last executing test programs: 6.55399911s ago: executing program 0 (id=507): bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000540)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) syz_read_part_table(0x105f, &(0x7f0000001080)="$eJzsz72NwkAQBeBnW3c+64iowBEBJdAGogi6IKEKEmI6gIRekEjIiY2whVwBQkjfF+y+/RmNJnzUb5K2TLpMjkV/s7he1slu/j9+mhZj3qQ//D2XMre63ZbV+Nok9ZCGbdlUP6/ifZKuynl2Su5D59Xh7QMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwBd4BAAA//8TEQ0Y") 6.352264493s ago: executing program 0 (id=509): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r0, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x1}, 0x10) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004b74ffec850000006d000000850000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000680)='virtio_transport_alloc_pkt\x00', r1}, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='cgroup\x00', 0x0, &(0x7f0000000380)='source') setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r0, 0x28, 0x1, &(0x7f0000000100)=0xfffffffffffffffe, 0x112) 6.177160156s ago: executing program 0 (id=511): syz_mount_image$f2fs(&(0x7f0000000180), &(0x7f0000000040)='./bus\x00', 0x0, &(0x7f0000000500)=ANY=[@ANYRES64=0x0, @ANYBLOB="c3649be801cfa9d37b32e5a81bd8ef65d2d6ae7c55dce6f28d147bd4743ac27b", @ANYRES16, @ANYBLOB="91f895dd7ebcc2b83a83fb121e4e844e5d7a09e7d4a4979f3fdfe200b83e593144c1cf15b5624e3448b3b40065bc381005ed653b2e5aeafdfb38eeddb8c08b04fb2e46eba33d22f32db6a9608832f35ee976140648653030c5dd9306f90fc9f46534c6d9f2b37f945ba052c7197494046b00916b8f07b5b9f05f77f79225aa0700a01e414c5352def7a6078229384108c95320a4abf33afd65548efaf0b3dc54c4c10995d3e08a9017ae0c8828c59983d23cf29ff4ff4a16908f199ba7"], 0x1, 0x556c, &(0x7f000000b980)="$eJzs3MtvG0UYAPBZp2npkwhxgFNXqpASqbbqtKngFqAVD5Eq4nHgVBzbsdza3ih2nJATEhxRD/wnCCROHPkbOHDmhjiAuCGBvLMmhPIosvNqfz9p/e3Mjr+dWa1afbuRA/DEmkt/+SkJl8LZEMJMCOFCEvL9pNhyyzE8F0K4HEIo/WlLiv4/Ok6HEM6FEC6NksecSX7o7vMxy5s/f/3tmVPnP//quyNaMnAMvBBC6G7E/e1ujFkrxntFf23YzmP3xrCI8UD3ftHOYtxuruUZtmvjcbU8Xm/F8dnGVn8U1zu1+ii22ut5/0YvnrA/bI3z5F+4V9vM243mWh7b/SyPrd04r53d+G/bbn8Q8zSKfB/m6cNgMI6xv7nTjOvZuJ/Hem9Q9Me8WaO5M4rDIhanC/Ws08jnsTbJlT7e3mr3tnbSYXOz38566VKl+mKlerNc3cwazUHzRrnWbdy8kc63OqNh5UGz1l1uZVmr06zUs+5COt+q18vVajp/q7nWrvXSarVyvXKtvLRQ7F1NX7vzXtpppPOj+Eq7t3W63emn69lmGr+xkC5Wrr+0kF6ppu+srKarb9++vbL67t1b7995eeWNV4tBD00rnV+8trhYrl4rL1YXjsH6R//vPuL6B5Os/5Ni0v9j/clklwf+3d4N9uBI5wFwgjxU/4eDqv9D+Ozq8MrSj+p/YGtf6yTW/2Ga9f+opFL//3f9W5q8/p+o/j2u9f8JXj9MxAMmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAn1vezX7ye78zF9vmi/2LR9UzRTkIIpRDCb39jJpzel3OmyDP7D+Nn/zKHb5KQZxid40yxnQshLBfbr08f9FUAAACAx9eXH11+EKv1+DF31BPiMMWHNqULH0wpXxJCmJ37YUrZSqOPZ6eULL+/T4WdKWXLH2A9NaVk8ZHbqWlleyQz4/Dxxb3OfEFJDKVDnQ4AAHAoZvaFw61CAAAAOEyf7m9O7bUWx1wSxq8yx++C87+837sHzu47BgAAAJxAyVFPAAAAADhwef3v9/8AAADg8RZ//w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+J2du7lRG4gCAPxscID8KCjKPV3knBuUkRJyzDFQQJqgBNJCGkApgdy2hBWssEdoba0ldrGXXfR9kgeeMW9mgMubQQYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAPv0v1vM/v778br9iclKe3f483c0IAAAAaNoW63n5ZFrF79L5D+nUpxRnEZFHxEO1+yDe1HIOUp6i5fqiMYa/EWWGQx+jdLyNiG/puP3Y96cAAAAA12uzXM2qar1qppceEM+pWrTJ33/vKF8WEcX0pqNs+aH53FGy8vc9jJ/HeD96ZILaCle5gDXuaGjVktvwhG67M6g9pJmMF+WXWEZ5P/0CAACXVK8EWqoQAAAArsCPp7+1+UduXpZ/X+9HzT297Ngc9xnTrmjaEJzUIgAAAOAVyi49AAAAAKB3Zf3v/n8AAABw3ar7/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANCnbbGeb5arWdvrixPz7Pbn6W5GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcMf+vKNACIRBGOxd35nM/Q8rDRoam1SB8PE3BgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG9+95f/E1PjTDL32lh6HknWTo2tU2Pv3Dj6w/j6NQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF/vzkgIhEARRMGf876Tvf1hJ0DOIEAENjypq0QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAF/3ul/8TU+NMMnfaWDoeSdauGltXjb0HjaMH4+3fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFzv3zxtHEQUA/O3e7eUPoBiDXBhQkCigIfYlJKSEAmRR8BGQLOccDA6BxAWJLJAbqJDrNAhKhJBApst3SB1LaUKXwoWRqIN2b9deJ4acEmv34vx+0uy8Pa9m3uydLD/P2gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFS23o9X0zLu5IeJYVy9dnt7dSHvNx/oczfX70znLY+TR030/XsHn/wYS7rxWv385FTt5Nvm8wEAAOAQ2qcY71T1fUTczTbm8j6dKOr/rLomr/l/emHvEA/W/Zvbq0fLL01X9f+ff9x7eWeiieE8+aCLS8uD2YdT6R7UMp82Jx55Rbe488XvXjrFG5J+tPbSVlbcz+SHW7c+6BXhkSayBQAex6mqL4Pq56G877eZGADPjG6t8K7q/85EuzkBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANGFrLZ6r4iQipru7cW5ze3Vhv/7m+p3pqp27cWO9PmY+RBYRi0vLg6zBtYy7q9eufz6/vDy40nxwMiLam70MPhnhmoj/v6b8eEZ7q/jvIBmPNFoN0vL9GZd8doP7JyKebJzqs3fwGbb0DQkAgEMrK1te19/NNuby15LJiPs/763/36zFMWL9f+/Tc7frc9Xr/35jKxx/MyuXvpy5eu3620uX5i8OLg6+eOd0/93+mfNnz56fye/V7MxipIPZttMEAADgKdYrW73+Tycf3v8/XotjxPr/qx/739Tn6qj/97W76dd2JgAAAM+i3k704uv//J3sc0XS68XX8ysrV/rD48756eGx0XQf05Gy1ev/zmTbWQEAAABN2FpL9uz/X6jFMeL+//O/vPJbfcxORByLuBwRg1MLl5cvNLecsdbE3zkXE/XaXikAAABtOVa2+v5/Vjz/n+488pBGxFtvDOPqf12NUv93Pvzu1/pc9ef/zzS3xLGUTg3vR9FPRXSn2s4IAACAw+xo2fJi/69sY+6z349/3PP8PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDT/g0AAP//SAE1oA==") r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='f2fs_write_begin\x00', r0}, 0x18) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x1a0) pwrite64(r1, &(0x7f0000000140)='2', 0xfffffe8c, 0x8000c61) 5.565523215s ago: executing program 0 (id=525): syz_mount_image$exfat(&(0x7f0000000280), &(0x7f00000000c0)='./file2\x00', 0x2200050, &(0x7f0000000000)=ANY=[], 0x1, 0x1516, &(0x7f0000003140)="$eJzs3Am4T+X2OPC13vfdHDJ8k8x7vWvzTYaXJMmQJEOSJCGZE5IkSZLEIVMSkpDxJJlD5nTSMc9D5qSTK0mSkJDk/T+n4e823H/33l/3r9896/M8+znv2nu/a6991vmePTzPOV90HVa9UY0q9ZkZ/h365wH++CURABIAYCAAZAeAAADK5CiTI217Jo2J/9ZBxH9IgxmXuwJxOUn/0zfpf/om/U/fpP/pm/Q/fZP+p2/S//RN+i9EujYr75WypN9F3v//L6f+J5Pl+v/fB/G3q/7RvtL//zb6X9pb+p9uZPi9ldL/9OL3LwHS//RN+p+eBZe7AHGZyec/fZP+C5Gu/envlDecu9zvtGX5FxYhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEOL/g3P+EgMAP48vd11CCCGEEEIIIYT48/i3LncFQgghhBBCCCGE+M9DUKDBQAAZICMkQCbIDFdAFsgK2SA7xOBKyAFXQU64GnJBbsgDeSEf5IcCEAKBBYYICkIhiMM1UBiuhSJQFIpBcXBQAkrCdVAKrofScAOUgRuhLNwE5aA8VICKcDNUglugMtwKVeA2qArVoDrUgNuhJtwBteBOqA13QR24G+rCPVAP7oX60AAawn3QCO6HxtAEmkIzaA4toOUfzE/K/nvzn4Ee8Cz0hF6QCL2hDzwHfaEf9IcBMBCeh0HwAgyGF2EIDIVh8BIMh5dhBLwCI2EUjIZXYQyMhXEwHibAREiC12ASvA6T4Y37s8JUmAbTYQbMhFnwJsyGOTAX3oJ5MB8WQFKmRbAYlsDbsBTegWR4F5bBe5ACy2EFrIRVsBrWwFpYB+thA2yETbAZtsBW2Abvw3bYATthF+yGPbAXPoB98CHsh48gFT/+F+ef/eV86IaAgAoVGjSYATNgAiZgZsyMWTALZsNsGMMY5sAcmBNzYi7MhXkwD+bDfFgACyAhISNjQSyIcYxjYSyMRbAIFsNi6NBhSSyJpfB6LI2lsQyWwbJYFstheSyPFbEiVsJKWBkrYxWsglWxKlbH6ng73o53YC2shbWxNtbBOlgX62I9rIf1sT42xIbYCBthY2yMTbEpNsfm2BJbYitsha2xNbbFttgO22F7bI8dsAN2xI7YCTthZ+yMXbALdsWu2A2fxqfxGXwGn8VnsRdWVb2xD/bBvtgX++MAHIDP4yB8AV/AF3EIDsVh+BK+hC/jCDyDI3EUjsbRWEmNxXE4HllNxCRMwowwCSfjZJyCU3EqTscZOBNn4SycjXNwDr6F83A+zseFuBAX4xJcgkvxHUzGZFyGZzEFl+MKXImrcDWuwrW4DtfiBtyIG3AzbsatuBXfx/dxB+7AXbgL9+Ae/AA/wA/xQxyCqZiKB/AAHsSDeAgP4WE8jEfwCB7Fo3gMj+FxPI4n8CSewpN4Gk/jGTyL5wDgPJ7HC3gBL+LFtA+/SmOUURlUBpWgElRmlVllUVlUNpVNxVRM5VA5VE6VU+VSuVQelUflU/lUAVVAkSLFKlIFVUEVV3FVWBVWRVQRVUwVU045VVKVVKVUKVValVZl1I2qrLpJlVPlVRtXUVVUlVRbV1ndqqqoKqqqqqaqqxqqhqqpaqpaqpaqrWqrOqqOqqvuUfVUb+yPDVRaZxqpodhYDcOmqplqrlqol/EB1UqNwNaqjWqrHlKjcCS2V61cB/Wo6qjGYSf1uBqPT6guaiJ2VU+pbupp1V09o3qo1q6n6qWmYG/VR03Hvqqf6q8GqNlYTaV1rLp6UQ1RQ9Uw9ZJajC+rEeoVNVKNUqPVq2qMGqvGqfFqgpqoktRrapJ6XU1Wb6gpaqqapqarGWqmmqXeVLPVHDVXvaXmqflqgVqoFqnFaol6Wy1V76hk9a5apt5TKWq5WqFWqlVqtVqj1qp1ar3aoDaqTWqz2qK2qm3qfbVd7VA71S61W+1Re9UHap/6UO1XH6lU9bE6oP6mDqpP1CH1qTqsPlNH1OfqqPpCHVNfquPqK3VCnVSn1NfqtPpGnVFn1Tn1rTqvvlMX1PfqovIKNGqltTY60Bl0Rp2gM+nM+gqdRWfV2XR2HdNX6hz6Kp1TX61z6dw6j8mr8+n8uoAONWmrWUe6oC6k4/oaXVhfq4voorqYLq6dLqFL6ut0KX29Lq1v0GX0jbqsvkmX0+V1BQ/6Zl1J36Ir61t1FX2brqqr6eq6hr5d19R36Fr6Tl1b36Xr6Lt1XX2Prqfv1fV1A91Q36cb6ft1Y91EN9XNdHPdQrfUD+hW+kHdWrfRbfVDup1+WLfXj+gO+lHdUT+mO+nHdWf9hO6in9Rd9VO6m35ad9ff64va6566l07UvXUf/Zzuq/vp/nqAHqif14P0C3qwflEP0UP1MP2SHq5f1iP0K3qkHqVH61f1GD1Wj9Pj9QQ9USfp1/Qk/bqerN/QU/RUPU1P1zP0TN3/p0xz/4n5r//O/ME/HH2r3qbf19v1Dr1T79K79R69V+/V+/Q+vV/v16k6VR/QB/RBfVAf0of0YX1YH9FH9FF9VB/Tx/RxfVyf0Cf1t/prfVp/o8/os/qs/laf1+f1hZ++B2DQKKONMYHJYDKaBJPJZDZXmCwmq8lmspuYudLkMFeZnOZqk8vkNnlMXpPP5DcFTGjIWMMmMgVNIRM315jC5lpTxBQ1xUxx40wJU9Jc9z+e/0f1tTQtTSvTyrQ2rU1b09a0M+1Me9PedDAdTEfT0XQynUxn09l0MV1MV9PVdDPdTHfT3fQwPUxP09MkmkTTxzxn+pp+pr8ZYAaa580gM8gMNoPNEDPEDDPDzHAz3IwwI8xIM9KMNqPNGDPGjDPjzAQzwST57GaSmWQmm8lmiplipg3MbmaYGWaWmWVmm9lmrplr5pl5ZoFZYBaZRWaJWWKWmqUm2SSbZWaZSTHLzXKz0qw0q81qs9asNevNerPRbDSbzWaTYraZbWa72W52mp1mt9lt9pq9Zp/ZZ/ab/SbVpJoD5oA5aA6aQ+aQOWwOmyPmiDlqjppj5pg5bo6bE+aEOWVOmdPmtDljzphz5pw5b86bC+aCuWgupt32BSpQgQlMkCHIECQECUHmIHOQJcgSZAuyBbEgFuQIcgQ5g6uDXEHuIE+QN8gX5A8KBGFAgQ04iIKCQaEgHlwTFA6uDYoERYNiQfHABSWCksF1Qang+qB0cENQJrgxKBvcFJQLygcVgorBzUGl4JagcnBrUCW4LagaVAuqBzWC24OawR1BreDOoHZwV1AnuDuoG9wT1AvuDeoHDYKGwX1Bo+D+oHHQJGgaNAuaBy2Cln9qfu/P5H7Q9Qx7hYlh77BP+FzYN+wX9g8HhAPD58NB4Qvh4PDFcEg4NBwWvhQOD18OR4SvhCPDUeHo8NVwTDg2HBeODyeEE8Ok8LVwUvh6ODl8I5wSTg2nBdPDGeHMcFb4Zjg7nBPODd8K54XzwwXhwnBRuDhE/PFuPDl8N1wWvhemhMvDFeHKcFW4OlwTrg3XhevDDeHGcFO4ucygH3cNt4c7wp3hrnB3uCfcG34Q7gs/DPeHH4Wp4cfhgfBv4cHwk/BQ+Gl4OPwsPBJ+Hh4NvwiPhV+Gx8OvwhPhyUwQfh2eDr8Jz4Rnw3Pht+H58LvwQvh9eDH0aTf3aZd3MmQoA2WgBEqgzJSZslAWykbZKEYxykE5KCflpFyUi/JQHspH+agAFaA0TEwFqSDFKU6FqTAVoSJUjIqRI0clqSSVolJUmkpTGSpDZakslSNLFagC3Uw30y10C91Kt9JtdBtVo2pUg2oQYk2qRbWoNtWmOlSH6lJdqkf1qD7Vp4bUkBpRI2pMjakpNaXm1JxaUktqRa2oNbWmttSW2lE7ak/tqQN1oI7UkTpRJ+pMnakLdaGu1JW6UTfqTt2pB/WgntSTEimR+lAf6kt9qT/1p4E0kAbRIBpMg2kIDaFhNIyG03AaQSNoJI2i0fQqjaGxNI7G0wSaSEmURJNoEk2myTSFptA0mkYzaAbNolk0m2bTXJpL82geLaAFtIgW0RJaQktpKSVTMi2jZZRCKbSCVtAqWkVraA2to3W0gTbQJtpEW2gLbaNttJ22007aSbtpN+2lvbSP9tF+2k+plEoH6AAdpIN0iA7RYTpMR+gIHaWjdIyO0XE6TifoBJ2iU3SaTtMZOkPn6Bydp+/oAn1PF8lTgs1kM9srbBab1Waz2e2v4zw2r81n89sCNrS5bO5fxGStLWKL2mK2uHW2hC1pr/tNXM6WtxVsRXuzrWRvsZVtOZsJ/j6uae+wteydtra9y9awt/8irmPvtnXt/baebWLr22a2oW1hG9n7bWPbxDa1zWxz28K2sw/b9vYR28E+ajvax34TL7Xv2HV2vd1gN9p99kN7zn5rj9ov7Hn7ne1pe9mB9nk7yL5gB9sX7RA79JcxgB1tX7Vj7Fg7zo63E+zE38TT7HQ7w860s+ybdrad85t4iX3bzrPJdoFdaBfZxT/EaTUl23ftMvueTbHL7Qq70q6yq+0au/b/1rrSbrZb7Fa7135gt9sddqfdZXfbPT/Eaeex335kU+3H9oj93B60n9hD9pg9bD/7IU47v2P2S3vcfmVP2JP2lP3anrbf2DP27A/nn3buX9vv7UXrLTCyYs2GA87AGTmBM3FmvoKzcFbOxtk5xldyDr6Kc/LVnItzcx7Oy/k4PxfgkIktM0dckAtxnK/hwnwtF+GiXIyLs+MSXJKv41J8PZfmG7gM38hl+SYux+W5Alfkm7kS38KV+VauwrdxVa7G1bkG3841+Q6uxXdybb6L6/DdXJfv4Xp8L9fnBtyQ7+NGfD835ibclJtxc27BLfkBbsUPcmtuw235IW7HD3N7foQ78KPckR/jTvw4d+YnuAs/yV35Ke7GT3N3foZ78LPck3txIvfmPvwc9+V+3J8H8EB+ngfxCzyYX+QhPJSH8Us8nF/mEfwKj+RRPJpf5TE8lsfxeJ7AEzmJX+NJ/DpP5jd4Ck/laTydZ/BMnsVv8myew3P5LZ7H83kBL+RFvJiX8Nu8lN/hZH6Xl/F7nMLLeQWv5FW8mtfwWl7H63kDb+RNvJm38Fbexu/zdt7BO3kX7+Y9vJc/4H38Ie/njziVP+YD/Dc+yJ/wIf6UD/NnfIQ/56P8BR/jL/k4f8Un+CSf4q/5NH/DZ/gsn+Nv+Tx/xxf4e77IniHCSEU6MlEQZYgyRglRpihzdEWUJcoaZYuyR7HoyihHdFWUM7o6yhXljvJEeaN8Uf6oQBRGFNmIoygqGBWK4tE1UeHo2qhIVDQqFhWPXFQiKhldF5WKro9KRzdEZaIbo7LRTVG5qHxUIaoY3RxVim6JKke3RlWi26KqUbWoelQjuj2qGd0R1YrujGpHd0Wlo7ujutE9Ub3o3qh+1CBqGN0XNYrujxpHTaKmUbOoedQiahk9ELWKHoxaR22ittFDUbvo4ah99EjUIXo06hg9dml70eDHq+mvtidGvSP90xuyO/Wi+OL4kvjb8aXxd+LJ8Xfjy+LvxVPiy+Mr4ivjq+Kr42via+Pr4uvjG+Ib45vim+Nb4lvj3tfICA7THoTBuMBlcBldgsvkMrsrXBaX1WVz2V3MXelyuKtcTne1y+Vyuzwur8vn8rsCLnTkrGMXuYKukIu7a1xhd60r4oq6Yq64c66EK+lauJaupWvlHnStXRvX1j3kHnIPu4fdI+4R96jr6B5zndzjrrN7wnVxT7on3VOum3vadXfPuB7uWdfT9XKJLtH1cX1cX9fX9Xf93UA30A1yg9xgN9gNcUPcMDfMDXfD3Qg3wo10I91oN9qNcWPcODfOTXATXJJLcpPcJDfZTXZT3BQ3zU1zM9wMN8vNcrPdbDfXzXXz3Dy3wC1wi9wit8QtcUvdUpfskt0yt8yluBS3wq1wq9wqt8atcevcOrfBbXCb3Ca3xW1x29w2t91tdzvdTrfb7XZ73V63z+1z+91+l+pS3QF3wB10B90h96k77D5zR9zn7qj7wh1zX7rj7it3wp10p9zX7rT7xp1xZ9059607775zF9z37qLzLin2WmxS7PXY5NgbsSmxqbFpsemxGbGZsVmxN2OzY3Nic2NvxebF5scWxBbGFsUWx5bE3o4tjb0TS469G1sWey+WElseWxFbGVsVWx3zPv/2yBf0hXzcX+ML+2t9EV/UF/PFvfMlfEl/nS/lr/el/Q2+jL/Rl/U3+XK+vK/gm/imvplv7lv4lv4B38o/6Fv7Nr6tf8i38w/79v4R38E/6jv6x3wn/7jv7J/wXfyTvqt/av5PP56+h3/W9/S9fKLv7fv453xf38/39wP8QP+8H+Rf8IP9i36IH+qH+Zf8cP+yH+Ff8SP9KD/av+rH+LF+nB/vJ/iJPsm/5if51/1k/4af4qf6aX66n+Fn+ln+TT/bz/Fz/Vt+np/vF/iFfpFf7Jf4t/1S/45P9u/6Zf49n+KX+xV+pV/lV/s1fq1f59f7DX6j3+Q3+y1+q9/mM8J2v8Pv9Lv8br/H7/Uf+H3+Q7/ff+RT/cf+gP+bP+g/8Yf8p/6w/8wf8Z/7o/4Lf8x/6Y/7r/wJf9Kf8l/70/4bf8af9ef8t/68/85f8N/7i/I3a0IIIYQQ/xT9B9t7/8469dNiAKAPAGTdkffwr3NuyvXjuJ/a1zEGAI/26trg56VBg8TExJ/2TdEQFFoIALFL8zPApXg5tIWHoQO0gVK/W18/VQH5V/mDv9uelj9+I0BmgEw/r0uAH+Jf5b/+H+Rv8vav8/+6/vhCgCKFLs1JO9DP8aX8pf9B/j3t/iB/pk+SAFr/3ZwscCm+lL8kPAiPQYdf7CmEEEIIIYQQQvyonzrf7Y+eb9Oez/OZS3MywqX4j57P/0DlP+MchBBCCCGEEEII8f/2xNPdH3mgQ4c2nf+bBxn/GmX8BQYIAH+BMmTw1x9c7t9MQgghhBBCiD/bpZv+y12JEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgiRfv37/yFM/dM7X+5zFEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIS63/xMAAP//gUVOqg==") r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) fchdir(r0) mkdir(&(0x7f0000000000)='./control\x00', 0x0) creat(&(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x10) mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4, 0x1) creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000005c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.throttle.io_service_bytes\x00', 0x275a, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0) creat(&(0x7f00000002c0)='./file0\x00', 0xd931d3864d39dcce) rename(&(0x7f0000001800)='./file0\x00', &(0x7f0000001080)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0xd8, 0x0) 5.107958112s ago: executing program 0 (id=540): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000100)='./bus\x00', 0x20081e, &(0x7f0000000040)={[{@nodelalloc}, {@grpid}, {@auto_da_alloc}]}, 0x1, 0x4f4, &(0x7f00000008c0)="$eJzs3U1vG1sZAODXzpeTm3uTW7oABLSUQkFVncRto6oLKCuEUCVElyC1IXGjKHYcxU5pQhfpf0CiEitY8gNYd8WeDYIdm7JA4iMCNZVYGM14kpo0bkKT2CF+Hmk0c+Y4fs+pNefYr+s5AfStyxGxFRHDEfEoIiay87lsi3utLXnc6+1n8zvbz+Zz0Ww++HsurU/ORdvfJD7KnrMQET/4TsSPc+/GrW9sLs9VKuW1VnF0qlFdnapvbN5Yqs4tlhfLK6XS7Mzs9J2bt0sn1tdL1eHs6Iuvfrf1jZ8mzRrPzrT34yS1uj60FycxGBHfO41gPTCQ9We41w3hg+Qj4kJEXEmv/4kYSF9NAOA8azYnojnRXgYAzrt8mgPL5YtZLmA88vlisZXDuxhj+Uqt3rj+uLa+stDKlU3GUP7xUqU8neUKJ2Mol5Rn0uO35dK+8s2I+DQifjYympaL87XKQi/f+ABAH/to3/z/r5HW/A8AnHOFXjcAAOg68z8A9B/zPwD0H/M/APQf8z8A9B/zPwD0n8Pm/wPu3wkA/P/6/v37ydbcye5/vfBkY3259uTGQrm+XKyuzxfna2urxcVabTG9Z0/1sOer1GqrM7di/enkN1frjan6xubDam19pfEwva/3w/JQV3oFALzPp5de/jH5eL91dzTdom0tB3M1nG/5XjcA6JmBXjcA6BmrfUH/OsZnfOkBOCcO+y8+hYgY3X+y2Ww2T69JwCm79jn5f+hXbfl/vwKCPiP/D/1L/h/6V7OZO+qa/3HUBwIAZ5scP9Dh+/8L2f7X2ZcDP1rY/4gXp9kqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAONt21/8tZmuBj0c+XyxGfBwRkzGUe7xUKU9HxCcR8YeRoZGkPNPjNgMAx5X/Sy5b/+vaxNXx/bXDuTcj6T4ifvKLBz9/OtdorP0+Of+PvfONF9n5Ui/aDwAcZneeTvdtH+Rfbz+b39262Z6/fjsiCq34O9vDsbMXfzAG030hhiJi7J+5rNySa8tdHMfW84j47EH9z8V4mgNprXy6P34S++Ouxs//V/x8WtfaJ/8WnzmBtkC/eZmMP/cOuv7ycTndH3z9F9IR6viy8S95qvmddAx8G393/BvoMP5dPmqMW7/9buto9N265xGfH4zYjb3TNv7sxs91iH/1iPH/9IUvXelU1/xlxLU4OH57rKlGdXWqvrF5Y6k6t1heLK+USrMzs9N3bt4uTaU56qnOs8Hf7l7/pFNd0v+xDvELh/T/q0fs/6/+/eiHX35P/K9/5aD4+bj4nvjJnPi1I8afG/tNoVNdEn+hQ/8Pe/2vHzH+qz9vvrNsOADQO/WNzeW5SqW81s2D3TcSXQ3q4BwctBIeibPRnvaDb3Ur1nD8T3/VbH5QrE4jxklk3YCzYO+ij4g3vW4MAAAAAAAAAAAAAABwoG78YqnXfQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD8+k8AAAD//2CSzDE=") creat(&(0x7f0000000240)='./bus\x00', 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0) r0 = open(&(0x7f0000000500)='./bus\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x4, 0x8001, 0x0, 0x9, 0x5d, 0xa, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5c9d000ff8ee09e737ff0edf110ff4117639c2eb4b78c66ee677df701905b9aafab4afaaf755a3f6a004", "cba3d625780820d1cbf7db71038259ca171ce1a311ef97e4298d1e14ef01060000e9009600fdff00000000000000000000000000000000000400", "9300e6d6a89ef30bea2a0092000010000000aff571ec7f251438dc8876aa00"}) 4.962822584s ago: executing program 0 (id=546): socket$inet6_udplite(0xa, 0x2, 0x88) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) getsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x8, 0x0, &(0x7f0000000340)) sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00'], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r3, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000008000000000000000000000181100", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000940)={[{@bsdgroups}, {@nodiscard}, {@noblock_validity}, {@grpjquota}, {@grpjquota}, {@noquota}, {@abort}, {@noload}, {@nodiscard}]}, 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZj06Y3ueqDXvB69V5Ji3Y3aWwbfKgVRJ8Kan2vMdmEkE02ZDdtE4qm+AEEERV80hdfBD+AIAVffBShoM+KiiLa6oMP2rns7iRN091k226zafb3g8mcc2Zm/+dsmNk5M4eZAAbWOxFxLSIep2l6PiLGsvJcNsV2a2qs9+jh3bnGlESa3vhnEklWtvNZSTY/k212KiK+9uWIbybPxq1tbi3PVirl9Sxfqq+slWqbWxeWVmYXy4vl1enpqcszV2YuzUz2pJ1nI+LqF//6g+/+7EtXf/WZ23+6+fdz32pUazRbvrcdzyl/0MJW0wvN72LvBusvGOw4yjdbmBlpt8bQMyX3XnGdAABor3GO/8GI+GREnI+xGDr4dBYAAAB4DaWfH43/JRFpe8MdygEAAIDXSK45BjbJFbOxAKORyxWLrTG8H47TuUq1Vv/0QnVjdb41VnY8CrmFpUp5MhsrPB6FpJGfaqaf5C/uy09HxJsR8f2xkWa+OFetzPf74gcAAAAMiDP7+v//GWv1/wEAAIATZrzfFQAAAABeOf1/AAAAOPn0/wEAAOBE+8r1640p3Xn/9fytzY3l6q0L8+XacnFlY644V11fKy5Wq4vNZ/atHPZ5lWp17bOxunGnVC/X6qXa5tbNlerGav3m0lOvwAYAAACO0Jsfv/+HJCK2PzfSnBqGu9u0y9WA4yq/m0qyeZvd+o9vtOZ/OaJKAUdiqN8VAPom3+8KAH1T6HcFgL5LDlnecfDOb7P5J3pbHwAAoPcmPtr5/n/uwC23D14MHHt2Yhhc7v/D4Gre/+92JK+TBThRCs4AYOC99P3/Q6Xpc1UIAADoudHmlOSK2eW90cjlisWIs83XAhSShaVKeTIi3oiI348VPtDITzW3TA7tMwAAAAAAAAAAAAAAAAAAAAAAAAAALWmaRAoAAACcaBG5vyW/bj3Lf2LsvdH91weGk/+ORfaK0Ns/vvHDO7P1+vpUo/xfu+X1H2XlF/txBQMAAAAGwnO9wH+nn77TjwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAXnr08O7cznSUcf/xhYgYbxc/H6ea81NRiIjT/04iv2e7JCKGehB/pPHnI+3iJ41q7YZsF3+kB/G37x0YP8azb2F//OGIONOD+DDI7jeOP9fa7X+5eKc5b7//5SOeyr+ozse/2D3+DXU4/pztMsZbD35R6hj/XsRb+fbHn534SYf473YZ/xtf39rqtCz9ScRE29+f5KlYpfrKWqm2uXVhaWV2sbxYXp2enro8c2Xm0sxkaWGpUs7+to3xvY/98vFB7T/dIf74Ie1/r8v2///BnYcfaiUL7eKfe7dN/N/8NFvj2fi57LfvU1m6sXxiJ73dSu/19s9/9/ZB7Z/v0P7D/v/numz/+a9+589drgoAHIHa5tbybKVSXj+xiUYv/RhUQ+IYJr7d0w9M0zRt7FMv8TlJHIevpZno95EJAADotScn/f2uCQAAAAAAAAAAAAAAAAAAAAyuo3ic2P6Y27uppBeP0AYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6In3AwAA///d8Nla") unshare(0x42000000) 471.302652ms ago: executing program 2 (id=660): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x26, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) rmdir(0x0) 471.103832ms ago: executing program 1 (id=661): r0 = socket$inet6_udp(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c) syz_emit_ethernet(0x9a, &(0x7f0000000200)={@local, @local, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x64, 0x11, 0x0, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}, @local, {[], {0x4e20, 0xe22, 0x64, 0x0, @wg=@response={0x2, 0x1, 0x100004, "628e0960f6d6d3f6ee6d6b84b345dccac643e7df3e526ff07833b291322d4a74", "882ed6741e7632daeaec0c95f2ad1cd6", {"8fb3d9fd3e00", "215990e1b896120966af96b22cf049f0"}}}}}}}}, 0x0) recvfrom$inet6(r0, 0x0, 0x0, 0x102, 0x0, 0x0) 470.969393ms ago: executing program 2 (id=662): socket$inet_icmp_raw(0x2, 0x3, 0x1) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0b00000005000000010001000900000001"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000170000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000feffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000200)='kmem_cache_free\x00', r1}, 0x10) syz_emit_ethernet(0x2a, &(0x7f0000000240)={@local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @empty, @multicast1=0xe0000300}, @echo_reply={0x0, 0x0, 0x0, 0x68, 0xd2}}}}}, 0x0) 434.142903ms ago: executing program 1 (id=664): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18) r1 = socket$unix(0x1, 0x1, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) bind$unix(r2, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56) listen(r2, 0x0) connect$unix(r1, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) r3 = socket$unix(0x1, 0x1, 0x0) connect$unix(r3, &(0x7f0000000000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r2) 391.315304ms ago: executing program 3 (id=665): r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r0) ptrace$getregset(0x4204, r0, 0x2, &(0x7f0000000740)={0x0, 0x60}) 391.217894ms ago: executing program 2 (id=666): syz_read_part_table(0x106a, &(0x7f0000000000)="$eJzsz7FJxVAUBuD/5ibxpnUB17C0EGwsFXexUcERnECwsbLWDdzCFbJAxECEt8B7r/i+6pyfHw4nHNTUtdOP5Py5vqQleUxyNySp45ik/Be/vq//luF1bicpNRf9Gi+fb/dbqSb91XyTYXkoP0u3ZuVyajsHu6ezus319n0/XwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAcfsNAAD//3OqEK8=") 382.195963ms ago: executing program 3 (id=667): r0 = socket$netlink(0x10, 0x3, 0x10) r1 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x25dfdbff, 0x2ffffffff}, 0xc) r2 = syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000240)={'team0\x00', 0x0}) sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000009c0)=ANY=[@ANYBLOB="08020000", @ANYRES16=r2, @ANYBLOB="010900000000000000250100000008000100", @ANYRES32=r3, @ANYBLOB="ec01028038000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000500030003000000080004"], 0x208}, 0x1, 0x0, 0x0, 0x24004000}, 0x24044880) 331.935634ms ago: executing program 3 (id=668): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000780), 0x1, r0}, 0x38) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x3c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x1}, 0x6b) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', 0x0}) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_PAUSE_GET(r4, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000000080)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000001a0000000c00018008000100", @ANYRES32=r3], 0x20}}, 0x0) 275.131175ms ago: executing program 1 (id=669): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_SAVE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x1c, 0x8, 0x6, 0x5, 0x0, 0x0, {0x5}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x40000) 274.183505ms ago: executing program 4 (id=670): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000021c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94) syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="ffffffffffffffffffffffff86dd6060626000102c00fe8000000000000000000000000000bbfe8000000000000000000000000000aa11000001"], 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x18) syz_emit_ethernet(0x52, &(0x7f00000007c0)={@broadcast, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "1927f2", 0x1c, 0x2c, 0x0, @remote, @local, {[@routing={0x0, 0x0, 0x0, 0xe}], {{0x8000, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) 263.535226ms ago: executing program 1 (id=671): r0 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x1b, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r2, 0x0, 0x5}, 0x18) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x800, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r4, @ANYBLOB=',access=c\x00\x00']) 255.609585ms ago: executing program 3 (id=672): set_robust_list(&(0x7f0000000580)={0x0, 0x5}, 0x18) 179.287787ms ago: executing program 4 (id=673): syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x800, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"}) ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f00000000c0)={0x0, 0xa4a6, 0x5, 0x7, 0x7, "20461ce9b6cfc3c5"}) socket$igmp(0x2, 0x3, 0x2) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r2 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x0) readv(r2, &(0x7f0000000880)=[{&(0x7f0000000800)=""/116, 0x18}], 0x300) 177.088197ms ago: executing program 3 (id=683): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f0000000480)='mm_page_alloc\x00', r0}, 0x10) syz_clone(0xc0008100, 0x0, 0x0, 0x0, 0x0, 0x0) 176.741067ms ago: executing program 4 (id=674): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000780), 0x1, r1}, 0x38) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x3c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000080)='kfree\x00', r2}, 0x18) r3 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r3) 157.770417ms ago: executing program 2 (id=675): personality(0x5000004) 143.332337ms ago: executing program 1 (id=676): setrlimit(0xf, &(0x7f0000000000)={0x1, 0x5}) timer_create(0x3, 0x0, &(0x7f0000000300)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) unshare(0x40000000) 138.132048ms ago: executing program 4 (id=677): r0 = socket$inet6_udp(0xa, 0x2, 0x0) prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00') r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1, 0x0, 0xfffffffff7ffffe9}, 0x18) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000580)=@raw={'raw\x00', 0x3c1, 0x3, 0x458, 0x0, 0x168, 0x10, 0x190, 0xb, 0x388, 0x250, 0x250, 0x388, 0x250, 0x3, 0x0, {[{{@ipv6={@remote, @rand_addr=' \x01\x00', [], [], 'veth1_to_batadv\x00', 'veth1_to_hsr\x00', {}, {}, 0x3a}, 0x6000000, 0x128, 0x190, 0x0, {0x0, 0x28e}, [@common=@icmp6={{0x28}, {0x0, 'K\r'}}, @common=@inet=@hashlimit1={{0x58}, {'netdevsim0\x00', {0x0, 0x0, 0x9, 0x1, 0x0, 0x10000, 0x80000001}}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'pptp\x00', 'syz1\x00'}}}, {{@uncond, 0x0, 0xd0, 0x1f8, 0x0, {}, [@common=@inet=@set2={{0x28}}]}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x0, 0x0, 'system_u:object_r:usb_device_t:s0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4b8) 49.154789ms ago: executing program 2 (id=678): r0 = syz_open_dev$evdev(&(0x7f0000000080), 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x42800) 48.928989ms ago: executing program 4 (id=679): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000007000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kfree\x00', r1, 0x0, 0xffffffffffffffff}, 0x18) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001240)=@newqdisc={0x45c, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0x4000000, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_RTAB={0x404, 0x2, [0x1, 0x0, 0x1ff, 0x0, 0xfffffc80, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3f, 0x0, 0x0, 0x0, 0xffffffff, 0x2, 0xc00, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x7, 0x4, 0x0, 0x0, 0x0, 0x4, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0xb97, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x5e, 0xfffffffc, 0x8, 0x0, 0x0, 0x400000, 0x7, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0xb3c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0xd79, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1, 0x0, 0x100, 0x0, 0x4, 0xfffffffd, 0x0, 0x0, 0x1, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfffffffd]}, @TCA_TBF_PARMS={0x28, 0x1, {{0x1, 0x0, 0x0, 0x0, 0x0, 0x6}, {0xff}, 0x0, 0x1}}]}}]}, 0x45c}}, 0x0) 48.705879ms ago: executing program 2 (id=680): bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_clone(0x10000000, 0x0, 0x0, &(0x7f00000001c0), 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r1) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETOFFLOAD(r2, 0xc004743e, 0x110e22fff6) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000180)='W', 0x1}], 0x1}, 0x0) ioctl$TUNGETVNETLE(r1, 0x40047451, &(0x7f0000000180)) 629.57µs ago: executing program 1 (id=681): io_uring_setup(0x540d, &(0x7f0000000080)={0x0, 0xfffffffd, 0x1000, 0x2, 0x4}) io_setup(0x5, &(0x7f0000000e80)=0x0) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) io_submit(r0, 0x1, &(0x7f0000001580)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x7, 0x0, r1, &(0x7f0000000080)='d', 0x2}]) 335.849µs ago: executing program 3 (id=682): r0 = socket$packet(0x11, 0x2, 0x300) r1 = socket$packet(0x11, 0x2, 0x300) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000040)={0x2, &(0x7f0000000100)=[{0x20, 0x0, 0x0, 0x7223}, {0x6, 0x0, 0x6, 0x4}]}, 0x10) syz_emit_ethernet(0x6a, 0x0, 0x0) socketpair$tipc(0x1e, 0x1, 0x0, 0x0) r2 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000180)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff) r3 = add_key$keyring(&(0x7f0000000080), &(0x7f00000001c0)={'syz', 0x1}, 0x0, 0x0, r2) add_key$keyring(&(0x7f0000000040), 0x0, 0x0, 0x0, r3) add_key$keyring(&(0x7f0000000200), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe) recvmsg(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, 0x0}, 0x1f00) r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, @fallback=0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x18) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x2000c14, &(0x7f0000000040)={[{@max_batch_time={'max_batch_time', 0x3d, 0x5}}, {@errors_continue}]}, 0xff, 0x25a, &(0x7f0000000cc0)="$eJzs3T1oJGUcBvBnZne9S26RUxtB/AAR0UA4O8HmbBQO5DhEBBVORGyUixAT7BIrGwutVVLZBLEzWkqaYKMIVlFTxEbQYGEQ1GJldxLJx4gfm+zoze8Hk5lJZub/Tmae9w1hhwnQWueTXEzSSTKTpJekOLjBXdV0fm91ZWrjajIYPP5jMdquWq/s73cuyXKSB5Osl0Ve7CaLa09v/7z56L1vLPTueW/tqamJnuSene2tx3bfvfz6h5ceWPz8y+8vF7mY/qHzOnlFzfe6RXLzaRT7jyi6TbeAv+PKqx98Ncz9LUnuHuW/lzLVxXtz/ob1Xu5/58/2feuHL26bZFuBkzcY9IZj4PIAaJ0yST9FOZukWi7L2dnqb/ivO9PlS3Pzr8y8MLdw7fmmeyrgpPSTrUc+PvPRuSP5/65T5R+4TlX/lNp64srqN8OF3U7TDQIm4vZqNhz/Z55dui/yD61Tk//pptsETIbxH1rr7Jj5r/tYC/A/YfyH9pJ/aC/5h/aSf2gv+Yf2kn9or4P5BwDaZXCm6SeQgaY03f8AAAAAAAAAAAAAAAAAAADHrUxtXN2fJlXz07eTnYeTdOvqd0bvI07Ojr5O/1QMN/tDUe02lmfuHPMAY3q/saevq9/cjd82Vb/y2R3N1l+6liy/luRCt3v8/iv27r9/76a/+HnvuTEL/ENHX9rz0JOTq1Xnt9XTq3/YL7VJu7SZfDLsfy7U9T9lbh3N6/uf/vD6jdmql38d8wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzO8BAAD//2/sb0w=") r6 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x101042, 0x45) ioctl$EXT4_IOC_MIGRATE(r6, 0x6609) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) bind$packet(r0, &(0x7f0000000240)={0x11, 0x7, r7, 0x1, 0x29, 0x6, @local}, 0x14) r8 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$IEEE802154_ADD_IFACE(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)={0x14, 0x0, 0x1, 0x70bd27, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x802}, 0x40000) sendmsg$nl_route_sched(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x1, 0x70bd2a, 0x8000000, {0x0, 0x0, 0x0, r7, {0x1f, 0x3}}}, 0x24}, 0x1, 0x0, 0x0, 0x20008040}, 0x4000000) 0s ago: executing program 4 (id=684): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sys_enter\x00', r0}, 0x10) copy_file_range(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0xe942, 0x0) kernel console output (not intermixed with test programs): ogram [ 124.684669][ T294] EXT4-fs (loop2): unmounting filesystem. [ 124.694637][ T1499] loop0: detected capacity change from 0 to 128 [ 124.701671][ T1499] EXT4-fs (loop0): Test dummy encryption mode enabled [ 124.747219][ T1499] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 124.763038][ T1499] ext4 filesystem being mounted at /30/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 124.871536][ T1513] can0: slcan on pts1. [ 124.899133][ T1484] can0 (unregistered): slcan off pts0. [ 124.922530][ T292] EXT4-fs (loop1): unmounting filesystem. [ 124.933270][ T1519] futex_wake_op: syz.0.180 tries to shift op by -1; fix this program [ 126.368719][ T1499] can0 (unregistered): slcan off pts1. [ 126.472957][ T293] EXT4-fs (loop0): unmounting filesystem. [ 127.939281][ T1562] loop2: detected capacity change from 0 to 128 [ 128.059877][ T1562] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 128.070432][ T1562] ext4 filesystem being mounted at /47/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 128.795572][ T1568] loop1: detected capacity change from 0 to 512 [ 128.819450][ T1568] EXT4-fs: Ignoring removed nobh option [ 129.051142][ T1568] EXT4-fs error (device loop1): ext4_do_update_inode:5226: inode #3: comm syz.1.190: corrupted inode contents [ 129.062991][ T1568] EXT4-fs (loop1): Remounting filesystem read-only [ 129.069849][ T1568] EXT4-fs error (device loop1): ext4_dirty_inode:6091: inode #3: comm syz.1.190: mark_inode_dirty error [ 129.197391][ T294] EXT4-fs (loop2): unmounting filesystem. [ 129.204578][ T1568] EXT4-fs (loop1): Remounting filesystem read-only [ 129.239376][ T1568] EXT4-fs error (device loop1): ext4_do_update_inode:5226: inode #3: comm syz.1.190: corrupted inode contents [ 129.264446][ T1568] EXT4-fs (loop1): Remounting filesystem read-only [ 129.279128][ T1568] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #3: comm syz.1.190: mark_inode_dirty error [ 129.298765][ T1568] EXT4-fs (loop1): Remounting filesystem read-only [ 129.308647][ T1568] Quota error (device loop1): write_blk: dquota write failed [ 129.326388][ T1568] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 129.340386][ T1568] EXT4-fs error (device loop1): ext4_acquire_dquot:6782: comm syz.1.190: Failed to acquire dquot type 0 [ 129.352147][ T1568] EXT4-fs (loop1): Remounting filesystem read-only [ 129.359239][ T1568] EXT4-fs error (device loop1): ext4_do_update_inode:5226: inode #16: comm syz.1.190: corrupted inode contents [ 129.382324][ T1568] EXT4-fs (loop1): Remounting filesystem read-only [ 129.392233][ T1568] EXT4-fs error (device loop1): ext4_dirty_inode:6091: inode #16: comm syz.1.190: mark_inode_dirty error [ 129.414399][ T1568] EXT4-fs (loop1): Remounting filesystem read-only [ 129.424263][ T1568] EXT4-fs error (device loop1): ext4_do_update_inode:5226: inode #16: comm syz.1.190: corrupted inode contents [ 129.438770][ T1568] EXT4-fs (loop1): Remounting filesystem read-only [ 129.445136][ T1568] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #16: comm syz.1.190: mark_inode_dirty error [ 129.457684][ T1568] EXT4-fs (loop1): Remounting filesystem read-only [ 129.477774][ T1568] EXT4-fs error (device loop1): ext4_do_update_inode:5226: inode #16: comm syz.1.190: corrupted inode contents [ 129.498784][ T1568] EXT4-fs (loop1): Remounting filesystem read-only [ 129.515497][ T1568] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem [ 129.538839][ T1568] EXT4-fs (loop1): Remounting filesystem read-only [ 129.545207][ T1568] EXT4-fs error (device loop1): ext4_do_update_inode:5226: inode #16: comm syz.1.190: corrupted inode contents [ 129.593522][ T1568] EXT4-fs (loop1): Remounting filesystem read-only [ 129.600098][ T1568] EXT4-fs error (device loop1): ext4_truncate:4313: inode #16: comm syz.1.190: mark_inode_dirty error [ 129.646631][ T1568] EXT4-fs (loop1): Remounting filesystem read-only [ 129.653264][ T1568] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem [ 129.662424][ T1568] EXT4-fs (loop1): Remounting filesystem read-only [ 129.669151][ T1568] EXT4-fs (loop1): 1 truncate cleaned up [ 129.674824][ T1568] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 130.882647][ T1583] loop4: detected capacity change from 0 to 128 [ 130.891040][ T1586] loop2: detected capacity change from 0 to 128 [ 130.943258][ T1568] ext4 filesystem being mounted at /34/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 131.028905][ T1583] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 131.038816][ T1583] ext4 filesystem being mounted at /36/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 131.049789][ T1586] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 131.058236][ T1586] ext4 filesystem being mounted at /49/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 132.689977][ T1598] loop0: detected capacity change from 0 to 128 [ 133.069536][ T294] EXT4-fs (loop2): unmounting filesystem. [ 133.370907][ T1598] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 133.380413][ T1598] ext4 filesystem being mounted at /33/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 133.707255][ T295] EXT4-fs (loop4): unmounting filesystem. [ 133.795483][ T292] EXT4-fs (loop1): unmounting filesystem. [ 133.808361][ T293] EXT4-fs (loop0): unmounting filesystem. [ 134.337820][ T1614] loop1: detected capacity change from 0 to 128 [ 138.372656][ T1624] loop0: detected capacity change from 0 to 128 [ 140.483367][ T1614] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 140.495530][ T1614] ext4 filesystem being mounted at /35/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 140.556612][ T292] EXT4-fs (loop1): unmounting filesystem. [ 140.578100][ T1624] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 140.587649][ T1624] ext4 filesystem being mounted at /35/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 140.682243][ T293] EXT4-fs (loop0): unmounting filesystem. [ 141.422349][ T39] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 141.608494][ T39] usb 4-1: Using ep0 maxpacket: 16 [ 141.615742][ T39] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 141.689133][ T39] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 142.042389][ T39] usb 4-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00 [ 142.051422][ T39] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 142.060295][ T39] usb 4-1: config 0 descriptor?? [ 142.219086][ T326] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 142.247178][ T1649] loop4: detected capacity change from 0 to 128 [ 142.324988][ T1649] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 142.333608][ T1649] ext4 filesystem being mounted at /39/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 142.519405][ T1654] loop1: detected capacity change from 0 to 128 [ 143.157110][ T295] EXT4-fs (loop4): unmounting filesystem. [ 143.173872][ T39] input: HID 05ac:8241 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:05AC:8241.0009/input/input12 [ 143.998579][ T39] appleir 0003:05AC:8241.0009: input,hiddev96,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.3-1/input0 [ 144.182444][ T1654] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 144.191337][ T1654] ext4 filesystem being mounted at /37/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 144.309504][ T1667] loop4: detected capacity change from 0 to 128 [ 145.046604][ T1668] loop3: detected capacity change from 0 to 256 [ 145.427190][ T292] EXT4-fs (loop1): unmounting filesystem. [ 145.443171][ T326] usb 1-1: device not accepting address 5, error -71 [ 145.468736][ T1667] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 145.477343][ T1667] ext4 filesystem being mounted at /40/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 145.498692][ T1674] loop0: detected capacity change from 0 to 128 [ 145.518934][ T1674] EXT4-fs (loop0): Test dummy encryption mode enabled [ 145.522189][ T521] usb 4-1: reset high-speed USB device number 4 using dummy_hcd [ 145.536045][ T1674] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 145.545605][ T1674] ext4 filesystem being mounted at /38/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 145.621484][ T1680] can0: slcan on pts0. [ 145.713601][ T1687] futex_wake_op: syz.0.214 tries to shift op by -1; fix this program [ 145.722553][ T295] EXT4-fs (loop4): unmounting filesystem. [ 145.758512][ T1572] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 145.878588][ T328] IPv6: ADDRCONF(NETDEV_CHANGE): can0: link becomes ready [ 145.948494][ T1572] usb 2-1: Using ep0 maxpacket: 16 [ 145.967676][ T1572] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 145.991298][ T1572] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 146.016045][ T1572] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 146.023106][ T1703] loop3: detected capacity change from 0 to 512 [ 146.029491][ T1572] usb 2-1: New USB device found, idVendor=045e, idProduct=fada, bcdDevice= 0.00 [ 146.044995][ T1703] EXT4-fs: Ignoring removed nobh option [ 146.046082][ T1572] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 146.060119][ T1572] usb 2-1: config 0 descriptor?? [ 146.071958][ T1703] EXT4-fs error (device loop3): ext4_do_update_inode:5226: inode #3: comm syz.3.216: corrupted inode contents [ 146.084497][ T1703] EXT4-fs (loop3): Remounting filesystem read-only [ 146.091008][ T1703] EXT4-fs error (device loop3): ext4_dirty_inode:6091: inode #3: comm syz.3.216: mark_inode_dirty error [ 146.102742][ T1703] EXT4-fs (loop3): Remounting filesystem read-only [ 146.109550][ T1703] EXT4-fs error (device loop3): ext4_do_update_inode:5226: inode #3: comm syz.3.216: corrupted inode contents [ 146.121706][ T1703] EXT4-fs (loop3): Remounting filesystem read-only [ 146.128180][ T1703] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #3: comm syz.3.216: mark_inode_dirty error [ 146.139951][ T1703] EXT4-fs (loop3): Remounting filesystem read-only [ 146.146815][ T1703] Quota error (device loop3): write_blk: dquota write failed [ 146.154761][ T1703] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 146.166840][ T1703] EXT4-fs error (device loop3): ext4_acquire_dquot:6782: comm syz.3.216: Failed to acquire dquot type 0 [ 146.178302][ T1703] EXT4-fs (loop3): Remounting filesystem read-only [ 146.185781][ T1703] EXT4-fs error (device loop3): ext4_do_update_inode:5226: inode #16: comm syz.3.216: corrupted inode contents [ 146.199659][ T1703] EXT4-fs (loop3): Remounting filesystem read-only [ 146.206949][ T1703] EXT4-fs error (device loop3): ext4_dirty_inode:6091: inode #16: comm syz.3.216: mark_inode_dirty error [ 146.223251][ T1703] EXT4-fs (loop3): Remounting filesystem read-only [ 146.229907][ T1703] EXT4-fs error (device loop3): ext4_do_update_inode:5226: inode #16: comm syz.3.216: corrupted inode contents [ 146.241846][ T1703] EXT4-fs (loop3): Remounting filesystem read-only [ 146.248385][ T1703] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #16: comm syz.3.216: mark_inode_dirty error [ 146.259687][ T1703] EXT4-fs (loop3): Remounting filesystem read-only [ 146.266297][ T1703] EXT4-fs error (device loop3): ext4_do_update_inode:5226: inode #16: comm syz.3.216: corrupted inode contents [ 146.268980][ T1676] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 146.279654][ T1703] EXT4-fs (loop3): Remounting filesystem read-only [ 146.287977][ T1676] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 146.293792][ T1703] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem [ 146.328768][ T1703] EXT4-fs (loop3): Remounting filesystem read-only [ 146.338609][ T1703] EXT4-fs error (device loop3): ext4_do_update_inode:5226: inode #16: comm syz.3.216: corrupted inode contents [ 146.351549][ T1703] EXT4-fs (loop3): Remounting filesystem read-only [ 146.357912][ T1703] EXT4-fs error (device loop3): ext4_truncate:4313: inode #16: comm syz.3.216: mark_inode_dirty error [ 146.369933][ T1674] can0 (unregistered): slcan off pts0. [ 146.375812][ T1703] EXT4-fs (loop3): Remounting filesystem read-only [ 146.382625][ T1703] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem [ 146.391866][ T1703] EXT4-fs (loop3): Remounting filesystem read-only [ 146.398971][ T1703] EXT4-fs (loop3): 1 truncate cleaned up [ 146.404594][ T1703] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 146.413784][ T1703] ext4 filesystem being mounted at /41/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 146.623095][ T1719] loop2: detected capacity change from 0 to 128 [ 147.041560][ T1042] usb 4-1: USB disconnect, device number 4 [ 147.199137][ T1719] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 147.208527][ T1719] ext4 filesystem being mounted at /54/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 147.835206][ T1732] loop4: detected capacity change from 0 to 128 [ 147.879331][ T1732] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 147.888822][ T1732] ext4 filesystem being mounted at /43/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 149.201738][ T294] EXT4-fs (loop2): unmounting filesystem. [ 149.210432][ T293] EXT4-fs (loop0): unmounting filesystem. [ 149.217720][ T295] EXT4-fs (loop4): unmounting filesystem. [ 149.280594][ T296] EXT4-fs (loop3): unmounting filesystem. [ 149.421151][ T1755] 9pnet_fd: Insufficient options for proto=fd [ 149.608676][ T521] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 149.810283][ T521] usb 1-1: unable to get BOS descriptor or descriptor too short [ 149.834560][ T521] usb 1-1: config 6 has an invalid interface number: 200 but max is 0 [ 149.918339][ T521] usb 1-1: config 6 has no interface number 0 [ 149.981464][ T521] usb 1-1: config 6 interface 200 has no altsetting 0 [ 150.059535][ T521] usb 1-1: New USB device found, idVendor=05d8, idProduct=810c, bcdDevice=18.5f [ 150.439160][ T521] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 150.447172][ T521] usb 1-1: Product: syz [ 150.483185][ T521] usb 1-1: Manufacturer: syz [ 150.487849][ T521] usb 1-1: SerialNumber: syz [ 150.693267][ T1770] loop3: detected capacity change from 0 to 128 [ 150.732150][ T1770] EXT4-fs (loop3): Test dummy encryption mode enabled [ 150.769007][ T1770] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 150.777590][ T1770] ext4 filesystem being mounted at /43/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 150.980099][ T1776] can0: slcan on pts0. [ 151.013299][ T1572] usbhid 2-1:0.0: can't add hid device: -71 [ 151.019272][ T1572] usbhid: probe of 2-1:0.0 failed with error -71 [ 151.219593][ T1779] futex_wake_op: syz.3.225 tries to shift op by -1; fix this program [ 151.608833][ T1770] can0 (unregistered): slcan off pts0. [ 152.029760][ T1572] usb 2-1: USB disconnect, device number 8 [ 152.063390][ T296] EXT4-fs (loop3): unmounting filesystem. [ 152.523512][ T1809] loop2: detected capacity change from 0 to 128 [ 152.598934][ T415] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 152.723778][ T1813] loop1: detected capacity change from 0 to 128 [ 152.778895][ T1809] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 152.819076][ T1809] ext4 filesystem being mounted at /57/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 152.908588][ T415] usb 4-1: Using ep0 maxpacket: 16 [ 152.915836][ T415] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 152.996921][ T1813] EXT4-fs (loop1): Test dummy encryption mode enabled [ 153.572530][ T415] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 153.587446][ T1813] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 153.612678][ T1813] ext4 filesystem being mounted at /40/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 153.625351][ T294] EXT4-fs (loop2): unmounting filesystem. [ 153.634990][ T415] usb 4-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00 [ 153.705882][ T415] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 153.739537][ T415] usb 4-1: config 0 descriptor?? [ 153.768401][ T1833] can0: slcan on pts0. [ 153.832056][ T1838] futex_wake_op: syz.1.231 tries to shift op by -1; fix this program [ 153.988758][ T1813] can0 (unregistered): slcan off pts0. [ 154.078101][ T292] EXT4-fs (loop1): unmounting filesystem. [ 154.152056][ T415] input: HID 05ac:8241 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:05AC:8241.000A/input/input13 [ 154.240488][ T415] appleir 0003:05AC:8241.000A: input,hiddev96,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.3-1/input0 [ 154.788109][ T1875] loop2: detected capacity change from 0 to 128 [ 155.958540][ T706] usb 4-1: reset high-speed USB device number 5 using dummy_hcd [ 156.248308][ T1875] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 156.257493][ T1875] ext4 filesystem being mounted at /59/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 156.541442][ T294] EXT4-fs (loop2): unmounting filesystem. [ 156.875257][ T1891] loop3: detected capacity change from 0 to 128 [ 159.587866][ T1891] EXT4-fs: failed to create workqueue [ 159.593113][ T1891] EXT4-fs (loop3): mount failed [ 159.874738][ T39] usb 1-1: USB disconnect, device number 7 [ 160.018885][ T521] usb 4-1: USB disconnect, device number 5 [ 160.246778][ T1042] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 160.372701][ T1906] loop3: detected capacity change from 0 to 128 [ 160.570546][ T1042] usb 5-1: unable to get BOS descriptor or descriptor too short [ 160.592563][ T1906] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 160.602072][ T1906] ext4 filesystem being mounted at /47/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 160.689927][ T1042] usb 5-1: config 6 has an invalid interface number: 200 but max is 0 [ 160.728082][ T1910] loop1: detected capacity change from 0 to 128 [ 160.811536][ T1910] EXT4-fs (loop1): Test dummy encryption mode enabled [ 160.831590][ T1042] usb 5-1: config 6 has no interface number 0 [ 160.896687][ T1042] usb 5-1: config 6 interface 200 has no altsetting 0 [ 160.937333][ T1910] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 161.039481][ T1910] ext4 filesystem being mounted at /43/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 161.066302][ T1914] loop0: detected capacity change from 0 to 512 [ 161.109741][ T1042] usb 5-1: New USB device found, idVendor=05d8, idProduct=810c, bcdDevice=18.5f [ 161.128648][ T1042] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 161.136478][ T1042] usb 5-1: Product: syz [ 161.148488][ T1042] usb 5-1: Manufacturer: syz [ 161.152909][ T1042] usb 5-1: SerialNumber: syz [ 161.164217][ T1914] EXT4-fs: Ignoring removed nobh option [ 161.249095][ T1915] can0: slcan on pts0. [ 161.277455][ T1914] EXT4-fs error (device loop0): ext4_do_update_inode:5226: inode #3: comm syz.0.245: corrupted inode contents [ 161.309142][ T1914] EXT4-fs (loop0): Remounting filesystem read-only [ 161.315588][ T1914] EXT4-fs error (device loop0): ext4_dirty_inode:6091: inode #3: comm syz.0.245: mark_inode_dirty error [ 161.327213][ T1920] futex_wake_op: syz.1.244 tries to shift op by -1; fix this program [ 161.360093][ T296] EXT4-fs (loop3): unmounting filesystem. [ 161.367611][ T1914] EXT4-fs (loop0): Remounting filesystem read-only [ 161.390532][ T1914] EXT4-fs error (device loop0): ext4_do_update_inode:5226: inode #3: comm syz.0.245: corrupted inode contents [ 161.407274][ T1914] EXT4-fs (loop0): Remounting filesystem read-only [ 161.422805][ T1914] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #3: comm syz.0.245: mark_inode_dirty error [ 161.438228][ T1914] EXT4-fs (loop0): Remounting filesystem read-only [ 161.444994][ T1914] Quota error (device loop0): write_blk: dquota write failed [ 161.460982][ T1914] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 161.473305][ T1914] EXT4-fs error (device loop0): ext4_acquire_dquot:6782: comm syz.0.245: Failed to acquire dquot type 0 [ 161.478912][ T1910] can0 (unregistered): slcan off pts0. [ 161.491378][ T1914] EXT4-fs (loop0): Remounting filesystem read-only [ 161.506668][ T1914] EXT4-fs error (device loop0): ext4_do_update_inode:5226: inode #16: comm syz.0.245: corrupted inode contents [ 161.522643][ T1914] EXT4-fs (loop0): Remounting filesystem read-only [ 161.529032][ T1914] EXT4-fs error (device loop0): ext4_dirty_inode:6091: inode #16: comm syz.0.245: mark_inode_dirty error [ 161.542928][ T1914] EXT4-fs (loop0): Remounting filesystem read-only [ 161.549417][ T1914] EXT4-fs error (device loop0): ext4_do_update_inode:5226: inode #16: comm syz.0.245: corrupted inode contents [ 161.568778][ T292] EXT4-fs (loop1): unmounting filesystem. [ 161.574501][ T1914] EXT4-fs (loop0): Remounting filesystem read-only [ 161.585776][ T1914] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #16: comm syz.0.245: mark_inode_dirty error [ 161.608915][ T1914] EXT4-fs (loop0): Remounting filesystem read-only [ 161.615290][ T1914] EXT4-fs error (device loop0): ext4_do_update_inode:5226: inode #16: comm syz.0.245: corrupted inode contents [ 161.629807][ T1936] loop1: detected capacity change from 0 to 128 [ 161.648732][ T1914] EXT4-fs (loop0): Remounting filesystem read-only [ 161.655074][ T1914] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem [ 161.664316][ T1936] EXT4-fs (loop1): Test dummy encryption mode enabled [ 161.671204][ T521] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 161.678968][ T1914] EXT4-fs (loop0): Remounting filesystem read-only [ 161.689361][ T1914] EXT4-fs error (device loop0): ext4_do_update_inode:5226: inode #16: comm syz.0.245: corrupted inode contents [ 161.701312][ T1914] EXT4-fs (loop0): Remounting filesystem read-only [ 161.707727][ T1914] EXT4-fs error (device loop0): ext4_truncate:4313: inode #16: comm syz.0.245: mark_inode_dirty error [ 161.708553][ T1936] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 161.727269][ T1914] EXT4-fs (loop0): Remounting filesystem read-only [ 161.734013][ T1936] ext4 filesystem being mounted at /44/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 161.735166][ T1914] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem [ 161.759252][ T1914] EXT4-fs (loop0): Remounting filesystem read-only [ 161.768633][ T1914] EXT4-fs (loop0): 1 truncate cleaned up [ 161.774144][ T1914] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 161.804912][ T1914] ext4 filesystem being mounted at /41/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 161.826226][ T1948] can0: slcan on pts0. [ 161.859734][ T521] usb 4-1: Using ep0 maxpacket: 16 [ 161.869569][ T521] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 161.894685][ T521] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 161.905043][ T1953] futex_wake_op: syz.1.247 tries to shift op by -1; fix this program [ 161.998510][ T521] usb 4-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00 [ 162.007549][ T521] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 162.034018][ T521] usb 4-1: config 0 descriptor?? [ 162.471325][ T521] input: HID 05ac:8241 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:05AC:8241.000B/input/input14 [ 162.483439][ T293] EXT4-fs (loop0): unmounting filesystem. [ 162.499062][ T1936] can0 (unregistered): slcan off pts0. [ 162.551782][ T521] appleir 0003:05AC:8241.000B: input,hiddev96,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.3-1/input0 [ 162.599417][ T292] EXT4-fs (loop1): unmounting filesystem. [ 162.788470][ T19] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 163.898081][ T1998] loop3: detected capacity change from 0 to 256 [ 164.078463][ T19] usb 3-1: Using ep0 maxpacket: 16 [ 164.084560][ T19] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 164.098469][ T521] usb 4-1: reset high-speed USB device number 6 using dummy_hcd [ 164.099929][ T19] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 164.269141][ T39] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 164.558509][ T39] usb 1-1: Using ep0 maxpacket: 16 [ 164.566060][ T39] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 164.661975][ T39] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 164.755006][ T39] usb 1-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00 [ 165.217247][ T19] usb 3-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00 [ 165.233173][ T19] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 165.252312][ T19] usb 3-1: config 0 descriptor?? [ 165.278538][ T39] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 165.374409][ T39] usb 1-1: config 0 descriptor?? [ 165.425284][ T2009] netlink: 43 bytes leftover after parsing attributes in process `syz.1.253'. [ 165.945894][ T39] input: HID 05ac:8241 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:05AC:8241.000C/input/input15 [ 165.969252][ T19] input: HID 05ac:8241 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:05AC:8241.000D/input/input16 [ 166.050206][ T19] appleir 0003:05AC:8241.000D: input,hiddev97,hidraw1: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.2-1/input0 [ 166.131016][ T39] appleir 0003:05AC:8241.000C: input,hiddev98,hidraw2: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.0-1/input0 [ 166.275910][ T1042] usb 5-1: USB disconnect, device number 7 [ 166.288323][ T2016] netlink: 43 bytes leftover after parsing attributes in process `syz.1.255'. [ 166.359413][ T415] usb 4-1: USB disconnect, device number 6 [ 166.767235][ T2031] loop2: detected capacity change from 0 to 256 [ 166.871489][ T2034] loop0: detected capacity change from 0 to 256 [ 167.250090][ T2040] loop1: detected capacity change from 0 to 128 [ 167.263198][ T415] usb 1-1: reset high-speed USB device number 8 using dummy_hcd [ 167.431655][ T2040] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 167.441678][ T2040] ext4 filesystem being mounted at /49/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 168.220764][ T292] EXT4-fs (loop1): unmounting filesystem. [ 168.278490][ T1437] usb 3-1: reset high-speed USB device number 3 using dummy_hcd [ 170.925140][ T2051] loop1: detected capacity change from 0 to 128 [ 171.852393][ T2051] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 171.861910][ T2051] ext4 filesystem being mounted at /50/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 173.149279][ T292] EXT4-fs (loop1): unmounting filesystem. [ 174.198772][ T415] usb 1-1: device descriptor read/64, error -110 [ 174.893912][ T2073] loop3: detected capacity change from 0 to 128 [ 174.941807][ T2073] EXT4-fs (loop3): Test dummy encryption mode enabled [ 175.025084][ T415] usb 1-1: device descriptor read/64, error -32 [ 175.049391][ T2073] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 175.067988][ T2073] ext4 filesystem being mounted at /56/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 175.308534][ T415] usb 1-1: reset high-speed USB device number 8 using dummy_hcd [ 175.501673][ T2081] can0: slcan on pts0. [ 175.518461][ T415] usb 1-1: device descriptor read/64, error -32 [ 175.566780][ T2085] futex_wake_op: syz.3.267 tries to shift op by -1; fix this program [ 175.649111][ T348] usb 3-1: USB disconnect, device number 3 [ 175.728275][ T2053] IPv6: ADDRCONF(NETDEV_CHANGE): can0: link becomes ready [ 175.803216][ T2103] loop1: detected capacity change from 0 to 128 [ 175.828618][ T2073] can0 (unregistered): slcan off pts0. [ 175.845134][ T2109] loop2: detected capacity change from 0 to 128 [ 175.852082][ T2103] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 175.862026][ T2103] ext4 filesystem being mounted at /53/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 175.880628][ T2109] EXT4-fs (loop2): Test dummy encryption mode enabled [ 175.901641][ T296] EXT4-fs (loop3): unmounting filesystem. [ 175.902828][ T2109] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 175.960192][ T2109] ext4 filesystem being mounted at /64/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 