17596] vfs_open+0x73/0x80 [ 2584.996143][T17596] path_openat+0x2660/0x3000 [ 2585.000572][T17596] ? kmem_cache_alloc+0x168/0x2e0 [ 2585.005428][T17596] ? do_syscall_64+0x34/0x70 [ 2585.009859][T17596] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2585.015762][T17596] ? do_filp_open+0x460/0x460 [ 2585.020277][T17596] do_filp_open+0x21c/0x460 [ 2585.024612][T17596] ? vfs_tmpfile+0x2b0/0x2b0 [ 2585.029047][T17596] ? get_unused_fd_flags+0x94/0xa0 [ 2585.033983][T17596] do_sys_openat2+0x13f/0x6f0 [ 2585.038501][T17596] ? __kasan_check_write+0x14/0x20 [ 2585.043445][T17596] ? mutex_lock+0xa5/0x110 [ 2585.047711][T17596] ? strncpy_from_kernel_nofault+0x169/0x1e0 [ 2585.053542][T17596] ? do_sys_open+0x220/0x220 [ 2585.057939][T17596] ? bpf_probe_read_kernel_str+0x49/0x70 [ 2585.063408][T17596] ? bpf_trace_run2+0xf4/0x280 [ 2585.068009][T17596] __x64_sys_openat+0x243/0x290 [ 2585.072700][T17596] ? __ia32_sys_open+0x270/0x270 [ 2585.077465][T17596] ? __bpf_trace_sys_enter+0x62/0x70 [ 2585.082587][T17596] ? syscall_enter_from_user_mode+0x144/0x1a0 [ 2585.088579][T17596] do_syscall_64+0x34/0x70 [ 2585.092834][T17596] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2585.098555][T17596] RIP: 0033:0x7fe883863f19 [ 2585.102821][T17596] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2585.122248][T17596] RSP: 002b:00007fe882ae5048 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 2585.130494][T17596] RAX: ffffffffffffffda RBX: 00007fe8839f3f60 RCX: 00007fe883863f19 [ 2585.138307][T17596] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: ffffffffffffff9c [ 2585.146117][T17596] RBP: 00007fe882ae50a0 R08: 0000000000000000 R09: 0000000000000000 [ 2585.153927][T17596] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2585.161740][T17596] R13: 000000000000000b R14: 00007fe8839f3f60 R15: 00007ffc522169e8 [ 2585.918391][ T922] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 2585.934214][ T922] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 2586.048664][ T922] usb 1-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00 [ 2586.057512][ T922] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2586.066029][ T922] usb 1-1: config 0 descriptor?? [ 2586.109415][ T922] usbhid 1-1:0.0: couldn't find an input interrupt endpoint [ 2586.174207][T17615] device syzkaller0 entered promiscuous mode [ 2586.213042][T17625] x_tables: duplicate underflow at hook 3 [ 2586.257273][T17629] udc-core: couldn't find an available UDC or it's busy [ 2586.264206][T17629] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 2586.275031][T17629] syz.1.14755[17629] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 2586.275089][T17629] syz.1.14755[17629] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 2586.292703][T17629] hub 6-0:1.0: USB hub found [ 2586.309480][T17629] hub 6-0:1.0: 1 port detected [ 2586.316307][T17629] netlink: 24 bytes leftover after parsing attributes in process `syz.1.14755'. [ 2587.450080][T17653] x_tables: duplicate underflow at hook 3 [ 2587.762014][ T24] kauditd_printk_skb: 26 callbacks suppressed [ 2587.762059][ T24] audit: type=1326 audit(2000001543.000:17783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17654 comm="syz.1.14763" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad7ccedf19 code=0x7ffc0000 [ 2587.791887][ T24] audit: type=1326 audit(2000001543.000:17784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17654 comm="syz.1.14763" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad7ccedf19 code=0x7ffc0000 [ 2587.815913][ T24] audit: type=1326 audit(2000001543.000:17785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17654 comm="syz.1.14763" exe="/root/syz-executor" sig=0 arch=c000003e syscall=192 compat=0 ip=0x7fad7ccedf19 code=0x7ffc0000 [ 2587.841424][ T24] audit: type=1326 audit(2000001543.000:17786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17654 comm="syz.1.14763" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad7ccedf19 code=0x7ffc0000 [ 2587.865084][ T24] audit: type=1326 audit(2000001543.000:17787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17654 comm="syz.1.14763" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad7ccedf19 code=0x7ffc0000 [ 2587.950179][T17659] netlink: 12 bytes leftover after parsing attributes in process `syz.1.14764'. [ 