last executing test programs: 8m44.171948784s ago: executing program 0 (id=2975): openat$kvm(0xffffffffffffff9c, 0x0, 0x2, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="16000000000000000400000005"], 0x50) ioprio_set$pid(0x2, 0x0, 0x6000) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r5}, 0x10) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000001c0), 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=") ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0) r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='projid_map\x00') read$usbfs(r6, &(0x7f0000000000)=""/13, 0xd) 8m41.597157025s ago: executing program 0 (id=2981): ptrace(0x10, 0x0) mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x21c0, 0x103) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x200000000000008b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18) openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x20d41, 0x0) 8m40.583267574s ago: executing program 0 (id=2986): syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3f7, &(0x7f00000004c0)="$eJzs281rXFUbAPDn3nyUt2nfxFq/2qrTBjGgJk2iQsBNRUVBcKE7FxKaaSlOmtKM2BYXKoKr4saVrlzpH+DGhSDuXQmudC+FIMW1jNyZe5txMhMzyYyjvb8fTHLO3DOc88yZZ+bcc2cCKK1K9ieJOBIRP0fEdKv61waV1r/fb793Prsl0Wi8/lvSbJfVi6bF46byylwakX6UxMku/W5ev/H2aq1WvZrXF+rrVxY2r9946tL66sXqxerl5ZVnzi4trzy7sjywWG/ePvXTxuev/fHJmV+mnr/51gvZeI/kx9rjGJRKVKKR6zz22KA7G7GjbeVkfIQDoS9jEZFN10Qz/6djLLYnbzpe/HCkgwOGKvtsOtT78PsN4C6WxKhHAIxG8UFfnNsP4zz432zrXOsEaGf845HmbSY6zm8HKTvbuvbmx99mtxjSPgQAQLvvsvXPk93WP2nc39bu//m1oZmIuCcijkXEvRFxPCLui2i2fSAiHuyz/0pHfef6J721r8D2KFv/Pdd1/Vus/mJmLK8dbcY/kVy4VKuezZ+TuZg4lNUXd+njx1e++rLXsUrb+i+7Zf0Xa8F8HLfGOzbo1lbrqweJud3WBxEnuq5/kztXApKIeCgiTuyzj2/ONT7rdezv4x+uxhcRj3ed/+2roMnu1ycXmq+HheJVsdOpd6+s9ep/1PFn83949/hnkvbrtZv99/H1zOmtXsf2+/qfTN5olifz+66t1utXFyMmk1d33r+0/diiXrTP4p+b7Z7/x2L7mTiZzWNEPBwRj0TEo/nYT0fEmYiY3SX+l2Zfru4//uHK4l/ra/77L6wvff9Dr/73Nv9PN0tz+T17ef/b6wAP8twBAADAf0Xa/A58ks7fKafp/HzrO/zH43Ba29isP3Fh453La63vys/ERFrsdE237Ycu5nvDRX2po76c7xt/Ova/Zn3+/Eat56YY8I+Y6pH/mV/HRj06YOj8XgvKS/5Decl/KC/5D+Ul/6G85D+Ul/yH8pL/UF7yH8pL/kMpHeR3/QoKCndrYdTvTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIPxZwAAAP//jYTnFQ==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010005000900000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x7) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r2}, 0x10) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) pwrite64(r0, &(0x7f0000000140)='2', 0x1, 0x8000c61) 8m36.288923248s ago: executing program 0 (id=2997): r0 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x200000, &(0x7f0000000200), 0x3, 0x570, &(0x7f0000000680)="$eJzs3V1rHFUYAOB3Nkm/tSmUoiIS6IWV2k2T+FFBsF6KFgt6X5dkGmo23ZLdlCYW2l7YG2+kCCIWxB/gvZfFP+CvKGihSAl64U1kNrPtNtnN52q2zvPAtOfMzObM2TPv2Xd2dtkACmsk+6cU8WLcjK+TiMNt2wYj3ziyst/So+uT2ZLE8vInfySR5Ota+yf5/wfzygsR8cuXESdLa9utLyzOVKrVdC6vjzZmr4zWFxZPXZqtTKfT6eXxiYkzb06Mv/P2Wz3r62vn//ru43sfnPnq+NK3Pz04cieJs3Eo39bejx242V4ZiZH8ORmKs6t2HOtBY/0k2e0DYFsG8jgfimwOOBwDedQD/383ImIZKKhE/ENBtfKA1rV9j66DnxkP31+5AFrb/8GV90ZiX/Pa6MBS8tSVUXa9O9yD9rM2fv797p1siQ3eh7jRg/YAWm7eiojTg4Nr578kn/+273TzzeP1rW6jaK8/sJvuZfnP653yn9Lj/Cc65D8HO8Tudmwc/6UHPWimqyz/e7dj/vt46hoeyGvPNXO+oeTipWp6OiKej4gTMbQ3q693P+fM0v3lbtva879sydpv5YL5cTwY3Pv0Y6YqjcpO+tzu4a2Il57kv0msmf/3NXPd1eOfPR/nN9nGsfTuK922bdz/dr3PgJd/jHi14/g/uaOVrH9/crR5Poy2zoq1/rx97Ndu7W+t/72Xjf+B9fs/nLTfr61vvY0f9v2ddtu23fN/T/Jps7wnX3et0mjMjUXsST5au378yWNb9db+Wf9PHF9//ut0/u+PiM822f/bR2933bUfxn9qS+O/9cL9D7/4vlv7mxv/N5qlE/mazcx/mz3AnTx3AAAAAAAA0G9KEXEoklL5cblUKpdXPt9xNA6UqrV64+TF2vzlqWh+V3Y4hkqtO92H2z4PMZZ/HrZVH19Vn4iIIxHxzcD+Zr08WatO7XbnAQAAAAAAAAAAAAAAAAAAoE8c7PL9/8xvA7t9dMC/zk9+Q3FtGP+9+KUnoC95/Yfi6hL/pgUoAIEOxSX+objEPxSX+IfiEv9QXOIfAAAAAAAAAAAAAAAAAAAAAAAAAAAAeur8uXPZsrz06PpkVp+6ujA/U7t6aiqtz5Rn5yfLk7W5K+XpWm26mpYna7Mb/b1qrXZlbDzmr4020npjtL6weGG2Nn+5ceHSbGU6vZAO/Se9AgAAAAAAAAAAAAAAAAAAgGdLfWFxplKtpnMKXQvvxW4fxucv7+ThSedRTto6uGJbTQz2yzAp9LSwyxMTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALT5JwAA//821zOC") setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xeb38e000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000000)={'vxcan0\x00', 0x0}) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000c00)=ANY=[@ANYRESDEC=r1, @ANYRES8=r1, @ANYRESOCT=0x0, @ANYRESDEC=r0, @ANYRES16=r1, @ANYRES32=r0, @ANYRESDEC=0x0, @ANYRESOCT=r4, @ANYRES64=r3, @ANYRES8=r4], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r4, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) ppoll(0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_mount_image$fuse(0x0, &(0x7f0000000300)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@volatile}]}) r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00') read$FUSE(r6, &(0x7f000000ac40)={0x2020}, 0x2020) 8m33.63661173s ago: executing program 0 (id=3000): openat$kvm(0xffffffffffffff9c, 0x0, 0x2, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="16000000000000000400000005"], 0x50) ioprio_set$pid(0x2, 0x0, 0x6000) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) gettid() syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000001c0), 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=") ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='projid_map\x00') read$usbfs(r5, &(0x7f0000000000)=""/13, 0xd) 8m32.174375988s ago: executing program 0 (id=3003): openat(0xffffffffffffffff, &(0x7f00000001c0)='./bus\x00', 0x10040, 0x40) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5) r0 = getpid() sched_setscheduler(r0, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000009c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000001240)='./file2\x00', 0x14552, &(0x7f0000000b40)=ANY=[], 0x1, 0x120d, &(0x7f0000001280)="$eJzs3M+LG2UYB/Bnd2u3bt0faq22IL7oRS9Ddw9e9BJkC9KA0jZCKwhTN9GwYxIyYSEiVk+eBP8OEUTwJog3vezF/0DwthdvVhBHNqlto6k0omYpn88lDzzzTZ43IYEJ78zBi5+8s9sqs1Y+iMWFhVjsRaQbKVIsxh8+iOde+Pa7Jy9duXqhVq9vX0zpfO3y5vMppbWnvn79vc+e/mZw8rUv175ajv2NNw5+2vpx//T+mYPfLr/dLlO7TJ3uIOXpWrc7yK8VzbTTLnezlF4tmnnZTO1O2exP9FtFt9cbpryzs7rS6zfLMuWdpZuTpEF/mPK38nYnZVmWVleC2R27VTU+vVFVVURVPRDHo6qq6sFYiZPxUKzGWqzHRjwcj8SjcSoei9PxeDwRX/zw+fAwAQAAAAAAAAAAAAAAAAAAAPx7Zr3+/8zoqHlPDQAAAAAAAAAAAAAAAAAAAPeXS1euXqjV69sXUzoRUXy019hrjB/H/Vor2lFEM87Fevwao6v/x8b1+Zfr2+fSyEZ8WFy/mb++11iazG+ObicwNb85zqfJ/HKs3JnfivU4NT2/NTV/Ip595o58Fuvx/ZvRjSJ24jB7O//+ZkovvVL/U/7s6DgAAAC4H2Tplqnn71l2t/44P8P/AxPn14fZs8fmunQiohy+u5sXRbOvOPLF8fmO8UtVVf/VSywdgbf3b4u7f1OWI+Jenufnaa2FiDgaC/xLMe9fJv4Ptz/0eU8CAAAAAAAAAADALP7pDsGPx9vD72nn47zXCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Ds7cCwAAAAAIMzfOo2ODQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACArwIAAP//GgHNcg==") pwrite64(0xffffffffffffffff, &(0x7f0000000780)="32b8d78974047d6c372114ef9e44870cab6808ce3fceb36c49c1f1b9f6b6ab322bba19f7a2daa552a72aefb63206c43686ab2b832f7a8a8d8e5f824a17577b28df05d0a67e95a4c2fe0b64deac00593b15f21a55ee24c6238002be95895993b538b51b5eb698889abdbf825f797bcf939fac914f6b136d5f3ca012831b47e7d943de2024a3ba7f438cdd93073cc55a1eee415c7c738f324b232f3b68c7fb", 0x9e, 0xe7c) 8m17.060176392s ago: executing program 32 (id=3003): openat(0xffffffffffffffff, &(0x7f00000001c0)='./bus\x00', 0x10040, 0x40) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5) r0 = getpid() sched_setscheduler(r0, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000009c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000001240)='./file2\x00', 0x14552, &(0x7f0000000b40)=ANY=[], 0x1, 0x120d, &(0x7f0000001280)="$eJzs3M+LG2UYB/Bnd2u3bt0faq22IL7oRS9Ddw9e9BJkC9KA0jZCKwhTN9GwYxIyYSEiVk+eBP8OEUTwJog3vezF/0DwthdvVhBHNqlto6k0omYpn88lDzzzTZ43IYEJ78zBi5+8s9sqs1Y+iMWFhVjsRaQbKVIsxh8+iOde+Pa7Jy9duXqhVq9vX0zpfO3y5vMppbWnvn79vc+e/mZw8rUv175ajv2NNw5+2vpx//T+mYPfLr/dLlO7TJ3uIOXpWrc7yK8VzbTTLnezlF4tmnnZTO1O2exP9FtFt9cbpryzs7rS6zfLMuWdpZuTpEF/mPK38nYnZVmWVleC2R27VTU+vVFVVURVPRDHo6qq6sFYiZPxUKzGWqzHRjwcj8SjcSoei9PxeDwRX/zw+fAwAQAAAAAAAAAAAAAAAAAAAPx7Zr3+/8zoqHlPDQAAAAAAAAAAAAAAAAAAAPeXS1euXqjV69sXUzoRUXy019hrjB/H/Vor2lFEM87Fevwao6v/x8b1+Zfr2+fSyEZ8WFy/mb++11iazG+ObicwNb85zqfJ/HKs3JnfivU4NT2/NTV/Ip595o58Fuvx/ZvRjSJ24jB7O//+ZkovvVL/U/7s6DgAAAC4H2Tplqnn71l2t/44P8P/AxPn14fZs8fmunQiohy+u5sXRbOvOPLF8fmO8UtVVf/VSywdgbf3b4u7f1OWI+Jenufnaa2FiDgaC/xLMe9fJv4Ptz/0eU8CAAAAAAAAAADALP7pDsGPx9vD72nn47zXCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Ds7cCwAAAAAIMzfOo2ODQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACArwIAAP//GgHNcg==") pwrite64(0xffffffffffffffff, &(0x7f0000000780)="32b8d78974047d6c372114ef9e44870cab6808ce3fceb36c49c1f1b9f6b6ab322bba19f7a2daa552a72aefb63206c43686ab2b832f7a8a8d8e5f824a17577b28df05d0a67e95a4c2fe0b64deac00593b15f21a55ee24c6238002be95895993b538b51b5eb698889abdbf825f797bcf939fac914f6b136d5f3ca012831b47e7d943de2024a3ba7f438cdd93073cc55a1eee415c7c738f324b232f3b68c7fb", 0x9e, 0xe7c) 7.984875065s ago: executing program 4 (id=4361): r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0) openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r1 = dup(0xffffffffffffffff) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x12, 0x4, &(0x7f0000000000)=ANY=[], &(0x7f0000000980)='GPL\x00', 0x100, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x1f, r0}, 0x94) ioctl$LOOP_SET_FD(r1, 0x4c00, r1) write$FUSE_BMAP(r1, &(0x7f0000000100)={0x18, 0x0, 0x0, {0x2}}, 0x18) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'bridge0\x00'}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB, @ANYRESHEX, @ANYBLOB="2c7766646e6f2218385bddb2c9b8ec4416f055cc1663499587f35c77e2fc3c0111ba2161f9fd62d32a55afd1e19c8feaf280738173db0ad21e25fe904dbc734a2fb499baa976505ae7fe9ddb1350216da6e09eef8f4caa20f09239c3a08e4e930823ff16d827bb13e524d67423093a5d535fbcc4afbfd1e5aa43d560887afd1c6305932bf1", @ANYBLOB=',k']) r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00') read$FUSE(r6, &(0x7f0000002140)={0x2020}, 0x2020) 5.387570245s ago: executing program 4 (id=4373): r0 = syz_usb_connect$hid(0x2, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000000000207d1e5a2d00000000000109022400010000000009040000010300000009210000000122080009058103"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000900850000008200000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kfree\x00', r2}, 0x10) syz_usb_control_io$hid(r0, &(0x7f0000000140)={0x24, 0x0, 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="002208000000a20100"], 0x0}, 0x0) 5.100596031s ago: executing program 5 (id=4376): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[], 0x15) r2 = dup(r1) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r2, &(0x7f0000002c00)=ANY=[@ANYBLOB="b0"], 0xb0) getresuid(&(0x7f0000000800), &(0x7f0000000000), &(0x7f0000000380)=0x0) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',privport,access=', @ANYRESDEC=r5]) 5.062724671s ago: executing program 5 (id=4377): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000030000008500000086000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10) 4.976323503s ago: executing program 5 (id=4378): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c25000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r3}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00'}, 0x10) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}, 0x1, 0x0, 0x0, 0xc000}, 0x0) 4.959382034s ago: executing program 5 (id=4379): syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2169802, 0x0, 0x0, 0x0, &(0x7f00000003c0)) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000ac0)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x8, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r1}, 0x18) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) write$P9_RVERSION(r3, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b"], 0x15) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4]) 4.916419064s ago: executing program 5 (id=4380): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000eaff00000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa20000000000000702"], 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_usb_connect(0x2, 0x6b, &(0x7f00000000c0)=ANY=[@ANYBLOB="1201000385352608f20446b76e8e01020301090259000104e9000909049300000e0100ff0a2403020005029a010209240603040000a5301124d500000000c65b0fa26410f3b600050924030506030501f909"], &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]}) 4.08537871s ago: executing program 3 (id=4384): syz_mount_image$f2fs(&(0x7f00000004c0), &(0x7f0000000440)='./file0\x00', 0x2008410, &(0x7f0000001f80)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461000000000000003b814e50a959736d65720f73ecea54b5e5be45ace9a88f723cb005aeff24212c651baef614d442ae89412ad3dcd0b7586d02002a6d6d65cacd4fc5002207ce994dda65c4b1d23a9bd5ba0f4ce5c2b5a5718c6aa918080002223d2753a5cac974110144cd0a1e368652324a41b31e1eb3b32dccbdf8f68bd96a45a75427a5f789d267fd92f6a5540200b81d5b9fa9b40fe4d7fbd50a6afc3a989c6d60045663c59cbdc4c700000000bc7f6b22df0191acf5912afdcc1c061835177068c40f757dd123d2600b1c544f1525aa8d00000000000000000000002e8b5c733d362417c17f527c0bfebec112d57fc69fabb9b31ef97b2147931ff60cdf666c25244218b1f1a6010000000100000020563b835d0e8e9a09070ef1691fcb2f37bda5d4e3d9d7a2d0ac82b45a53001057f321acc45d5e065a461de90100000077d200000000000040b78f0dd3836f5ab2f6a1a5b798bb7752f192c6b48e568973a59cd9c74bd9a14721856c5499cd8f93f8beaa9cf76718ce7244c8426803000000005c000208886b313bd01a22d576e414011a4f0a897515329f86d4585fa0ea17068f8af349696da4a2b3e24310ca52ec51bc23b57897cb55a2d513e6a00765ee3f58b471c54dd57f0af584afe4a21f92b515d7f2fa6fbb273ca0f751e684584320534667aea39ad7222c8ef531f514939177a47395e94c1723abb3fd44fd64fde4b45cc2f55f4ae05ff48648a4c998257856bcdcf2fa02010000001f54fb936570450e91c8d55abad76a7b7a000016f81ec9da9ccc1191c211632266d907e4d9b23496ae19bac24dc23c43f514f1b4af19988bbe61ee29a368a999435d6872d01b79c7821e875859dfbf3c57e4f1fb0be46cb5f7a0fa13516c0926d19dd2d5862085e1e4cb8279be17cba17ee4d06ad97b4ca282e73ea142b01b4a742fa11c0927ba811dd60903d575db449d775021b542db617086b3ed42e6e60fe043cff79b0c067c584bbf82657974c3736912b4b522052b9467d0da116ccc1652d861a420f09aaf67d3e9f6160100000001000000ae6335ad9896abd3cc00413638cb9bc62ab8054325d72e9144cf4f88702f586507e3147198e0bc4060a7c8f4dce73b653177ecf8228e6e6fae02510000000000000000000000000000f43739fdd2d24e50e0233acfe1c8639070fe00f40b0d01f8a0a35fcfe3ea10faf9c24b8488ed4ed83fb06a9a7c57442ede9e1fc2853b8f4d2241cff61d0125b7750e3fdae6a4ab9c776a191ed8098a780ea2bbaa64978cd3a6458fcc6b949bcbca0dceb7361f66e46731eba4f3aed335e7c8c541e82453218a19d39489e1525466ac93759787e767f601931d94c9c426489b741a6bc8abf475e4bf859e1ce7f7227069e9f51e25fa3d1b18dc565180a1af464a1dd697db85e2b27b90f6bd7cf1b6bc0bcd8ba552ced3d3cfbf9c9bc04f65b6f83cb40173b4bdc393d47e5da95b63a40ac18daf11e8d0706b47795fbe2b56d0ea7ffc5a59ede88621a08b25ca6ebe041317b62373a60951af33eb7954a9731aaa125add0913ed2435a207439e9122512d77096747a4b404459cebc8faff8f7a31758e630c75a1ff90402754d339dc21cf6b8e04e1aedf14df0b4aaf0e03194df3eb41ba066bc343b323a3162d7e7ba687633c2faa8f28b42364b72e3a457476fd6b2a54e670ba798172c44c4390f73fdab743a4cac88b2bd0545b8483f2e2f9846b138a4d8a7332978da70e9050417087c5ae034a735e8b448dd9701404", @ANYRES64], 0x1, 0x553b, &(0x7f000000ac00)="$eJzs3EtvG1UUAOA7TtPSJxFiwa4jVUiJVFt12lSwC9CKh0gV8ViwAsd2LLe2J4odJ2SFBEvEgn+CQGLFkt/AgjU7xALEDgnkuWNKKI9WduKk/T5pfGbujM+cO7ISnRnLAXhiLaS//pyES+FsCGEuhHAhCfl6Uiy51RieCyFcDiGU/rIkxfifA6dDCOdCCJdGyWPOpNj1+dXhlZWf3vjlm+/OnDr/xdffz27WwKw9H0LobsX13W6MWSvGu8V4bdjOY/fGsIhxR/desZ3FuNvcyDPs1sbH1fJ4vRWPz7Z2+qO42anVR7HV3szHt3rxhP1ha5wnf8Pd2na+3Whu5LHdz/LY2o917e3Hv237/UHM0yjyfZinD4PBOMbx5l4zzmfrXh7rvUExHvNmjebeKA6LWJwu1LNOI69jY5Irfby92e7t7KXD5na/nfXSlUr1hUr1Zrm6nTWag+aNcq3buHkjXWx1RoeVB81ad7WVZa1Os1LPukvpYqteL1er6eKt5ka71kur1cr1yrXyylKxdjV99c67aaeRLo7iy+3ezul2p59uZttpfMdSuly5/uJSeqWavr22nq6/dfv22vo77996785La6+/Uhz0QFnp4vK15eVy9Vp5ubp0DOY/+r/7kPMfTDL/T4qiH2H+yWSXB/6bDxjAI3ug/w/6f+DwnfT+P0yz/x+1VPr//+9/S5P3/xP1v8e1/z/B84eJ6P8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ5YP8x/+Vq+shC3zxfjF4uhZ4rtJIRQCiH8/g/mwukDOeeKPPP/cvz832r4Ngl5htE5zhTLuRDCarH89vRhXwUAAAB4fH310eXPYrceXxZmXRBHKd60KV34YEr5khDC/MKPU8pWGr08O6Vk+ef7VNibUrb8BtZTU0oWb7mdmla2hzI3Dh9fvD+YTyiJoXSk5QAAAEdi7kA42i4EAACAo/TprAtgNpIwfpQ5fhacf/P+/qPNswf2AQAAACdQMusCAAAAgEOX9/9+/w8AAAAeb/H3/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4g537uU0ciOIA/GwwsP+0aLX3bWVvUEZKyDHHQAFpghJIC2mAGsgtJUQQYY+QHIEUiXGsoO+TPM7Y0W9mgMsbSwYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6NJztZ4/3v97uDRnt79MntUAAAAAp2yr9bz+Y9r0f6Trv9KlP6lfREQZEadq90GMWpmDlFOd+f/q3RyeIuqEwxjjdHyPiP/peP3d9acAAAAA12uzXM2aar1ppn1PiM/UbNqUP28y5RURUU1fMqWVh+ZvprD69z2Mu0xp9QbWJFNYs+U2PH1vlGuQtkHrlFYyWdRfYt0ruxkXAADoU7sSOFOFAAAAcAVu+54A/SiOzfE547g5pQeC31o9AAAA4Asq+p4AAAAA0Lm6/vf+PwAAALhuzfv/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6NK2Ws83y9Xs3P3FB3N2+8vkWxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwBv7844CIRAGYbB3fWcy9z+sNGhobFIFwsffGAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXOzPSwqEQBBEwZzxv5O+/2ElQc8gQgQ0PKqoRQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXOzcP28cRRQA8Hd7t5c/gDAGuTCgIFFAQ+xLSEgJBcii4CMgWc45GC4EEhckskBuoEKu0yAoEUICmS7fIXUspQldChdGogbt3u5lkxhyiszuEv9+0uy8Pa9m3uydLD/P2gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAafedeCkp4m52mBnH5Wu39jZWsn7ngT5zY+v2fNayuPOoib55++CTb7eXqycn5ionX9WfDAAAAIdDt6zvI+JOur2U9clMXv+n5TVZzf/9M+O4rOcfrPt39jaOFl+aL+v/3369+8JkopnxPNmgq2uj4eLDqfT+oyW23rOPvKKX3/n8dy/d/A1J3t98fjfN72fn25s33+3n4ZE6sgUAHsfJsi+C8uehrB80mRgAh0avUniX9X93ptmcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOqwuxlPlXEnIuZ79+LMzt7Gyn79ja3b82U7e/36VnXMbIg0IlbXRsO0xrW03ZWr1z5ZHo2Gl+sPTkREc7MXwYdTXBPx79cUH89obhX/HHTakUajQVK8P23J5yCD8rN38CM39A0JAIAnVlq0rK6/k24vZa91ZiP++uH++v+1ShxT1v93Pzp7qzpXtf4f1LbC9ltYv/jZwpWr195Yu7h8YXhh+OmbpwZvDU6fO3Pm3EJ2rxYXViMZLjadJgAAAP9j/aJV6/9k9uH9/+OVOKas/z//bvBlda6u+n9f9zb9ms4EAADgMOpPoude+fOPzj5XdPr9+GJ5ff3yYHycnJ8aH2tN9zEdKVq1/u/ONp0VAAAAUIfdzc59+//nK3FMuf//9I8v/lwdsxsRxyIuRcTw5Mql0fn6ltNqdfyhcj5Rv+mVAgAA0JRjRavu/6f58//J5JGHJCJef3Ucl//rapr6v/ve1z9V56o+/3+6viW2UjI3vh95PxfRm2s6IwAAAJ5kR4uWFfu/p9tLH/9y/IO+5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6vZ3AAAA//+pzDYD") openat(0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x141842, 0x9) open(&(0x7f0000000000)='./bus\x00', 0x1, 0xc32a4cddd557707a) prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x9031, 0xffffffffffffffff, 0xe75f0000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0) rename(0x0, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000ed074479000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r3}, 0x18) recvfrom$packet(0xffffffffffffffff, 0x0, 0x0, 0x2000, 0x0, 0x0) symlinkat(&(0x7f0000000000)='.