176.073819][ T2125] loop4: detected capacity change from 0 to 512 [ 176.099933][ T2125] EXT4-fs: Ignoring removed nobh option [ 176.138350][ T2128] can0: slcan on pts0. [ 176.164552][ T2129] loop3: detected capacity change from 0 to 128 [ 176.269100][ T2129] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 176.279612][ T2129] ext4 filesystem being mounted at /57/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 176.423371][ T2131] futex_wake_op: syz.2.272 tries to shift op by -1; fix this program [ 176.707303][ T1042] usb 1-1: USB disconnect, device number 8 [ 176.721053][ T292] EXT4-fs (loop1): unmounting filesystem. [ 177.109590][ T2142] 9pnet_fd: Insufficient options for proto=fd [ 177.235899][ T296] EXT4-fs (loop3): unmounting filesystem. [ 177.242437][ T2125] EXT4-fs error (device loop4): ext4_do_update_inode:5226: inode #3: comm syz.4.274: corrupted inode contents [ 177.267947][ T2125] EXT4-fs (loop4): Remounting filesystem read-only [ 177.274435][ T2125] EXT4-fs error (device loop4): ext4_dirty_inode:6091: inode #3: comm syz.4.274: mark_inode_dirty error [ 177.393600][ T2149] loop1: detected capacity change from 0 to 128 [ 178.278852][ T2109] can0 (unregistered): slcan off pts0. [ 179.115287][ T2125] EXT4-fs (loop4): Remounting filesystem read-only [ 179.140141][ T2125] EXT4-fs error (device loop4): ext4_do_update_inode:5226: inode #3: comm syz.4.274: corrupted inode contents [ 179.651697][ T2125] EXT4-fs (loop4): Remounting filesystem read-only [ 179.659143][ T294] EXT4-fs (loop2): unmounting filesystem. [ 179.671440][ T2125] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #3: comm syz.4.274: mark_inode_dirty error [ 179.688996][ T2125] EXT4-fs (loop4): Remounting filesystem read-only [ 179.703301][ T2125] Quota error (device loop4): write_blk: dquota write failed [ 179.716582][ T2125] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 179.736682][ T2125] EXT4-fs error (device loop4): ext4_acquire_dquot:6782: comm syz.4.274: Failed to acquire dquot type 0 [ 179.758116][ T2125] EXT4-fs (loop4): Remounting filesystem read-only [ 179.781897][ T2125] EXT4-fs error (device loop4): ext4_do_update_inode:5226: inode #16: comm syz.4.274: corrupted inode contents [ 179.793935][ T2125] EXT4-fs (loop4): Remounting filesystem read-only [ 179.801251][ T2125] EXT4-fs error (device loop4): ext4_dirty_inode:6091: inode #16: comm syz.4.274: mark_inode_dirty error [ 179.812909][ T2125] EXT4-fs (loop4): Remounting filesystem read-only [ 179.819970][ T2125] EXT4-fs error (device loop4): ext4_do_update_inode:5226: inode #16: comm syz.4.274: corrupted inode contents [ 179.831989][ T2125] EXT4-fs (loop4): Remounting filesystem read-only [ 179.838354][ T2125] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #16: comm syz.4.274: mark_inode_dirty error [ 179.850106][ T2125] EXT4-fs (loop4): Remounting filesystem read-only [ 179.856506][ T2125] EXT4-fs error (device loop4): ext4_do_update_inode:5226: inode #16: comm syz.4.274: corrupted inode contents [ 179.868572][ T2125] EXT4-fs (loop4): Remounting filesystem read-only [ 179.874938][ T2125] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem [ 179.883703][ T2125] EXT4-fs (loop4): Remounting filesystem read-only [ 179.890240][ T2125] EXT4-fs error (device loop4): ext4_do_update_inode:5226: inode #16: comm syz.4.274: corrupted inode contents [ 179.902744][ T2149] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 179.910358][ T2125] EXT4-fs (loop4): Remounting filesystem read-only [ 179.960460][ T2149] ext4 filesystem being mounted at /54/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 180.014877][ T2125] EXT4-fs error (device loop4): ext4_truncate:4313: inode #16: comm syz.4.274: mark_inode_dirty error [ 180.027144][ T2125] EXT4-fs (loop4): Remounting filesystem read-only [ 180.033624][ T2125] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem [ 180.042640][ T2125] EXT4-fs (loop4): Remounting filesystem read-only [ 180.049292][ T2125] EXT4-fs (loop4): 1 truncate cleaned up [ 180.054829][ T2125] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 180.064185][ T2125] ext4 filesystem being mounted at /51/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 180.085177][ T295] EXT4-fs (loop4): unmounting filesystem. [ 180.201951][ T292] EXT4-fs (loop1): unmounting filesystem. [ 180.282478][ T2173] loop2: detected capacity change from 0 to 128 [ 180.440416][ T2173] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 180.449891][ T2173] ext4 filesystem being mounted at /65/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 180.544016][ T2177] loop4: detected capacity change from 0 to 128 [ 180.660491][ T2177] EXT4-fs (loop4): Test dummy encryption mode enabled [ 180.730544][ T2178] loop1: detected capacity change from 0 to 16 [ 180.738481][ T28] audit: type=1400 audit(1742836926.993:140): avc: denied { create } for pid=2176 comm="syz.1.282" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 181.308946][ T2178] erofs: (device loop1): mounted with root inode @ nid 36. [ 181.321982][ T2178] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop1 ino=46 [ 181.378030][ T294] EXT4-fs (loop2): unmounting filesystem. [ 181.386016][ T2177] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 181.394571][ T2177] ext4 filesystem being mounted at /52/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 181.482121][ T28] audit: type=1400 audit(1742836927.803:141): avc: denied { unmount } for pid=294 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 181.594675][ T2198] can0: slcan on pts0. [ 181.637005][ T2196] 9pnet_fd: Insufficient options for proto=fd [ 181.697941][ T2198] futex_wake_op: syz.4.281 tries to shift op by -1; fix this program [ 181.948885][ T2177] can0 (unregistered): slcan off pts0. [ 182.018029][ T295] EXT4-fs (loop4): unmounting filesystem. [ 183.870991][ T28] audit: type=1400 audit(1742836930.193:142): avc: denied { unmount } for pid=2241 comm="syz.4.292" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 184.132806][ T2253] loop2: detected capacity change from 0 to 128 [ 184.222020][ T2255] loop0: detected capacity change from 0 to 512 [ 184.244344][ T28] audit: type=1400 audit(1742836930.563:143): avc: denied { remount } for pid=2254 comm="syz.0.297" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 184.357360][ T2260] loop1: detected capacity change from 0 to 512 [ 184.373363][ T2253] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 184.399343][ T2253] ext4 filesystem being mounted at /70/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 184.673794][ T2263] FAULT_INJECTION: forcing a failure. [ 184.673794][ T2263] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 184.686975][ T2263] CPU: 1 PID: 2263 Comm: syz.0.297 Not tainted 6.1.128-syzkaller-00029-g5145d157731f #0 [ 184.697479][ T2263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 184.707740][ T2263] Call Trace: [ 184.710855][ T2263] [ 184.713621][ T2263] dump_stack_lvl+0x151/0x1b7 [ 184.718781][ T2263] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 184.724173][ T2263] dump_stack+0x15/0x18 [ 184.728237][ T2263] should_fail_ex+0x3d0/0x520 [ 184.732975][ T2263] should_fail+0xb/0x10 [ 184.737728][ T2263] should_fail_usercopy+0x1a/0x20 [ 184.742640][ T2263] _copy_to_user+0x1e/0x90 [ 184.746908][ T2263] simple_read_from_buffer+0xc7/0x150 [ 184.752268][ T2263] proc_fail_nth_read+0x1a3/0x210 [ 184.757128][ T2263] ? proc_fault_inject_write+0x390/0x390 [ 184.762600][ T2263] ? fsnotify_perm+0x269/0x5b0 [ 184.767195][ T2263] ? security_file_permission+0x86/0xb0 [ 184.772573][ T2263] ? proc_fault_inject_write+0x390/0x390 [ 184.778220][ T2263] vfs_read+0x26c/0xae0 [ 184.782516][ T2263] ? kernel_read+0x1f0/0x1f0 [ 184.786982][ T2263] ? mutex_lock+0xb1/0x1e0 [ 184.791370][ T2263] ? bit_wait_io_timeout+0x120/0x120 [ 184.796489][ T2263] ? __fdget_pos+0x2e2/0x390 [ 184.800935][ T2263] ? ksys_read+0x77/0x2c0 [ 184.805166][ T2263] ksys_read+0x199/0x2c0 [ 184.809330][ T2263] ? __sched_text_start+0x8/0x8 [ 184.814029][ T2263] ? vfs_write+0xed0/0xed0 [ 184.818267][ T2263] ? fpregs_restore_userregs+0x130/0x290 [ 184.823741][ T2263] __x64_sys_read+0x7b/0x90 [ 184.828259][ T2263] x64_sys_call+0x28/0x9a0 [ 184.832507][ T2263] do_syscall_64+0x3b/0xb0 [ 184.836754][ T2263] ? clear_bhb_loop+0x55/0xb0 [ 184.841265][ T2263] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 184.847543][ T2263] RIP: 0033:0x7f1d6058bb7c [ 184.851863][ T2263] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 184.872363][ T2263] RSP: 002b:00007f1d61428030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 184.880680][ T2263] RAX: ffffffffffffffda RBX: 00007f1d607a6160 RCX: 00007f1d6058bb7c [ 184.888450][ T2263] RDX: 000000000000000f RSI: 00007f1d614280a0 RDI: 000000000000000a [ 184.896389][ T2263] RBP: 00007f1d61428090 R08: 0000000000000000 R09: 0000000000000000 [ 184.904193][ T2263] R10: 0000000000000047 R11: 0000000000000246 R12: 0000000000000001 [ 184.912093][ T2263] R13: 0000000000000000 R14: 00007f1d607a6160 R15: 00007ffc51299418 [ 184.920352][ T2263] [ 184.961339][ T2260] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 184.979931][ T28] audit: type=1400 audit(1742836930.983:144): avc: denied { create } for pid=2254 comm="syz.0.297" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 185.009229][ T2269] capability: warning: `syz.4.298' uses deprecated v2 capabilities in a way that may be insecure [ 185.020368][ T2260] EXT4-fs (loop1): orphan cleanup on readonly fs [ 185.020372][ T28] audit: type=1400 audit(1742836931.343:145): avc: denied { create } for pid=2268 comm="syz.4.298" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 185.020779][ T28] audit: type=1400 audit(1742836931.343:146): avc: denied { write } for pid=2268 comm="syz.4.298" path="socket:[19877]" dev="sockfs" ino=19877 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 185.031603][ T2260] Quota error (device loop1): do_check_range: Getting block 196613 out of range 1-5 [ 185.080161][ T2260] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0 [ 185.089697][ T2260] EXT4-fs error (device loop1): ext4_acquire_dquot:6782: comm syz.1.295: Failed to acquire dquot type 1 [ 185.101522][ T2260] EXT4-fs (loop1): 1 truncate cleaned up [ 185.107111][ T2260] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 185.139533][ T294] EXT4-fs (loop2): unmounting filesystem. [ 185.145950][ T28] audit: type=1400 audit(1742836931.463:147): avc: denied { nlmsg_read } for pid=2268 comm="syz.4.298" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 185.182748][ T2267] 9pnet_fd: Insufficient options for proto=fd [ 185.187280][ T2272] loop3: detected capacity change from 0 to 128 [ 185.202505][ T2275] loop2: detected capacity change from 0 to 512 [ 185.207038][ T2272] EXT4-fs (loop3): Test dummy encryption mode enabled [ 185.225681][ T2275] EXT4-fs: Ignoring removed nobh option [ 185.237003][ T2272] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 185.247650][ T2272] ext4 filesystem being mounted at /61/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 185.292962][ T28] audit: type=1400 audit(1742836931.593:148): avc: denied { create } for pid=2273 comm="syz.4.302" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 185.324878][ T2275] EXT4-fs error (device loop2): ext4_do_update_inode:5226: inode #3: comm syz.2.300: corrupted inode contents [ 185.337084][ T2275] EXT4-fs (loop2): Remounting filesystem read-only [ 185.343814][ T2275] EXT4-fs error (device loop2): ext4_dirty_inode:6091: inode #3: comm syz.2.300: mark_inode_dirty error [ 185.356031][ T292] EXT4-fs (loop1): unmounting filesystem. [ 185.365350][ T2284] can0: slcan on pts0. [ 185.388134][ T2275] EXT4-fs (loop2): Remounting filesystem read-only [ 185.703470][ T2289] loop0: detected capacity change from 0 to 128 [ 187.739076][ T28] audit: type=1400 audit(1742836931.833:149): avc: denied { create } for pid=2276 comm="syz.0.303" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 187.768989][ T2275] EXT4-fs error (device loop2): ext4_do_update_inode:5226: inode #3: comm syz.2.300: corrupted inode contents [ 187.793055][ T2292] netlink: 43 bytes leftover after parsing attributes in process `syz.1.304'. [ 187.823847][ T2293] futex_wake_op: syz.3.301 tries to shift op by -1; fix this program [ 188.176819][ T2289] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 188.186127][ T2289] ext4 filesystem being mounted at /52/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 188.334867][ T2275] EXT4-fs (loop2): Remounting filesystem read-only [ 188.707534][ T28] audit: type=1400 audit(1742836931.853:150): avc: denied { write } for pid=2276 comm="syz.0.303" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 188.743271][ T28] audit: type=1400 audit(1742836931.863:151): avc: denied { read } for pid=2276 comm="syz.0.303" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 188.765680][ T2275] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #3: comm syz.2.300: mark_inode_dirty error [ 188.781486][ T2275] EXT4-fs (loop2): Remounting filesystem read-only [ 188.812262][ T2275] EXT4-fs error (device loop2): ext4_acquire_dquot:6782: comm syz.2.300: Failed to acquire dquot type 0 [ 188.849696][ T2275] EXT4-fs (loop2): Remounting filesystem read-only [ 188.858859][ T2272] can0 (unregistered): slcan off pts0. [ 188.879314][ T2275] EXT4-fs error (device loop2): ext4_do_update_inode:5226: inode #16: comm syz.2.300: corrupted inode contents [ 188.911009][ T2275] EXT4-fs (loop2): Remounting filesystem read-only [ 188.923575][ T2275] EXT4-fs error (device loop2): ext4_dirty_inode:6091: inode #16: comm syz.2.300: mark_inode_dirty error [ 188.957137][ T293] EXT4-fs (loop0): unmounting filesystem. [ 188.964121][ T2275] EXT4-fs (loop2): Remounting filesystem read-only [ 188.972043][ T2275] EXT4-fs error (device loop2): ext4_do_update_inode:5226: inode #16: comm syz.2.300: corrupted inode contents [ 188.972447][ T296] EXT4-fs (loop3): unmounting filesystem. [ 188.990903][ T2275] EXT4-fs (loop2): Remounting filesystem read-only [ 189.012064][ T2275] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #16: comm syz.2.300: mark_inode_dirty error [ 189.048593][ T2275] EXT4-fs (loop2): Remounting filesystem read-only [ 189.079661][ T2275] EXT4-fs error (device loop2): ext4_do_update_inode:5226: inode #16: comm syz.2.300: corrupted inode contents [ 189.100343][ T2275] EXT4-fs (loop2): Remounting filesystem read-only [ 189.106919][ T2275] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem [ 189.115945][ T2275] EXT4-fs (loop2): Remounting filesystem read-only [ 189.122553][ T2275] EXT4-fs error (device loop2): ext4_do_update_inode:5226: inode #16: comm syz.2.300: corrupted inode contents [ 189.161763][ T2275] EXT4-fs (loop2): Remounting filesystem read-only [ 189.176606][ T2275] EXT4-fs error (device loop2): ext4_truncate:4313: inode #16: comm syz.2.300: mark_inode_dirty error [ 189.188038][ T2275] EXT4-fs (loop2): Remounting filesystem read-only [ 189.196230][ T2321] loop0: detected capacity change from 0 to 128 [ 189.215448][ T2324] loop1: detected capacity change from 0 to 128 [ 189.222195][ T2275] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem [ 189.230947][ T2324] EXT4-fs (loop1): Test dummy encryption mode enabled [ 189.237220][ T2275] EXT4-fs (loop2): Remounting filesystem read-only [ 189.238120][ T2321] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 189.244458][ T2275] EXT4-fs (loop2): 1 truncate cleaned up [ 189.258186][ T2321] ext4 filesystem being mounted at /54/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 189.259215][ T2324] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 189.268837][ T2275] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 189.287719][ T2275] ext4 filesystem being mounted at /71/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 189.320232][ T2324] ext4 filesystem being mounted at /60/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 189.331082][ T294] EXT4-fs (loop2): unmounting filesystem. [ 189.337748][ T293] EXT4-fs (loop0): unmounting filesystem. [ 189.440788][ T2347] can0: slcan on pts0. [ 189.501931][ T2354] futex_wake_op: syz.1.310 tries to shift op by -1; fix this program [ 189.599334][ T2053] IPv6: ADDRCONF(NETDEV_CHANGE): can0: link becomes ready [ 189.638482][ T6] usb 1-1: new low-speed USB device number 9 using dummy_hcd [ 189.700605][ T2367] syz.2.313[2367] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 189.701041][ T2367] syz.2.313[2367] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 189.715660][ T2367] FAULT_INJECTION: forcing a failure. [ 189.715660][ T2367] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 189.739525][ T2367] CPU: 1 PID: 2367 Comm: syz.2.313 Not tainted 6.1.128-syzkaller-00029-g5145d157731f #0 [ 189.749078][ T2367] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 189.758964][ T2367] Call Trace: [ 189.762095][ T2367] [ 189.764867][ T2367] dump_stack_lvl+0x151/0x1b7 [ 189.769383][ T2367] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 189.774671][ T2367] ? kstrtoull+0x152/0x2e0 [ 189.778924][ T2367] ? kstrtoull+0x1cd/0x2e0 [ 189.783183][ T2367] dump_stack+0x15/0x18 [ 189.787170][ T2367] should_fail_ex+0x3d0/0x520 [ 189.791688][ T2367] should_fail+0xb/0x10 [ 189.795676][ T2367] should_fail_usercopy+0x1a/0x20 [ 189.800538][ T2367] copy_to_user_nofault+0x7c/0x140 [ 189.805483][ T2367] bpf_probe_write_user+0x96/0xf0 [ 189.810347][ T2367] bpf_prog_6303d92f98284ad8+0x3b/0x3f [ 189.815642][ T2367] bpf_trace_run4+0x18d/0x2f0 [ 189.820153][ T2367] ? bpf_trace_run3+0x2e0/0x2e0 [ 189.824839][ T2367] ? __this_cpu_preempt_check+0x13/0x20 [ 189.830218][ T2367] ? tracing_record_taskinfo_sched_switch+0x84/0x390 [ 189.836727][ T2367] ? probe_sched_switch+0x60/0x80 [ 189.841590][ T2367] ? __bpf_trace_sched_wakeup_template+0x10/0x10 [ 189.847749][ T2367] __bpf_trace_sched_switch+0xe/0x10 [ 189.852874][ T2367] __traceiter_sched_switch+0x91/0xc0 [ 189.858081][ T2367] __schedule+0x1313/0x1560 [ 189.862427][ T2367] ? __kasan_check_write+0x14/0x20 [ 189.867371][ T2367] ? __sched_text_start+0x8/0x8 [ 189.872058][ T2367] ? __kasan_check_write+0x14/0x20 [ 189.877012][ T2367] preempt_schedule_irq+0xc7/0x140 [ 189.881947][ T2367] ? preempt_schedule_notrace+0x140/0x140 [ 189.887501][ T2367] ? finish_task_switch+0x167/0x7b0 [ 189.892535][ T2367] ? requeue_task_rt+0x410/0x410 [ 189.897312][ T2367] raw_irqentry_exit_cond_resched+0x2a/0x30 [ 189.903051][ T2367] irqentry_exit+0x30/0x40 [ 189.907290][ T2367] sysvec_reschedule_ipi+0x8f/0x170 [ 189.912325][ T2367] asm_sysvec_reschedule_ipi+0x1b/0x20 [ 189.917617][ T2367] RIP: 0010:strnlen_user+0x16e/0x1d0 [ 189.922738][ T2367] Code: 44 24 ff 49 f7 d4 49 21 c4 49 c1 ec 07 48 b8 08 06 05 04 03 02 01 00 49 0f af c4 48 c1 e8 38 4d 29 ee 49 8d 44 06 01 0f 01 ca <48> 83 c4 18 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 de 98 d3 fe 48 8b [ 189.942193][ T2367] RSP: 0018:ffffc9000f0e7e68 EFLAGS: 00000202 [ 189.948081][ T2367] RAX: 000000000000000a RBX: 00000000000000fe RCX: ffff88811add8000 [ 189.955893][ T2367] RDX: 0000000000000000 RSI: 