2587.991720][T17659] sch_tbf: peakrate 3 is lower than or equals to rate 1143518112591568713 ! [ 2588.139371][ T4970] usb 1-1: USB disconnect, device number 59 [ 2588.224130][ T24] audit: type=1326 audit(2000001543.460:17788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17666 comm="syz.1.14769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad7ccedf19 code=0x7ffc0000 [ 2588.262264][ T24] audit: type=1326 audit(2000001543.480:17789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17666 comm="syz.1.14769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7fad7ccedf19 code=0x7ffc0000 [ 2588.292894][ T24] audit: type=1326 audit(2000001543.480:17790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17666 comm="syz.1.14769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad7ccedf19 code=0x7ffc0000 [ 2588.317029][ T24] audit: type=1326 audit(2000001543.480:17791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17666 comm="syz.1.14769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7fad7ccedf19 code=0x7ffc0000 [ 2588.341213][ T24] audit: type=1326 audit(2000001543.480:17792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17666 comm="syz.1.14769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad7ccedf19 code=0x7ffc0000 [ 2588.488248][T17680] overlayfs: missing 'workdir' [ 2589.328447][T17701] x_tables: duplicate underflow at hook 3 [ 2589.672433][T17704] netlink: 12 bytes leftover after parsing attributes in process `syz.1.14778'. [ 2589.693602][T17704] sch_tbf: peakrate 3 is lower than or equals to rate 1143518112591568713 ! [ 2590.010345][T13670] usb 4-1: new high-speed USB device number 63 using dummy_hcd [ 2590.455106][T17721] overlayfs: missing 'workdir' [ 2591.023742][T17729] udc-core: couldn't find an available UDC or it's busy [ 2591.030525][T17729] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 2591.171394][T13670] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 2591.193284][T13670] usb 4-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00 [ 2591.204098][T13670] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2591.248454][T13670] usb 4-1: config 0 descriptor?? [ 2591.295302][T13670] usbhid 4-1:0.0: couldn't find an input interrupt endpoint [ 2591.580243][T17744] x_tables: duplicate underflow at hook 3 [ 2591.894988][T17752] netlink: 12 bytes leftover after parsing attributes in process `syz.4.14792'. [ 2591.921491][T17752] sch_tbf: peakrate 3 is lower than or equals to rate 1143518112591568713 ! [ 2593.206103][ T24] kauditd_printk_skb: 82 callbacks suppressed [ 2593.206118][ T24] audit: type=1326 audit(2000001548.437:17875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17758 comm="syz.0.14795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4dbcf8df19 code=0x7ffc0000 [ 2593.237515][ T24] audit: type=1326 audit(2000001548.437:17876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17758 comm="syz.0.14795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4dbcf8df19 code=0x7ffc0000 [ 2593.349592][T31499] usb 4-1: USB disconnect, device number 63 [ 2593.454571][T17773] overlayfs: missing 'workdir' [ 2593.742710][T17775] device syzkaller0 entered promiscuous mode [ 2593.952264][ T24] audit: type=1326 audit(2000001549.187:17877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17781 comm="syz.3.14803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa948493f19 code=0x7ffc0000 [ 2593.976780][ T24] audit: type=1326 audit(2000001549.217:17878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17781 comm="syz.3.14803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7fa948493f19 code=0x7ffc0000 [ 2594.090249][ T24] audit: type=1326 audit(2000001549.327:17879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17786 comm="syz.0.14805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4dbcf8df19 code=0x7ffc0000 [ 2594.115173][ T24] audit: type=1326 audit(2000001549.327:17880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17786 comm="syz.0.14805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4dbcf8df19 code=0x7ffc0000 [ 2594.193167][T17790] x_tables: duplicate underflow at hook 3 [ 2594.291771][ T24] audit: type=1326 audit(2000001549.337:17881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17786 comm="syz.0.14805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=229 