\x00', 0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00') 4.018735192s ago: executing program 2 (id=4385): mkdir(&(0x7f0000000400)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001440)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001400)={{r3}, 0x0, &(0x7f00000013c0)}, 0x20) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) 3.987460332s ago: executing program 2 (id=4386): r0 = creat(&(0x7f0000000200)='./file0\x00', 0x35) close(r0) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3) r2 = dup(r1) sendmsg$nl_route_sched(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000dc0), 0x6df8}}, 0x0) mount$9p_fd(0x0, 0x0, &(0x7f0000000040), 0x200400, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}}) 3.644217219s ago: executing program 1 (id=4390): syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2169802, 0x0, 0x0, 0x0, &(0x7f00000003c0)) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000ac0)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x8, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r1}, 0x18) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) write$P9_RVERSION(r3, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b"], 0x15) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4]) 3.61882955s ago: executing program 1 (id=4391): r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0) openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r1 = dup(0xffffffffffffffff) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x12, 0x4, &(0x7f0000000000)=ANY=[], &(0x7f0000000980)='GPL\x00', 0x100, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x1f, r0}, 0x94) ioctl$LOOP_SET_FD(r1, 0x4c00, r1) write$FUSE_BMAP(r1, &(0x7f0000000100)={0x18, 0x0, 0x0, {0x2}}, 0x18) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, 0x0, 0x0) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'bridge0\x00'}) mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB, @ANYRESHEX, @ANYBLOB="2c7766646e6f2218385bddb2c9b8ec4416f055cc1663499587f35c77e2fc3c0111ba2161f9fd62d32a55afd1e19c8feaf280738173db0ad21e25fe904dbc734a2fb499baa976505ae7fe9ddb1350216da6e09eef8f4caa20f09239c3a08e4e930823ff16d827bb13e524d67423093a5d535fbcc4afbfd1e5aa43d560887afd1c6305932bf1", @ANYBLOB=',k']) r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00') read$FUSE(r5, &(0x7f0000002140)={0x2020}, 0x2020) 3.486662692s ago: executing program 4 (id=4392): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c25000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r3}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00'}, 0x10) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}, 0x1, 0x0, 0x0, 0xc000}, 0x0) 3.274230956s ago: executing program 4 (id=4393): ptrace(0x10, 0x0) mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x21c0, 0x103) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x200000000000008b}, 0x0) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18) r5 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r7, {0x0, 0xa}, {0xffff, 0xffff}, {0x1a, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0xea, 0x2, 0x0, 0x0, 0x9, 0x5}, {0x12, 0x2, 0x0, 0x401, 0x8001, 0x1400}, 0xa5, 0x5, 0xffffffd}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}]}}]}, 0x60}, 0x1, 0x0, 0x0, 0x40000}, 0x44080) 2.686535838s ago: executing program 2 (id=4394): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYRES16, @ANYRESOCT, @ANYRES32], 0x48) syz_usb_connect(0x1, 0xfffffffffffffd22, 0x0, 0x0) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40) r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) r1 = eventfd(0xc) ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0}) write$binfmt_script(0xffffffffffffffff, 0x0, 0x0) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000a40)) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000002c0)={0x1, r1}) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1) unshare(0x64000600) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={0x0}, 0x18) socket$nl_generic(0x10, 0x3, 0x10) 2.685448468s ago: executing program 5 (id=4395): syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000640)='./bus\x00', 0x0, &(0x7f0000000440)=ANY=[], 0x1, 0x1268, &(0x7f0000002500)="$eJzs3U9rI2UcB/Bf2vTv2qbquroL4oNeFCFue/DkpcguiAWl2gUVhFmbamialCYUIuLWkyfBlyHq0ZsgvoFevHgWBJFePO5BHGmT1aZJu7ptU5HP5zIPzzzfeWYyzMCE+TF7L32+sb7WLK9lrRgpFKK4ORbFuylSjMRodOzEc7d+/OnJN956+9XFpaUbyyndXHxz/sWU0uxT373z0ddPf9+6dOub2W8nYnfu3b3fFn7evbJ7de+Pr6LaTNVmqjdaKUu3G41WdrtWSavV5no5pddrlaxZSdV6s7LVs36t1tjcbKesvjozvblVaTZTVm+n9Uo7tQqptdVO2ftZtZ7K5XKamQ5OY+XLu3meR+T5WIxHnuf5VEzHpXgoZmI2SjEXD8cj8WhcjsfiSjweT8TVg1EXvd8AAAAAAAAAAAAAAAAAAADw/3Kf+v+C+n8AAAAAAAAAAAAAAAAAAAA4f0fr/4sRvv8PAAAAAAAAAAAAAAAAAAAAQ3af7/8fqf9/Xv0/AAAAAAAAAAAAAAAAAAAAnIfJzmI5pcmIjU+3V7ZXOstO/+JaVKMWlbgepfg9Dqr/Ozrtm68s3bieDszFCxt3uvk72yujvfn5sVLMFQbm5zv51JufiOnD+YUoxeXB8y8MzE/Gs8/s5z/p5MtRih/ei0bUYjWi0D36g/zH8ym9/NrSVG/+2v64Y42e82kBAACAs1ROf+l/ft/pDhq4vrOq+3yeuiMLJ/w/cOT5vBjXihd11NzTbH+4ntVqla0HbIwfv53x0225r1GIiCwO98xO/7K8P/mZTfGgjdGhTjp28phTnNMo/gd+zDNo/PrFoZ7JGO7sI91LIqvt3z//WSp28vxcd2zgxThxUur4e0ZhCPclhuPvk37RewIAAAAAAAAAAMC/MfDtv6mI6Hsf8IO+nnuvh/fG+7d8/OyfDeEIAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/mQHjgUAAAAAhPlbp9GxAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFcBAAD///ME0UM=") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000540)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbee7, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, 0x0, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000001c0)='sched_switch\x00', r3}, 0x18) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000300)={'ip6_vti0\x00', 0x0}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000440)=@newchain={0x2c, 0x64, 0x1, 0x70bd28, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0xffff}, {0xd, 0x1}, {0xfff0, 0xfff1}}, [@TCA_RATE={0x6, 0x5, {0x4}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4800}, 0x8040) write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x2000000) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000000100000100000028"], 0x50) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x8, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x18) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) lstat(0x0, 0x0) syz_usb_connect$cdc_ncm(0x0, 0x98, &(0x7f0000000500)=ANY=[@ANYBLOB="12010000020000402505a1a44000010203010902860002010000000904000001020d0000052406000105240000000d240f0100000000000000000006241a0000001524120008a317a88b045e4f01a607c0ffcb7e392a1524120600a317a88b045e4f01a607c0ffcb7e392a090581030002000000090401"], 0x0) 2.491411692s ago: executing program 3 (id=4396): mkdir(&(0x7f0000000400)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001440)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001400)={{r3}, 0x0, &(0x7f00000013c0)}, 0x20) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) 1.765968546s ago: executing program 3 (id=4397): r0 = syz_usb_connect$hid(0x2, 0x36, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000900850000008200000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kfree\x00', r2}, 0x10) syz_usb_control_io$hid(r0, &(0x7f0000000140)={0x24, 0x0, 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="002208000000a20100"], 0x0}, 0x0) 1.738324266s ago: executing program 1 (id=4398): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_usb_connect$sierra_net(0x4, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() bpf$MAP_CREATE(0x1900000000000000, 0x0, 0x48) bpf$PROG_BIND_MAP(0xa, 0x0, 0x0) sched_setaffinity(0x0, 0x4, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000840)=@abs={0x0, 0x0, 0x4e20}, 0x9) sendmmsg$unix(r3, 0x0, 0x0, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10) syz_mount_image$exfat(&(0x7f0000001500), &(0x7f0000001540)='./file1\x00', 0x10, &(0x7f0000006d40)=ANY=[@ANYBLOB="6572726f72733d636f6e74696e75652c00a3a2a4e7417e941910c27d130b5500005f7a61e59ec6d5de07239091924c32eeb367d16409d6d3ec1fb755f9a7989ebc4e96918e268f0b7acebf67c07bc4731250f87d27b5e9e61000e70f0c6a4e2432073d0d3e18f864e9ef64637d14e5485f36e53c821cb5898685c055a367ea51b653eff6581710f6c3824bc667bd24219163c60803099f985567be0d978e301b4f6603628606afadb04eee58f42f1853f2e8598a5e250e0f4c9a0a08b55db183ec794a5d9953cd3e04ed42987344ab9528d5c797965c4696da13605033397fbc6a33784bcc44a085b6344f39a21e52b225d5dc87a8e9835a60dcdd96222ed3a16a7dd58ccfcb2846c2799f5612caed0361cbcecd6f69ec93f5075b38f872b0c25baae18776ba19eb32d5a380d696fef541e0c8bba19aa739e4314a6134ed00e4b1844f7fa03ee43a7e7c75f864bdc67aa5"], 0x1, 0x14fe, &(0x7f0000002ac0)="$eJzs3QnYjtXWOPC19t43L4knybzXXjdPMmySJEOSDEmSJEmmhCRJkpBMmZKQhMxJ5pBMIZnnKXOSHEmShIQk+3+9dfqc83W+r3P+53x/3/+863dd9/Xsde177XvvZ73vcw/XO3zTYXCVelUr1mFm+Kfgry/dASAFAPoBQBYAiACgZNaSWVP7M2js/s8dRPxrPTjtSs9AXElS/7RN6p+2Sf3TNql/2ib1T9uk/mmb1D9tk/oLkZZtm57rGtnS7vbPP/9P+fVFnv//f0jO/2mb1P/fzZkM/8jeUv9/J5dCCP9YhtQ/bZP6p21S/7RN6p+2Sf3TNqm/EGnZlX7+LNuV3a70158QQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCiLThfLjMAMBv7Ss9LyGEEEIIIYQQQvzrhPRXegZCCCGEEEIIIYT4n4egQIOBCNJBekiBDJARroJMcDVkhiyQgGsgK1wL2eA6yA45ICfkgtyQB/KCBQIHDDHkg/yQhOuhANwABaEQFIYi4KEoFIMboTjcBCXgZigJt0ApuBVKQxkoC+XgNigPt0MFuAMqwp1QCSpDFagKd0E1uBuqwz1QA+6FmnAf1IL7oTY8AHXgQagLD0E9eBjqwyPQABpCI2gMTf6v8l+ALvAidIVu0B16QE94CXpBb+gDfaEfvAz94RUYAK/CQBgEg+E1GAKvw1B4A4bBcBgBb8JIGAWjYQyMhXEwHt6CCfA2TIR3YBJMhikwFabBdJgB78JMmAWz4T2YA+/DXJgH82EBLIQPYBEshiXwISyFj2AZLIcVsBJWwWpYA2thHayHDbARNsFm2AJbYRt8DNthB+yEXbAb9sBe+AT2waewHz6DA/D5P5h/7j/ld0RAQIUKDRpMh+kwBVMwI2bETJgJM2NmTGACs2JWzIbZMDtmx5yYE3NjbsyLeZGQkJExH+bDJCaxABbAglgQC2Nh9OixGBbD4ngTlsASWBJLYikshaWxDJbBclgOy2N5rIAVsCJWxEpYCatgFbwL78K7sTpWxxpYA2tiTayFtbA21sY6WAfrYl2sh/WwPtbHBtgAG2EjbIJNsCk2xWbYDFtgC2yJLbEVtsLW2BrbYBtsi22xHbbD9tgeO2AH7IidsBO+gC/gi/gidsNKqgf2xJ7YC3thH+yLffFl7I+v4Cv4Kg7EQTgYX8PX8HUcimdxGA7HETgCy6tROBrHIKtxOB7H4wScgBNxIk7CyTgZp+I0nI4zcAbOxFk4C9/DOfg+vo/zcB4uwIW4EBfhYlyCS3ApnsNluBxX4EpchatxFa7FdbgWN+BG3ICbcTNuxa34MX6MO3AH7sJduAf34Cf4CX6Kn+JAPIAH8CAexEN4CA/jYTyCR/AoHsVjeAyP43E8gSfwJJ7C03gKz+AZPIvn8Dyexwt4AS/iRbyEl1K/+VUqo4xKp9KpFJWiMqqMKpPKpDKrzCqhEiqryqqyqWwqu8qucqqcKrfKrfKqvIoUKVaxyqfyqaRKqgKqgCqoCqrCqrDyyqtiqpgqroqrEqqEKqluUaXUraq0KqOa+3KqnCqvWvgK6g5VUVVUlVRlVUVVVVVVNVVNVVfVVQ1VQ9VUNVUtdb+qrXpgH3xQpVamnhqE9dVgbKAaqkaqsXodH1VN1VBsppqrFupxNRyHYSvV1LdWT6k2ajS2Vc+oMfisaq/GYQf1vOqoOqnO6gXVRTXzXVU3NQl7qJ5qKvZSvVUf1VfNxMoqtWJV1KtqoBqkBqvX1AJ8XQ1Vb6hhargaod5UI9UoNVqNUWPVODVevaUmqLfVRPWOmqQmqylqqpqmpqsZqR+tapaard5Tc9T7aq6ap+arBWqh+kAtUovVEvWhWqo+UsvUcrVCrVSr1Gq1Rq1V69R6tUFtVJsiUFvUVrVNfay2qx1qp9qldqs9aq/6RO1Tn6r96jN1QH2uDqo/qUPqC3VYfamOqK/UUfW1Oqa+UcfVt+qE+k6dVKfUafW9OqN+UGfVOXVe/aguqJ/URfWzuqSCAo1aaa2NjnQ6nV6n6Aw6o75KZ9JX68w6i07oa3RWfa3Opq/T2XUOnVPn0rl1Hp1XW03aadaxzqfz66S+XhfQN+iCupAurItor4vqYvpGXVzfpEvom3VJfYsupW/VpXUZXVaX07fp8vp2XUHfoSvqO3UlXVlX0VX1XbqavltX1/foGvpeXVPfp2vp+3Vt/YCuox/UdfVDup5+WNfXj+gGuqFupBvrJvpR3VQ/ppvp5rqFfly31E/oVvpJ3Vo/pdvop3Vb/Yxup5/V7fVzuoN+XnfUnXRn/bO+pIPuqrvp7rqH7qlf0r10b91H99X99Mu6v35FD9Cv6oF6kB6sX9ND9Ot6qH5DD9PD9Qj9ph6pR+nReoweq8fp8fotPUG/rSfqd/QkPVlP0VP1ND1d9/nzSLP/jvy3/0b+gF+OvlVv0x/r7XqH3ql36d16j96r9+p9ep/er/frA/qAPqgP6kP6kD6sD+sj+og+qo/qY/qYPq6P6xP6hD6pT+kf9ff6jP5Bn9Xn9Dn9o76gL+iLf34PwKBRRhtjIpPOpDcpJoPJaK4ymczVJrPJYhLmGpPVXGuymetMdpPD5DS5TG6Tx+Q11pBxhk1s8pn8JmmuNwXMDaagKWQKmyLGm6KmmLnxn87/o/k1MU1MU9PUNDPNTAvTwrQ0LU0r08q0Nq1NG9PGtDVtTTvTzrQ37U0H08F0NB1NZ9PZdDFdTACA7qa76WleMr1Mb9PH9DX9zMumv+lvBpgBZqAZaAabwWaIGWKGmqFmmBlmRpgRZqQZaUab0WasGWvGm/FmgplgJpqJZpKZZKaYKWaamWZmmBlmpplpZpvZZo6ZY+aauWa+mW8WmoVmkVlklpglZqlZapaZ5Wa5WWlWmtVmtVlr1pr1Zr3ZaDaazWazWWZ++wHNnWan2W12m71mr9ln9pn9Zr85YA6Yg+agOWQOmcPmsDlijpij5qg5Zo6Z4+a4OWFOmJPmpDltTpsz5ow5a86a8+a8uWAumIvmorlkLqVe9kUqUpGJTJQuShelRClRxihjlCnKFGWOMkeJKBFljbJG2aLrouxRjihnlCvKHeWJ8kY2oshFHMVRvih/lIyujwpEN0QFo0JR4ahI5KOiUbHoxqh4dFNUIro5KhndEpWKbo1KR2WislG56LaofHR7VCG6I6oY3RlViipHVaKq0V1RtejuqHp0T1QjujeqGd0X1Yruj2pHD0R1ogejutFDUb3o4ah+9EjUIGoYNYoaR03+peOHcDbHY76r7Wa72x62p33J9rK9bR/b1/azL9v+9hU7wL5qB9pBdrB9zQ6xr9uh9g07zA63I+ybdqQdZUfbMXasHWfH27fsBPu2nWjfsZPsZDvFTrXT7HQ7w75rZ9pZdrZ9z86x79u5dp6dbxfYhfYDu8gutkvsh3ap/cgus8vtCrvSrrKr7Rq71q6z6+0Gu9FuspvtFrvVbrMf2+12h91pd9nddo/daz+x++yndr/9zB6wn9uD9k/2kP3CHrZf2iP2K3vUfm2P2W/scfutPWG/syftKXvafm/P2B/sWXvOnrc/2gv2J3vR/mwv2ZB6cZ96eidDhtJROkqhFMpIGSkTZaLMlJkSlKCslJWyUTbKTtkpJ+Wk3JSb8lJeSsXElI/yUZKSVIAKUEEqSIWpMHnyVIyKUXEqTiWoBJWkklSKSlFpKk1lKfWkeRvdTrfTHXQH3Ul3UmWqTFWpKlWjalSdqlMNqkE1qSbVolpUm2pTHapDdaku1aN6VJ/qUwNqQI2oETWhJtSUmlIzakYtqAW1pJbUilpRa2pNbagNtaW21I7aUXtqTx2oA3WkjtSZOlMX6kJdqSt1p+7Uk3pSL+pFfagP9aN+1J/60wAaQANpIA2mwTSEhtBQGkrDaDiNoDdpJI2i0TSGxtI4Gk/jaQJNoIk0kSbRJJpCU2gaTaMZNINm0kyaTbNpDs2huTSX5tN8WkgLaREtoiW0hJbSUlpGy2gFraBVtIrW0BpaR+toA22gTbSJttAW2kbbaDttp520k3bTbtpLe2kf7aP9tJ8O0AE6SAfpEB2iw3SYjtAROkpH6Rgdo+N0nE7QCTpJJ/E0naYzdIbO0lk6T+fpAv1EF+lnukSBUlwGl9Fd5TK5q11ml8WluAzdAOA/4pwul8vt8ri8zrrsLsdfxeScK+gKucKuiPOuqCvmbvxdXLpHGVfWlXO3ufLudlfBlXZ/HVdzd7vq7h5Xw93rqrq7/iqu6e5ztdzDrrZ7xNVxDV1d19jVcw+7+u4R18A1dI1cY9fSPeFauSdda/eUa+Oe/l28yC1269x6t8FtdPvcp+68+9Edc9+4C+4n19V1c/3cy66/e8UNcK+6gW7Q7+IR7k030o1yo90YN9aN+108xU1109x0N8O962a6Wb+LF7oP3By3xM1189x8t+CXOHVOS9yHbqn7yC1zy90Kt9KtcqvdGrf2P+a60m12W9xWt9d94ra7HW6n2+V2uz2/xKnr2O8+cwfc5+6o+9odcl+4w+64O+K++iVOXd9x96074b5zJ90pd9p97864H9xZd+6X9aeu/Xv3s7vkggNGVqzZcMTpOD2ncAbOyFdxJr6aM3MWTvA1nJWv5Wx8HWfnHJyTc3FuzsN52TKxY+aY83F+TvL1XIBv4IJciAtzEfZclIvxjVycb+ISfDOX5Fu4FN/KpbkMl+VyfBuX59u5At/BFflOrsSVuQpX5bu4Gt/N1fkersH3ck2+j2vx/VybH+A6/CDX5Ye4Hj/M9fkRbsANuRE35ib8KDflx7gZN+cW/Di35Ce4FT/JrfkpbsNPc1t+htvxs9yen+MO/Dx35E7cmV/gLvwid+Vu3J17cE9+iXtxb+7Dfbkfv8z9+RUewK/yQB7Eg/k1HsKv81B+g4fxcB7Bb/JIHsWjeQyP5XE8nt/iCfw2T+R3eBJP5ik8lafxdJ7B7/JMnsWz+T2ew+/zXJ7H83kBL+QPeBEv5iX8IS/lj3gZL+cVvJJX8Wpew2t5Ha/nDbyRN/Fm3sJbeRt/zNt5B+/kXbyb9/Be/oT38ae8nz/jA/w5H+Q/8SH+gg/zl3yEv+Kj/DUf42/4OH/LJ/g7Psmn+DR/z2f4Bz7L5/g8/8gX+Ce+yD/zJQ4MMcYq1rGJozhdnD5OiTPEGeOr4kzx1XHmOEuciK+Js8bXxtni6+LscY44Z5wrzh3nifPGNqbYxRzHcb44f5yMr48LxDfEBeNCceG4SOzjonGx+Ma4eHxTXCK+OS4Z3xKXim+NS8dl4rJxufi2uHx8e1whviOuGN8ZV4orx1XiqvFdcbX47rh6fE9cI743LhHfF9eK749rxw/EdeIH47rxQ3G9+OG4fvxI3CBuGDeKG8dN4kfjpvFjcbO4edwifjxuGT8Rt4qfjFvHT8Vt4qf/sL973CPuGb8UvxSHcI+en1yQXJj8ILkouTi5JPlhcmnyo+Sy5PLkiuTK5Krk6uSa5NrkuuT65IbkxuSm5ObkluTWZAhV04NHr7z2xkc+nU/vU3wGn9Ff5TP5q31mn8Un/DU+q7/WZ/PX+ew+h8/pc/ncPo/P660n7zz72Ofz+X3SX+8L+Bt8QV/IF/ZFvPdFfTHf2DfxTXxT/5hv5pv7Fv5x/7h/wj/hn/RP+qd8G/+0b+uf8e38s769f84/55/3HX0n39m/4Lv4F31X38139919T9/T9/K9fB/fx/fz/Xx/398P8AP8QD/QD/aD/RA/xA/1Q/0wP8yP8CP8SD/Sj/aj/Vg/1o/34/0EP8FP9BP9JD/JT/FT/DQ/zc/wM/xMP9PP9rP9HD/Hz/Vz/Xw/3y/0C/0iv8gv8Uv8Ur/UL/PL/Aq/wq/yq/wav8av8+v8Br/Bb/Kb/Ba/xW/z2/x2v93v9Dv9br/b7/V7/T6/z+/3+/0Bf8Af9Af9IX/IH/Zf+iP+K3/Uf+2P+W/8cf+tP+G/8yf9KX/af+/P+B/8WX/On/c/+gv+J3/R/+wv+eDHJ95KTEi8nZiYeCcxKTE5MSUxNTEtMT0xI/FuYmZiVmJ24r3EnMT7ibmJeYn5iQWJhYkPEosSixNLEh8mliY+SixLLE+sSKxMrEqsToSQZ3sc8oX8IRmuDwXCDaFgKBQKhyLBh6KhWLgxFA83hRLh5lAy3BJKhVtD6VAmlA2PhAahYWgUGocm4dHQNDwWmoXmoUV4PLQMT4RW4cnQOjwV2oSnQ9vwTGgXng3tw3OhQ3g+dAydQufwQugSXgxdQ7fQPfQIPcNLoVfoHfqEvqFfeDn0D6+EAeHVMDAMCoPDa2FIeD0MDW+EYWF4GBHeDCPDqDA6jAljw7gwPrwVJoS3w8TwTpgUJocpYWqYFqaHGeHdMDPMCrPDe2FOeD/MDfPC/LAgLAwfhEVhcVgSPgxLw0dhWVgeVoSVYVVYHdaEtWFdWB82hI1hU9gctoStYVv4OGwPO8LOsCvsDnvC3vBJ2Bc+DfvDZ+FA+DwcDH8Kh8IX4XD4MhwJX4Wj4etwLHwTjodvw4nwXTgZToXT4ftwJvwQzoZz4Xz4MVwIP4WL4edwSX5nTQghhBDi76L/oL/Hf5Gj/tzuCQBX78h15D/3b8r+a7t3+twtEwDwVLcOD/62VarUvXv3P++7TEOUfx4AJC7np4PL8XJoAU9Aa2gOxf+jP+UvjtVbdbrA/934AFHyFoCMf5GTmv9bfHn8m/7m+nurUXP+2/E1RMl5AAXzX87JAJfjy+OX+C/Gz9H0D8bP8MV4gGZ/kZMJLseXxy8Gj8HT0Pqv9hRCCCGEEEIIIX7VW5Vt90f3t6n357nN5Zz0cDn+W/fnQgghhBBCCCGE+N/l2U6dn3y0devm7aTxP9UIWX59q/+3zEca0vg7Glf6k0kIIYQQQgjxr3b5ov9Kz0QIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhEi7/l/8ObHfjvVH/2tQCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGE+Hf1fwIAAP//drU5SA==") rename(&(0x7f00000000c0)='./file2\x00', &(0x7f0000000080)='./file1\x00') 1.735345286s ago: executing program 4 (id=4399): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$tipc(0x1e, 0x2, 0x0) r2 = socket$tipc(0x1e, 0x2, 0x0) keyctl$KEYCTL_CAPABILITIES(0x1f, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r3 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ptrace$setopts(0x4206, 0x0, 0x5, 0x2) r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10) rename(0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r7}, 0x10) memfd_create(0x0, 0x0) r8 = creat(0x0, 0xd931d3864d39dcca) close(r8) dup3(r1, r2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000380)=@raw={'raw\x00', 0x3c1, 0x3, 0x2c0, 0x128, 0x6c, 0x0, 0x128, 0x0, 0x1f0, 0x258, 0x258, 0x1f0, 0x258, 0x3, 0x0, {[{{@uncond, 0x0, 0x100, 0x128, 0x0, {}, [@common=@inet=@l2tp={{0x30}, {0x0, 0x0, 0x2, 0x0, 0x5}}, @inet=@rpfilter={{0x28}}]}, @common=@unspec=@MARK={0x28, 'MARK\x00', 0x2, {0xd, 0x7f}}}, {{@ipv6={@dev, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [], [], 'netdevsim0\x00', 'lo\x00'}, 0x0, 0xa8, 0xc8}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0xa8, 0xd0, 0x0, {0x0, 0x2001}}, {0x28}}}}, 0x320) mmap(&(0x7f000031e000/0x2000)=nil, 0x2000, 0x2000008, 0x40010, 0xffffffffffffffff, 0x9c365000) socket$nl_route(0x10, 0x3, 0x0) 990.868421ms ago: executing program 2 (id=4400): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80a, &(0x7f00000009c0)={[{@barrier_val}, {@init_itable}, {@block_validity}, {@nobarrier}, {@grpjquota}, {@inlinecrypt}]}, 0x1, 0x79b, &(0x7f0000000180)="$eJzs3c1rXFUbAPDnTpImTfu+zQsv2LppVloonbQ1tgqCERciWCjo2jZMpiFmkimZSWlCFhYRBBG0uBB049qPunMruvZvcCMiLVXTYsWFjNz5SKb5mHw0k2mb3w9ucs6dc+ecZ+7cc8/MPcwNYM8aTP9kIo5ExIdJxKH6+iQieqqp7oiRWrl7iwu5dEmiUnn996Ra5u7iQi6atkkdqGcOR8T370Ycz6yutzQ3PzlaKORn6vmh8tTlodLc/ImJqdHx/Hh++syp4eHTZ589e2bnYv3zx/mDtz565emvR/5+54kbH/yQxEgcrD/WHMdOGYzB+mvSk76E93l5pyvrsKTTDWBb0kOzq3aUx5E4FF3VFADwOEvP/xUAYI9JnP8BYI9pfA9wd3Eh11g6+43E7rr9UkT01eJvXN+sPdJdv2bXV70O2n83ie76FdHYwetdgxHx2bdvfpku0abrkABreftaRFwcGFzd/yer5ixs1clNlBlckdf/we75Lh3/PLfW+C+zNP6JpfHPst41jt3tGIzY15xfffxnbq654Ys7UHl9/PdCbW5bGmjT+G9p0tpAVz33nzRzNCImCvm0b/tvRByLnt5LE4X8qRZ1HLvzz531Hmse//1x/a0v0vrT/8slMje7e+/fZmy0PPogMTe7fS3iye7luX33VvX/fdWx7sr9n6473+qJjy4nX33+vU/XK5bGn8bbWFbH316VzyOeirXjb0hazk8cSnf/ydrftev45udP+terv3n/p0taf+OzwG5I939/6/gHkub5mqWdrX/j+Nd+/+9L3qimG53H1dFyeeZUxL7ktdXrTy9v28g3yqfx1yJdGX+m5fs//SR4cZMxdt/67avtx7+kLVMs0/jHtrT/t564cW+ya/vxp/t/uJo6Vl+zmf5vsw18kNcOAAAAAAAAAAAAAAAAAAAAAAAAADYrExEHI8lkl9KZTDZbu4f3/6M/UyiWyscvFWenx6J6r+yB6Mk0furyUC2fNH7/dKApf3pF/pmI+F9EfNy7v5rP5oqFsU4HDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB1B9a5/3/q195Otw4AaJu+DUvcyd+XrVQqlTa2BwBov43P/wDA46bF+X//brYDANg9Pv8DwN7j/A8Ae4/zPwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG12/ty5dKn8tbiQS/NjV+ZmJ4tXTozlS5PZqdlcNlecuZwdLxbHC/lsrji10fMVisXLwzE9e3WonC+Vh0pz8xemirPT5QsTU6Pj+Qv5nl2JCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC2pjQ3PzlaKORnHovE+xHxEDSjHYkkHopmdCTxy4mfDrcqc32Dt/HIQxHFI5bodM8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Gj4NwAA//8PbSWm") r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000440)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) 989.961061ms ago: executing program 3 (id=4401): syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2169802, 0x0, 0x0, 0x0, &(0x7f00000003c0)) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000ac0)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x8, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r1}, 0x18) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) write$P9_RVERSION(r3, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b"], 0x15) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4]) 962.509601ms ago: executing program 3 (id=4402): syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3f7, &(0x7f00000004c0)="$eJzs281rXFUbAPDn3nyUt2nfxFq/2qrTBjGgJk2iQsBNRUVBcKE7FxKaaSlOmtKM2BYXKoKr4saVrlzpH+DGhSDuXQmudC+FIMW1jNyZe5txMhMzyYyjvb8fTHLO3DOc88yZZ+bcc2cCKK1K9ieJOBIRP0fEdKv61waV1r/fb793Prsl0Wi8/lvSbJfVi6bF46byylwakX6UxMku/W5ev/H2aq1WvZrXF+rrVxY2r9946tL66sXqxerl5ZVnzi4trzy7sjywWG/ePvXTxuev/fHJmV+mnr/51gvZeI/kx9rjGJRKVKKR6zz22KA7G7GjbeVkfIQDoS9jEZFN10Qz/6djLLYnbzpe/HCkgwOGKvtsOtT78PsN4C6WxKhHAIxG8UFfnNsP4zz432zrXOsEaGf845HmbSY6zm8HKTvbuvbmx99mtxjSPgQAQLvvsvXPk93WP2nc39bu//m1oZmIuCcijkXEvRFxPCLui2i2fSAiHuyz/0pHfef6J721r8D2KFv/Pdd1/Vus/mJmLK8dbcY/kVy4VKuezZ+TuZg4lNUXd+njx1e++rLXsUrb+i+7Zf0Xa8F8HLfGOzbo1lbrqweJud3WBxEnuq5/kztXApKIeCgiTuyzj2/ONT7rdezv4x+uxhcRj3ed/+2roMnu1ycXmq+HheJVsdOpd6+s9ep/1PFn83949/hnkvbrtZv99/H1zOmtXsf2+/qfTN5olifz+66t1utXFyMmk1d33r+0/diiXrTP4p+b7Z7/x2L7mTiZzWNEPBwRj0TEo/nYT0fEmYiY3SX+l2Zfru4//uHK4l/ra/77L6wvff9Dr/73Nv9PN0tz+T17ef/b6wAP8twBAADAf0Xa/A58ks7fKafp/HzrO/zH43Ba29isP3Fh453La63vys/ERFrsdE237Ycu5nvDRX2po76c7xt/Ova/Zn3+/Eat56YY8I+Y6pH/mV/HRj06YOj8XgvKS/5Decl/KC/5D+Ul/6G85D+Ul/yH8pL/UF7yH8pL/kMpHeR3/QoKCndrYdTvTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIPxZwAAAP//jYTnFQ==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b000000070000000100050009000000"], 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r1, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x7) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r2}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r3 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x6) sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) pwrite64(r0, &(0x7f0000000140)='2', 0x1, 0x8000c61) 912.807932ms ago: executing program 1 (id=4403): umount2(&(0x7f0000000280)='./file0\x00', 0xe) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000003800)={&(0x7f0000000340)=ANY=[@ANYBLOB="9feb010018"], 0x0, 0x3a, 0x0, 0x1}, 0x28) r1 = socket$inet_tcp(0x2, 0x1, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x50) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r2, 0x0, &(0x7f0000000040)=@tcp=r1}, 0x20) setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_NMI(r4, 0xae9a) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x4, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x10001, 0x3, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffdf], 0x0, 0x200}) getsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000080)={@private, @dev}, &(0x7f0000000240)=0xc) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000002c0)={[0x4, 0x5, 0x6, 0x4004, 0x2, 0x4, 0xefffffffffffffff, 0x0, 0x0, 0x2000000, 0x0, 0x1c, 0x0, 0xffffffffffffffff, 0x6], 0x0, 0x41901}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 776.869505ms ago: executing program 4 (id=4404): openat$kvm(0xffffffffffffff9c, 0x0, 0x2, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5) sched_setscheduler(0x0, 0x2, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="16000000000000000400000005"], 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r2}, 0x10) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000001c0), 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=") 769.719615ms ago: executing program 2 (id=4405): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c25000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r3}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00'}, 0x10) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}, 0x1, 0x0, 0x0, 0xc000}, 0x0) 432.421802ms ago: executing program 1 (id=4406): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000240)={[0x5836, 0x5, 0x9, 0xe50, 0x801, 0x5479, 0x103d, 0x6, 0x0, 0x32a, 0x8000000000000001, 0xffffffff, 0x1, 0x10040000000009, 0x5, 0x58], 0x2000, 0x808d6}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 383.975903ms ago: executing program 2 (id=4407): openat$ttyS3(0xffffffffffffff9c, 0x0, 0x1, 0x0) socket$packet(0x11, 0x2, 0x300) prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x4c, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0x4008ae90, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000840)=@abs={0x0, 0x0, 0x4e20}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r3}, 0x18) socket$inet6(0xa, 0x6, 0x5) socket$xdp(0x2c, 0x3, 0x0) socket(0x10, 0x3, 0x0) 238.960525ms ago: executing program 1 (id=4408): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, 0x0, 0x50) ioprio_set$pid(0x2, 0x0, 0x6000) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r5}, 0x10) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000001c0), 