00000000000000fe RDI: 0000000000000009 [ 189.963704][ T2367] RBP: ffffc9000f0e7ea8 R08: ffffffff82a1fd32 R09: 0000000000000000 [ 189.971640][ T2367] R10: 0000000000000000 R11: 0000000000000000 R12: 000000ffffffffff [ 189.979530][ T2367] R13: 0000000000000004 R14: 0000000000000004 R15: 00007f7f2680ec38 [ 189.987348][ T2367] ? strnlen_user+0x102/0x1d0 [ 189.991862][ T2367] ? strnlen_user+0x142/0x1d0 [ 189.996459][ T2367] __se_sys_memfd_create+0x97/0x3e0 [ 190.001491][ T2367] __x64_sys_memfd_create+0x5b/0x70 [ 190.006524][ T2367] x64_sys_call+0x871/0x9a0 [ 190.010860][ T2367] do_syscall_64+0x3b/0xb0 [ 190.015112][ T2367] ? clear_bhb_loop+0x55/0xb0 [ 190.019627][ T2367] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 190.025357][ T2367] RIP: 0033:0x7f7f2678d169 [ 190.029607][ T2367] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 190.049138][ T2367] RSP: 002b:00007f7f27540e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f [ 190.057381][ T2367] RAX: ffffffffffffffda RBX: 0000000000000254 RCX: 00007f7f2678d169 [ 190.065192][ T2367] RDX: 00007f7f27540ef0 RSI: 0000000000000000 RDI: 00007f7f2680ec3c [ 190.073009][ T2367] RBP: 00002000000006c0 R08: 00007f7f27540bb7 R09: 00007f7f27540e40 [ 190.080813][ T2367] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000300 [ 190.088625][ T2367] R13: 00007f7f27540ef0 R14: 00007f7f27540eb0 R15: 0000200000000680 [ 190.096703][ T2367] [ 190.115670][ T2367] loop2: detected capacity change from 0 to 128 [ 190.507955][ T2367] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 190.517511][ T2367] ext4 filesystem being mounted at /73/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 190.535782][ T28] kauditd_printk_skb: 5 callbacks suppressed [ 190.535810][ T28] audit: type=1400 audit(1742836936.853:155): avc: denied { link } for pid=2358 comm="syz.2.313" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop2" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 190.584386][ T2324] can0 (unregistered): slcan off pts0. [ 190.598616][ T2374] 9pnet_fd: Insufficient options for proto=fd [ 190.648904][ T6] usb 1-1: config 1 interface 0 altsetting 144 endpoint 0x1 is Bulk; changing to Interrupt [ 190.662152][ T6] usb 1-1: config 1 interface 0 altsetting 144 endpoint 0x82 is Bulk; changing to Interrupt [ 190.662639][ T292] EXT4-fs (loop1): unmounting filesystem. [ 190.672691][ T6] usb 1-1: config 1 interface 0 has no altsetting 0 [ 190.684524][ T28] audit: type=1400 audit(1742836936.993:156): avc: denied { watch watch_reads } for pid=2378 comm="syz.4.315" path="/59" dev="tmpfs" ino=339 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 190.736732][ T2385] futex_wake_op: syz.4.315 tries to shift op by -1; fix this program [ 190.751747][ T294] EXT4-fs (loop2): unmounting filesystem. [ 190.783834][ T6] usb 1-1: string descriptor 0 read error: -22 [ 190.784943][ T2390] loop1: detected capacity change from 0 to 512 [ 190.799459][ T6] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 190.813165][ T6] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 190.821298][ T2390] EXT4-fs: Ignoring removed nobh option [ 190.838030][ T2390] EXT4-fs error (device loop1): ext4_do_update_inode:5226: inode #3: comm syz.1.317: corrupted inode contents [ 190.846124][ T2338] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 190.858509][ T2338] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 190.869346][ T2390] EXT4-fs (loop1): Remounting filesystem read-only [ 190.884651][ T2390] EXT4-fs error (device loop1): ext4_dirty_inode:6091: inode #3: comm syz.1.317: mark_inode_dirty error [ 190.897953][ T2390] EXT4-fs (loop1): Remounting filesystem read-only [ 190.904892][ T2390] EXT4-fs error (device loop1): ext4_do_update_inode:5226: inode #3: comm syz.1.317: corrupted inode contents [ 190.926519][ T2390] EXT4-fs (loop1): Remounting filesystem read-only [ 190.932905][ T2390] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #3: comm syz.1.317: mark_inode_dirty error [ 190.948683][ T2390] EXT4-fs (loop1): Remounting filesystem read-only [ 190.956437][ T2390] Quota error (device loop1): write_blk: dquota write failed [ 190.969369][ T2390] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 190.979171][ T2390] EXT4-fs error (device loop1): ext4_acquire_dquot:6782: comm syz.1.317: Failed to acquire dquot type 0 [ 190.991541][ T2390] EXT4-fs (loop1): Remounting filesystem read-only [ 191.008512][ T2390] EXT4-fs error (device loop1): ext4_do_update_inode:5226: inode #16: comm syz.1.317: corrupted inode contents [ 191.022204][ T2390] EXT4-fs (loop1): Remounting filesystem read-only [ 191.028737][ T2390] EXT4-fs error (device loop1): ext4_dirty_inode:6091: inode #16: comm syz.1.317: mark_inode_dirty error [ 191.040816][ T2390] EXT4-fs (loop1): Remounting filesystem read-only [ 191.047163][ T2390] EXT4-fs error (device loop1): ext4_do_update_inode:5226: inode #16: comm syz.1.317: corrupted inode contents [ 191.059226][ T2390] EXT4-fs (loop1): Remounting filesystem read-only [ 191.065650][ T2390] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #16: comm syz.1.317: mark_inode_dirty error [ 191.068696][ T2413] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 191.076652][ T28] audit: type=1400 audit(1742836937.383:157): avc: denied { read } for pid=2412 comm="syz.3.319" name="kvm" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 191.115124][ T28] audit: type=1400 audit(1742836937.383:158): avc: denied { open } for pid=2412 comm="syz.3.319" path="/dev/kvm" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 191.137835][ T2390] EXT4-fs (loop1): Remounting filesystem read-only [ 191.144485][ T2390] EXT4-fs error (device loop1): ext4_do_update_inode:5226: inode #16: comm syz.1.317: corrupted inode contents [ 191.156194][ T28] audit: type=1400 audit(1742836937.383:159): avc: denied { ioctl } for pid=2412 comm="syz.3.319" path="/dev/kvm" dev="devtmpfs" ino=83 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 191.181115][ T2390] EXT4-fs (loop1): Remounting filesystem read-only [ 191.187481][ T2390] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem [ 191.196289][ T2390] EXT4-fs (loop1): Remounting filesystem read-only [ 191.202808][ T2390] EXT4-fs error (device loop1): ext4_do_update_inode:5226: inode #16: comm syz.1.317: corrupted inode contents [ 191.214956][ T2390] EXT4-fs (loop1): Remounting filesystem read-only [ 191.223631][ T2390] EXT4-fs error (device loop1): ext4_truncate:4313: inode #16: comm syz.1.317: mark_inode_dirty error [ 191.237163][ T2338] device wireguard0 entered promiscuous mode [ 191.243244][ T2338] IPv6: ADDRCONF(NETDEV_CHANGE): wireguard0: link becomes ready [ 191.250903][ T2390] EXT4-fs (loop1): Remounting filesystem read-only [ 191.257278][ T2390] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem [ 191.268621][ T2390] EXT4-fs (loop1): Remounting filesystem read-only [ 191.276170][ T2390] EXT4-fs (loop1): 1 truncate cleaned up [ 191.284963][ T2390] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 191.294012][ T2390] ext4 filesystem being mounted at /61/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 191.312558][ T28] audit: type=1400 audit(1742836937.633:160): avc: denied { write } for pid=2412 comm="syz.3.319" name="kvm" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 191.354368][ T2413] kvm [2412]: vcpu0, guest rIP: 0x2ce disabled perfctr wrmsr: 0xc1 data 0x7 [ 191.439848][ T28] audit: type=1400 audit(1742836937.763:161): avc: denied { read } for pid=2412 comm="syz.3.319" dev="sockfs" ino=18941 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 191.963313][ T292] EXT4-fs (loop1): unmounting filesystem. [ 192.025147][ T1572] usb 1-1: USB disconnect, device number 9 [ 192.028363][ T2427] loop1: detected capacity change from 0 to 512 [ 192.037364][ T2427] EXT4-fs: Ignoring removed nobh option [ 192.054914][ T2427] EXT4-fs error (device loop1): ext4_do_update_inode:5226: inode #3: comm syz.1.322: corrupted inode contents [ 192.067513][ T2427] EXT4-fs (loop1): Remounting filesystem read-only [ 192.074876][ T2427] EXT4-fs error (device loop1): ext4_dirty_inode:6091: inode #3: comm syz.1.322: mark_inode_dirty error [ 192.088464][ T2427] EXT4-fs (loop1): Remounting filesystem read-only [ 192.098782][ T2427] EXT4-fs error (device loop1): ext4_do_update_inode:5226: inode #3: comm syz.1.322: corrupted inode contents [ 192.128144][ T2427] EXT4-fs (loop1): Remounting filesystem read-only [ 192.139138][ T2427] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #3: comm syz.1.322: mark_inode_dirty error [ 192.159765][ T2427] EXT4-fs (loop1): Remounting filesystem read-only [ 192.170841][ T2427] Quota error (device loop1): write_blk: dquota write failed [ 192.181567][ T2427] EXT4-fs error (device loop1): ext4_acquire_dquot:6782: comm syz.1.322: Failed to acquire dquot type 0 [ 192.201183][ T2427] EXT4-fs (loop1): Remounting filesystem read-only [ 192.208794][ T2427] EXT4-fs error (device loop1): ext4_do_update_inode:5226: inode #16: comm syz.1.322: corrupted inode contents [ 192.220817][ T2427] EXT4-fs (loop1): Remounting filesystem read-only [ 192.227223][ T2427] EXT4-fs error (device loop1): ext4_dirty_inode:6091: inode #16: comm syz.1.322: mark_inode_dirty error [ 192.238964][ T2427] EXT4-fs (loop1): Remounting filesystem read-only [ 192.245341][ T2427] EXT4-fs error (device loop1): ext4_do_update_inode:5226: inode #16: comm syz.1.322: corrupted inode contents [ 192.258310][ T2427] EXT4-fs (loop1): Remounting filesystem read-only [ 192.265235][ T2427] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #16: comm syz.1.322: mark_inode_dirty error [ 192.276840][ T2427] EXT4-fs (loop1): Remounting filesystem read-only [ 192.283413][ T2427] EXT4-fs error (device loop1): ext4_do_update_inode:5226: inode #16: comm syz.1.322: corrupted inode contents [ 192.295425][ T2427] EXT4-fs (loop1): Remounting filesystem read-only [ 192.301875][ T2427] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem [ 192.311136][ T2427] EXT4-fs (loop1): Remounting filesystem read-only [ 192.317580][ T2427] EXT4-fs error (device loop1): ext4_do_update_inode:5226: inode #16: comm syz.1.322: corrupted inode contents [ 192.329714][ T2427] EXT4-fs (loop1): Remounting filesystem read-only [ 192.336128][ T2427] EXT4-fs error (device loop1): ext4_truncate:4313: inode #16: comm syz.1.322: mark_inode_dirty error [ 192.347120][ T2427] EXT4-fs (loop1): Remounting filesystem read-only [ 192.353514][ T2427] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem [ 192.362472][ T2427] EXT4-fs (loop1): Remounting filesystem read-only [ 192.369138][ T2427] EXT4-fs (loop1): 1 truncate cleaned up [ 192.374719][ T2427] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 192.383597][ T2427] ext4 filesystem being mounted at /62/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 192.765432][ T2443] 9pnet_fd: Insufficient options for proto=fd [ 192.915731][ T292] EXT4-fs (loop1): unmounting filesystem. [ 194.004455][ T2452] loop2: detected capacity change from 0 to 128 [ 194.491343][ T2452] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 194.501370][ T2452] ext4 filesystem being mounted at /77/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 195.433024][ T2462] loop3: detected capacity change from 0 to 128 [ 195.572874][ T294] EXT4-fs (loop2): unmounting filesystem. [ 195.662018][ T2462] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 195.671210][ T2462] ext4 filesystem being mounted at /67/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 196.042052][ T28] kauditd_printk_skb: 4 callbacks suppressed [ 196.042069][ T28] audit: type=1400 audit(1742836942.363:165): avc: denied { ioctl } for pid=2468 comm="syz.2.332" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=19058 ioctlcmd=0xaa3f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 196.212042][ T2474] audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=64 [ 196.219632][ T2474] audit: out of memory in audit_log_start [ 198.872804][ T296] EXT4-fs (loop3): unmounting filesystem. [ 199.065574][ T521] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 199.084744][ T2490] 9pnet_fd: Insufficient options for proto=fd [ 200.214699][ T2506] loop2: detected capacity change from 0 to 512 [ 200.250814][ T953] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 200.271053][ T28] audit: type=1400 audit(1742836946.593:166): avc: denied { sqpoll } for pid=2491 comm="syz.3.340" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 200.467702][ T2516] FAULT_INJECTION: forcing a failure. [ 200.467702][ T2516] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 200.480631][ T2516] CPU: 1 PID: 2516 Comm: syz.2.345 Not tainted 6.1.128-syzkaller-00029-g5145d157731f #0 [ 200.490114][ T2516] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 200.499996][ T2516] Call Trace: [ 200.503123][ T2516] [ 200.505909][ T2516] dump_stack_lvl+0x151/0x1b7 [ 200.510421][ T2516] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 200.515705][ T2516] ? m_stop+0x2ea/0x300 [ 200.519705][ T2516] dump_stack+0x15/0x18 [ 200.523696][ T2516] should_fail_ex+0x3d0/0x520 [ 200.528205][ T2516] should_fail+0xb/0x10 [ 200.532195][ T2516] should_fail_usercopy+0x1a/0x20 [ 200.537076][ T2516] _copy_to_user+0x1e/0x90 [ 200.541311][ T2516] simple_read_from_buffer+0xc7/0x150 [ 200.546520][ T2516] proc_fail_nth_read+0x1a3/0x210 [ 200.551392][ T2516] ? proc_fault_inject_write+0x390/0x390 [ 200.556843][ T2516] ? fsnotify_perm+0x269/0x5b0 [ 200.561532][ T2516] ? security_file_permission+0x86/0xb0 [ 200.566911][ T2516] ? proc_fault_inject_write+0x390/0x390 [ 200.572388][ T2516] vfs_read+0x26c/0xae0 [ 200.575644][ T28] audit: type=1400 audit(1742836946.783:167): avc: denied { accept } for pid=2505 comm="syz.2.345" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1 [ 200.576378][ T2516] ? kernel_read+0x1f0/0x1f0 [ 200.601019][ T2516] ? mutex_lock+0xb1/0x1e0 [ 200.605369][ T2516] ? bit_wait_io_timeout+0x120/0x120 [ 200.611711][ T2516] ? __fdget_pos+0x2e2/0x390 [ 200.616213][ T2516] ? ksys_read+0x77/0x2c0 [ 200.618806][ T28] audit: type=1400 audit(1742836946.783:168): avc: denied { create } for pid=2505 comm="syz.2.345" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 200.620378][ T2516] ksys_read+0x199/0x2c0 [ 200.644511][ T2516] ? vfs_write+0xed0/0xed0 [ 200.648762][ T2516] ? debug_smp_processor_id+0x17/0x20 [ 200.653966][ T2516] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 200.659865][ T2516] __x64_sys_read+0x7b/0x90 [ 200.664204][ T2516] x64_sys_call+0x28/0x9a0 [ 200.668510][ T2516] do_syscall_64+0x3b/0xb0 [ 200.672707][ T2516] ? clear_bhb_loop+0x55/0xb0 [ 200.677224][ T2516] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 200.682951][ T2516] RIP: 0033:0x7f7f2678bb7c [ 200.687367][ T2516] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 200.707221][ T2516] RSP: 002b:00007f7f27541030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 200.715455][ T2516] RAX: ffffffffffffffda RBX: 00007f7f269a6160 RCX: 00007f7f2678bb7c [ 200.723388][ T2516] RDX: 000000000000000f RSI: 00007f7f275410a0 RDI: 000000000000000c [ 200.731187][ T2516] RBP: 00007f7f27541090 R08: 0000000000000000 R09: 0000000000000000 [ 200.738999][ T2516] R10: 00000000000004b6 R11: 0000000000000246 R12: 0000000000000001 [ 200.746806][ T2516] R13: 0000000000000000 R14: 00007f7f269a6160 R15: 00007ffe8c1e50d8 [ 200.754626][ T2516] [ 201.578443][ T1042] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 201.624379][ T2537] netlink: 43 bytes leftover after parsing attributes in process `syz.1.352'. [ 201.782656][ T1042] usb 1-1: Using ep0 maxpacket: 16 [ 201.788800][ T1042] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 201.799745][ T1042] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 201.809526][ T1042] usb 1-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00 [ 201.818408][ T1042] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 201.827034][ T1042] usb 1-1: config 0 descriptor?? [ 201.973829][ T2546] netlink: 28 bytes leftover after parsing attributes in process `syz.2.355'. [ 202.363225][ T2554] xt_CT: No such helper "snmp" [ 203.290615][ T1042] input: HID 05ac:8241 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:05AC:8241.000E/input/input17 [ 203.421752][ T1042] appleir 0003:05AC:8241.000E: input,hiddev96,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.0-1/input0 [ 203.600220][ T2562] loop2: detected capacity change from 0 to 4096 [ 203.665881][ T2562] ext4: Unknown parameter 'measure' [ 204.017553][ T2576] loop2: detected capacity change from 0 to 128 [ 204.046772][ T2576] EXT4-fs (loop2): Test dummy encryption mode enabled [ 204.055546][ T2576] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 204.064524][ T2576] ext4 filesystem being mounted at /88/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 204.143855][ T2579] can0: slcan on pts0. [ 204.237673][ T2591] futex_wake_op: syz.2.361 tries to shift op by -1; fix this program [ 204.248800][ T2592] loop0: detected capacity change from 0 to 256 [ 204.328117][ T2053] IPv6: ADDRCONF(NETDEV_CHANGE): can0: link becomes ready [ 204.668429][ T1042] usb 1-1: reset high-speed USB device number 10 using dummy_hcd [ 204.710202][ T2609] Zero length message leads to an empty skb [ 204.878630][ T2576] can0 (unregistered): slcan off pts0. [ 204.957443][ T294] EXT4-fs (loop2): unmounting filesystem. [ 205.226083][ T2624] netlink: 43 bytes leftover after parsing attributes in process `syz.3.369'. [ 205.398919][ T2633] loop2: detected capacity change from 0 to 128 [ 205.461110][ T2633] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 205.470607][ T2633] ext4 filesystem being mounted at /89/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 206.318945][ T294] EXT4-fs (loop2): unmounting filesystem. [ 206.396577][ T2651] loop2: detected capacity change from 0 to 128 [ 206.445161][ T2651] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 206.453773][ T2651] ext4 filesystem being mounted at /90/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 206.677958][ T2667] loop1: detected capacity change from 0 to 512 [ 206.711239][ T2667] EXT4-fs: Ignoring removed nobh option [ 206.739300][ T2667] EXT4-fs error (device loop1): ext4_do_update_inode:5226: inode #3: comm syz.1.375: corrupted inode contents [ 206.762397][ T2667] EXT4-fs (loop1): Remounting filesystem read-only [ 206.782285][ T2667] EXT4-fs error (device loop1): ext4_dirty_inode:6091: inode #3: comm syz.1.375: mark_inode_dirty error [ 206.793972][ T2667] EXT4-fs (loop1): Remounting filesystem read-only [ 206.801585][ T2667] EXT4-fs error (device loop1): ext4_do_update_inode:5226: inode #3: comm syz.1.375: corrupted inode contents [ 206.813657][ T2667] EXT4-fs (loop1): Remounting filesystem read-only [ 206.820285][ T2667] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #3: comm syz.1.375: mark_inode_dirty error [ 206.832803][ T2667] EXT4-fs (loop1): Remounting filesystem read-only [ 206.839640][ T2667] Quota error (device loop1): write_blk: dquota write failed [ 206.847067][ T2667] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 