compat=0 ip=0x7f4dbcf8df19 code=0x7ffc0000 [ 2594.427642][ T24] audit: type=1326 audit(2000001549.337:17882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17786 comm="syz.0.14805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4dbcf8df19 code=0x7ffc0000 [ 2594.451213][ T24] audit: type=1326 audit(2000001549.337:17883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17786 comm="syz.0.14805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4dbcf8df19 code=0x7ffc0000 [ 2594.474782][ T24] audit: type=1326 audit(2000001549.337:17884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17786 comm="syz.0.14805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f4dbcf8df19 code=0x7ffc0000 [ 2595.232919][ T2381] usb 3-1: new high-speed USB device number 90 using dummy_hcd [ 2595.417914][T17812] device syzkaller0 entered promiscuous mode [ 2595.633668][ T2381] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 2595.647106][ T2381] usb 3-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00 [ 2595.656251][ T2381] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2595.674778][T17819] overlayfs: missing 'workdir' [ 2595.783720][ T2381] usb 3-1: config 0 descriptor?? [ 2595.829417][ T2381] usbhid 3-1:0.0: couldn't find an input interrupt endpoint [ 2596.564826][T17841] x_tables: duplicate underflow at hook 3 [ 2597.084590][T17851] x_tables: duplicate underflow at hook 3 [ 2597.968454][ T710] usb 3-1: USB disconnect, device number 90 [ 2598.054994][T19187] usb 5-1: new high-speed USB device number 67 using dummy_hcd [ 2598.251464][T17877] overlayfs: missing 'workdir' [ 2598.334613][T19187] usb 5-1: Using ep0 maxpacket: 16 [ 2598.614729][T19187] usb 5-1: New USB device found, idVendor=0456, idProduct=f000, bcdDevice=f3.7f [ 2598.623624][T19187] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2598.631631][T19187] usb 5-1: Product: syz [ 2598.635707][T19187] usb 5-1: Manufacturer: syz [ 2598.640057][T19187] usb 5-1: SerialNumber: syz [ 2598.645551][T19187] usb 5-1: config 0 descriptor?? [ 2598.685533][T19187] ftdi_sio 5-1:0.0: Ignoring interface reserved for JTAG [ 2598.888495][T19187] usb 5-1: USB disconnect, device number 67 [ 2598.965512][T17886] netlink: 12 bytes leftover after parsing attributes in process `syz.1.14834'. [ 2598.980485][T17886] sch_tbf: peakrate 3 is lower than or equals to rate 1143518112591568713 ! [ 2599.163058][T17892] x_tables: duplicate underflow at hook 3 [ 2600.457018][ T24] kauditd_printk_skb: 136 callbacks suppressed [ 2600.457032][ T24] audit: type=1326 audit(2000001555.694:18021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17908 comm="syz.0.14842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4dbcf8df19 code=0x7ffc0000 [ 2600.632151][ T24] audit: type=1326 audit(2000001555.724:18022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17908 comm="syz.0.14842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4dbcf8df19 code=0x7ffc0000 [ 2600.742865][ T24] audit: type=1326 audit(2000001555.734:18023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17908 comm="syz.0.14842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7f4dbcf8df19 code=0x7ffc0000 [ 2601.502330][T17930] overlayfs: missing 'workdir' [ 2601.857424][ T24] audit: type=1326 audit(2000001557.093:18024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17932 comm="syz.4.14846" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe883863f19 code=0x0 [ 2602.473090][T17945] x_tables: duplicate underflow at hook 3 [ 2602.546401][T17947] 9pnet: Insufficient options for proto=fd [ 2602.925194][T17958] netlink: 12 bytes leftover after parsing attributes in process `syz.4.14851'. [ 2602.959221][T17958] sch_tbf: peakrate 3 is lower than or equals to rate 1143518112591568713 ! [ 2603.102479][T17962] 9pnet: Could not find request transport: f0x000000000000000d0x000000000000000c [ 2603.255467][T17964] netlink: 12 bytes leftover after parsing attributes in process `syz.3.14854'. [ 2603.302413][T17964] sch_tbf: peakrate 3 is lower than or equals to rate 1143518112591568713 ! [ 2603.392922][ T24] audit: type=1326 audit(2000001558.622:18025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17965 comm="syz.0.14855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4dbcf8df19 