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=") ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='projid_map\x00') 0s ago: executing program 3 (id=4409): r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0) openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r1 = dup(0xffffffffffffffff) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x12, 0x4, &(0x7f0000000000)=ANY=[], &(0x7f0000000980)='GPL\x00', 0x100, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x1f, r0}, 0x94) ioctl$LOOP_SET_FD(r1, 0x4c00, r1) write$FUSE_BMAP(r1, &(0x7f0000000100)={0x18, 0x0, 0x0, {0x2}}, 0x18) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, 0x0, 0x0) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'bridge0\x00'}) mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB, @ANYRESHEX, @ANYBLOB="2c7766646e6f2218385bddb2c9b8ec4416f055cc1663499587f35c77e2fc3c0111ba2161f9fd62d32a55afd1e19c8feaf280738173db0ad21e25fe904dbc734a2fb499baa976505ae7fe9ddb1350216da6e09eef8f4caa20f09239c3a08e4e930823ff16d827bb13e524d67423093a5d535fbcc4afbfd1e5aa43d560887afd1c6305932bf1", @ANYBLOB=',k']) r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00') read$FUSE(r5, &(0x7f0000002140)={0x2020}, 0x2020) kernel console output (not intermixed with test programs): fs (loop1): Try to recover 1th superblock, ret: 0 [ 1103.280053][T12783] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 1103.406020][T12795] loop2: detected capacity change from 0 to 40427 [ 1103.420298][T12795] F2FS-fs (loop2): Unrecognized mount option "whint_mode=user-based" or missing value [ 1103.468492][T12798] syz.1.3395[12798] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1103.468588][T12798] syz.1.3395[12798] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1103.510981][T12800] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3399'. [ 1104.898919][T12813] loop2: detected capacity change from 0 to 512 [ 1105.553038][T12812] loop4: detected capacity change from 0 to 512 [ 1105.850682][T12813] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 1105.860601][T12813] ext4 filesystem being mounted at /59/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1105.874943][T12812] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 1105.884229][T12812] ext4 filesystem being mounted at /77/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1106.936290][T11232] EXT4-fs (loop4): unmounting filesystem. [ 1106.942470][T11663] EXT4-fs (loop2): unmounting filesystem. [ 1108.741298][T12837] loop4: detected capacity change from 0 to 256 [ 1108.778857][T12839] loop2: detected capacity change from 0 to 512 [ 1108.812253][T12837] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 1108.915772][T12839] EXT4-fs warning (device loop2): ext4_enable_quotas:7053: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 1108.974932][T12839] EXT4-fs (loop2): mount failed [ 1108.983387][T12837] exFAT-fs (loop4): error, invalid access to FAT free cluster (entry 0x00000008) [ 1109.321517][T12853] loop5: detected capacity change from 0 to 1024 [ 1109.342106][T12853] EXT4-fs: Ignoring removed i_version option [ 1109.358581][T12853] EXT4-fs (loop5): Test dummy encryption mode enabled [ 1109.390634][T12853] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 1109.962373][T12862] loop3: detected capacity change from 0 to 512 [ 1110.188441][T12862] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 1110.197875][T12862] ext4 filesystem being mounted at /92/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1110.384786][T12867] loop1: detected capacity change from 0 to 512 [ 1110.547320][T12867] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 1111.061303][T11162] EXT4-fs (loop3): unmounting filesystem. [ 1111.297078][T12874] loop3: detected capacity change from 0 to 512 [ 1111.451684][T12874] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 1111.461040][T12874] ext4 filesystem being mounted at /93/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1112.560921][T11162] EXT4-fs (loop3): unmounting filesystem. [ 1112.677113][T12881] loop3: detected capacity change from 0 to 256 [ 1112.691058][T12881] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 1112.706280][T12881] exFAT-fs (loop3): error, invalid access to FAT free cluster (entry 0x00000008) [ 1112.851721][T11087] EXT4-fs (loop1): unmounting filesystem. [ 1112.900171][T12885] loop1: detected capacity change from 0 to 256 [ 1112.937474][T11330] EXT4-fs (loop5): unmounting filesystem. [ 1114.236140][T12905] loop2: detected capacity change from 0 to 1024 [ 1114.245576][T12905] EXT4-fs: Ignoring removed i_version option [ 1114.252180][T12905] EXT4-fs (loop2): Test dummy encryption mode enabled [ 1114.316498][T12905] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 1114.394882][ T5687] usb 5-1: new full-speed USB device number 61 using dummy_hcd [ 1114.422366][T11663] EXT4-fs (loop2): unmounting filesystem. [ 1114.575479][ T5687] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 1114.587100][ T5687] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1114.602284][ T5687] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 1114.834845][T12919] loop1: detected capacity change from 0 to 256 [ 1114.899491][T12918] loop2: detected capacity change from 0 to 8192 [ 1116.275836][ T5687] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1117.608055][T12919] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 1117.694659][ T5687] usb 5-1: config 0 descriptor?? [ 1118.874468][T12927] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 1120.069700][ T5687] usb 5-1: can't set config #0, error -71 [ 1120.115538][ T8059] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 1120.131160][ T5687] usb 5-1: USB disconnect, device number 61 [ 1120.629361][T12950] loop3: detected capacity change from 0 to 512 [ 1120.657490][T12952] loop2: detected capacity change from 0 to 8192 [ 1120.754432][ T5687] usb 5-1: new full-speed USB device number 62 using dummy_hcd [ 1120.763122][T12950] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 1120.772303][T12950] ext4 filesystem being mounted at /98/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1120.920334][ T28] kauditd_printk_skb: 8 callbacks suppressed [ 1120.985014][ T28] audit: type=1326 audit(1756900553.257:3013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12951 comm="syz.2.3442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa84f18ebe9 code=0x7ffc0000 [ 1121.112975][T12960] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3443'. [ 1121.184440][ T1084] usb 3-1: new high-speed USB device number 67 using dummy_hcd [ 1121.243963][ T28] audit: type=1326 audit(1756900553.257:3014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12951 comm="syz.2.3442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa84f18ebe9 code=0x7ffc0000 [ 1121.269128][ T5687] usb 5-1: unable to get BOS descriptor or descriptor too short [ 1121.304859][ T5687] usb 5-1: not running at top speed; connect to a high speed hub [ 1121.321798][ T5687] usb 5-1: config 4 has an invalid interface number: 147 but max is 0 [ 1121.323173][ T28] audit: type=1326 audit(1756900553.257:3015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12951 comm="syz.2.3442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=6 compat=0 ip=0x7fa84f18ebe9 code=0x7ffc0000 [ 1121.334515][ T5687] usb 5-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 1121.353916][ T28] audit: type=1326 audit(1756900553.257:3016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12951 comm="syz.2.3442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa84f18ebe9 code=0x7ffc0000 [ 1121.419872][ T5687] usb 5-1: config 4 has no interface number 0 [ 1121.434715][ T5687] usb 5-1: string descriptor 0 read error: -22 [ 1121.443983][ T28] audit: type=1326 audit(1756900553.257:3017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12951 comm="syz.2.3442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa84f18ebe9 code=0x7ffc0000 [ 1121.464336][ T5687] usb 5-1: New USB device found, idVendor=04f2, idProduct=b746, bcdDevice=8e.6e [ 1121.467682][ T28] audit: type=1326 audit(1756900553.257:3018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12951 comm="syz.2.3442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa84f18d550 code=0x7ffc0000 [ 1121.500382][ T28] audit: type=1326 audit(1756900553.267:3019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12951 comm="syz.2.3442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa84f18e7eb code=0x7ffc0000 [ 1121.504429][ T5687] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1121.524033][ T28] audit: type=1326 audit(1756900553.267:3020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12951 comm="syz.2.3442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa84f18e7eb code=0x7ffc0000 [ 1121.556956][ T1084] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1121.574403][ T1084] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1121.580351][ T5687] usb 5-1: Found UVC 0.00 device (04f2:b746) [ 1121.594744][ T5687] usb 5-1: No valid video chain found. [ 1121.595910][ T1084] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1121.601520][ T1084] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1121.619923][ T28] audit: type=1326 audit(1756900553.267:3021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12951 comm="syz.2.3442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa84f18e7eb code=0x7ffc0000 [ 1121.643689][ T1084] usb 3-1: Product: syz [ 1121.648140][ T1084] usb 3-1: Manufacturer: syz [ 1121.663973][ T1084] usb 3-1: SerialNumber: syz [ 1121.671168][ T28] audit: type=1326 audit(1756900553.267:3022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12951 comm="syz.2.3442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa84f18e7eb code=0x7ffc0000 [ 1121.696609][ T1084] cdc_ncm 3-1:1.0: CDC Union missing and no IAD found [ 1121.703406][ T1084] cdc_ncm 3-1:1.0: bind() failure [ 1121.947109][ T1084] usb 5-1: USB disconnect, device number 62 [ 1122.027516][T12969] loop1: detected capacity change from 0 to 256 [ 1122.135022][T12969] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 1122.163134][T12969] exFAT-fs (loop1): error, invalid access to FAT free cluster (entry 0x00000008) [ 1123.274415][T12975] xt_l2tp: missing protocol rule (udp|l2tpip) [ 1123.646898][ T4511] usb 3-1: USB disconnect, device number 67 [ 1123.838173][T12981] loop5: detected capacity change from 0 to 8192 [ 1124.066317][T12984] loop4: detected capacity change from 0 to 1024 [ 1124.188761][T12984] EXT4-fs: Ignoring removed i_version option [ 1124.276115][T12984] EXT4-fs (loop4): Test dummy encryption mode enabled [ 1124.407596][T12984] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 1124.619778][T11162] EXT4-fs (loop3): unmounting filesystem. [ 1125.058572][T11232] EXT4-fs (loop4): unmounting filesystem. [ 1125.556490][T13015] loop3: detected capacity change from 0 to 1024 [ 1125.563737][T13015] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1125.704500][T13023] loop2: detected capacity change from 0 to 512 [ 1125.770683][T13015] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 1125.991762][T13023] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 1126.001117][T13023] ext4 filesystem being mounted at /71/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1126.099109][T13001] loop1: detected capacity change from 0 to 40427 [ 1127.125287][T13001] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 1127.133814][T13001] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 1127.150632][T13029] loop5: detected capacity change from 0 to 512 [ 1127.294232][T11663] EXT4-fs (loop2): unmounting filesystem. [ 1127.860770][T13029] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 1127.870135][T13029] ext4 filesystem being mounted at /83/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1127.900124][T11162] EXT4-fs (loop3): unmounting filesystem. [ 1127.955574][T13001] F2FS-fs (loop1): Failed to initialize F2FS segment manager (-4) [ 1128.199708][T13039] loop4: detected capacity change from 0 to 512 [ 1128.386706][T13039] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 1128.471815][T13039] ext4 filesystem being mounted at /87/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1128.955800][T11330] EXT4-fs (loop5): unmounting filesystem. [ 1129.017971][T13049] loop3: detected capacity change from 0 to 1024 [ 1129.699248][T13054] loop1: detected capacity change from 0 to 256 [ 1130.646679][T13053] loop5: detected capacity change from 0 to 8192 [ 1130.804280][T13054] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 1130.893129][T13051] exFAT-fs (loop1): error, invalid access to FAT free cluster (entry 0x00000008) [ 1130.964054][T13049] EXT4-fs: Ignoring removed i_version option [ 1130.993619][T13058] loop5: detected capacity change from 0 to 1024 [ 1131.006661][T13049] EXT4-fs (loop3): Test dummy encryption mode enabled [ 1131.023013][T13058] EXT4-fs: Ignoring removed i_version option [ 1131.041430][T13049] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 1131.050737][T13058] EXT4-fs (loop5): Test dummy encryption mode enabled [ 1131.060929][T13058] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 1131.212610][T11162] EXT4-fs (loop3): unmounting filesystem. [ 1131.635035][T13069] loop3: detected capacity change from 0 to 40427 [ 1131.650739][T13069] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 1131.658830][T13069] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 1131.674199][T13069] F2FS-fs (loop3): Found nat_bits in checkpoint [ 1131.713573][T13069] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 1131.720747][T13069] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 1131.883832][T11330] EXT4-fs (loop5): unmounting filesystem. [ 1131.956760][T13078] syz.3.3470[13078] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1131.956904][T13078] syz.3.3470[13078] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1132.601486][T13086] overlayfs: missing 'lowerdir' [ 1132.694758][T13088] loop2: detected capacity change from 0 to 1024 [ 1132.719613][T13088] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1132.753442][T13088] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 1133.194133][T11232] EXT4-fs (loop4): unmounting filesystem. [ 1133.313088][T13102] loop3: detected capacity change from 0 to 512 [ 1133.331995][T13102] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 1133.568083][T13100] loop4: detected capacity change from 0 to 40427 [ 1133.585208][T13100] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 1133.593372][T13100] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 1133.636814][T13100] F2FS-fs (loop4): Found nat_bits in checkpoint [ 1133.693138][T11663] EXT4-fs (loop2): unmounting filesystem. [ 1133.694411][T13100] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 1133.706405][T13100] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 1133.907462][T13112] loop5: detected capacity change from 0 to 8192 [ 1135.500367][T13100] syz.4.3476[13100] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1135.500446][T13100] syz.4.3476[13100] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1135.593296][T13127] loop1: detected capacity change from 0 to 512 [ 1135.660337][T11162] EXT4-fs (loop3): unmounting filesystem. [ 1135.683976][T13127] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 1135.695190][T13127] ext4 filesystem being mounted at /106/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1136.027845][T13132] loop5: detected capacity change from 0 to 256 [ 1136.042262][T13132] exFAT-fs (loop5): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 1136.059945][T13132] exFAT-fs (loop5): error, invalid access to FAT free cluster (entry 0x00000008) [ 1136.329081][T13134] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3484'. [ 1136.918597][T11087] EXT4-fs (loop1): unmounting filesystem. [ 1137.039419][T13146] loop3: detected capacity change from 0 to 512 [ 1137.087047][T13146] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 1137.103883][T13151] overlayfs: missing 'lowerdir' [ 1137.110089][T13146] ext4 filesystem being mounted at /108/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1137.186429][T13142] loop1: detected capacity change from 0 to 40427 [ 1137.240435][T13142] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 1137.268931][T13142] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 1137.297978][T13142] F2FS-fs (loop1): Insane cp_payload (524288 >= 504) [ 1137.320549][T13142] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock [ 1137.432822][T13159] loop2: detected capacity change from 0 to 256 [ 1137.452238][T13159] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 1137.480675][T13159] exFAT-fs (loop2): error, invalid access to FAT free cluster (entry 0x00000008) [ 1137.690000][ T5687] usb 5-1: new full-speed USB device number 63 using dummy_hcd [ 1138.843924][ T5687] usb 5-1: unable to get BOS descriptor or descriptor too short [ 1138.852111][ T5687] usb 5-1: not running at top speed; connect to a high speed hub [ 1138.868923][ T5687] usb 5-1: config 4 has an invalid interface number: 147 but max is 0 [ 1138.986542][T13163] syz.1.3488[13163] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1138.986625][T13163] syz.1.3488[13163] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1139.030377][T13163] tipc: Enabling of bearer rejected, already enabled [ 1139.849436][ T5687] usb 5-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 1139.860017][ T5687] usb 5-1: config 4 has no interface number 0 [ 1139.870105][ T5687] usb 5-1: string descriptor 0 read error: -22 [ 1139.881915][ T5687] usb 5-1: New USB device found, idVendor=04f2, idProduct=b746, bcdDevice=8e.6e [ 1139.896355][ T5687] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1140.275263][T13169] loop5: detected capacity change from 0 to 8192 [ 1140.569562][ T5687] usb 5-1: can't set config #4, error -71 [ 1140.608990][ T5687] usb 5-1: USB disconnect, device number 63 [ 1141.695464][T13171] loop1: detected capacity change from 0 to 512 [ 1141.868400][T13177] loop5: detected capacity change from 0 to 1024 [ 1141.875928][T13177] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1142.243396][T13184] loop2: detected capacity change from 0 to 512 [ 1142.790932][T13171] EXT4-fs warning (device loop1): ext4_enable_quotas:7053: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 1142.864393][T13184] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 1142.873603][T13184] ext4 filesystem being mounted at /79/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1142.953423][T13177] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 1143.247156][T13171] EXT4-fs (loop1): mount failed [ 1143.518914][T13196] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 1143.839108][T11663] EXT4-fs (loop2): unmounting filesystem. [ 1143.857664][T13201] loop1: detected capacity change from 0 to 256 [ 1143.968168][T13206] loop2: detected capacity change from 0 to 512 [ 1143.996370][T13206] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 1144.040715][T13206] ext4 filesystem being mounted at /81/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1144.373959][T11663] EXT4-fs (loop2): unmounting filesystem. [ 1144.549697][T13216] loop2: detected capacity change from 0 to 256 [ 1144.560238][T13216] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 1144.576206][T13216] exFAT-fs (loop2): error, invalid access to FAT free cluster (entry 0x00000008) [ 1144.969893][T13220] loop1: detected capacity change from 0 to 256 [ 1144.990345][T13220] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 1145.079580][T13220] exFAT-fs (loop1): error, invalid access to FAT free cluster (entry 0x00000008) [ 1145.116647][T11330] EXT4-fs (loop5): unmounting filesystem. [ 1145.128599][T11162] EXT4-fs (loop3): unmounting filesystem. [ 1145.392469][T13224] loop3: detected capacity change from 0 to 512 [ 1146.620491][T13226] loop5: detected capacity change from 0 to 8192 [ 1147.614893][T13224] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 1147.629874][T13224] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 1147.640645][T13224] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2195: inode #15: comm syz.3.3509: corrupted in-inode xattr [ 1147.672559][T13224] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.3509: couldn't read orphan inode 15 (err -117) [ 1147.698690][T13224] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 1147.759740][T11162] EXT4-fs (loop3): unmounting filesystem. [ 1148.162461][T13233] loop4: detected capacity change from 0 to 512 [ 1148.485513][T13233] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 1148.494853][T13233] ext4 filesystem being mounted at /97/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1149.349811][T13252] loop1: detected capacity change from 0 to 512 [ 1149.368321][T11232] EXT4-fs (loop4): unmounting filesystem. [ 1149.486585][T13252] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 1149.495960][T13252] ext4 filesystem being mounted at /113/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1149.874430][ T5687] usb 4-1: new high-speed USB device number 64 using dummy_hcd [ 1150.164412][ T5687] usb 4-1: Using ep0 maxpacket: 16 [ 1150.170725][ T5687] usb 4-1: config index 0 descriptor too short (expected 64967, got 165) [ 1150.179631][ T5687] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1150.189895][ T5687] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1150.201263][ T5687] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1150.220641][ T5687] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1150.239525][ T5687] usb 4-1: Product: syz [ 1150.243763][ T5687] usb 4-1: Manufacturer: syz [ 1150.253867][ T5687] usb 4-1: SerialNumber: syz [ 1150.271820][T13248] loop5: detected capacity change from 0 to 40427 [ 1150.301899][T13248] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12 [ 1150.320031][T13248] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 1150.436989][T11087] EXT4-fs (loop1): unmounting filesystem. [ 1150.453910][T13248] F2FS-fs (loop5): Found nat_bits in checkpoint [ 1150.462898][T13265] loop1: detected capacity change from 0 to 128 [ 1150.470988][ T5687] usb 4-1: 0:2 : does not exist [ 1150.748171][T13248] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0 [ 1150.761957][T13265] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 1150.771735][ T5687] usb 4-1: USB disconnect, device number 64 [ 1150.779840][T13248] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 1150.789460][T13265] ext4 filesystem being mounted at /114/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1150.852899][T11087] EXT4-fs (loop1): unmounting filesystem. [ 1152.937861][T13285] syz.5.3515[13285] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1152.938048][T13285] syz.5.3515[13285] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1152.989035][T13286] loop2: detected capacity change from 0 to 256 [ 1155.016836][T13287] loop1: detected capacity change from 0 to 8192 [ 1155.158849][T13286] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 1155.239441][T13286] exFAT-fs (loop2): error, invalid access to FAT free cluster (entry 0x00000008) [ 1155.600051][T13294] loop4: detected capacity change from 0 to 256 [ 1156.914945][T13294] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 1156.966454][T13296] loop3: detected capacity change from 0 to 512 [ 1157.002172][T13293] exFAT-fs (loop4): error, invalid access to FAT free cluster (entry 0x00000008) [ 1157.027596][T13302] serio: Serial port ptm0 [ 1157.068655][T13296] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 1157.092695][T13296] ext4 filesystem being mounted at /112/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1157.174573][T13311] loop2: detected capacity change from 0 to 512 [ 1157.280412][T13311] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 1157.289794][T13311] ext4 filesystem being mounted at /87/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1158.355501][T13321] loop1: detected capacity change from 0 to 1024 [ 1158.377590][T13321] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1158.431758][T11663] EXT4-fs (loop2): unmounting filesystem. [ 1158.475935][T13321] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 1158.527993][T13327] device pim6reg1 entered promiscuous mode [ 1158.563993][T13323] loop4: detected capacity change from 0 to 8192 [ 1158.582218][T13323] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 1158.657718][T13323] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 1046) [ 1158.682061][T13323] FAT-fs (loop4): Filesystem has been set read-only [ 1158.708474][T11232] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 1046) [ 1158.772186][T13335] loop5: detected capacity change from 0 to 256 [ 1158.924585][T13339] loop4: detected capacity change from 0 to 512 [ 1159.959378][T13339] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 1159.969465][T13339] ext4 filesystem being mounted at /102/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1160.704290][T13349] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 1161.097452][T13351] loop5: detected capacity change from 0 to 8192 [ 1162.610986][T11232] EXT4-fs (loop4): unmounting filesystem. [ 1163.619145][T13363] 9p: Unknown access argument 18446744073709551615: -34 [ 1163.735946][T11162] EXT4-fs (loop3): unmounting filesystem. [ 1163.912675][T13373] loop5: detected capacity change from 0 to 512 [ 1164.166786][T13373] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 1164.176084][T13373] ext4 filesystem being mounted at /101/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1164.213492][T11330] EXT4-fs (loop5): unmounting filesystem. [ 1164.267604][T11087] EXT4-fs (loop1): unmounting filesystem. [ 1164.651579][T13383] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 1165.352298][T13384] loop5: detected capacity change from 0 to 512 [ 1165.666705][T13384] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 1165.675926][T13384] ext4 filesystem being mounted at /102/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1167.537330][T13390] loop3: detected capacity change from 0 to 1024 [ 1167.548473][T13390] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1167.595266][T13390] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 1167.776284][T11330] EXT4-fs (loop5): unmounting filesystem. [ 1170.132580][T13411] loop4: detected capacity change from 0 to 512 [ 1170.175588][T11162] EXT4-fs (loop3): unmounting filesystem. [ 1170.420457][T13411] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 1170.429626][T13411] ext4 filesystem being mounted at /105/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1170.976791][T13416] loop1: detected capacity change from 0 to 512 [ 1170.993250][T13416] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 1171.123684][T13420] loop5: detected capacity change from 0 to 512 [ 1171.124892][T11232] EXT4-fs (loop4): unmounting filesystem. [ 1171.136187][T13420] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 1171.178092][T13420] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 1171.188337][T13420] EXT4-fs error (device loop5): ext4_xattr_ibody_find:2195: inode #15: comm syz.5.3561: corrupted in-inode xattr [ 1171.200599][T13420] EXT4-fs error (device loop5): ext4_orphan_get:1405: comm syz.5.3561: couldn't read orphan inode 15 (err -117) [ 1171.213472][T13420] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 1171.247932][T11330] EXT4-fs (loop5): unmounting filesystem. [ 1171.523512][T13429] loop2: detected capacity change from 0 to 512 [ 1171.536802][T13430] loop3: detected capacity change from 0 to 512 [ 1171.572502][T11087] EXT4-fs (loop1): unmounting filesystem. [ 1171.614946][T13428] loop4: detected capacity change from 0 to 8192 [ 1171.615933][T13438] loop1: detected capacity change from 0 to 1024 [ 1171.649189][T13438] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1171.704520][T13430] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 1171.724490][T13430] ext4 filesystem being mounted at /115/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1171.753026][T13438] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 1171.766770][T13429] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 1171.907219][T13429] ext4 filesystem being mounted at /96/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1172.177132][T13436] loop5: detected capacity change from 0 to 40427 [ 1172.197852][T13436] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12 [ 1172.217183][T13436] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 1172.285278][T13436] F2FS-fs (loop5): Found nat_bits in checkpoint [ 1172.384977][T13436] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0 [ 1172.394380][T13436] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 1172.474401][ T2401] usb 5-1: new high-speed USB device number 64 using dummy_hcd [ 1172.685429][ T2401] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1172.704380][ T2401] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1172.746674][ T2401] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1172.764373][ T2401] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1172.812935][ T2401] usb 5-1: Product: syz [ 1172.823026][ T2401] usb 5-1: Manufacturer: syz [ 1172.827787][ T2401] usb 5-1: SerialNumber: syz [ 1172.864919][ T2401] cdc_ncm 5-1:1.0: CDC Union missing and no IAD found [ 1172.872035][ T2401] cdc_ncm 5-1:1.0: bind() failure [ 1172.884915][T13454] syz.5.3565[13454] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1172.885013][T13454] syz.5.3565[13454] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1173.244700][T11087] EXT4-fs (loop1): unmounting filesystem. [ 1173.481463][T13459] loop1: detected capacity change from 0 to 512 [ 1173.649219][T13459] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 1173.658467][T13459] ext4 filesystem being mounted at /125/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1174.599276][T11765] usb 5-1: USB disconnect, device number 64 [ 1174.802396][T11087] EXT4-fs (loop1): unmounting filesystem. [ 1175.034706][T11663] EXT4-fs (loop2): unmounting filesystem. [ 1175.101148][T13463] loop4: detected capacity change from 0 to 40427 [ 1175.114543][T11765] usb 2-1: new full-speed USB device number 64 using dummy_hcd [ 1175.123887][T13463] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 1175.143271][T13463] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 1175.152137][T13463] F2FS-fs (loop4): Insane cp_payload (524288 >= 504) [ 1175.159582][T13463] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock [ 1175.194670][T11162] EXT4-fs (loop3): unmounting filesystem. [ 1176.395927][T11765] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 1176.397884][ T296] usb 3-1: new high-speed USB device number 68 using dummy_hcd [ 1176.480666][T11765] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1176.649384][T11765] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 1176.679689][T11765] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1176.708245][T11765] usb 2-1: config 0 descriptor?? [ 1177.095360][T13481] loop5: detected capacity change from 0 to 256 [ 1177.156073][T11765] savu 0003:1E7D:2D5A.001E: unknown main item tag 0x0 [ 1177.163002][T11765] savu 0003:1E7D:2D5A.001E: unknown main item tag 0x0 [ 1177.171056][T11765] savu 0003:1E7D:2D5A.001E: unknown main item tag 0x0 [ 1177.250408][T13485] loop4: detected capacity change from 0 to 512 [ 1177.794514][T11765] savu 0003:1E7D:2D5A.001E: unknown main item tag 0x0 [ 1178.135127][ T296] usb 3-1: Using ep0 maxpacket: 32 [ 1178.142204][ T296] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1178.154029][ T296] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1178.242856][ T296] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 1178.302742][T13485] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 1178.312094][T13485] ext4 filesystem being mounted at /108/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1178.385688][T13492] loop5: detected capacity change from 0 to 512 [ 1178.425545][ T296] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1178.877902][ T296] usb 3-1: config 0 descriptor?? [ 1178.883195][ T296] usb 3-1: can't set config #0, error -71 [ 1178.890075][ T296] usb 3-1: USB disconnect, device number 68 [ 1178.915979][T13492] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 1178.947868][T13492] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 1178.978272][T13492] EXT4-fs error (device loop5): ext4_xattr_ibody_find:2195: inode #15: comm syz.5.3575: corrupted in-inode xattr [ 1178.993606][T11765] savu 0003:1E7D:2D5A.001E: unknown main item tag 0x0 [ 1179.001360][T11765] savu 0003:1E7D:2D5A.001E: unbalanced collection at end of report description [ 1179.010744][T11765] savu 0003:1E7D:2D5A.001E: parse failed [ 1179.016452][T11765] savu: probe of 0003:1E7D:2D5A.001E failed with error -22 [ 1179.678922][T13500] loop2: detected capacity change from 0 to 512 [ 1179.827067][T13492] EXT4-fs error (device loop5): ext4_orphan_get:1405: comm syz.5.3575: couldn't read orphan inode 15 (err -117) [ 1181.103461][T11232] EXT4-fs (loop4): unmounting filesystem. [ 1181.175817][T13500] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 1181.185542][T13500] ext4 filesystem being mounted at /98/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1181.274890][T13492] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 1181.433694][T11330] EXT4-fs (loop5): unmounting filesystem. [ 1181.632553][T13508] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 1182.684773][ T496] Bluetooth: hci0: command 0x1003 tx timeout [ 1182.744496][T11796] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 1182.887829][T13511] loop4: detected capacity change from 0 to 1024 [ 1182.937860][T11663] EXT4-fs (loop2): unmounting filesystem. [ 1182.957908][T11765] usb 2-1: USB disconnect, device number 64 [ 1182.972499][T13514] loop3: detected capacity change from 0 to 8192 [ 1182.979785][T13511] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1182.998467][T13517] loop5: detected capacity change from 0 to 1024 [ 1183.011722][T13514] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 1183.028903][T13518] loop1: detected capacity change from 0 to 512 [ 1183.034817][T13517] EXT4-fs: Ignoring removed i_version option [ 1183.041668][T13517] EXT4-fs (loop5): Test dummy encryption mode enabled [ 1183.044840][T13520] loop2: detected capacity change from 0 to 512 [ 1183.083171][T13517] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 1183.092751][T13514] FAT-fs (loop3): error, fat_free: invalid cluster chain (i_pos 1046) [ 1183.122823][T13511] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 1183.130891][T13514] FAT-fs (loop3): Filesystem has been set read-only [ 1183.199009][T13518] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 1183.224104][T13518] ext4 filesystem being mounted at /128/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1183.240602][T11162] FAT-fs (loop3): error, fat_free: invalid cluster chain (i_pos 1046) [ 1184.056595][T11232] EXT4-fs (loop4): unmounting filesystem. [ 1184.116039][T13520] EXT4-fs warning (device loop2): ext4_enable_quotas:7053: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 1184.133477][T13520] EXT4-fs (loop2): mount failed [ 1184.156740][T11330] EXT4-fs (loop5): unmounting filesystem. [ 1184.518154][T13535] loop5: detected capacity change from 0 to 1024 [ 1184.657155][T13535] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1184.690611][T13535] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 1185.323483][T13547] loop4: detected capacity change from 0 to 512 [ 1185.490336][T11330] EXT4-fs (loop5): unmounting filesystem. [ 1185.532397][T13547] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 1185.541772][T13547] ext4 filesystem being mounted at /111/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1186.268385][T13557] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3591'. [ 1186.341965][T13559] loop3: detected capacity change from 0 to 256 [ 1186.396684][T11232] EXT4-fs (loop4): unmounting filesystem. [ 1186.487053][T13563] loop5: detected capacity change from 0 to 512 [ 1186.519406][T13566] loop4: detected capacity change from 0 to 1024 [ 1186.536141][T13566] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1186.557253][T13563] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 1187.186176][T13563] ext4 filesystem being mounted at /111/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1187.223421][T13566] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 1187.232102][ T28] kauditd_printk_skb: 25 callbacks suppressed [ 1187.232154][ T28] audit: type=1400 audit(1756900619.567:3048): avc: denied { ioctl } for pid=13562 comm="syz.5.3589" path="/111/file1/bus" dev="loop5" ino=18 ioctlcmd=0x6607 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 1187.232861][T11330] EXT4-fs (loop5): unmounting filesystem. [ 1187.312285][T13576] loop5: detected capacity change from 0 to 1024 [ 1187.415182][T13576] EXT4-fs: Ignoring removed i_version option [ 1187.426859][T13576] EXT4-fs (loop5): Test dummy encryption mode enabled [ 1187.484442][T13576] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 1188.079969][T13591] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3598'. [ 1188.185405][T11330] EXT4-fs (loop5): unmounting filesystem. [ 1188.217399][T13596] loop2: detected capacity change from 0 to 1024 [ 1188.225978][T11232] EXT4-fs (loop4): unmounting filesystem. [ 1188.239370][T13596] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1188.297491][T13596] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 1188.827241][T11087] EXT4-fs (loop1): unmounting filesystem. [ 1188.875415][T13602] loop4: detected capacity change from 0 to 40427 [ 1188.882686][T13602] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 1188.890900][T13602] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 1188.899994][T13602] F2FS-fs (loop4): Insane cp_payload (524288 >= 504) [ 1188.907164][T13602] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock [ 1189.068917][T11663] EXT4-fs (loop2): unmounting filesystem. [ 1189.211945][T13618] syz.4.3602[13618] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1189.212117][T13618] syz.4.3602[13618] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1189.229337][T13618] tipc: Enabling of bearer rejected, already enabled [ 1190.016627][ T5687] usb 2-1: new full-speed USB device number 65 using dummy_hcd [ 1190.035038][T13630] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3610'. [ 1190.083813][T13633] loop2: detected capacity change from 0 to 256 [ 1190.094999][T13633] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 1190.109770][T13633] exFAT-fs (loop2): error, invalid access to FAT free cluster (entry 0x00000008) [ 1190.174900][T12648] usb 5-1: new high-speed USB device number 65 using dummy_hcd [ 1190.236287][ T5687] usb 2-1: unable to get BOS descriptor or descriptor too short [ 1190.246172][ T5687] usb 2-1: not running at top speed; connect to a high speed hub [ 1190.259709][ T5687] usb 2-1: config 4 has an invalid interface number: 147 but max is 0 [ 1190.268512][ T5687] usb 2-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 1190.278965][ T5687] usb 2-1: config 4 has no interface number 0 [ 1190.287811][ T5687] usb 2-1: string descriptor 0 read error: -22 [ 1190.294135][ T5687] usb 2-1: New USB device found, idVendor=04f2, idProduct=b746, bcdDevice=8e.6e [ 1190.303609][ T5687] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1190.318977][ T5687] usb 2-1: Found UVC 0.00 device (04f2:b746) [ 1190.326091][ T5687] usb 2-1: No valid video chain found. [ 1190.364381][T12648] usb 5-1: Using ep0 maxpacket: 32 [ 1190.379633][T12648] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1190.392329][T12648] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1190.404555][T12648] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 1190.413778][T12648] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1190.424298][T12648] usb 5-1: config 0 descriptor?? [ 1190.654891][T13639] loop3: detected capacity change from 0 to 8192 [ 1190.700355][ T5687] usb 2-1: USB disconnect, device number 65 [ 1191.011945][T12648] usbhid 5-1:0.0: can't add hid device: -71 [ 1191.023142][T12648] usbhid: probe of 5-1:0.0 failed with error -71 [ 1191.031851][T12648] usb 5-1: USB disconnect, device number 65 [ 1191.363750][T13643] loop5: detected capacity change from 0 to 512 [ 1191.373653][T13643] ext2: Unknown parameter 'quota"errors' [ 1191.475047][ T8014] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 1191.538782][T13647] loop1: detected capacity change from 0 to 512 [ 1191.628983][T13647] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 1191.648883][T13653] loop3: detected capacity change from 0 to 1024 [ 1191.673978][T13647] ext4 filesystem being mounted at /131/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1191.684866][T13653] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1191.698389][T13655] loop4: detected capacity change from 0 to 128 [ 1191.737084][T13655] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 1191.815204][T13653] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 1191.914563][T13655] ext4 filesystem being mounted at /115/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1191.936771][T11232] EXT4-fs (loop4): unmounting filesystem. [ 1191.958810][T13661] loop4: detected capacity change from 0 to 256 [ 1192.951397][T11162] EXT4-fs (loop3): unmounting filesystem. [ 1193.461644][T13671] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3622'. [ 1193.874425][T13676] loop3: detected capacity change from 0 to 512 [ 1194.683667][T13676] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 1194.692885][T13676] ext4 filesystem being mounted at /128/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1195.319966][T11162] EXT4-fs (loop3): unmounting filesystem. [ 1195.454447][T13692] loop2: detected capacity change from 0 to 512 [ 1195.622775][T13692] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 1195.632112][T13692] ext4 filesystem being mounted at /109/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1196.536334][T13688] loop3: detected capacity change from 0 to 8192 [ 1196.604153][T13698] loop5: detected capacity change from 0 to 256 [ 1196.712015][T11663] EXT4-fs (loop2): unmounting filesystem. [ 1197.850873][T13706] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 1197.934426][T12648] usb 3-1: new full-speed USB device number 69 using dummy_hcd [ 1198.262628][T13710] loop3: detected capacity change from 0 to 1024 [ 1198.270324][T12648] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 30768, setting to 64 [ 1198.284796][T13710] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1198.305530][T12648] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 1198.324381][T12648] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1198.337792][T12648] usb 3-1: config 0 descriptor?? [ 1198.349551][T13710] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 1199.090851][T13718] loop4: detected capacity change from 0 to 256 [ 1199.143380][T13718] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 1199.159060][T13718] exFAT-fs (loop4): error, invalid access to FAT free cluster (entry 0x00000008) [ 1199.170231][T11162] EXT4-fs (loop3): unmounting filesystem. [ 1199.177963][T12648] savu 0003:1E7D:2D5A.001F: unknown main item tag 0x0 [ 1199.185969][T12648] savu 0003:1E7D:2D5A.001F: unknown main item tag 0x0 [ 1199.195432][T13722] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3633'. [ 1199.204588][T12648] savu 0003:1E7D:2D5A.001F: unknown main item tag 0x0 [ 1199.211475][T12648] savu 0003:1E7D:2D5A.001F: unknown main item tag 0x0 [ 1199.223551][T12648] savu 0003:1E7D:2D5A.001F: unknown main item tag 0x0 [ 1199.236251][T12648] savu 0003:1E7D:2D5A.001F: unbalanced collection at end of report description [ 1199.245924][T12648] savu 0003:1E7D:2D5A.001F: parse failed [ 1199.251681][T12648] savu: probe of 0003:1E7D:2D5A.001F failed with error -22 [ 1199.364641][ T5687] usb 3-1: USB disconnect, device number 69 [ 1199.763818][T13736] loop5: detected capacity change from 0 to 512 [ 1200.537995][T13736] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 1200.547342][T13736] ext4 filesystem being mounted at /126/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1203.279626][T11087] EXT4-fs (loop1): unmounting filesystem. [ 1203.444241][T13747] loop2: detected capacity change from 0 to 512 [ 1203.454759][T11330] EXT4-fs (loop5): unmounting filesystem. [ 1203.466034][T13747] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 1203.478017][T13747] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 1203.567239][T13757] loop3: detected capacity change from 0 to 512 [ 1203.807246][T13757] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 1203.816328][T13757] ext4 filesystem being mounted at /134/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1203.955371][T13747] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2195: inode #15: comm syz.2.3639: corrupted in-inode xattr [ 1204.057023][T13764] xt_l2tp: missing protocol rule (udp|l2tpip) [ 1204.480064][T13747] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.3639: couldn't read orphan inode 15 (err -117) [ 1204.492464][T13747] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 1204.541460][T11162] EXT4-fs (loop3): unmounting filesystem. [ 1204.554677][T13747] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 1204.584477][T13747] overlayfs: option "index=on" is useless in a non-upper mount, ignore [ 1204.592921][T13747] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1204.607944][T13768] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3646'. [ 1204.611933][T13766] loop5: detected capacity change from 0 to 8192 [ 1204.649831][T11663] EXT4-fs (loop2): unmounting filesystem. [ 1206.210508][T12648] usb 5-1: new high-speed USB device number 66 using dummy_hcd [ 1206.234771][ T28] audit: type=1326 audit(1756900638.037:3049): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13765 comm="syz.5.3644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde6e58ebe9 code=0x7ffc0000 [ 1206.409839][T13781] loop2: detected capacity change from 0 to 512 [ 1206.443576][ T28] audit: type=1326 audit(1756900638.047:3050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13765 comm="syz.5.3644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde6e58ebe9 code=0x7ffc0000 [ 1206.467580][ T28] audit: type=1326 audit(1756900638.077:3051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13765 comm="syz.5.3644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=6 compat=0 ip=0x7fde6e58ebe9 code=0x7ffc0000 [ 1206.495216][ T28] audit: type=1326 audit(1756900638.077:3052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13765 comm="syz.5.3644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde6e58ebe9 code=0x7ffc0000 [ 1206.565170][T13781] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 1206.585607][ T28] audit: type=1326 audit(1756900638.077:3053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13765 comm="syz.5.3644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde6e58ebe9 code=0x7ffc0000 [ 1206.614928][ T28] audit: type=1326 audit(1756900638.097:3054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13765 comm="syz.5.3644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fde6e58d550 code=0x7ffc0000 [ 1207.834804][ T28] audit: type=1326 audit(1756900638.107:3055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13765 comm="syz.5.3644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fde6e58e7eb code=0x7ffc0000 [ 1207.841977][ T1084] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 1207.858962][ T28] audit: type=1326 audit(1756900638.117:3056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13765 comm="syz.5.3644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fde6e58e7eb code=0x7ffc0000 [ 1207.890742][T11663] EXT4-fs (loop2): unmounting filesystem. [ 1207.922418][ T28] audit: type=1326 audit(1756900638.117:3057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13765 comm="syz.5.3644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fde6e58e7eb code=0x7ffc0000 [ 1208.011548][T13801] loop4: detected capacity change from 0 to 512 [ 1208.046967][ T28] audit: type=1326 audit(1756900638.127:3058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13765 comm="syz.5.3644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fde6e58e7eb code=0x7ffc0000 [ 1208.085229][T12648] usb 5-1: device not accepting address 66, error -71 [ 1208.126352][T13803] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 1209.086213][T13801] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 1209.095863][T13801] ext4 filesystem being mounted at /121/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1209.552424][T13809] loop2: detected capacity change from 0 to 1024 [ 1209.570716][T13805] loop1: detected capacity change from 0 to 512 [ 1209.953457][T11796] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 1209.958280][ T496] Bluetooth: hci0: command 0x1003 tx timeout [ 1209.975039][T13809] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1210.007105][T11232] EXT4-fs (loop4): unmounting filesystem. [ 1210.024939][T13814] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3657'. [ 1210.066045][T13809] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 1210.155318][T13824] loop4: detected capacity change from 0 to 512 [ 1210.166493][T13824] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 1210.175497][T13824] ext4 filesystem being mounted at /122/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1210.327348][T13805] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 1210.367336][T13805] ext4 filesystem being mounted at /136/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1211.080778][T11232] EXT4-fs (loop4): unmounting filesystem. [ 1211.338412][T13833] loop5: detected capacity change from 0 to 256 [ 1211.768643][T13833] exFAT-fs (loop5): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 1211.833895][T13841] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3661'. [ 1211.900246][T13811] exFAT-fs (loop5): error, invalid access to FAT free cluster (entry 0x00000008) [ 1212.137879][T11663] EXT4-fs (loop2): unmounting filesystem. [ 1212.261518][T13846] loop2: detected capacity change from 0 to 1024 [ 1212.277021][T13846] EXT4-fs: Ignoring removed i_version option [ 1212.285378][T13846] EXT4-fs (loop2): Test dummy encryption mode enabled [ 1212.295828][T13846] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 1212.315495][T13835] loop4: detected capacity change from 0 to 40427 [ 1212.363580][T13835] F2FS-fs (loop4): Unrecognized mount option "whint_mode=user-based" or missing value [ 1212.567749][T13852] loop3: detected capacity change from 0 to 512 [ 1212.596348][T13852] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 1212.699770][T11087] EXT4-fs (loop1): unmounting filesystem. [ 1214.006056][T11162] EXT4-fs (loop3): unmounting filesystem. [ 1214.061330][T13867] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3669'. [ 1215.412832][T13879] loop3: detected capacity change from 0 to 8192 [ 1215.918800][T13880] loop5: detected capacity change from 0 to 512 [ 1216.116832][T13884] loop1: detected capacity change from 0 to 256 [ 1216.248526][T13884] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 1216.263526][T13884] exFAT-fs (loop1): error, invalid access to FAT free cluster (entry 0x00000008) [ 1216.324642][T13880] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 1216.333644][T13880] ext4 filesystem being mounted at /131/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1216.486901][T11330] EXT4-fs (loop5): unmounting filesystem. [ 1216.665875][T13889] loop5: detected capacity change from 0 to 1024 [ 1216.683507][T13889] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1216.847639][T13894] loop1: detected capacity change from 0 to 256 [ 1216.855608][T11663] EXT4-fs (loop2): unmounting filesystem. [ 1216.888447][T13889] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 1217.374536][T12648] usb 5-1: new high-speed USB device number 68 using dummy_hcd [ 1217.447593][T13906] loop2: detected capacity change from 0 to 512 [ 1217.564492][T12648] usb 5-1: Using ep0 maxpacket: 16 [ 1217.576802][T12648] usb 5-1: config index 0 descriptor too short (expected 64967, got 165) [ 1217.601974][T13906] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 1217.622334][ T296] usb 4-1: new full-speed USB device number 65 using dummy_hcd [ 1217.645045][T13906] ext4 filesystem being mounted at /116/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1217.659692][T12648] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1217.670019][T12648] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1217.757018][T12648] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1217.766412][T12648] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1217.774618][T12648] usb 5-1: Product: syz [ 1217.779020][T12648] usb 5-1: Manufacturer: syz [ 1217.783723][T12648] usb 5-1: SerialNumber: syz [ 1217.825497][ T296] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 1217.853713][ T296] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1217.874097][ T296] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 1217.897647][T13912] loop1: detected capacity change from 0 to 512 [ 1217.899654][ T296] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1217.937181][ T296] usb 4-1: config 0 descriptor?? [ 1217.953926][T13912] EXT4-fs warning (device loop1): ext4_enable_quotas:7053: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 1217.974517][T11330] EXT4-fs (loop5): unmounting filesystem. [ 1217.980941][T13912] EXT4-fs (loop1): mount failed [ 1217.991916][T12648] usb 5-1: 0:2 : does not exist [ 1218.004592][T12648] usb 5-1: USB disconnect, device number 68 [ 1218.347041][ T296] savu 0003:1E7D:2D5A.0020: unknown main item tag 0x0 [ 1218.356449][ T296] savu 0003:1E7D:2D5A.0020: unknown main item tag 0x0 [ 1218.370880][ T296] savu 0003:1E7D:2D5A.0020: unknown main item tag 0x0 [ 1218.384226][ T296] savu 0003:1E7D:2D5A.0020: unknown main item tag 0x0 [ 1218.398733][ T296] savu 0003:1E7D:2D5A.0020: unknown main item tag 0x0 [ 1218.412108][ T296] savu 0003:1E7D:2D5A.0020: unbalanced collection at end of report description [ 1218.431121][ T296] savu 0003:1E7D:2D5A.0020: parse failed [ 1218.443599][ T296] savu: probe of 0003:1E7D:2D5A.0020 failed with error -22 [ 1218.525513][T13921] loop4: detected capacity change from 0 to 256 [ 1218.600925][ T296] usb 4-1: USB disconnect, device number 65 [ 1219.129097][T11663] EXT4-fs (loop2): unmounting filesystem. [ 1219.161448][T13926] loop2: detected capacity change from 0 to 512 [ 1219.192523][T13926] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 1219.229748][T13926] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 1219.262294][T13926] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2195: inode #15: comm syz.2.3682: corrupted in-inode xattr [ 1219.314531][T13926] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.3682: couldn't read orphan inode 15 (err -117) [ 1219.333502][T13927] loop5: detected capacity change from 0 to 40427 [ 1219.344516][T13927] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12 [ 1219.354437][T13927] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 1219.382035][T13927] F2FS-fs (loop5): Insane cp_payload (524288 >= 504) [ 1219.394655][T13926] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 1219.420093][T13927] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 1219.469875][T11663] EXT4-fs (loop2): unmounting filesystem. [ 1219.528585][T13934] loop2: detected capacity change from 0 to 256 [ 1219.537928][T13934] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 1219.546141][T13932] loop4: detected capacity change from 0 to 8192 [ 1219.561054][T13934] exFAT-fs (loop2): error, invalid access to FAT free cluster (entry 0x00000008) [ 1219.591684][T13929] loop3: detected capacity change from 0 to 40427 [ 1219.696667][T13929] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 1219.714396][T13929] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 1220.645751][ T28] audit: type=1326 audit(1756900652.997:3059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13931 comm="syz.4.3685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f59df18ebe9 code=0x7ffc0000 [ 1220.675482][T13929] F2FS-fs (loop3): Found nat_bits in checkpoint [ 1220.735368][T13946] syz.5.3683[13946] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1220.735672][T13946] syz.5.3683[13946] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1220.775813][T13946] tipc: Enabling of bearer rejected, already enabled [ 1221.366307][T12648] usb 5-1: new high-speed USB device number 69 using dummy_hcd [ 1221.400463][T13929] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 1221.407691][T13929] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 1221.454446][ T28] audit: type=1326 audit(1756900652.997:3060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13931 comm="syz.4.3685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f59df18ebe9 code=0x7ffc0000 [ 1221.591738][ T28] audit: type=1326 audit(1756900653.027:3061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13931 comm="syz.4.3685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=6 compat=0 ip=0x7f59df18ebe9 code=0x7ffc0000 [ 1221.616832][T12648] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1221.760059][T12648] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1221.904120][T12648] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1221.929233][ T28] audit: type=1326 audit(1756900653.027:3062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13931 comm="syz.4.3685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f59df18ebe9 code=0x7ffc0000 [ 1221.960805][T12648] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1221.999260][T12648] usb 5-1: Product: syz [ 1222.003503][T12648] usb 5-1: Manufacturer: syz [ 1222.028432][T12648] usb 5-1: SerialNumber: syz [ 1222.056725][ T28] audit: type=1326 audit(1756900653.027:3063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13931 comm="syz.4.3685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f59df18ebe9 code=0x7ffc0000 [ 1222.096178][T12648] cdc_ncm 5-1:1.0: CDC Union missing and no IAD found [ 1222.114372][T12648] cdc_ncm 5-1:1.0: bind() failure [ 1222.129313][ T28] audit: type=1326 audit(1756900653.027:3064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13931 comm="syz.4.3685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f59df18d550 code=0x7ffc0000 [ 1222.284421][ T28] audit: type=1326 audit(1756900653.027:3065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13931 comm="syz.4.3685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f59df18e7eb code=0x7ffc0000 [ 1222.386378][ T28] audit: type=1326 audit(1756900653.027:3066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13931 comm="syz.4.3685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f59df18e7eb code=0x7ffc0000 [ 1222.470769][ T28] audit: type=1326 audit(1756900653.027:3067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13931 comm="syz.4.3685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f59df18e7eb code=0x7ffc0000 [ 1222.519036][ T28] audit: type=1326 audit(1756900653.027:3068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13931 comm="syz.4.3685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f59df18e7eb code=0x7ffc0000 [ 1222.791283][T13966] loop3: detected capacity change from 0 to 512 [ 1222.858314][T13960] loop1: detected capacity change from 0 to 40427 [ 1222.898843][T13960] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 1222.940633][T13966] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 1222.949673][T13966] ext4 filesystem being mounted at /146/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1222.976011][T13960] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 1223.013846][T13960] F2FS-fs (loop1): Insane cp_payload (524288 >= 504) [ 1223.030173][T13960] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock [ 1223.124137][T13974] overlayfs: missing 'workdir' [ 1223.158352][T13975] loop5: detected capacity change from 0 to 512 [ 1223.376309][T12648] usb 5-1: USB disconnect, device number 69 [ 1224.383155][T11162] EXT4-fs (loop3): unmounting filesystem. [ 1224.417245][T13986] loop4: detected capacity change from 0 to 512 [ 1224.427127][T13975] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 1224.680621][T13986] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 1224.770374][T13975] ext4 filesystem being mounted at /136/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1224.788537][T13986] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 1225.321189][T13986] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2195: inode #15: comm syz.4.3696: corrupted in-inode xattr [ 1225.353751][T13986] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.3696: couldn't read orphan inode 15 (err -117) [ 1225.390413][T13986] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 1225.523762][T11232] EXT4-fs (loop4): unmounting filesystem. [ 1225.774365][ T6] usb 4-1: new high-speed USB device number 66 using dummy_hcd [ 1225.824936][T13998] loop2: detected capacity change from 0 to 40427 [ 1225.834892][T13998] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 1225.842748][T13998] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 1225.856215][T13998] F2FS-fs (loop2): Found nat_bits in checkpoint [ 1225.893166][T13998] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 1225.900403][T13998] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 1225.964366][ T6] usb 4-1: Using ep0 maxpacket: 16 [ 1225.970680][ T6] usb 4-1: config index 0 descriptor too short (expected 64967, got 165) [ 1225.989347][ T6] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1226.024363][ T6] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1226.043798][ T6] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1226.064365][ T6] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1226.072634][ T6] usb 4-1: Product: syz [ 1226.913711][ T6] usb 4-1: Manufacturer: syz [ 1226.918465][ T6] usb 4-1: SerialNumber: syz [ 1227.013178][T14020] loop1: detected capacity change from 0 to 1024 [ 1227.021310][T11330] EXT4-fs (loop5): unmounting filesystem. [ 1227.051803][T14020] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1227.076299][T14020] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 1227.127729][ T6] usb 4-1: 0:2 : does not exist [ 1227.141706][ T6] usb 4-1: USB disconnect, device number 66 [ 1227.319895][T14029] loop2: detected capacity change from 0 to 256 [ 1227.720570][T14029] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 1227.744773][T14029] exFAT-fs (loop2): error, invalid access to FAT free cluster (entry 0x00000008) [ 1227.938220][ T1084] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 1227.959633][T11087] EXT4-fs (loop1): unmounting filesystem. [ 1228.154540][ T1084] usb 6-1: Using ep0 maxpacket: 32 [ 1228.161504][ T1084] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1228.737192][ T1084] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1228.787212][ T1084] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 1228.809642][ T8059] udevd[8059]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory [ 1228.849922][ T1084] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1228.938597][ T1084] usb 6-1: config 0 descriptor?? [ 1228.993386][T14040] loop4: detected capacity change from 0 to 512 [ 1229.006632][T14040] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 1229.018122][T14040] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 1229.046175][T14040] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2195: inode #15: comm syz.4.3710: corrupted in-inode xattr [ 1229.058482][T14040] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.3710: couldn't read orphan inode 15 (err -117) [ 1229.084594][T14040] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 1229.146626][T11232] EXT4-fs (loop4): unmounting filesystem. [ 1229.196132][T14046] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 1229.318554][T14045] loop4: detected capacity change from 0 to 40427 [ 1229.325619][T14045] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 1229.333520][T14045] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 1229.342444][T14045] F2FS-fs (loop4): Insane cp_payload (524288 >= 504) [ 1229.349484][T14045] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock [ 1229.352458][ T1084] usbhid 6-1:0.0: can't add hid device: -71 [ 1229.419659][T14050] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 1229.422247][ T1084] usbhid: probe of 6-1:0.0 failed with error -71 [ 1229.443371][ T1084] usb 6-1: USB disconnect, device number 11 [ 1230.386391][T14062] loop1: detected capacity change from 0 to 256 [ 1230.414030][T14064] loop2: detected capacity change from 0 to 1024 [ 1230.434678][T14064] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1230.461955][T14064] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 1230.473214][T14062] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 1231.402260][T14062] exFAT-fs (loop1): error, invalid access to FAT free cluster (entry 0x00000008) [ 1231.977422][T11663] EXT4-fs (loop2): unmounting filesystem. [ 1232.013312][T14082] loop3: detected capacity change from 0 to 512 [ 1232.030600][T14082] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 1232.066579][T14082] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 1232.116294][T14082] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2195: inode #15: comm syz.3.3722: corrupted in-inode xattr [ 1232.148692][T14082] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.3722: couldn't read orphan inode 15 (err -117) [ 1232.305079][T14082] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 1232.468501][T11162] EXT4-fs (loop3): unmounting filesystem. [ 1232.707690][T14094] loop5: detected capacity change from 0 to 256 [ 1232.835210][T14096] loop4: detected capacity change from 0 to 512 [ 1232.854905][T14096] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 1233.741275][T11232] EXT4-fs (loop4): unmounting filesystem. [ 1233.818976][T14110] loop2: detected capacity change from 0 to 256 [ 1234.062309][T14111] loop5: detected capacity change from 0 to 512 [ 1234.593905][T14110] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 1235.024454][T14110] exFAT-fs (loop2): error, invalid access to FAT free cluster (entry 0x00000008) [ 1236.248550][T14111] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 1236.259567][T14111] ext4 filesystem being mounted at /140/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1237.171497][T14118] loop2: detected capacity change from 0 to 8192 [ 1237.351398][T11330] EXT4-fs (loop5): unmounting filesystem. [ 1237.427872][T14122] tmpfs: Unknown parameter 'nolazytimele0' [ 1237.443705][T14123] loop3: detected capacity change from 0 to 256 [ 1237.497478][T14123] FAT-fs (loop3): Unrecognized mount option "shortname`Power" or missing value [ 1237.657160][T14116] loop4: detected capacity change from 0 to 40427 [ 1237.734802][T14129] xt_l2tp: missing protocol rule (udp|l2tpip) [ 1237.782648][T14116] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 1237.895452][T14116] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 1237.988841][T14116] F2FS-fs (loop4): Insane cp_payload (524288 >= 504) [ 1238.004401][T14116] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock [ 1238.084380][ T6] usb 3-1: new high-speed USB device number 70 using dummy_hcd [ 1238.279007][ T6] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1238.299595][ T6] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1238.334754][ T6] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1239.046878][ T6] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1239.064204][ T6] usb 3-1: Product: syz [ 1239.144758][ T6] usb 3-1: Manufacturer: syz [ 1239.149452][ T6] usb 3-1: SerialNumber: syz [ 1239.157677][ T6] cdc_ncm 3-1:1.0: CDC Union missing and no IAD found [ 1239.164595][ T6] cdc_ncm 3-1:1.0: bind() failure [ 1239.353986][T14141] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3737'. [ 1239.522771][T14143] loop4: detected capacity change from 0 to 512 [ 1239.632500][T14143] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 1239.641577][T14143] ext4 filesystem being mounted at /140/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1240.834729][T14152] loop5: detected capacity change from 0 to 512 [ 1240.879025][T11232] EXT4-fs (loop4): unmounting filesystem. [ 1241.006507][T14152] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 1241.015861][T14152] ext4 filesystem being mounted at /144/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1241.349598][ T6] usb 3-1: USB disconnect, device number 70 [ 1241.949345][T14159] loop2: detected capacity change from 0 to 1024 [ 1241.973616][T14159] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1241.986146][T14159] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 1242.147616][T11330] EXT4-fs (loop5): unmounting filesystem. [ 1242.204395][ T6324] usb 4-1: new full-speed USB device number 67 using dummy_hcd [ 1242.384764][T14170] loop5: detected capacity change from 0 to 512 [ 1242.405569][ T6324] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 1242.422776][ T6324] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1242.435920][T14170] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 1242.442851][ T6324] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 1242.445463][T14170] ext4 filesystem being mounted at /145/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1242.465457][ T6324] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1242.482821][ T6324] usb 4-1: config 0 descriptor?? [ 1242.491339][T11330] EXT4-fs (loop5): unmounting filesystem. [ 1242.514415][ T2401] usb 5-1: new full-speed USB device number 70 using dummy_hcd [ 1242.697818][T14175] loop5: detected capacity change from 0 to 40427 [ 1242.715877][ T2401] usb 5-1: unable to get BOS descriptor or descriptor too short [ 1242.723879][T14175] F2FS-fs (loop5): Unrecognized mount option "whint_mode=user-based" or missing value [ 1242.734457][ T2401] usb 5-1: not running at top speed; connect to a high speed hub [ 1242.745108][ T2401] usb 5-1: config 4 has an invalid interface number: 147 but max is 0 [ 1242.753576][ T2401] usb 5-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 1242.764005][ T2401] usb 5-1: config 4 has no interface number 0 [ 1242.778779][T14179] loop1: detected capacity change from 0 to 256 [ 1242.809766][T11663] EXT4-fs (loop2): unmounting filesystem. [ 1242.810710][ T2401] usb 5-1: string descriptor 0 read error: -22 [ 1242.822443][ T2401] usb 5-1: New USB device found, idVendor=04f2, idProduct=b746, bcdDevice=8e.6e [ 1242.836938][ T2401] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1242.859204][ T2401] usb 5-1: Found UVC 0.00 device (04f2:b746) [ 1242.874418][ T2401] usb 5-1: No valid video chain found. [ 1242.904667][ T6324] savu 0003:1E7D:2D5A.0021: unknown main item tag 0x0 [ 1242.921811][ T6324] savu 0003:1E7D:2D5A.0021: unknown main item tag 0x0 [ 1242.929111][T14179] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 1242.939081][ T6324] savu 0003:1E7D:2D5A.0021: unknown main item tag 0x0 [ 1242.958194][ T6324] savu 0003:1E7D:2D5A.0021: unknown main item tag 0x0 [ 1242.979823][ T6324] savu 0003:1E7D:2D5A.0021: unknown main item tag 0x0 [ 1242.999923][ T6324] savu 0003:1E7D:2D5A.0021: unbalanced collection at end of report description [ 1243.004869][T14179] exFAT-fs (loop1): error, invalid access to FAT free cluster (entry 0x00000008) [ 1243.009462][ T6324] savu 0003:1E7D:2D5A.0021: parse failed [ 1243.025181][ T6324] savu: probe of 0003:1E7D:2D5A.0021 failed with error -22 [ 1243.065147][ T6324] usb 5-1: USB disconnect, device number 70 [ 1243.154383][ T2401] usb 4-1: USB disconnect, device number 67 [ 1243.289267][T14182] loop2: detected capacity change from 0 to 40427 [ 1243.311598][T14182] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 1243.319988][T14182] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 1243.328716][T14182] F2FS-fs (loop2): Insane cp_payload (524288 >= 504) [ 1243.337503][T14182] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock [ 1244.300299][T14196] loop4: detected capacity change from 0 to 512 [ 1245.009034][T14196] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 1245.018034][T14196] ext4 filesystem being mounted at /143/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1247.005563][T11232] EXT4-fs (loop4): unmounting filesystem. [ 1247.026917][T14214] loop3: detected capacity change from 0 to 1024 [ 1247.033541][T14214] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1247.144869][T14224] loop2: detected capacity change from 0 to 512 [ 1247.225903][T14223] loop4: detected capacity change from 0 to 256 [ 1247.246386][T14214] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 1247.285103][T14224] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 1247.294279][T14224] ext4 filesystem being mounted at /136/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1247.483391][T14223] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 1248.517338][T11162] EXT4-fs (loop3): unmounting filesystem. [ 1248.929310][T11663] EXT4-fs (loop2): unmounting filesystem. [ 1249.462389][T14243] xt_l2tp: missing protocol rule (udp|l2tpip) [ 1250.847906][T14245] loop2: detected capacity change from 0 to 512 [ 1251.128445][T14245] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 1251.138024][T14245] ext4 filesystem being mounted at /137/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1251.738239][T14258] loop5: detected capacity change from 0 to 128 [ 1251.800364][T14258] FAT-fs (loop5): Unrecognized mount option "01777777777777777777777=d̞ YS38`" or missing value [ 1252.044386][ T296] usb 5-1: new high-speed USB device number 71 using dummy_hcd [ 1252.055956][T11663] EXT4-fs (loop2): unmounting filesystem. [ 1252.126584][T14269] loop1: detected capacity change from 0 to 1024 [ 1252.164666][T14269] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1252.368214][T14264] input: syz0 as /devices/virtual/input/input11 [ 1252.405371][T14269] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 1252.554342][ T296] usb 5-1: Using ep0 maxpacket: 16 [ 1252.565548][ T296] usb 5-1: config index 0 descriptor too short (expected 64967, got 165) [ 1252.577248][ T296] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1252.614354][ T296] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1252.634918][ T296] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1252.654178][ T296] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1252.662235][ T296] usb 5-1: Product: syz [ 1252.839350][T14279] loop5: detected capacity change from 0 to 512 [ 1253.285337][ T296] usb 5-1: Manufacturer: syz [ 1253.290141][ T296] usb 5-1: SerialNumber: syz [ 1253.333517][T11087] EXT4-fs (loop1): unmounting filesystem. [ 1253.485890][T14279] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 1253.495218][T14279] ext4 filesystem being mounted at /153/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1253.626117][ T296] usb 5-1: 0:2 : does not exist [ 1254.040986][ T296] usb 5-1: USB disconnect, device number 71 [ 1254.130657][T14288] loop2: detected capacity change from 0 to 8192 [ 1254.276493][T11330] EXT4-fs (loop5): unmounting filesystem. [ 1254.606730][T14306] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3780'. [ 1254.677552][T14295] loop5: detected capacity change from 0 to 40427 [ 1254.704774][T14295] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12 [ 1254.732964][T14295] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 1254.754449][T14310] loop4: detected capacity change from 0 to 256 [ 1254.761954][T14295] F2FS-fs (loop5): Insane cp_payload (524288 >= 504) [ 1254.784339][ T296] usb 3-1: new high-speed USB device number 71 using dummy_hcd [ 1254.791989][T14295] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 1254.821283][T14310] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 1254.842216][T14312] loop1: detected capacity change from 0 to 256 [ 1254.907698][T14310] exFAT-fs (loop4): error, invalid access to FAT free cluster (entry 0x00000008) [ 1255.015180][ T296] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1255.034370][ T296] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1255.335951][ T296] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1255.345061][ T296] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1255.353091][ T296] usb 3-1: Product: syz [ 1255.357297][ T296] usb 3-1: Manufacturer: syz [ 1255.361978][ T296] usb 3-1: SerialNumber: syz [ 1255.368633][ T296] cdc_ncm 3-1:1.0: CDC Union missing and no IAD found [ 1255.375474][ T296] cdc_ncm 3-1:1.0: bind() failure [ 1255.670414][T14320] syz.5.3777[14320] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1255.670499][T14320] syz.5.3777[14320] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1255.684654][T14320] tipc: Enabling of bearer rejected, already enabled [ 1257.878966][T14321] loop3: detected capacity change from 0 to 512 [ 1258.595360][T14321] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 1258.604838][T14321] ext4 filesystem being mounted at /163/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1259.104691][T14329] loop5: detected capacity change from 0 to 256 [ 1259.304699][ T296] usb 3-1: USB disconnect, device number 71 [ 1259.610942][T11162] EXT4-fs (loop3): unmounting filesystem. [ 1259.880122][T14336] tmpfs: Unknown parameter 'nolazytimele0' [ 1259.955596][T14340] loop2: detected capacity change from 0 to 1024 [ 1260.063437][T14340] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 1260.098955][T14340] overlayfs: failed to resolve './bus': -2 [ 1260.128919][T11663] EXT4-fs (loop2): unmounting filesystem. [ 1260.130071][T14350] loop1: detected capacity change from 0 to 128 [ 1260.184779][T14350] FAT-fs (loop1): Unrecognized mount option "01777777777777777777777=d̞ YS38`" or missing value [ 1260.522090][T14352] loop2: detected capacity change from 0 to 40427 [ 1260.535200][T14353] input: syz0 as /devices/virtual/input/input12 [ 1260.553212][T14352] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 1260.564405][T14352] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 1260.572623][T14352] F2FS-fs (loop2): Insane cp_payload (524288 >= 504) [ 1260.594933][T14352] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock [ 1262.474138][T14362] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3794'. [ 1262.741749][T14370] loop5: detected capacity change from 0 to 1024 [ 1262.759706][T14370] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1262.764265][T14368] serio: Serial port ptm0 [ 1262.773122][T14374] loop1: detected capacity change from 0 to 128 [ 1262.796825][T14374] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 1262.807966][T14374] ext4 filesystem being mounted at /162/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1262.837456][T14370] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 1262.859421][T11087] EXT4-fs (loop1): unmounting filesystem. [ 1263.294028][T14389] loop1: detected capacity change from 0 to 512 [ 1263.336171][T14389] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 1263.486076][T14376] loop2: detected capacity change from 0 to 40427 [ 1263.505361][T14376] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 1263.557330][T14376] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 1264.292885][T11330] EXT4-fs (loop5): unmounting filesystem. [ 1264.306422][T14376] F2FS-fs (loop2): Found nat_bits in checkpoint [ 1264.351014][T11087] EXT4-fs (loop1): unmounting filesystem. [ 1264.369987][T14401] loop5: detected capacity change from 0 to 512 [ 1264.407010][T14403] loop3: detected capacity change from 0 to 512 [ 1264.430278][T14401] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 1264.443872][T14376] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 1264.448488][T14403] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 1264.453722][T14376] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 1265.597609][T11162] EXT4-fs (loop3): unmounting filesystem. [ 1265.872453][T11330] EXT4-fs (loop5): unmounting filesystem. [ 1267.808779][T14441] loop1: detected capacity change from 0 to 1024 [ 1267.885138][T14445] loop3: detected capacity change from 0 to 256 [ 1267.899436][T14445] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 1267.923456][T14445] exFAT-fs (loop3): error, invalid access to FAT free cluster (entry 0x00000008) [ 1267.941001][T14441] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1268.247043][T14441] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 1268.764146][T14454] loop2: detected capacity change from 0 to 512 [ 1269.683510][T14454] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 1269.692999][T14454] ext4 filesystem being mounted at /151/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1271.468504][T11087] EXT4-fs (loop1): unmounting filesystem. [ 1271.506945][T14460] loop3: detected capacity change from 0 to 512 [ 1271.551235][T14460] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 1271.716935][T11663] EXT4-fs (loop2): unmounting filesystem. [ 1271.966096][T14470] loop2: detected capacity change from 0 to 256 [ 1272.159614][T14463] loop4: detected capacity change from 0 to 8192 [ 1272.215584][T11162] EXT4-fs (loop3): unmounting filesystem. [ 1272.300614][T14479] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 1273.231007][ T6324] usb 6-1: new high-speed USB device number 12 using dummy_hcd [ 1273.574387][ T6324] usb 6-1: Using ep0 maxpacket: 32 [ 1273.580790][ T6324] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1273.602067][ T6324] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1273.622255][ T6324] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 1273.641612][ T6324] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1273.660612][ T6324] usb 6-1: config 0 descriptor?? [ 1273.696194][T14493] loop1: detected capacity change from 0 to 512 [ 1273.718540][T14493] ext2: Unknown parameter 'quota"errors' [ 1274.988549][T14506] loop2: detected capacity change from 0 to 256 [ 1275.002674][ T4722] Bluetooth: hci0: Frame reassembly failed (-84) [ 1275.064902][T14506] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 1275.094656][T14506] exFAT-fs (loop2): error, invalid access to FAT free cluster (entry 0x00000008) [ 1275.193432][ T4722] Bluetooth: hci0: Frame reassembly failed (-84) [ 1275.442914][ T6324] usbhid 6-1:0.0: can't add hid device: -71 [ 1275.455547][ T6324] usbhid: probe of 6-1:0.0 failed with error -71 [ 1275.646104][ T6324] usb 6-1: USB disconnect, device number 12 [ 1275.811458][T14512] loop5: detected capacity change from 0 to 1024 [ 1275.901801][T14512] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1276.102355][T14512] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 1276.156326][T14520] loop1: detected capacity change from 0 to 256 [ 1276.178600][T14520] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 1276.193170][T14520] exFAT-fs (loop1): error, invalid access to FAT free cluster (entry 0x00000008) [ 1276.605564][T11330] EXT4-fs (loop5): unmounting filesystem. [ 1277.425219][T11796] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 1277.475412][ T947] Bluetooth: hci0: command 0x1003 tx timeout [ 1278.043977][T14545] loop4: detected capacity change from 0 to 256 [ 1278.232749][T14544] loop2: detected capacity change from 0 to 512 [ 1278.313474][T14545] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 1278.341653][T14545] exFAT-fs (loop4): error, invalid access to FAT free cluster (entry 0x00000008) [ 1278.455263][ T5687] usb 4-1: new full-speed USB device number 68 using dummy_hcd [ 1279.476828][T14544] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 1279.486612][T14544] ext4 filesystem being mounted at /156/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1281.151367][ T5687] usb 4-1: unable to read config index 0 descriptor/start: -71 [ 1281.191122][ T5687] usb 4-1: can't read configurations, error -71 [ 1281.482673][T14559] xt_l2tp: missing