206.858705][ T2667] EXT4-fs error (device loop1): ext4_acquire_dquot:6782: comm syz.1.375: Failed to acquire dquot type 0 [ 206.881367][ T2667] EXT4-fs (loop1): Remounting filesystem read-only [ 206.893850][ T2667] EXT4-fs error (device loop1): ext4_do_update_inode:5226: inode #16: comm syz.1.375: corrupted inode contents [ 206.918260][ T2667] EXT4-fs (loop1): Remounting filesystem read-only [ 206.930159][ T2667] EXT4-fs error (device loop1): ext4_dirty_inode:6091: inode #16: comm syz.1.375: mark_inode_dirty error [ 206.958124][ T2667] EXT4-fs (loop1): Remounting filesystem read-only [ 206.971638][ T2667] EXT4-fs error (device loop1): ext4_do_update_inode:5226: inode #16: comm syz.1.375: corrupted inode contents [ 206.998212][ T2667] EXT4-fs (loop1): Remounting filesystem read-only [ 207.015593][ T2667] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #16: comm syz.1.375: mark_inode_dirty error [ 207.027725][ T2667] EXT4-fs (loop1): Remounting filesystem read-only [ 207.051943][ T2667] EXT4-fs error (device loop1): ext4_do_update_inode:5226: inode #16: comm syz.1.375: corrupted inode contents [ 207.069263][ T2667] EXT4-fs (loop1): Remounting filesystem read-only [ 207.075896][ T2667] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem [ 207.085349][ T2667] EXT4-fs (loop1): Remounting filesystem read-only [ 207.091974][ T2667] EXT4-fs error (device loop1): ext4_do_update_inode:5226: inode #16: comm syz.1.375: corrupted inode contents [ 207.103872][ T2667] EXT4-fs (loop1): Remounting filesystem read-only [ 207.110326][ T2667] EXT4-fs error (device loop1): ext4_truncate:4313: inode #16: comm syz.1.375: mark_inode_dirty error [ 207.111397][ T294] EXT4-fs (loop2): unmounting filesystem. [ 207.127963][ T2667] EXT4-fs (loop1): Remounting filesystem read-only [ 207.134622][ T2667] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem [ 207.144559][ T2667] EXT4-fs (loop1): Remounting filesystem read-only [ 207.157435][ T2667] EXT4-fs (loop1): 1 truncate cleaned up [ 207.163272][ T2667] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 207.172215][ T2667] ext4 filesystem being mounted at /71/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 208.390972][ T292] EXT4-fs (loop1): unmounting filesystem. [ 208.423747][ T28] audit: type=1400 audit(1742836954.743:169): avc: denied { mounton } for pid=2695 comm="syz.2.378" path="/proc/336/task" dev="proc" ino=20462 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1 [ 208.497914][ T28] audit: type=1400 audit(1742836954.743:170): avc: denied { mount } for pid=2695 comm="syz.2.378" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 208.533979][ T2696] loop2: detected capacity change from 0 to 512 [ 208.595890][ T706] usb 1-1: USB disconnect, device number 10 [ 208.712678][ T2711] loop0: detected capacity change from 0 to 128 [ 208.903691][ T2711] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 208.913115][ T2711] ext4 filesystem being mounted at /64/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 209.939600][ T293] EXT4-fs (loop0): unmounting filesystem. [ 209.985302][ T2726] netlink: 'syz.0.386': attribute type 49 has an invalid length. [ 209.992973][ T2726] netlink: 'syz.0.386': attribute type 49 has an invalid length. [ 210.874753][ T1572] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 211.058457][ T1572] usb 2-1: Using ep0 maxpacket: 16 [ 211.064622][ T1572] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 211.106892][ T1572] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 211.136997][ T1572] usb 2-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00 [ 211.473616][ T1572] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 211.489180][ T1572] usb 2-1: config 0 descriptor?? [ 211.899781][ T1572] input: HID 05ac:8241 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:05AC:8241.000F/input/input18 [ 211.990368][ T1572] appleir 0003:05AC:8241.000F: input,hiddev96,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.1-1/input0 [ 212.089040][ T2749] FAULT_INJECTION: forcing a failure. [ 212.089040][ T2749] name failslab, interval 1, probability 0, space 0, times 0 [ 212.101801][ T2749] CPU: 1 PID: 2749 Comm: syz.0.391 Not tainted 6.1.128-syzkaller-00029-g5145d157731f #0 [ 212.111387][ T2749] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 212.121818][ T2749] Call Trace: [ 212.124928][ T2749] [ 212.127705][ T2749] dump_stack_lvl+0x151/0x1b7 [ 212.132662][ T2749] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 212.137954][ T2749] ? irqentry_exit+0x30/0x40 [ 212.142375][ T2749] ? sysvec_reschedule_ipi+0x8f/0x170 [ 212.147580][ T2749] ? asm_sysvec_reschedule_ipi+0x1b/0x20 [ 212.153048][ T2749] dump_stack+0x15/0x18 [ 212.157042][ T2749] should_fail_ex+0x3d0/0x520 [ 212.161555][ T2749] __should_failslab+0xaf/0xf0 [ 212.166154][ T2749] ? __se_sys_mount+0x156/0x3b0 [ 212.171523][ T2749] should_failslab+0x9/0x20 [ 212.175788][ T2749] __kmem_cache_alloc_node+0x3d/0x2a0 [ 212.181082][ T2749] ? _copy_from_user+0x90/0xc0 [ 212.185688][ T2749] ? __se_sys_mount+0x156/0x3b0 [ 212.190369][ T2749] kmalloc_trace+0x2a/0xa0 [ 212.194994][ T2749] __se_sys_mount+0x156/0x3b0 [ 212.199480][ T2749] ? irqentry_exit+0x30/0x40 [ 212.203910][ T2749] ? __x64_sys_mount+0xd0/0xd0 [ 212.208856][ T2749] ? fpregs_restore_userregs+0x130/0x290 [ 212.214417][ T2749] __x64_sys_mount+0xbf/0xd0 [ 212.218837][ T2749] x64_sys_call+0x49d/0x9a0 [ 212.223178][ T2749] do_syscall_64+0x3b/0xb0 [ 212.227428][ T2749] ? clear_bhb_loop+0x55/0xb0 [ 212.231946][ T2749] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 212.237668][ T2749] RIP: 0033:0x7f1d6058d169 [ 212.241921][ T2749] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 212.261366][ T2749] RSP: 002b:00007f1d61428038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 212.269608][ T2749] RAX: ffffffffffffffda RBX: 00007f1d607a6160 RCX: 00007f1d6058d169 [ 212.277421][ T2749] RDX: 0000200000000080 RSI: 00002000000000c0 RDI: 0000000000000000 [ 212.285229][ T2749] RBP: 00007f1d61428090 R08: 00002000000012c0 R09: 0000000000000000 [ 212.293041][ T2749] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 212.300855][ T2749] R13: 0000000000000000 R14: 00007f1d607a6160 R15: 00007ffc51299418 [ 212.308677][ T2749] [ 212.313748][ T28] audit: type=1400 audit(1742836958.633:171): avc: denied { unlink } for pid=84 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 212.917728][ T2764] loop1: detected capacity change from 0 to 256 [ 213.112925][ T2769] loop2: detected capacity change from 0 to 128 [ 213.274076][ T2769] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 213.284192][ T2769] ext4 filesystem being mounted at /96/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 214.181123][ T2777] futex_wake_op: syz.4.397 tries to shift op by -1; fix this program [ 214.190024][ T294] EXT4-fs (loop2): unmounting filesystem. [ 214.450874][ T1572] usb 2-1: reset high-speed USB device number 10 using dummy_hcd [ 214.499169][ T2783] loop2: detected capacity change from 0 to 128 [ 214.516989][ T2783] EXT4-fs (loop2): Test dummy encryption mode enabled [ 214.547336][ T2783] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 214.584389][ T2783] ext4 filesystem being mounted at /97/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 214.698412][ T2789] can0: slcan on ptm0. [ 214.761635][ T2795] futex_wake_op: syz.2.399 tries to shift op by -1; fix this program [ 215.159854][ T2802] loop3: detected capacity change from 0 to 512 [ 215.168723][ T2802] EXT4-fs: Ignoring removed nobh option [ 215.210032][ T2802] EXT4-fs error (device loop3): ext4_do_update_inode:5226: inode #3: comm syz.3.402: corrupted inode contents [ 215.225065][ T2802] EXT4-fs (loop3): Remounting filesystem read-only [ 215.227715][ T2813] loop1: detected capacity change from 0 to 512 [ 215.231896][ T2802] EXT4-fs error (device loop3): ext4_dirty_inode:6091: inode #3: comm syz.3.402: mark_inode_dirty error [ 215.246027][ T2813] EXT4-fs: Ignoring removed nobh option [ 215.249077][ T2802] EXT4-fs (loop3): Remounting filesystem read-only [ 215.261454][ T2802] EXT4-fs error (device loop3): ext4_do_update_inode:5226: inode #3: comm syz.3.402: corrupted inode contents [ 215.273479][ T2802] EXT4-fs (loop3): Remounting filesystem read-only [ 215.280635][ T2802] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #3: comm syz.3.402: mark_inode_dirty error [ 215.286282][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): can0: link becomes ready [ 215.292374][ T2802] EXT4-fs (loop3): Remounting filesystem read-only [ 215.302646][ T2813] EXT4-fs error (device loop1): ext4_do_update_inode:5226: inode #3: comm syz.1.404: corrupted inode contents [ 215.309453][ T2802] Quota error (device loop3): write_blk: dquota write failed [ 215.324121][ T2802] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 215.329968][ T2813] EXT4-fs (loop1): Remounting filesystem read-only [ 215.334346][ T2802] EXT4-fs error (device loop3): ext4_acquire_dquot:6782: comm syz.3.402: Failed to acquire dquot type 0 [ 215.341553][ T2813] EXT4-fs error (device loop1): ext4_dirty_inode:6091: inode #3: comm syz.1.404: mark_inode_dirty error [ 215.352159][ T2802] EXT4-fs (loop3): Remounting filesystem read-only [ 215.363481][ T2813] EXT4-fs (loop1): Remounting filesystem read-only [ 215.369499][ T2802] EXT4-fs error (device loop3): ext4_do_update_inode:5226: inode #16: comm syz.3.402: corrupted inode contents [ 215.387204][ T2802] EXT4-fs (loop3): Remounting filesystem read-only [ 215.387791][ T2813] EXT4-fs error (device loop1): ext4_do_update_inode:5226: inode #3: comm syz.1.404: corrupted inode contents [ 215.400663][ T2813] EXT4-fs (loop1): Remounting filesystem read-only [ 215.407205][ T2802] EXT4-fs error (device loop3): ext4_dirty_inode:6091: inode #16: comm syz.3.402: mark_inode_dirty error [ 215.424935][ T2813] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #3: comm syz.1.404: mark_inode_dirty error [ 215.425546][ T2802] EXT4-fs (loop3): Remounting filesystem read-only [ 215.437116][ T2813] EXT4-fs (loop1): Remounting filesystem read-only [ 215.442424][ T2802] EXT4-fs error (device loop3): ext4_do_update_inode:5226: inode #16: comm syz.3.402: corrupted inode contents [ 215.449100][ T2783] can0 (unregistered): slcan off ptm0. [ 215.462803][ T2813] Quota error (device loop1): write_blk: dquota write failed [ 215.472878][ T2802] EXT4-fs (loop3): Remounting filesystem read-only [ 215.479406][ T2813] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 215.489283][ T2813] EXT4-fs error (device loop1): ext4_acquire_dquot:6782: comm syz.1.404: Failed to acquire dquot type 0 [ 215.489700][ T2802] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #16: comm syz.3.402: mark_inode_dirty error [ 215.512821][ T294] EXT4-fs (loop2): unmounting filesystem. [ 215.518436][ T2813] EXT4-fs (loop1): Remounting filesystem read-only [ 215.537846][ T2813] EXT4-fs error (device loop1): ext4_do_update_inode:5226: inode #16: comm syz.1.404: corrupted inode contents [ 215.555691][ T2813] EXT4-fs (loop1): Remounting filesystem read-only [ 215.562496][ T2802] EXT4-fs (loop3): Remounting filesystem read-only [ 215.568967][ T2802] EXT4-fs error (device loop3): ext4_do_update_inode:5226: inode #16: comm syz.3.402: corrupted inode contents [ 215.592016][ T2813] EXT4-fs error (device loop1): ext4_dirty_inode:6091: inode #16: comm syz.1.404: mark_inode_dirty error [ 215.603573][ T2802] EXT4-fs (loop3): Remounting filesystem read-only [ 215.610585][ T2813] EXT4-fs (loop1): Remounting filesystem read-only [ 215.618422][ T2802] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem [ 215.631577][ T2813] EXT4-fs error (device loop1): ext4_do_update_inode:5226: inode #16: comm syz.1.404: corrupted inode contents [ 215.644995][ T2802] EXT4-fs (loop3): Remounting filesystem read-only [ 215.651744][ T2813] EXT4-fs (loop1): Remounting filesystem read-only [ 215.658189][ T2802] EXT4-fs error (device loop3): ext4_do_update_inode:5226: inode #16: comm syz.3.402: corrupted inode contents [ 215.670652][ T2813] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #16: comm syz.1.404: mark_inode_dirty error [ 215.674779][ T2802] EXT4-fs (loop3): Remounting filesystem read-only [ 215.682757][ T2813] EXT4-fs (loop1): Remounting filesystem read-only [ 215.694462][ T2813] EXT4-fs error (device loop1): ext4_do_update_inode:5226: inode #16: comm syz.1.404: corrupted inode contents [ 215.702751][ T2802] EXT4-fs error (device loop3): ext4_truncate:4313: inode #16: comm syz.3.402: mark_inode_dirty error [ 215.708634][ T2813] EXT4-fs (loop1): Remounting filesystem read-only [ 215.724809][ T2813] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem [ 215.727066][ T2802] EXT4-fs (loop3): Remounting filesystem read-only [ 215.741988][ T2813] EXT4-fs (loop1): Remounting filesystem read-only [ 215.748731][ T2802] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem [ 215.762483][ T2813] EXT4-fs error (device loop1): ext4_do_update_inode:5226: inode #16: comm syz.1.404: corrupted inode contents [ 215.764565][ T2802] EXT4-fs (loop3): Remounting filesystem read-only [ 215.787755][ T2813] EXT4-fs (loop1): Remounting filesystem read-only [ 215.789655][ T2840] loop2: detected capacity change from 0 to 128 [ 215.801675][ T2813] EXT4-fs error (device loop1): ext4_truncate:4313: inode #16: comm syz.1.404: mark_inode_dirty error [ 215.813656][ T2802] EXT4-fs (loop3): 1 truncate cleaned up [ 215.819297][ T2802] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 215.823296][ T2813] EXT4-fs (loop1): Remounting filesystem read-only [ 215.841205][ T2813] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem [ 215.841630][ T2802] ext4 filesystem being mounted at /80/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 215.860502][ T2813] EXT4-fs (loop1): Remounting filesystem read-only [ 215.861128][ T2840] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 215.875289][ T2813] EXT4-fs (loop1): 1 truncate cleaned up [ 215.881233][ T2813] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 215.890189][ T2840] ext4 filesystem being mounted at /98/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 215.890423][ T2813] ext4 filesystem being mounted at /75/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 215.999533][ T1437] usb 2-1: USB disconnect, device number 10 [ 218.301835][ T292] EXT4-fs (loop1): unmounting filesystem. [ 218.369921][ T296] EXT4-fs (loop3): unmounting filesystem. [ 218.650935][ T2870] loop1: detected capacity change from 0 to 128 [ 219.927137][ T2875] loop0: detected capacity change from 0 to 128 [ 219.952758][ T2875] EXT4-fs (loop0): Test dummy encryption mode enabled [ 219.990382][ T2870] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 219.999294][ T2875] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 220.007838][ T2870] ext4 filesystem being mounted at /76/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 220.041171][ T2875] ext4 filesystem being mounted at /73/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 220.185706][ T292] EXT4-fs (loop1): unmounting filesystem. [ 220.195206][ T2883] can0: slcan on pts0. [ 220.299432][ T2888] futex_wake_op: syz.0.411 tries to shift op by -1; fix this program [ 220.799493][ T2875] can0 (unregistered): slcan off pts0. [ 220.887486][ T293] EXT4-fs (loop0): unmounting filesystem. [ 220.935248][ T2909] loop0: detected capacity change from 0 to 128 [ 220.974341][ T2909] EXT4-fs (loop0): Test dummy encryption mode enabled [ 221.009880][ T2909] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 221.042148][ T2909] ext4 filesystem being mounted at /74/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 221.136530][ T2920] loop3: detected capacity change from 0 to 128 [ 221.180013][ T2920] EXT4-fs (loop3): Test dummy encryption mode enabled [ 221.190286][ T2925] can0: slcan on pts0. [ 221.238415][ T2920] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 221.392152][ T2920] ext4 filesystem being mounted at /82/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 221.407268][ T2933] futex_wake_op: syz.0.414 tries to shift op by -1; fix this program [ 221.650365][ T2939] can1: slcan on pts1. [ 221.720790][ T2944] futex_wake_op: syz.3.415 tries to shift op by -1; fix this program [ 221.773105][ T294] EXT4-fs (loop2): unmounting filesystem. [ 221.810006][ T2909] can0 (unregistered): slcan off pts0. [ 221.825040][ T28] audit: type=1400 audit(1742836968.143:172): avc: denied { write } for pid=2949 comm="syz.2.417" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 221.845429][ T2950] netlink: 24 bytes leftover after parsing attributes in process `syz.2.417'. [ 221.899756][ T293] EXT4-fs (loop0): unmounting filesystem. [ 222.008833][ T2920] can1 (unregistered): slcan off pts1. [ 222.165619][ T296] EXT4-fs (loop3): unmounting filesystem. [ 222.174979][ T2972] process 'syz.0.421' launched './file0/../file0' with NULL argv: empty string added [ 222.185083][ T6] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 222.192966][ T28] audit: type=1400 audit(1742836968.513:173): avc: denied { read } for pid=2968 comm="syz.0.421" name="msr" dev="devtmpfs" ino=86 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 222.243660][ T28] audit: type=1400 audit(1742836968.513:174): avc: denied { open } for pid=2968 comm="syz.0.421" path="/dev/cpu/0/msr" dev="devtmpfs" ino=86 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 223.391706][ T3001] netlink: 12 bytes leftover after parsing attributes in process `syz.1.424'. [ 223.436067][ T28] audit: type=1400 audit(1742836969.753:175): avc: denied { listen } for pid=3000 comm="syz.1.424" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1 [ 223.488851][ T6] usb 3-1: Using ep0 maxpacket: 16 [ 223.495666][ T6] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 223.506047][ T6] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 9 [ 223.521107][ T6] usb 3-1: New USB device found, idVendor=045e, idProduct=fada, bcdDevice= 0.00 [ 223.531998][ T6] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 223.538107][ T3010] loop3: detected capacity change from 0 to 512 [ 223.541075][ T6] usb 3-1: config 0 descriptor?? [ 223.551678][ T6] usbhid 3-1:0.0: couldn't find an input interrupt endpoint [ 223.635083][ T3010] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 223.658504][ T3010] ext4 filesystem being mounted at /84/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 223.703220][ T3024] loop0: detected capacity change from 0 to 128 [ 223.719390][ T28] audit: type=1400 audit(1742836970.043:176): avc: denied { read write } for pid=3008 comm="syz.3.426" name="file1" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 223.737450][ T3024] EXT4-fs (loop0): Test dummy encryption mode enabled [ 223.750527][ T28] audit: type=1400 audit(1742836970.043:177): avc: denied { open } for pid=3008 comm="syz.3.426" path="/84/bus/file1" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 223.774309][ T3024] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 223.783334][ T3024] ext4 filesystem being mounted at /78/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 