code=0x7ffc0000 [ 2603.436078][ T24] audit: type=1326 audit(2000001558.622:18026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17965 comm="syz.0.14855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4dbcf8df19 code=0x7ffc0000 [ 2603.483415][ T24] audit: type=1326 audit(2000001558.642:18027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17965 comm="syz.0.14855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7f4dbcf8df19 code=0x7ffc0000 [ 2604.424360][T17984] overlayfs: missing 'workdir' [ 2605.324947][T18001] x_tables: duplicate underflow at hook 3 [ 2605.834266][T18009] netlink: 12 bytes leftover after parsing attributes in process `syz.0.14866'. [ 2605.886405][T18008] sch_tbf: peakrate 3 is lower than or equals to rate 1143518112591568713 ! [ 2606.189069][T18029] x_tables: duplicate underflow at hook 3 [ 2606.381794][T26043] usb 3-1: new high-speed USB device number 91 using dummy_hcd [ 2606.790784][ T24] audit: type=1326 audit(2000001562.021:18028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18033 comm="syz.4.14874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe883863f19 code=0x7ffc0000 [ 2606.814484][T26043] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2606.825946][T26043] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2606.836324][T26043] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 2606.845220][ T24] audit: type=1326 audit(2000001562.021:18029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18033 comm="syz.4.14874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fe883863f19 code=0x7ffc0000 [ 2606.872998][T26043] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2606.882108][ T24] audit: type=1326 audit(2000001562.021:18030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18033 comm="syz.4.14874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe883863f19 code=0x7ffc0000 [ 2606.909875][T26043] usb 3-1: config 0 descriptor?? [ 2606.915476][ T24] audit: type=1326 audit(2000001562.021:18031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18033 comm="syz.4.14874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fe883863f19 code=0x7ffc0000 [ 2606.939299][ T24] audit: type=1326 audit(2000001562.021:18032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18033 comm="syz.4.14874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe883863f19 code=0x7ffc0000 [ 2606.964644][ T24] audit: type=1326 audit(2000001562.021:18033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18033 comm="syz.4.14874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7fe883863f19 code=0x7ffc0000 [ 2606.964700][T18039] overlayfs: missing 'workdir' [ 2606.988614][ T24] audit: type=1326 audit(2000001562.021:18034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18033 comm="syz.4.14874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=96 compat=0 ip=0xffffffffff600000 code=0x7ffc0000 [ 2607.018927][ T24] audit: type=1326 audit(2000001562.021:18035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18033 comm="syz.4.14874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe883863f19 code=0x7ffc0000 [ 2607.042524][ T24] audit: type=1326 audit(2000001562.021:18036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18033 comm="syz.4.14874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe883863f19 code=0x7ffc0000 [ 2607.066115][ T24] audit: type=1326 audit(2000001562.021:18037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18033 comm="syz.4.14874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe883863f19 code=0x7ffc0000 [ 2607.609147][T26043] usb 3-1: language id specifier not provided by device, defaulting to English [ 2608.279487][T26043] uclogic 0003:256C:006D.018C: failed retrieving string descriptor #200: -71 [ 2608.291343][T26043] uclogic 0003:256C:006D.018C: failed retrieving pen parameters: -71 [ 2608.310575][T26043] uclogic 0003:256C:006D.018C: failed probing pen v2 parameters: -71 [ 2608.326858][T26043] uclogic 0003:256C:006D.018C: failed probing parameters: -71 [ 2608.342486][T26043] uclogic: probe of 0003:256C:006D.018C failed with error -71 [ 2608.360057][T18061] x_tables: duplicate underflow at hook 3 [ 2608.368094][T26043] usb 3-1: USB disconnect, device number 91 [ 2608.735239][T18073] netlink: 12 bytes leftover after parsing attributes in