protocol rule (udp|l2tpip) [ 1281.772060][T14563] loop5: detected capacity change from 0 to 128 [ 1281.784031][T14562] loop1: detected capacity change from 0 to 1024 [ 1281.813581][T14562] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1281.826419][T14563] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 1281.836652][T14563] ext4 filesystem being mounted at /166/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1281.857709][T11663] EXT4-fs (loop2): unmounting filesystem. [ 1281.874021][T14562] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 1281.886757][T11330] EXT4-fs (loop5): unmounting filesystem. [ 1281.979807][T14569] loop2: detected capacity change from 0 to 1024 [ 1281.995920][T14569] EXT4-fs: Ignoring removed i_version option [ 1282.003346][T14569] EXT4-fs (loop2): Test dummy encryption mode enabled [ 1282.013324][T14569] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 1282.086260][T14577] loop5: detected capacity change from 0 to 256 [ 1282.178943][T14577] exFAT-fs (loop5): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 1282.205215][T14577] exFAT-fs (loop5): error, invalid access to FAT free cluster (entry 0x00000008) [ 1282.423949][T14580] loop3: detected capacity change from 0 to 256 [ 1284.581132][T14585] loop3: detected capacity change from 0 to 256 [ 1284.593697][T14585] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 1284.609630][T14585] exFAT-fs (loop3): error, invalid access to FAT free cluster (entry 0x00000008) [ 1284.747877][T14589] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3855'. [ 1284.766051][T11087] EXT4-fs (loop1): unmounting filesystem. [ 1284.788642][T14591] loop1: detected capacity change from 0 to 512 [ 1284.812809][T14591] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 1285.303903][T11663] EXT4-fs (loop2): unmounting filesystem. [ 1285.339372][T14602] loop2: detected capacity change from 0 to 1024 [ 1285.348372][T14602] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1285.365575][T14602] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 1285.384385][ T296] usb 5-1: new high-speed USB device number 72 using dummy_hcd [ 1285.564349][ T296] usb 5-1: Using ep0 maxpacket: 32 [ 1285.571281][ T296] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1285.584331][ T296] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1285.594164][ T296] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 1285.603528][ T296] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1285.612894][ T296] usb 5-1: config 0 descriptor?? [ 1285.682659][T11087] EXT4-fs (loop1): unmounting filesystem. [ 1285.718499][T14608] loop1: detected capacity change from 0 to 1024 [ 1285.729034][T14608] EXT4-fs: Ignoring removed i_version option [ 1285.741873][T14608] EXT4-fs (loop1): Test dummy encryption mode enabled [ 1285.816232][T14608] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 1286.292856][ T296] usbhid 5-1:0.0: can't add hid device: -71 [ 1286.330982][ T296] usbhid: probe of 5-1:0.0 failed with error -71 [ 1286.453608][ T296] usb 5-1: USB disconnect, device number 72 [ 1286.466788][T14617] loop5: detected capacity change from 0 to 256 [ 1286.491632][T14617] exFAT-fs (loop5): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 1286.507778][T14617] exFAT-fs (loop5): error, invalid access to FAT free cluster (entry 0x00000008) [ 1286.556403][T11663] EXT4-fs (loop2): unmounting filesystem. [ 1286.571950][T11087] EXT4-fs (loop1): unmounting filesystem. [ 1287.767640][T14624] loop1: detected capacity change from 0 to 512 [ 1288.142048][T14624] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 1288.151280][T14624] ext4 filesystem being mounted at /180/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1289.830684][T14640] loop2: detected capacity change from 0 to 1024 [ 1289.856964][T14640] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1289.897025][T14640] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 1289.960595][T11087] EXT4-fs (loop1): unmounting filesystem. [ 1290.246373][T14650] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 1290.328260][T11663] EXT4-fs (loop2): unmounting filesystem. [ 1290.375555][T14655] 9p: Unknown access argument 18446744073709551615: -34 [ 1290.710519][T14665] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3874'. [ 1290.765909][T14663] loop2: detected capacity change from 0 to 8192 [ 1291.118875][T14673] loop5: detected capacity change from 0 to 256 [ 1291.132741][T14673] exFAT-fs (loop5): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 1291.147501][T14673] exFAT-fs (loop5): error, invalid access to FAT free cluster (entry 0x00000008) [ 1291.251019][T14677] loop3: detected capacity change from 0 to 256 [ 1291.303669][T14677] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 1291.523885][T14677] exFAT-fs (loop3): error, invalid access to FAT free cluster (entry 0x00000008) [ 1292.579790][T14691] loop1: detected capacity change from 0 to 1024 [ 1292.604996][T14691] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1292.645283][T14691] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 1293.148181][T14697] 9p: Unknown access argument 18446744073709551615: -34 [ 1293.178643][T14699] loop4: detected capacity change from 0 to 256 [ 1293.694627][T11087] EXT4-fs (loop1): unmounting filesystem. [ 1294.014238][ T1084] usb 2-1: new full-speed USB device number 66 using dummy_hcd [ 1294.245148][T14712] loop4: detected capacity change from 0 to 512 [ 1294.401633][T14712] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 1294.410884][T14712] ext4 filesystem being mounted at /165/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1295.415102][ T1084] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 1295.419075][T11232] EXT4-fs (loop4): unmounting filesystem. [ 1295.434385][ T1084] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1295.443643][T14722] loop5: detected capacity change from 0 to 256 [ 1295.444152][ T1084] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 1295.474327][ T1084] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1295.545074][ T1084] usb 2-1: config 0 descriptor?? [ 1295.627751][T14724] loop4: detected capacity change from 0 to 1024 [ 1295.638170][T14724] EXT4-fs: Ignoring removed i_version option [ 1295.652613][T14724] EXT4-fs (loop4): Test dummy encryption mode enabled [ 1295.661389][T14724] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 1297.013147][ T1084] usbhid 2-1:0.0: can't add hid device: -71 [ 1297.040698][ T1084] usbhid: probe of 2-1:0.0 failed with error -71 [ 1297.050777][ T1084] usb 2-1: USB disconnect, device number 66 [ 1297.291026][T14740] loop1: detected capacity change from 0 to 256 [ 1297.300233][T11232] EXT4-fs (loop4): unmounting filesystem. [ 1297.377321][T14746] loop3: detected capacity change from 0 to 512 [ 1297.388831][T14746] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 1298.250410][T14751] loop4: detected capacity change from 0 to 512 [ 1299.302893][T14760] loop5: detected capacity change from 0 to 256 [ 1299.316498][T11162] EXT4-fs (loop3): unmounting filesystem. [ 1299.322415][T14760] exFAT-fs (loop5): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 1299.337500][T14760] exFAT-fs (loop5): error, invalid access to FAT free cluster (entry 0x00000008) [ 1299.442867][T14766] loop1: detected capacity change from 0 to 512 [ 1299.522485][T14751] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 1299.609979][T14766] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 1299.619276][T14766] ext4 filesystem being mounted at /187/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1299.826516][T14751] ext4 filesystem being mounted at /167/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1300.888401][T11087] EXT4-fs (loop1): unmounting filesystem. [ 1302.093885][T14782] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 1302.269313][T14786] loop1: detected capacity change from 0 to 1024 [ 1302.279060][T14786] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1302.305668][T14786] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 1302.331573][T14792] fuse: Bad value for 'group_id' [ 1302.574367][T12648] usb 3-1: new full-speed USB device number 72 using dummy_hcd [ 1302.644349][ T296] usb 4-1: new full-speed USB device number 70 using dummy_hcd [ 1302.775906][T12648] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 1302.804428][T12648] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1302.835724][ T296] usb 4-1: unable to get BOS descriptor or descriptor too short [ 1302.843528][T12648] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 1302.847759][ T296] usb 4-1: not running at top speed; connect to a high speed hub [ 1302.860589][T12648] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1302.877400][T12648] usb 3-1: config 0 descriptor?? [ 1302.894352][ T5687] usb 6-1: new high-speed USB device number 13 using dummy_hcd [ 1302.902725][ T296] usb 4-1: config 4 has an invalid interface number: 147 but max is 0 [ 1302.922261][ T296] usb 4-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 1302.942674][ T296] usb 4-1: config 4 has no interface number 0 [ 1302.951015][ T296] usb 4-1: string descriptor 0 read error: -22 [ 1302.959632][T11232] EXT4-fs (loop4): unmounting filesystem. [ 1302.965549][ T296] usb 4-1: New USB device found, idVendor=04f2, idProduct=b746, bcdDevice=8e.6e [ 1302.981123][ T296] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1302.995057][ T296] usb 4-1: Found UVC 0.00 device (04f2:b746) [ 1303.002038][ T296] usb 4-1: No valid video chain found. [ 1303.074357][ T5687] usb 6-1: Using ep0 maxpacket: 32 [ 1303.080947][ T5687] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1303.108064][T14804] loop4: detected capacity change from 0 to 512 [ 1303.186749][ T5687] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1303.270392][T14804] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 1303.279862][T14804] ext4 filesystem being mounted at /168/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1303.378480][ T5687] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 1303.425136][ T5687] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1303.471779][ T296] usb 4-1: USB disconnect, device number 70 [ 1303.510904][ T5687] usb 6-1: config 0 descriptor?? [ 1304.110116][T12648] savu 0003:1E7D:2D5A.0022: unknown main item tag 0x0 [ 1304.126106][T12648] savu 0003:1E7D:2D5A.0022: unknown main item tag 0x0 [ 1304.126667][ T5687] usbhid 6-1:0.0: can't add hid device: -71 [ 1304.139361][ T5687] usbhid: probe of 6-1:0.0 failed with error -71 [ 1304.146903][ T5687] usb 6-1: USB disconnect, device number 13 [ 1304.179061][T14809] loop3: detected capacity change from 0 to 1024 [ 1304.191329][T14809] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1304.217605][T11087] EXT4-fs (loop1): unmounting filesystem. [ 1304.224894][T14809] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 1304.242436][T11232] EXT4-fs (loop4): unmounting filesystem. [ 1304.257469][T12648] savu 0003:1E7D:2D5A.0022: unknown main item tag 0x0 [ 1304.260052][ T28] kauditd_printk_skb: 23 callbacks suppressed [ 1304.260067][ T28] audit: type=1400 audit(1756900736.607:3092): avc: denied { remount } for pid=14812 comm="syz.1.3913" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 1304.268149][T12648] savu 0003:1E7D:2D5A.0022: unknown main item tag 0x0 [ 1304.297536][T12648] savu 0003:1E7D:2D5A.0022: unknown main item tag 0x0 [ 1304.316823][T14815] loop4: detected capacity change from 0 to 8192 [ 1304.347538][T12648] savu 0003:1E7D:2D5A.0022: unbalanced collection at end of report description [ 1304.357018][T12648] savu 0003:1E7D:2D5A.0022: parse failed [ 1304.362685][T12648] savu: probe of 0003:1E7D:2D5A.0022 failed with error -22 [ 1304.385523][T12648] usb 3-1: USB disconnect, device number 72 [ 1305.691211][T11162] EXT4-fs (loop3): unmounting filesystem. [ 1306.336829][T14826] loop5: detected capacity change from 0 to 256 [ 1306.441102][T14825] loop1: detected capacity change from 0 to 256 [ 1306.466698][T14826] exFAT-fs (loop5): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 1306.480169][T14825] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 1306.493569][ T28] audit: type=1326 audit(1756900738.777:3093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14814 comm="syz.4.3914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f59df18ebe9 code=0x7ffc0000 [ 1306.578448][T14826] exFAT-fs (loop5): error, invalid access to FAT free cluster (entry 0x00000008) [ 1306.588109][T14825] exFAT-fs (loop1): error, invalid access to FAT free cluster (entry 0x00000008) [ 1309.005240][ T28] audit: type=1326 audit(1756900738.777:3094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14814 comm="syz.4.3914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f59df18ebe9 code=0x7ffc0000 [ 1309.029918][ T28] audit: type=1326 audit(1756900738.787:3095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14814 comm="syz.4.3914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=6 compat=0 ip=0x7f59df18ebe9 code=0x7ffc0000 [ 1309.076873][ T28] audit: type=1326 audit(1756900738.787:3096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14814 comm="syz.4.3914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f59df18ebe9 code=0x7ffc0000 [ 1309.437655][T14849] loop2: detected capacity change from 0 to 512 [ 1309.487915][ T28] audit: type=1326 audit(1756900738.787:3097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14814 comm="syz.4.3914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f59df18ebe9 code=0x7ffc0000 [ 1309.571391][T14849] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 1309.587641][ T28] audit: type=1326 audit(1756900738.787:3098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14814 comm="syz.4.3914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f59df18d550 code=0x7ffc0000 [ 1309.613495][T14856] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 1309.638891][T14849] ext4 filesystem being mounted at /172/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1309.668878][T14842] loop3: detected capacity change from 0 to 40427 [ 1309.675005][ T28] audit: type=1326 audit(1756900738.787:3099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14814 comm="syz.4.3914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f59df18e7eb code=0x7ffc0000 [ 1309.707271][T14842] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 1309.724653][T14842] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 1309.760234][T14842] F2FS-fs (loop3): Found nat_bits in checkpoint [ 1309.773624][ T28] audit: type=1326 audit(1756900738.787:3100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14814 comm="syz.4.3914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f59df18e7eb code=0x7ffc0000 [ 1309.854853][T14842] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 1309.893005][ T28] audit: type=1326 audit(1756900738.787:3101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14814 comm="syz.4.3914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f59df18e7eb code=0x7ffc0000 [ 1309.893272][T14842] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 1310.002081][ T28] audit: type=1326 audit(1756900738.787:3102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14814 comm="syz.4.3914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f59df18e7eb code=0x7ffc0000 [ 1310.131048][T14865] loop4: detected capacity change from 0 to 256 [ 1310.310528][T14867] loop5: detected capacity change from 0 to 256 [ 1310.535919][T14867] exFAT-fs (loop5): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 1310.548237][T14865] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 1310.655425][T14867] exFAT-fs (loop5): error, invalid access to FAT free cluster (entry 0x00000008) [ 1310.704081][T14865] exFAT-fs (loop4): error, invalid access to FAT free cluster (entry 0x00000008) [ 1310.904420][T14872] loop1: detected capacity change from 0 to 512 [ 1310.979511][T14872] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 1310.991534][T14875] loop3: detected capacity change from 0 to 1024 [ 1311.039043][T14875] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1311.125990][T14875] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 1312.021697][T11087] EXT4-fs (loop1): unmounting filesystem. [ 1312.028490][T11162] EXT4-fs (loop3): unmounting filesystem. [ 1312.234617][T14887] loop1: detected capacity change from 0 to 512 [ 1312.374649][T14887] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 1312.383829][T14887] ext4 filesystem being mounted at /195/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1313.486947][T11087] EXT4-fs (loop1): unmounting filesystem. [ 1313.526557][T14883] loop3: detected capacity change from 0 to 40427 [ 1313.547213][T14883] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 1313.561957][T14883] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 1313.580529][T14883] F2FS-fs (loop3): Insane cp_payload (524288 >= 504) [ 1313.588659][T14883] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock [ 1313.738850][T14894] loop1: detected capacity change from 0 to 256 [ 1313.764947][T14894] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 1313.806565][T14894] exFAT-fs (loop1): error, invalid access to FAT free cluster (entry 0x00000008) [ 1314.116028][T14896] syz.3.3929[14896] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1314.116359][T14896] syz.3.3929[14896] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1314.158598][T14896] tipc: Enabling of bearer rejected, already enabled [ 1314.796862][T11663] EXT4-fs (loop2): unmounting filesystem. [ 1315.518711][T14914] 9pnet_fd: Insufficient options for proto=fd [ 1315.644907][T14919] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 1315.746446][T14923] loop5: detected capacity change from 0 to 512 [ 1315.771743][T14923] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 1316.229475][T14931] loop2: detected capacity change from 0 to 512 [ 1316.263600][T14931] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 1316.772450][T11330] EXT4-fs (loop5): unmounting filesystem. [ 1316.795995][T14942] loop5: detected capacity change from 0 to 256 [ 1316.944834][T14936] loop4: detected capacity change from 0 to 40427 [ 1316.951982][T14936] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 1316.960295][T14936] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 1316.968851][T14936] F2FS-fs (loop4): Insane cp_payload (524288 >= 504) [ 1318.109738][T14948] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3947'. [ 1318.153278][T11663] EXT4-fs (loop2): unmounting filesystem. [ 1318.414480][T14936] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock [ 1318.495621][T14954] overlayfs: missing 'lowerdir' [ 1318.904540][T14960] syz.4.3945[14960] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1318.904633][T14960] syz.4.3945[14960] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1319.573955][T14961] loop5: detected capacity change from 0 to 256 [ 1319.914376][T14960] tipc: Enabling of bearer rejected, already enabled [ 1320.773744][T14961] exFAT-fs (loop5): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 1320.795969][T14961] exFAT-fs (loop5): error, invalid access to FAT free cluster (entry 0x00000008) [ 1320.904754][T12648] usb 2-1: new full-speed USB device number 67 using dummy_hcd [ 1320.925762][T14969] loop4: detected capacity change from 0 to 1024 [ 1320.952094][T14969] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 1321.117727][T12648] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 1321.175584][T14977] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 1321.211943][T12648] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1321.244437][T11232] EXT4-fs (loop4): unmounting filesystem. [ 1321.265812][T12648] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 1321.281032][T14979] loop4: detected capacity change from 0 to 128 [ 1321.292571][T12648] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1321.302257][T14979] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 1321.312163][T14979] ext4 filesystem being mounted at /176/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1321.325418][T12648] usb 2-1: config 0 descriptor?? [ 1321.334846][T11232] EXT4-fs (loop4): unmounting filesystem. [ 1321.462759][T12648] usbhid 2-1:0.0: can't add hid device: -71 [ 1321.469038][T12648] usbhid: probe of 2-1:0.0 failed with error -71 [ 1321.490794][T12648] usb 2-1: USB disconnect, device number 67 [ 1321.492124][T14985] input: syz0 as /devices/virtual/input/input13 [ 1321.658015][T14989] loop1: detected capacity change from 0 to 512 [ 1321.846520][T14993] loop2: detected capacity change from 0 to 256 [ 1321.857921][T14989] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 1321.867235][T14989] ext4 filesystem being mounted at /201/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1323.594014][T14997] overlayfs: missing 'lowerdir' [ 1325.117018][T15005] loop4: detected capacity change from 0 to 512 [ 1325.440354][T11087] EXT4-fs (loop1): unmounting filesystem. [ 1325.579682][T11765] usb 3-1: new high-speed USB device number 73 