223.877762][ T3032] can0: slcan on pts0. [ 224.373387][ T3040] futex_wake_op: syz.0.429 tries to shift op by -1; fix this program [ 224.384424][ T296] EXT4-fs (loop3): unmounting filesystem. [ 224.466550][ T3041] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 224.521576][ T3041] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 224.728809][ T3024] can0 (unregistered): slcan off pts0. [ 224.777746][ T293] EXT4-fs (loop0): unmounting filesystem. [ 224.899268][ T3061] loop0: detected capacity change from 0 to 512 [ 224.926012][ T3061] EXT4-fs: Ignoring removed nobh option [ 224.989426][ T3068] loop1: detected capacity change from 0 to 128 [ 224.997575][ T3061] EXT4-fs error (device loop0): ext4_do_update_inode:5226: inode #3: comm syz.0.433: corrupted inode contents [ 225.151395][ T3061] EXT4-fs (loop0): Remounting filesystem read-only [ 225.163834][ T3061] EXT4-fs error (device loop0): ext4_dirty_inode:6091: inode #3: comm syz.0.433: mark_inode_dirty error [ 225.176864][ T3068] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 225.194225][ T3061] EXT4-fs (loop0): Remounting filesystem read-only [ 225.205423][ T3068] ext4 filesystem being mounted at /84/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 225.215999][ T3061] EXT4-fs error (device loop0): ext4_do_update_inode:5226: inode #3: comm syz.0.433: corrupted inode contents [ 225.328158][ T3061] EXT4-fs (loop0): Remounting filesystem read-only [ 225.339032][ T3061] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #3: comm syz.0.433: mark_inode_dirty error [ 225.361025][ T3061] EXT4-fs (loop0): Remounting filesystem read-only [ 225.379216][ T3061] Quota error (device loop0): write_blk: dquota write failed [ 225.406774][ T3061] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 225.488668][ T3061] EXT4-fs error (device loop0): ext4_acquire_dquot:6782: comm syz.0.433: Failed to acquire dquot type 0 [ 225.508099][ T3061] EXT4-fs (loop0): Remounting filesystem read-only [ 225.525003][ T3061] EXT4-fs error (device loop0): ext4_do_update_inode:5226: inode #16: comm syz.0.433: corrupted inode contents [ 225.538528][ T3061] EXT4-fs (loop0): Remounting filesystem read-only [ 225.544907][ T3061] EXT4-fs error (device loop0): ext4_dirty_inode:6091: inode #16: comm syz.0.433: mark_inode_dirty error [ 225.600689][ T3061] EXT4-fs (loop0): Remounting filesystem read-only [ 225.635199][ T3061] EXT4-fs error (device loop0): ext4_do_update_inode:5226: inode #16: comm syz.0.433: corrupted inode contents [ 225.749422][ T3061] EXT4-fs (loop0): Remounting filesystem read-only [ 225.791187][ T3061] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #16: comm syz.0.433: mark_inode_dirty error [ 225.959193][ T3061] EXT4-fs (loop0): Remounting filesystem read-only [ 225.970889][ T3061] EXT4-fs error (device loop0): ext4_do_update_inode:5226: inode #16: comm syz.0.433: corrupted inode contents [ 226.076159][ T3061] EXT4-fs (loop0): Remounting filesystem read-only [ 226.161219][ T3061] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem [ 226.352507][ T3061] EXT4-fs (loop0): Remounting filesystem read-only [ 226.374963][ T415] usb 3-1: USB disconnect, device number 4 [ 226.388566][ T3061] EXT4-fs error (device loop0): ext4_do_update_inode:5226: inode #16: comm syz.0.433: corrupted inode contents [ 226.441680][ T3061] EXT4-fs (loop0): Remounting filesystem read-only [ 226.448166][ T3061] EXT4-fs error (device loop0): ext4_truncate:4313: inode #16: comm syz.0.433: mark_inode_dirty error [ 226.528584][ T3061] EXT4-fs (loop0): Remounting filesystem read-only [ 226.545121][ T3061] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem [ 226.570821][ T3061] EXT4-fs (loop0): Remounting filesystem read-only [ 226.614436][ T3061] EXT4-fs (loop0): 1 truncate cleaned up [ 226.637316][ T3061] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 226.682456][ T3061] ext4 filesystem being mounted at /79/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 227.186059][ T293] EXT4-fs (loop0): unmounting filesystem. [ 227.247991][ T3111] loop0: detected capacity change from 0 to 128 [ 227.277361][ T3111] EXT4-fs (loop0): Test dummy encryption mode enabled [ 227.299930][ T3111] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 227.308812][ T3111] ext4 filesystem being mounted at /80/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 227.432555][ T292] EXT4-fs (loop1): unmounting filesystem. [ 227.441702][ T3115] can0: slcan on ptm0. [ 227.511598][ T3120] futex_wake_op: syz.0.442 tries to shift op by -1; fix this program [ 228.099282][ T3111] can0 (unregistered): slcan off ptm0. [ 228.127708][ T293] EXT4-fs (loop0): unmounting filesystem. [ 228.173208][ T28] audit: type=1400 audit(1742836974.493:178): avc: denied { write } for pid=3146 comm="syz.0.447" name="protocols" dev="proc" ino=4026532297 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1 [ 228.437309][ T3159] netlink: 24 bytes leftover after parsing attributes in process `syz.0.447'. [ 230.228405][ T3177] futex_wake_op: syz.4.451 tries to shift op by -1; fix this program [ 230.288401][ T348] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 230.515733][ T3181] loop1: detected capacity change from 0 to 512 [ 230.522124][ T3181] EXT4-fs: Ignoring removed nobh option [ 230.528377][ T348] usb 4-1: Using ep0 maxpacket: 16 [ 230.534429][ T348] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 230.545098][ T348] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 9 [ 230.551255][ T3181] EXT4-fs error (device loop1): ext4_do_update_inode:5226: inode #3: comm syz.1.453: corrupted inode contents [ 230.558984][ T348] usb 4-1: New USB device found, idVendor=045e, idProduct=fada, bcdDevice= 0.00 [ 230.578623][ T348] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 230.587042][ T3181] EXT4-fs (loop1): Remounting filesystem read-only [ 230.593442][ T3181] EXT4-fs error (device loop1): ext4_dirty_inode:6091: inode #3: comm syz.1.453: mark_inode_dirty error [ 230.604968][ T3181] EXT4-fs (loop1): Remounting filesystem read-only [ 230.611819][ T3181] EXT4-fs error (device loop1): ext4_do_update_inode:5226: inode #3: comm syz.1.453: corrupted inode contents [ 230.623759][ T3181] EXT4-fs (loop1): Remounting filesystem read-only [ 230.631617][ T348] usb 4-1: config 0 descriptor?? [ 230.636585][ T3181] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #3: comm syz.1.453: mark_inode_dirty error [ 230.649031][ T348] usbhid 4-1:0.0: couldn't find an input interrupt endpoint [ 230.657349][ T3181] EXT4-fs (loop1): Remounting filesystem read-only [ 230.664153][ T3181] Quota error (device loop1): write_blk: dquota write failed [ 230.671488][ T3181] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 230.681313][ T3181] EXT4-fs error (device loop1): ext4_acquire_dquot:6782: comm syz.1.453: Failed to acquire dquot type 0 [ 230.692899][ T3181] EXT4-fs (loop1): Remounting filesystem read-only [ 230.699982][ T3181] EXT4-fs error (device loop1): ext4_do_update_inode:5226: inode #16: comm syz.1.453: corrupted inode contents [ 230.712248][ T3181] EXT4-fs (loop1): Remounting filesystem read-only [ 230.718679][ T3181] EXT4-fs error (device loop1): ext4_dirty_inode:6091: inode #16: comm syz.1.453: mark_inode_dirty error [ 230.730264][ T3181] EXT4-fs (loop1): Remounting filesystem read-only [ 230.736826][ T3181] EXT4-fs error (device loop1): ext4_do_update_inode:5226: inode #16: comm syz.1.453: corrupted inode contents [ 230.749231][ T3181] EXT4-fs (loop1): Remounting filesystem read-only [ 230.755559][ T3181] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #16: comm syz.1.453: mark_inode_dirty error [ 230.767783][ T3181] EXT4-fs (loop1): Remounting filesystem read-only [ 230.774281][ T3181] EXT4-fs error (device loop1): ext4_do_update_inode:5226: inode #16: comm syz.1.453: corrupted inode contents [ 230.786380][ T3181] EXT4-fs (loop1): Remounting filesystem read-only [ 230.792739][ T3181] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem [ 230.801582][ T3181] EXT4-fs (loop1): Remounting filesystem read-only [ 230.807923][ T3181] EXT4-fs error (device loop1): ext4_do_update_inode:5226: inode #16: comm syz.1.453: corrupted inode contents [ 230.820246][ T3181] EXT4-fs (loop1): Remounting filesystem read-only [ 230.826583][ T3181] EXT4-fs error (device loop1): ext4_truncate:4313: inode #16: comm syz.1.453: mark_inode_dirty error [ 230.837726][ T3181] EXT4-fs (loop1): Remounting filesystem read-only [ 230.844139][ T3181] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem [ 230.853084][ T3181] EXT4-fs (loop1): Remounting filesystem read-only [ 230.859746][ T3181] EXT4-fs (loop1): 1 truncate cleaned up [ 230.865233][ T3181] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 230.874057][ T3181] ext4 filesystem being mounted at /87/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 231.220421][ T3196] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 231.393857][ T3196] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 231.443098][ T292] EXT4-fs (loop1): unmounting filesystem. [ 231.494883][ T3200] FAULT_INJECTION: forcing a failure. [ 231.494883][ T3200] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 231.534799][ T3200] CPU: 0 PID: 3200 Comm: syz.1.457 Not tainted 6.1.128-syzkaller-00029-g5145d157731f #0 [ 231.544685][ T3200] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 231.544707][ T3200] Call Trace: [ 231.544713][ T3200] [ 231.544721][ T3200] dump_stack_lvl+0x151/0x1b7 [ 231.544759][ T3200] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 231.544791][ T3200] dump_stack+0x15/0x18 [ 231.544815][ T3200] should_fail_ex+0x3d0/0x520 [ 231.544835][ T3200] should_fail+0xb/0x10 [ 231.586421][ T3200] should_fail_usercopy+0x1a/0x20 [ 231.592348][ T3200] _copy_from_user+0x1e/0xc0 [ 231.597098][ T3200] memdup_user+0x63/0xc0 [ 231.601355][ T3200] strndup_user+0x68/0xc0 [ 231.605631][ T3200] __se_sys_mount+0x9b/0x3b0 [ 231.610069][ T3200] ? __x64_sys_mount+0xd0/0xd0 [ 231.614667][ T3200] ? debug_smp_processor_id+0x17/0x20 [ 231.619861][ T3200] __x64_sys_mount+0xbf/0xd0 [ 231.624282][ T3200] x64_sys_call+0x49d/0x9a0 [ 231.628620][ T3200] do_syscall_64+0x3b/0xb0 [ 231.632909][ T3200] ? clear_bhb_loop+0x55/0xb0 [ 231.637390][ T3200] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 231.643137][ T3200] RIP: 0033:0x7fbeabd8d169 [ 231.647375][ T3200] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 231.667075][ T3200] RSP: 002b:00007fbeacb13038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 231.675319][ T3200] RAX: ffffffffffffffda RBX: 00007fbeabfa5fa0 RCX: 00007fbeabd8d169 [ 231.683140][ T3200] RDX: 0000200000000b80 RSI: 0000200000000040 RDI: 0000000000000000 [ 231.690938][ T3200] RBP: 00007fbeacb13090 R08: 0000200000000580 R09: 0000000000000000 [ 231.698748][ T3200] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 231.706554][ T3200] R13: 0000000000000000 R14: 00007fbeabfa5fa0 R15: 00007fffe9404748 [ 231.714383][ T3200] [ 231.751309][ T28] audit: type=1400 audit(1742836978.073:179): avc: denied { sys_module } for pid=3207 comm="syz.2.460" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 231.869806][ T3214] loop0: detected capacity change from 0 to 256 [ 231.891910][ T3214] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d) [ 231.905099][ T3214] exFAT-fs (loop0): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 232.048813][ T28] audit: type=1400 audit(1742836978.323:180): avc: denied { write } for pid=3213 comm="syz.0.461" name="file0" dev="loop0" ino=1048600 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 232.196093][ T28] audit: type=1400 audit(1742836978.323:181): avc: denied { add_name } for pid=3213 comm="syz.0.461" name="control" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 232.216798][ T28] audit: type=1400 audit(1742836978.323:182): avc: denied { associate } for pid=3213 comm="syz.0.461" name="control" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 232.263402][ T28] audit: type=1400 audit(1742836978.413:183): avc: denied { write open } for pid=3213 comm="syz.0.461" path="/85/file2/file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop0" ino=1048602 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 232.347466][ T28] audit: type=1400 audit(1742836978.563:184): avc: denied { read append } for pid=3213 comm="syz.0.461" path="/85/file2/file0/blkio.bfq.sectors_recursive" dev="loop0" ino=1048607 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 232.380785][ T28] audit: type=1400 audit(1742836978.573:185): avc: denied { remove_name } for pid=3213 comm="syz.0.461" name="file0" dev="loop0" ino=1048611 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 232.406055][ T3224] loop2: detected capacity change from 0 to 512 [ 232.556142][ T3239] netlink: 20 bytes leftover after parsing attributes in process `syz.2.468'. [ 232.570792][ T3238] bridge0: port 3(syz_tun) entered blocking state [ 232.577195][ T3238] bridge0: port 3(syz_tun) entered disabled state [ 232.634039][ T3238] device syz_tun entered promiscuous mode [ 232.640187][ T3238] bridge0: port 3(syz_tun) entered blocking state [ 232.646465][ T3238] bridge0: port 3(syz_tun) entered forwarding state [ 233.192213][ T39] usb 4-1: USB disconnect, device number 7 [ 233.399358][ T3249] loop0: detected capacity change from 0 to 131072 [ 233.407277][ T28] kauditd_printk_skb: 10 callbacks suppressed [ 233.407333][ T28] audit: type=1400 audit(1742836979.723:196): avc: denied { create } for pid=3259 comm="syz.2.479" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 233.435186][ T3249] F2FS-fs (loop0): Test dummy encryption mode enabled [ 233.446489][ T3249] F2FS-fs (loop0): invalid crc value [ 233.473738][ T3249] F2FS-fs (loop0): Found nat_bits in checkpoint [ 233.533707][ T3272] loop2: detected capacity change from 0 to 128 [ 233.562988][ T3249] F2FS-fs (loop0): sanity_check_inode: corrupted inode ino=3, run fsck to fix. [ 233.579794][ T3249] F2FS-fs (loop0): Failed to read root inode [ 233.581546][ T3274] loop1: detected capacity change from 0 to 2048 [ 233.593039][ T3272] syz.2.483: attempt to access beyond end of device [ 233.593039][ T3272] loop2: rw=2049, sector=145, nr_sectors = 95 limit=128 [ 233.608685][ T3274] EXT4-fs: Ignoring removed mblk_io_submit option [ 233.615003][ T3274] EXT4-fs: Ignoring removed i_version option [ 233.621077][ T39] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 233.637112][ T2053] kworker/u4:8: attempt to access beyond end of device [ 233.637112][ T2053] loop2: rw=1, sector=145, nr_sectors = 88 limit=128 [ 233.655831][ T2053] kworker/u4:8: attempt to access beyond end of device [ 233.655831][ T2053] loop2: rw=1, sector=233, nr_sectors = 1 limit=128 [ 233.669381][ T2053] Buffer I/O error on dev loop2, logical block 233, lost async page write [ 233.677809][ T2053] kworker/u4:8: attempt to access beyond end of device [ 233.677809][ T2053] loop2: rw=1, sector=234, nr_sectors = 1 limit=128 [ 233.689343][ T3274] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 233.691196][ T2053] Buffer I/O error on dev loop2, logical block 234, lost async page write [ 233.707886][ T2053] kworker/u4:8: attempt to access beyond end of device [ 233.707886][ T2053] loop2: rw=1, sector=235, nr_sectors = 1 limit=128 [ 233.721638][ T2053] Buffer I/O error on dev loop2, logical block 235, lost async page write [ 233.730004][ T3274] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 226492441 free clusters [ 233.730315][ T2053] kworker/u4:8: attempt to access beyond end of device [ 233.730315][ T2053] loop2: rw=1, sector=236, nr_sectors = 1 limit=128 [ 233.758974][ T2053] Buffer I/O error on dev loop2, logical block 236, lost async page write [ 233.767368][ T2053] kworker/u4:8: attempt to access beyond end of device [ 233.767368][ T2053] loop2: rw=1, sector=237, nr_sectors = 1 limit=128 [ 233.780540][ T2053] Buffer I/O error on dev loop2, logical block 237, lost async page write [ 233.784795][ T3274] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 2 with error 28 [ 233.801343][ T2053] kworker/u4:8: attempt to access beyond end of device [ 233.801343][ T2053] loop2: rw=1, sector=238, nr_sectors = 1 limit=128 [ 233.814718][ T2053] Buffer I/O error on dev loop2, logical block 238, lost async page write [ 233.823094][ T2053] kworker/u4:8: attempt to access beyond end of device [ 233.823094][ T2053] loop2: rw=1, sector=239, nr_sectors = 1 limit=128 [ 233.834169][ T3274] EXT4-fs (loop1): This should not happen!! Data will be lost [ 233.834169][ T3274] [ 233.836290][ T2053] Buffer I/O error on dev loop2, logical block 239, lost async page write [ 233.854533][ T39] usb 4-1: too many configurations: 68, using maximum allowed: 8 [ 233.862367][ T3274] EXT4-fs (loop1): Total free blocks count 0 [ 233.868524][ T3274] EXT4-fs (loop1): Free/Dirty block details [ 233.874389][ T3274] EXT4-fs (loop1): free_blocks=3623878656 [ 233.874486][ T39] usb 4-1: config index 0 descriptor too short (expected 72, got 56) [ 233.887962][ T3274] EXT4-fs (loop1): dirty_blocks=16 [ 233.898391][ T39] usb 4-1: config 1 has an invalid descriptor of length 9, skipping remainder of the config [ 233.912018][ T39] usb 4-1: config 1 interface 0 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 6 [ 233.924942][ T3274] EXT4-fs (loop1): Block reservation details [ 233.934584][ T28] audit: type=1400 audit(1742836980.253:197): avc: denied { create } for pid=3283 comm="syz.2.487" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 233.955556][ T3284] 9pnet_fd: Insufficient options for proto=fd [ 233.961985][ T3274] EXT4-fs (loop1): i_reserved_data_blocks=1 [ 233.968152][ T39] usb 4-1: config index 1 descriptor too short (expected 72, got 56) [ 233.988392][ T39] usb 4-1: config 1 has an invalid descriptor of length 9, skipping remainder of the config [ 233.998315][ T39] usb 4-1: config 1 interface 0 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 6 [ 233.999920][ T292] EXT4-fs (loop1): unmounting filesystem. [ 234.019506][ T28] audit: type=1400 audit(1742836980.273:198): avc: denied { mounton } for pid=3283 comm="syz.2.487" path="/115/file0" dev="tmpfs" ino=656 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 234.042762][ T39] usb 4-1: config index 2 descriptor too short (expected 72, got 56) [ 234.052819][ T39] usb 4-1: config 1 has an invalid descriptor of length 9, skipping remainder of the config [ 234.063966][ T39] usb 4-1: config 1 interface 0 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 6 [ 234.084870][ T28] audit: type=1400 audit(1742836980.303:199): avc: denied { unlink } for pid=294 comm="syz-executor" name="file0" dev="tmpfs" ino=656 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 234.118275][ T39] usb 4-1: config index 3 descriptor too short (expected 72, got 56) [ 234.126500][ T39] usb 4-1: config 1 has an invalid descriptor of length 9, skipping remainder of the config [ 234.136694][ T39] usb 4-1: config 1 interface 0 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 6 [ 234.179389][ T39] usb 4-1: config index 4 descriptor too short (expected 72, got 56) [ 234.191852][ T28] audit: type=1400 audit(1742836980.513:200): avc: denied { create } for pid=3299 comm="syz.2.495" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 234.223284][ T39] usb 4-1: config 1 has an invalid descriptor of length 9, skipping remainder of the config [ 234.248743][ T39] usb 4-1: config 1 interface 0 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 6 [ 234.299892][ T39] usb 4-1: config index 5 descriptor too short (expected 72, got 56) [ 234.313178][ T3314] loop2: detected capacity change from 0 to 2048 [ 234.320297][ T39] usb 4-1: config 1 has an invalid descriptor of length 9, skipping remainder of the config [ 234.330701][ T28] audit: type=1400 audit(1742836980.653:201): avc: denied { getopt } for pid=3318 comm="syz.0.505" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 234.350163][ T39] usb 4-1: config 1 interface 0 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 6 [ 234.364102][ T39] usb 4-1: config index 6 descriptor too short (expected 72, got 56) [ 234.395593][ T39] usb 4-1: config 1 has an invalid descriptor of length 9, skipping remainder of the config [ 234.416071][ T39] usb 4-1: config 1 interface 0 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 6 [ 234.438894][ T3314] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 234.458167][ T28] audit: type=1400 audit(1742836980.773:202): avc: denied { name_bind } for pid=3322 comm="syz.1.506" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1 [ 234.479330][ T3326] loop0: detected capacity change from 0 to 8192 [ 234.493141][ T39] usb 4-1: config index 7 descriptor too short (expected 72, got 56) [ 234.511410][ T39] usb 4-1: config 1 has an invalid descriptor of length 9, skipping remainder of the config [ 234.524706][ T3326] loop0: p3 < > p4 [ 234.531908][ T3326] loop0: p4 start 62720 is beyond EOD, truncated [ 234.553040][ T3314] EXT4-fs error (device loop2): ext4_find_extent:936: inode #2: comm syz.2.502: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 234.575402][ T3332] loop1: detected capacity change from 0 to 512 [ 234.580028][ T39] usb 4-1: config 1 interface 0 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 6 [ 234.582496][ T3332] EXT4-fs: Ignoring removed i_version option [ 234.601726][ T3332] EXT4-fs: Ignoring removed mblk_io_submit option [ 234.609805][ T3314] EXT4-fs (loop2): Remounting filesystem read-only [ 234.616385][ T3332] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 234.626964][ T39] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 234.656651][ T3332] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2809: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 234.657249][ T39] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 234.687472][ T3332] EXT4-fs (loop1): 1 truncate cleaned up [ 234.693815][ T3332] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 234.696052][ T294] EXT4-fs (loop2): unmounting filesystem. [ 234.710841][ T3336] Non-string source [ 234.712717][ T3332] EXT4-fs (loop1): unmounting filesystem. [ 234.720101][ T28] audit: type=1400 audit(1742836981.033:203): avc: denied { setopt } for pid=3335 comm="syz.0.509" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 234.720389][ T39] usb 4-1: Product: syz [ 234.770044][ T39] usb 4-1: Manufacturer: syz [ 234.774591][ T39] usb 4-1: SerialNumber: syz [ 234.872045][ T28] audit: type=1400 audit(1742836981.193:204): avc: denied { create } for pid=3342 comm="syz.2.512" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 234.918706][ T28] audit: type=1400 audit(1742836981.213:205): avc: denied { connect } for pid=3342 comm="syz.2.512" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 235.012856][ T3347] loop2: detected capacity change from 0 to 8192 [ 235.066609][ T3338] loop0: detected capacity change from 0 to 40427 [ 235.085072][ T3338] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 235.093023][ T3338] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 235.115526][ T3352] tipc: Started in network mode [ 235.120556][ T3352] tipc: Node identity e0000002, cluster identity 4711 [ 235.127671][ T3352] tipc: Enabling of bearer rejected, failed to enable media [ 235.136683][ T3338] F2FS-fs (loop0): Found nat_bits in checkpoint [ 235.218693][ T3338] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 235.225769][ T3338] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 235.268627][ T3366] Non-string source [ 235.314857][ T3368] loop1: detected capacity change from 0 to 2048 [ 235.321636][ T3370] syz.4.523[3370] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 235.321727][ T3370] syz.4.523[3370] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 235.341451][ T3368] Alternate GPT is invalid, using primary GPT. [ 235.364202][ T3368] loop1: p2 p3 p7 [ 235.379026][ T293] syz-executor: attempt to access beyond end of device [ 235.379026][ T293] loop0: rw=2049, sector=40960, nr_sectors = 8 limit=40427 [ 235.456194][ T3376] netlink: 8 bytes leftover after parsing attributes in process `syz.4.528'. [ 235.468473][ T39] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 235.509650][ T3380] loop1: detected capacity change from 0 to 1024 [ 235.545263][ T3380] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 235.560141][ T3380] ext4 filesystem being mounted at /107/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 235.585498][ T3380] EXT4-fs (loop1): Online defrag not supported with bigalloc [ 235.629842][ T292] EXT4-fs (loop1): unmounting filesystem. [ 235.679969][ T39] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 235.681617][ T3397] loop0: detected capacity change from 0 to 256 [ 235.697327][ T39] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024 [ 235.714840][ T3397] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d) [ 235.727572][ T3397] exFAT-fs (loop0): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 235.735866][ T39] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 235.753785][ T39] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 235.761925][ T39] usb 3-1: Product: syz [ 235.768666][ T39] usb 3-1: Manufacturer: syz [ 235.777620][ T39] usb 3-1: SerialNumber: syz [ 235.846947][ T3407] loop0: detected capacity change from 0 to 512 [ 235.880459][ T3407] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 235.890093][ T3407] ext4 filesystem being mounted at /101/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 235.956995][ T293] EXT4-fs error (device loop0): ext4_readdir:260: inode #12: block 32: comm syz-executor: path /101/bus/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 235.991122][ T3357] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 236.250825][ T521] usb 4-1: USB disconnect, device number 8 [ 236.609678][ T3357] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 236.827319][ T39] cdc_mbim 3-1:1.0: MAC-Address: 42:42:42:42:42:42 [ 236.836975][ T39] cdc_mbim 3-1:1.0: dwNtbInMaxSize=0 is too small. Using 2048 [ 236.856220][ T39] cdc_mbim 3-1:1.0: setting rx_max = 2048 [ 236.998764][ T3461] bridge0: port 3(vlan2) entered blocking state [ 237.004921][ T3461] bridge0: port 3(vlan2) entered disabled state [ 237.027594][ T39] cdc_mbim 3-1:1.0: setting tx_max = 184 [ 237.039038][ T39] cdc_mbim 3-1:1.0: cdc-wdm0: USB WDM device [ 237.056107][ T39] cdc_mbim 3-1:1.0 wwan0: register 'cdc_mbim' at usb-dummy_hcd.2-1, CDC MBIM, 42:42:42:42:42:42 [ 237.246275][ T39] usb 3-1: USB disconnect, device number 5 [ 237.255104][ T39] cdc_mbim 3-1:1.0 wwan0: unregister 'cdc_mbim' usb-dummy_hcd.2-1, CDC MBIM [ 237.494002][ T3498] loop3: detected capacity change from 0 to 512 [ 237.508934][ T3498] EXT4-fs: Ignoring removed orlov option [ 237.531298][ T3498] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 237.557957][ T3498] EXT4-fs (loop3): orphan cleanup on readonly fs [ 237.577333][ T3498] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.572: bg 0: block 248: padding at end of block bitmap is not set [ 237.607141][ T3498] EXT4-fs error (device loop3): ext4_acquire_dquot:6782: comm syz.3.572: Failed to acquire dquot type 1 [ 237.622092][ T3498] EXT4-fs (loop3): 1 truncate cleaned up [ 237.627788][ T3498] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 237.664467][ T3498] EXT4-fs: Ignoring removed orlov option [ 237.674259][ T3498] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 237.693904][ T3498] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended [ 237.730492][ T3498] EXT4-fs error (device loop3): __ext4_remount:6598: comm syz.3.572: Abort forced by user [ 237.749534][ T3498] EXT4-fs (loop3): Remounting filesystem read-only [ 237.756073][ T3498] EXT4-fs (loop3): re-mounted. Quota mode: writeback. [ 237.790058][ T3498] ext4 filesystem being remounted at /102/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 237.835416][ T3498] EXT4-fs error (device loop3): ext4_lookup:1862: inode #2: comm syz.3.572: deleted inode referenced: 12 [ 237.891314][ T3498] syz.3.572 (3498) used greatest stack depth: 18984 bytes left [ 237.901501][ T296] EXT4-fs (loop3): unmounting filesystem. [ 238.093885][ T3537] device pim6reg1 entered promiscuous mode [ 238.213077][ T3539] loop1: detected capacity change from 0 to 8192 [ 238.349647][ T3554] loop2: detected capacity change from 0 to 2048 [ 238.384943][ T3554] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 238.453077][ T28] kauditd_printk_skb: 120 callbacks suppressed [ 238.453094][ T28] audit: type=1400 audit(1742836984.773:324): avc: denied { name_bind } for pid=3561 comm="syz.3.594" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1 [ 238.564122][ T3539] FAT-fs (loop1): error, corrupted directory (invalid entries) [ 238.580352][ T3539] FAT-fs (loop1): Filesystem has been set read-only [ 238.595523][ T3563] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 238.613932][ T3564] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 238.703003][ T28] audit: type=1400 audit(1742836985.023:325): avc: denied { map } for pid=3568 comm="syz.3.596" path="socket:[22254]" dev="sockfs" ino=22254 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 238.788503][ T28] audit: type=1400 audit(1742836985.023:326): avc: denied { read } for pid=3568 comm="syz.3.596" path="socket:[22254]" dev="sockfs" ino=22254 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 238.813895][ T28] audit: type=1326 audit(1742836985.113:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3574 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbeabd8d169 code=0x7ffc0000 [ 238.841502][ T28] audit: type=1326 audit(1742836985.113:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3574 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbeabd8d169 code=0x7ffc0000 [ 238.865142][ T28] audit: type=1326 audit(1742836985.133:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3574 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbeabd8d169 code=0x7ffc0000 [ 238.888028][ T28] audit: type=1326 audit(1742836985.133:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3574 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbeabd8d169 code=0x7ffc0000 [ 238.937405][ T28] audit: type=1326 audit(1742836985.133:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3574 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbeabd8d169 code=0x7ffc0000 [ 238.967890][ T28] audit: type=1326 audit(1742836985.133:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3574 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbeabd8d169 code=0x7ffc0000 [ 239.082671][ T3583] bridge0: port 3(gretap0) entered blocking state [ 239.089034][ T3583] bridge0: port 3(gretap0) entered disabled state [ 239.098965][ T3583] device gretap0 entered promiscuous mode [ 239.105568][ T3583] bridge0: port 3(gretap0) entered blocking state [ 239.111824][ T3583] bridge0: port 3(gretap0) entered forwarding state [ 239.333672][ T28] audit: type=1326 audit(1742836985.243:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3574 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbeabd8d169 code=0x7ffc0000 [ 239.420843][ T294] EXT4-fs (loop2): unmounting filesystem. [ 239.556790][ T3602] loop3: detected capacity change from 0 to 512 [ 239.568600][ T3601] netlink: 3 bytes leftover after parsing attributes in process `syz.1.609'. [ 239.607875][ T3602] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 239.618577][ T3602] ext4 filesystem being mounted at /114/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 239.735381][ T296] EXT4-fs (loop3): unmounting filesystem. [ 239.964959][ T3652] syz.4.633[3652] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 239.965072][ T3652] syz.4.633[3652] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 240.028659][ T3668] loop3: detected capacity change from 0 to 128 [ 240.048670][ T3664] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 240.060219][ T3668] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 240.096749][ T3668] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 240.102059][ T3671] loop2: detected capacity change from 0 to 512 [ 240.153104][ T3671] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 240.177899][ T3671] ext4 filesystem being mounted at /149/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 240.197998][ T3671] EXT4-fs error (device loop2): ext4_do_update_inode:5226: inode #2: comm syz.2.642: corrupted inode contents [ 240.217298][ T3671] EXT4-fs error (device loop2): ext4_dirty_inode:6091: inode #2: comm syz.2.642: mark_inode_dirty error [ 240.250976][ T3671] EXT4-fs error (device loop2): ext4_do_update_inode:5226: inode #2: comm syz.2.642: corrupted inode contents [ 240.263394][ T3671] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #2: comm syz.2.642: mark_inode_dirty error [ 240.331540][ T294] EXT4-fs (loop2): unmounting filesystem. [ 240.527346][ T3723] syz.1.664[3723] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 240.527428][ T3723] syz.1.664[3723] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 240.630626][ T3725] loop2: detected capacity change from 0 to 8192 [ 240.683788][ T3725] loop2: p1 p2[DM] p4 [ 240.692172][ T3725] loop2: p1 size 196608 extends beyond EOD, truncated [ 240.707822][ T3725] loop2: p2 start 4292936063 is beyond EOD, truncated [ 240.710714][ T3736] 9p: Unknown access argument c: -22 [ 240.735941][ T3725] loop2: p4 size 50331648 extends beyond EOD, truncated [ 240.838728][ T3748] xt_CT: No such helper "pptp" [ 240.917225][ T3759] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 240.949622][ T3413] ------------[ cut here ]------------ [ 240.955759][ T3413] kernel BUG at fs/buffer.c:2714! [ 240.964717][ T3763] loop3: detected capacity change from 0 to 128 [ 240.976244][ T3413] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 240.982985][ T3413] CPU: 0 PID: 3413 Comm: kmmpd-loop0 Not tainted 6.1.128-syzkaller-00029-g5145d157731f #0 [ 240.994839][ T3413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 241.004733][ T3413] RIP: 0010:submit_bh_wbc+0x4cd/0x4f0 [ 241.011302][ T3413] Code: c3 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c bd fe ff ff 48 89 df e8 14 bc e6 ff e9 b0 fe ff ff e8 ba 12 9f ff 0f 0b e8 b3 12 9f ff <0f> 0b e8 ac 12 9f ff 0f 0b e8 a5 12 9f ff 0f 0b e8 9e 12 9f ff 0f [ 241.031896][ T3413] RSP: 0018:ffffc9000ddcfc20 EFLAGS: 00010293 [ 241.037775][ T3413] RAX: ffffffff81d683dd RBX: 0000000000000000 RCX: ffff888136a28000 [ 241.045590][ T3413] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 241.053402][ T3413] RBP: ffffc9000ddcfc70 R08: ffffffff81d67fb0 R09: ffffed1022295a7f [ 241.061211][ T3413] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000000 [ 241.069024][ T3413] R13: 1ffff11022295a7e R14: ffff8881114ad3f0 R15: 0000000000003801 [ 241.076843][ T3413] FS: 0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 241.085681][ T3413] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 241.092104][ T3413] CR2: 00007ffe665640c8 CR3: 000000012f927000 CR4: 00000000003506b0 [ 241.099918][ T3413] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 241.107726][ T3413] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 241.115539][ T3413] Call Trace: [ 241.118667][ T3413] [ 241.121561][ T3413] ? __die_body+0x62/0xb0 [ 241.125718][ T3413] ? die+0x88/0xb0 [ 241.129281][ T3413] ? do_trap+0x103/0x330 [ 241.133360][ T3413] ? submit_bh_wbc+0x4cd/0x4f0 [ 241.137960][ T3413] ? handle_invalid_op+0x95/0xc0 [ 241.142730][ T3413] ? submit_bh_wbc+0x4cd/0x4f0 [ 241.147331][ T3413] ? exc_invalid_op+0x32/0x50 [ 241.151844][ T3413] ? asm_exc_invalid_op+0x1b/0x20 [ 241.156702][ T3413] ? submit_bh_wbc+0xa0/0x4f0 [ 241.161216][ T3413] ? submit_bh_wbc+0x4cd/0x4f0 [ 241.165816][ T3413] ? submit_bh_wbc+0x4cd/0x4f0 [ 241.170416][ T3413] ? __kasan_check_read+0x11/0x20 [ 241.175275][ T3413] submit_bh+0x1d/0x30 [ 241.179182][ T3413] write_mmp_block_thawed+0x3a0/0x570 [ 241.184665][ T3413] ? read_mmp_block+0x7d0/0x7d0 [ 241.189336][ T3413] ? update_process_times+0x1b0/0x1b0 [ 241.194551][ T3413] write_mmp_block+0x12b/0x2a0 [ 241.199147][ T3413] kmmpd+0x40c/0xa10 [ 241.202889][ T3413] ? write_mmp_block_thawed+0x570/0x570 [ 241.208256][ T3413] ? __kthread_parkme+0x12d/0x180 [ 241.213123][ T3413] kthread+0x26d/0x300 [ 241.217039][ T3413] ? write_mmp_block_thawed+0x570/0x570 [ 241.222404][ T3413] ? kthread_blkcg+0xd0/0xd0 [ 241.226830][ T3413] ret_from_fork+0x1f/0x30 [ 241.231346][ T3413] [ 241.234206][ T3413] Modules linked in: [ 241.246840][ T3413] ---[ end trace 0000000000000000 ]--- [ 241.252838][ T3763] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 241.261748][ T3763] ext4 filesystem being mounted at /130/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 241.272302][ T3413] RIP: 0010:submit_bh_wbc+0x4cd/0x4f0 [ 241.277575][ T3413] Code: c3 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c bd fe ff ff 48 89 df e8 14 bc e6 ff e9 b0 fe ff ff e8 ba 12 9f ff 0f 0b e8 b3 12 9f ff <0f> 0b e8 ac 12 9f ff 0f 0b e8 a5 12 9f ff 0f 0b e8 9e 12 9f ff 0f [ 241.306360][ T3763] netlink: 4 bytes leftover after parsing attributes in process `syz.3.682'. [ 241.315305][ T3413] RSP: 0018:ffffc9000ddcfc20 EFLAGS: 00010293 [ 241.340413][ T3413] RAX: ffffffff81d683dd RBX: 0000000000000000 RCX: ffff888136a28000 [ 241.348233][ T3413] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 241.359142][ T3413] RBP: ffffc9000ddcfc70 R08: ffffffff81d67fb0 R09: ffffed1022295a7f [ 241.374035][ T3413] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000000 [ 241.383193][ T296] EXT4-fs (loop3): unmounting filesystem. [ 241.388922][ T3413] R13: 1ffff11022295a7e R14: ffff8881114ad3f0 R15: 0000000000003801 [ 241.396704][ T3413] FS: 0000000000000000(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 241.407423][ T3413] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 241.414421][ T3413] CR2: 000055557ec914a8 CR3: 000000012fa71000 CR4: 00000000003506a0 [ 241.422523][ T3413] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 241.430529][ T3413] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 241.439877][ T3413] Kernel panic - not syncing: Fatal exception [ 241.445879][ T3413] Kernel Offset: disabled [ 241.449937][ T3413] Rebooting in 86400 seconds..