process `syz.1.14883'. [ 2608.747627][T18073] sch_tbf: peakrate 3 is lower than or equals to rate 1143518112591568713 ! [ 2609.819576][T18102] bridge0: port 1(bridge_slave_0) entered blocking state [ 2609.829725][T18102] bridge0: port 1(bridge_slave_0) entered disabled state [ 2609.839627][T18102] device bridge_slave_0 entered promiscuous mode [ 2609.879639][T18107] x_tables: duplicate underflow at hook 3 [ 2610.037156][T18102] bridge0: port 2(bridge_slave_1) entered blocking state [ 2610.095096][T18102] bridge0: port 2(bridge_slave_1) entered disabled state [ 2610.118420][T18102] device bridge_slave_1 entered promiscuous mode [ 2610.181856][T18102] bridge0: port 2(bridge_slave_1) entered blocking state [ 2610.188741][T18102] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2610.195880][T18102] bridge0: port 1(bridge_slave_0) entered blocking state [ 2610.202735][T18102] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2610.294595][ T8239] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 2610.305359][ T8239] bridge0: port 1(bridge_slave_0) entered disabled state [ 2610.313430][ T8239] bridge0: port 2(bridge_slave_1) entered disabled state [ 2610.355914][ T4970] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 2610.366266][ T4970] bridge0: port 1(bridge_slave_0) entered blocking state [ 2610.373134][ T4970] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2610.385236][ T4970] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 2610.394250][ T4970] bridge0: port 2(bridge_slave_1) entered blocking state [ 2610.401124][ T4970] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2610.444418][ T8239] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 2610.465546][ T8239] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 2610.618362][ T8239] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 2610.724674][ T8239] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 2610.740440][ T8239] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 2610.750489][ T8239] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 2610.787430][T18102] device veth0_vlan entered promiscuous mode [ 2610.847033][ T8239] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 2610.858777][ T8239] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 2610.892050][T18102] device veth1_macvtap entered promiscuous mode [ 2610.947946][T18123] input: syz1 as /devices/virtual/input/input210 [ 2610.963580][T18123] netlink: 20 bytes leftover after parsing attributes in process `syz.2.14898'. [ 2610.973385][T18123] netlink: 20 bytes leftover after parsing attributes in process `syz.2.14898'. [ 2611.057656][ T4970] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 2611.067474][ T4970] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 2611.091384][ T4970] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 2611.112295][ T4970] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 2611.120897][ T4970] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 2611.319573][T18148] netlink: 12 bytes leftover after parsing attributes in process `syz.3.14903'. [ 2611.549685][T18148] sch_tbf: peakrate 3 is lower than or equals to rate 1143518112591568713 ! [ 2611.591870][T18145] 9pnet: Could not find request transport: f0x000000000000000d0x000000000000000c [ 2611.609733][T13386] device bridge_slave_1 left promiscuous mode [ 2611.616995][T13386] bridge0: port 2(bridge_slave_1) entered disabled state [ 2611.625218][T13386] device bridge_slave_0 left promiscuous mode [ 2611.631542][T13386] bridge0: port 1(bridge_slave_0) entered disabled state [ 2611.640072][T13386] device veth1_macvtap left promiscuous mode [ 2611.646622][T13386] device veth0_vlan left promiscuous mode [ 2611.721415][ T4970] usb 3-1: new high-speed USB device number 92 using dummy_hcd [ 2611.971299][ T4970] usb 3-1: Using ep0 maxpacket: 16 [ 2612.986078][ T24] kauditd_printk_skb: 75 callbacks suppressed [ 2612.986093][ T24] audit: type=1326 audit(2000001568.218:18113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18176 comm="syz.0.14914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4dbcf8df19 code=0x7ffc0000 [ 2613.016092][ T24] audit: type=1326 audit(2000001568.218:18114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18176 comm="syz.0.14914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4dbcf8df19 code=0x7ffc0000 [ 2613.085544][ T24] audit: type=1326 audit(2000001568.248:18115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18176 comm="syz.0.14914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=192 compat=0 ip=0x7f4dbcf8df19 code=0x7ffc0000 [ 2613.114570][ T24] audit: type=1326 audit(2000001568.248:18116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18176 comm="syz.0.14914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4dbcf8df19 code=0x7ffc0000 [ 2613.154092][ T24] audit: type=1326 audit(2000001568.248:18117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18176 comm="syz.0.14914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4dbcf8df19 code=0x7ffc0000 [ 2613.180655][ T24] audit: type=1326 audit(2000001568.367:18118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18178 comm="syz.3.14915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa948493f19 code=0x7ffc0000 [ 2613.205060][ T24] audit: type=1326 audit(2000001568.367:18119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18178 comm="syz.3.14915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa948493f19 code=0x7ffc0000 [ 2613.235713][ T24] audit: type=1326 audit(2000001568.367:18120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18178 comm="syz.3.14915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=192 compat=0 ip=0x7fa948493f19 code=0x7ffc0000 [ 2613.259909][ T24] audit: type=1326 audit(2000001568.377:18121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18178 comm="syz.3.14915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa948493f19 code=0x7ffc0000 [ 2613.283982][ T24] audit: type=1326 audit(2000001568.377:18122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18178 comm="syz.3.14915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa948493f19 code=0x7ffc0000 [ 2613.561832][T18198] 9pnet: Could not find request transport: f0x000000000000000d0x000000000000000c [ 2614.222397][T22971] usb 4-1: new high-speed USB device number 64 using dummy_hcd [ 2614.232570][ T4970] usb 3-1: unable to get BOS descriptor or descriptor too short [ 2614.342577][ T4970] usb 3-1: unable to read config index 0 descriptor/start: -71 [ 2614.360164][ T4970] usb 3-1: can't read configurations, error -71 SYZFAIL: ShmemBuilder: too large output offset size=773857571 consumed=1818846767 (errno 11: Resource temporarily unavailable) [ 2614.472524][T22971] usb 4-1: Using ep0 maxpacket: 16 [ 2614.722732][T22971] usb 4-1: unable to read config index 0 descriptor/start: -71 [ 2614.730100][T22971] usb 4-1: can't read configurations, error -71 [ 2615.065118][T14482] device bridge_slave_1 left promiscuous mode [ 2615.071245][T14482] bridge0: port 2(bridge_slave_1) entered disabled state [ 2615.078635][T14482] device bridge_slave_0 left promiscuous mode [ 2615.084650][T14482] bridge0: port 1(bridge_slave_0) entered disabled state [ 2615.092697][T14482] device veth1_macvtap left promiscuous mode [ 2615.098639][T14482] device veth0_vlan left promiscuous mode [ 2616.654873][T14482] device bridge_slave_1 left promiscuous mode [ 2616.660811][T14482] bridge0: port 2(bridge_slave_1) entered disabled state [ 2616.668217][T14482] device bridge_slave_0 left promiscuous mode [ 2616.674291][T14482] bridge0: port 1(bridge_slave_0) entered disabled state [ 2616.683733][T14482] device bridge_slave_1 left promiscuous mode [ 2616.689680][T14482] bridge0: port 2(bridge_slave_1) entered disabled state [ 2616.696947][T14482] device bridge_slave_0 left promiscuous mode [ 2616.702860][T14482] bridge0: port 1(bridge_slave_0) entered disabled state [ 2616.711654][T14482] device bridge_slave_1 left promiscuous mode [ 2616.717796][T14482] bridge0: port 2(bridge_slave_1) entered disabled state [ 2616.725339][T14482] device bridge_slave_0 left promiscuous mode [ 2616.731253][T14482] bridge0: port 1(bridge_slave_0) entered disabled state [ 2616.739877][T14482] device veth1_macvtap left promiscuous mode [ 2616.745718][T14482] device veth0_vlan left promiscuous mode [ 2616.751689][T14482] device veth1_macvtap left promiscuous mode [ 2616.757561][T14482] device veth0_vlan left promiscuous mode [ 2616.763381][T14482] device veth1_macvtap left promiscuous mode [ 2616.769241][T14482] device veth0_vlan left promiscuous mode