using dummy_hcd [ 1326.263023][T15005] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 1326.272254][T15005] ext4 filesystem being mounted at /178/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1326.862162][T11232] EXT4-fs (loop4): unmounting filesystem. [ 1326.983871][T15023] loop3: detected capacity change from 0 to 512 [ 1327.355155][T15023] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 1327.364149][T15023] ext4 filesystem being mounted at /198/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1327.414341][ T296] usb 6-1: new full-speed USB device number 14 using dummy_hcd [ 1327.595468][ T296] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 1327.606640][ T296] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1327.616410][ T296] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 1327.625589][ T296] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1327.634334][ T296] usb 6-1: config 0 descriptor?? [ 1327.764894][T11162] EXT4-fs (loop3): unmounting filesystem. [ 1327.974439][T15037] loop2: detected capacity change from 0 to 512 [ 1328.335738][ T296] usbhid 6-1:0.0: can't add hid device: -71 [ 1328.433003][ T296] usbhid: probe of 6-1:0.0 failed with error -71 [ 1328.585604][T15037] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 1328.594616][T15037] ext4 filesystem being mounted at /184/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1328.607421][ T296] usb 6-1: USB disconnect, device number 14 [ 1328.661547][T15046] loop1: detected capacity change from 0 to 1024 [ 1328.668452][T15046] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1328.685300][T15046] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 1328.779857][T11663] EXT4-fs (loop2): unmounting filesystem. [ 1329.252926][T15063] loop2: detected capacity change from 0 to 512 [ 1329.356765][T15063] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 1329.367275][T15063] ext4 filesystem being mounted at /186/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1329.583349][T11087] EXT4-fs (loop1): unmounting filesystem. [ 1329.902664][T15067] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3979'. [ 1331.148621][T11663] EXT4-fs (loop2): unmounting filesystem. [ 1331.158782][T15084] loop4: detected capacity change from 0 to 128 [ 1331.168538][T15084] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 1331.180795][T15086] loop2: detected capacity change from 0 to 2048 [ 1331.199291][T15084] ext4 filesystem being mounted at /181/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1331.251539][T15090] loop3: detected capacity change from 0 to 256 [ 1331.593003][T15086] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 1331.605604][T15086] EXT4-fs error (device loop2): ext4_find_extent:936: inode #2: comm syz.2.3986: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 1331.634346][ T2401] usb 2-1: new full-speed USB device number 68 using dummy_hcd [ 1331.668753][T11232] EXT4-fs (loop4): unmounting filesystem. [ 1331.684958][T11663] EXT4-fs (loop2): unmounting filesystem. [ 1333.978676][ T6151] Bluetooth: hci0: Frame reassembly failed (-84) [ 1334.134796][T11765] usb 5-1: new full-speed USB device number 73 using dummy_hcd [ 1334.754772][T15112] loop1: detected capacity change from 0 to 512 [ 1335.194385][ T2401] usb 2-1: device not accepting address 68, error -71 [ 1335.270528][T15112] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 1335.279864][T15112] ext4 filesystem being mounted at /208/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1335.892137][T15104] loop5: detected capacity change from 0 to 40427 [ 1335.912590][T15104] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12 [ 1335.936336][T15104] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 1335.976031][T15104] F2FS-fs (loop5): Found nat_bits in checkpoint [ 1336.031417][ T496] Bluetooth: hci0: command 0x1003 tx timeout [ 1336.031614][T11796] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 1336.045736][T11087] EXT4-fs (loop1): unmounting filesystem. [ 1336.101821][T15104] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0 [ 1336.113606][T15104] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 1336.181769][ T28] audit: type=1326 audit(1756900768.527:3103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15115 comm="syz.3.3993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06d018ebe9 code=0x7ffc0000 [ 1336.207829][T15118] loop3: detected capacity change from 0 to 128 [ 1337.447330][T15137] loop1: detected capacity change from 0 to 256 [ 1337.560113][T15137] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 1337.618639][T15137] exFAT-fs (loop1): error, invalid access to FAT free cluster (entry 0x00000008) [ 1338.252593][ T28] audit: type=1326 audit(1756900768.557:3104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15115 comm="syz.3.3993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f06d018ebe9 code=0x7ffc0000 [ 1338.494439][ T28] audit: type=1326 audit(1756900768.557:3105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15115 comm="syz.3.3993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06d018ebe9 code=0x7ffc0000 [ 1338.670643][ T28] audit: type=1326 audit(1756900768.557:3106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15115 comm="syz.3.3993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f06d018ebe9 code=0x7ffc0000 [ 1338.866377][T15150] overlayfs: missing 'lowerdir' [ 1338.886147][ T28] audit: type=1326 audit(1756900768.557:3107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15115 comm="syz.3.3993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f06d018ec23 code=0x7ffc0000 [ 1338.950182][ T28] audit: type=1326 audit(1756900768.557:3108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15115 comm="syz.3.3993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f06d018d69f code=0x7ffc0000 [ 1338.962895][T15155] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4001'. [ 1338.995683][T15155] device bridge_slave_1 left promiscuous mode [ 1339.002161][T15155] bridge0: port 2(bridge_slave_1) entered disabled state [ 1339.011245][T15155] device bridge_slave_0 left promiscuous mode [ 1339.017720][T15155] bridge0: port 1(bridge_slave_0) entered disabled state [ 1339.045612][T15156] loop2: detected capacity change from 0 to 256 [ 1339.079665][ T28] audit: type=1326 audit(1756900768.557:3109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15115 comm="syz.3.3993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f06d018ec77 code=0x7ffc0000 [ 1339.219313][T15156] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 1339.316096][ T28] audit: type=1326 audit(1756900768.557:3110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15115 comm="syz.3.3993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f06d018d550 code=0x7ffc0000 [ 1339.344867][ T28] audit: type=1326 audit(1756900768.557:3111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15115 comm="syz.3.3993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f06d018e7eb code=0x7ffc0000 [ 1339.369310][ T28] audit: type=1326 audit(1756900769.687:3112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15115 comm="syz.3.3993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f06d018d84a code=0x7ffc0000 [ 1339.853013][T15166] loop2: detected capacity change from 0 to 1024 [ 1339.871192][T15166] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1339.916425][T15166] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 1340.429468][T15178] fuse: Unknown parameter 'grou00000000000000000000' [ 1341.172308][T15186] loop4: detected capacity change from 0 to 40427 [ 1341.186764][T11663] EXT4-fs (loop2): unmounting filesystem. [ 1341.203845][T15186] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 1341.220018][T15192] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 1341.317051][T15192] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1341.374356][T15186] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 1341.525184][T15186] F2FS-fs (loop4): Found nat_bits in checkpoint [ 1341.624942][T15186] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 1341.632678][T15186] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 1341.900207][T15208] loop1: detected capacity change from 0 to 256 [ 1342.003293][T15210] xt_l2tp: missing protocol rule (udp|l2tpip) [ 1343.290921][T15212] loop3: detected capacity change from 0 to 256 [ 1343.324667][T15212] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 1344.144220][T15225] loop1: detected capacity change from 0 to 8192 [ 1344.185270][T15233] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 1344.194059][T15233] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1344.316851][T15241] loop2: detected capacity change from 0 to 1024 [ 1344.956205][T15245] loop4: detected capacity change from 0 to 256 [ 1346.101837][T15245] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 1346.739193][ T28] kauditd_printk_skb: 8 callbacks suppressed [ 1346.964414][ T28] audit: type=1326 audit(1756900779.087:3121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15224 comm="syz.1.4021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef5478ebe9 code=0x7ffc0000 [ 1346.974477][T15241] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1346.995757][T15244] exFAT-fs (loop4): error, invalid access to FAT free cluster (entry 0x00000008) [ 1347.012918][ T28] audit: type=1326 audit(1756900779.087:3122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15224 comm="syz.1.4021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef5478ebe9 code=0x7ffc0000 [ 1347.072861][ T28] audit: type=1326 audit(1756900779.087:3123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15224 comm="syz.1.4021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=6 compat=0 ip=0x7fef5478ebe9 code=0x7ffc0000 [ 1347.097126][ T28] audit: type=1326 audit(1756900779.087:3124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15224 comm="syz.1.4021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef5478ebe9 code=0x7ffc0000 [ 1347.198260][ T28] audit: type=1326 audit(1756900779.087:3125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15224 comm="syz.1.4021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef5478ebe9 code=0x7ffc0000 [ 1347.232650][T15241] EXT4-fs: error -4 creating inode table initialization thread [ 1347.243691][ T28] audit: type=1326 audit(1756900779.087:3126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15224 comm="syz.1.4021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fef5478d550 code=0x7ffc0000 [ 1347.274315][ T296] usb 2-1: new high-speed USB device number 70 using dummy_hcd [ 1347.292862][T15241] EXT4-fs (loop2): mount failed [ 1347.336698][ T28] audit: type=1326 audit(1756900779.087:3127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15224 comm="syz.1.4021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fef5478e7eb code=0x7ffc0000 [ 1347.392712][ T28] audit: type=1326 audit(1756900779.087:3128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15224 comm="syz.1.4021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fef5478e7eb code=0x7ffc0000 [ 1347.416505][T15261] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4032'. [ 1347.429179][ T28] audit: type=1326 audit(1756900779.087:3129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15224 comm="syz.1.4021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fef5478e7eb code=0x7ffc0000 [ 1347.482833][ T28] audit: type=1326 audit(1756900779.087:3130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15224 comm="syz.1.4021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fef5478e7eb code=0x7ffc0000 [ 1347.515468][ T296] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1347.534724][ T296] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1347.553008][T15257] loop3: detected capacity change from 0 to 40427 [ 1347.562822][ T296] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1347.576823][T15257] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 1347.584689][ T2401] usb 5-1: new full-speed USB device number 74 using dummy_hcd [ 1347.593742][ T296] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1347.602702][T15257] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 1347.613710][ T296] usb 2-1: Product: syz [ 1347.618129][ T296] usb 2-1: Manufacturer: syz [ 1347.622955][ T296] usb 2-1: SerialNumber: syz [ 1347.624380][T15257] F2FS-fs (loop3): Insane cp_payload (524288 >= 504) [ 1347.636019][T15257] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock [ 1347.642269][ T296] cdc_ncm 2-1:1.0: CDC Union missing and no IAD found [ 1347.651872][ T296] cdc_ncm 2-1:1.0: bind() failure [ 1347.769945][ T296] usb 2-1: USB disconnect, device number 70 [ 1347.777744][ T2401] usb 5-1: unable to get BOS descriptor or descriptor too short [ 1347.790152][ T2401] usb 5-1: not running at top speed; connect to a high speed hub [ 1347.799242][ T2401] usb 5-1: config 4 has an invalid interface number: 147 but max is 0 [ 1348.320963][ T2401] usb 5-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 1348.331150][ T2401] usb 5-1: config 4 has no interface number 0 [ 1348.345643][ T2401] usb 5-1: string descriptor 0 read error: -22 [ 1348.351901][ T2401] usb 5-1: New USB device found, idVendor=04f2, idProduct=b746, bcdDevice=8e.6e [ 1348.361280][ T2401] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1348.375623][ T2401] usb 5-1: Found UVC 0.00 device (04f2:b746) [ 1348.382576][ T2401] usb 5-1: No valid video chain found. [ 1348.417026][T15278] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 1348.425994][T15278] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1349.284477][T12648] usb 5-1: USB disconnect, device number 74 [ 1349.387347][T15292] xt_l2tp: missing protocol rule (udp|l2tpip) [ 1349.647620][T15294] loop3: detected capacity change from 0 to 8192 [ 1349.807853][T15296] loop2: detected capacity change from 0 to 1024 [ 1349.814719][T15296] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1349.826203][T15296] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 1350.719242][T11663] EXT4-fs (loop2): unmounting filesystem. [ 1350.817503][T15316] overlayfs: missing 'lowerdir' [ 1350.888990][T15320] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4047'. [ 1351.042990][T15318] loop4: detected capacity change from 0 to 2048 [ 1351.290675][T15318] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 1351.317808][T15318] EXT4-fs error (device loop4): ext4_find_extent:936: inode #2: comm syz.4.4050: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 1351.483341][T15308] loop3: detected capacity change from 0 to 40427 [ 1351.524331][T11232] EXT4-fs (loop4): unmounting filesystem. [ 1351.581862][T15308] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 1351.663134][T15308] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 1351.687535][T15330] loop1: detected capacity change from 0 to 256 [ 1351.696217][T15308] F2FS-fs (loop3): Found nat_bits in checkpoint [ 1351.759015][T15337] 9pnet_fd: Insufficient options for proto=fd [ 1351.785565][T15310] loop2: detected capacity change from 0 to 40427 [ 1351.805149][T15310] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 1351.813083][T15310] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 1351.813262][T15308] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 1351.829658][T15310] F2FS-fs (loop2): Insane cp_payload (524288 >= 504) [ 1351.842305][T15308] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 1351.843544][T15310] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock [ 1352.328075][T15344] loop4: detected capacity change from 0 to 1024 [ 1352.346031][T15344] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1352.356688][T15344] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 1352.764944][T15349] syz.3.4045[15349] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1352.765124][T15349] syz.3.4045[15349] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1354.058663][T15353] loop1: detected capacity change from 0 to 1024 [ 1354.394789][T15353] EXT4-fs: Ignoring removed i_version option [ 1354.423022][T15353] EXT4-fs (loop1): Test dummy encryption mode enabled [ 1354.436129][T11232] EXT4-fs (loop4): unmounting filesystem. [ 1354.500725][T15353] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 1354.527566][T15359] loop2: detected capacity change from 0 to 512 [ 1354.563919][T15359] EXT4-fs warning (device loop2): ext4_enable_quotas:7053: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 1354.619597][T15359] EXT4-fs (loop2): mount failed [ 1354.671953][T15367] loop5: detected capacity change from 0 to 256 [ 1354.690084][T15367] FAT-fs (loop5): Unrecognized mount option "shortname`Power" or missing value [ 1355.092524][T12648] usb 4-1: new full-speed USB device number 71 using dummy_hcd [ 1355.100850][T11087] EXT4-fs (loop1): unmounting filesystem. [ 1355.145339][T15373] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4063'. [ 1355.285734][T12648] usb 4-1: unable to get BOS descriptor or descriptor too short [ 1355.297584][T12648] usb 4-1: not running at top speed; connect to a high speed hub [ 1355.325250][T12648] usb 4-1: config 4 has an invalid interface number: 147 but max is 0 [ 1355.336831][T15379] loop4: detected capacity change from 0 to 256 [ 1355.340245][T12648] usb 4-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 1355.363163][T12648] usb 4-1: config 4 has no interface number 0 [ 1355.378221][T12648] usb 4-1: string descriptor 0 read error: -22 [ 1355.386970][T12648] usb 4-1: New USB device found, idVendor=04f2, idProduct=b746, bcdDevice=8e.6e [ 1355.400490][T12648] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1355.427161][T12648] usb 4-1: Found UVC 0.00 device (04f2:b746) [ 1355.435989][T15379] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 1355.442172][T12648] usb 4-1: No valid video chain found. [ 1355.525105][T15379] exFAT-fs (loop4): error, invalid access to FAT free cluster (entry 0x00000008) [ 1355.551619][T15384] loop1: detected capacity change from 0 to 8192 [ 1355.689475][ T296] usb 4-1: USB disconnect, device number 71 [ 1355.814803][ T28] kauditd_printk_skb: 21 callbacks suppressed [ 1355.814858][ T28] audit: type=1326 audit(1756900788.147:3152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15382 comm="syz.1.4066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef5478ebe9 code=0x7ffc0000 [ 1355.934752][T15388] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 1356.005778][ T28] audit: type=1326 audit(1756900788.147:3153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15382 comm="syz.1.4066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef5478ebe9 code=0x7ffc0000 [ 1356.048817][ T28] audit: type=1326 audit(1756900788.157:3154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15382 comm="syz.1.4066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=6 compat=0 ip=0x7fef5478ebe9 code=0x7ffc0000 [ 1356.072302][ T28] audit: type=1326 audit(1756900788.157:3155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15382 comm="syz.1.4066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef5478ebe9 code=0x7ffc0000 [ 1356.101367][ T28] audit: type=1326 audit(1756900788.157:3156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15382 comm="syz.1.4066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef5478ebe9 code=0x7ffc0000 [ 1356.114319][T12648] usb 2-1: new high-speed USB device number 71 using dummy_hcd [ 1356.152120][ T28] audit: type=1326 audit(1756900788.157:3157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15382 comm="syz.1.4066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fef5478d550 code=0x7ffc0000 [ 1356.196548][ T28] audit: type=1326 audit(1756900788.157:3158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15382 comm="syz.1.4066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fef5478e7eb code=0x7ffc0000 [ 1356.247495][ T28] audit: type=1326 audit(1756900788.157:3159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15382 comm="syz.1.4066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fef5478e7eb code=0x7ffc0000 [ 1356.327957][T12648] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1356.385184][T12648] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1356.480891][T12648] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1356.502652][ T28] audit: type=1326 audit(1756900788.157:3160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15382 comm="syz.1.4066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fef5478e7eb code=0x7ffc0000 [ 1356.541596][T12648] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1356.555462][ T28] audit: type=1326 audit(1756900788.157:3161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15382 comm="syz.1.4066" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fef5478e7eb code=0x7ffc0000 [ 1356.556618][T12648] usb 2-1: Product: syz [ 1356.603407][T12648] usb 2-1: Manufacturer: syz [ 1356.614407][T12648] usb 2-1: SerialNumber: syz [ 1356.621629][T12648] cdc_ncm 2-1:1.0: CDC Union missing and no IAD found [ 1356.628943][T12648] cdc_ncm 2-1:1.0: bind() failure [ 1356.654343][ T296] usb 4-1: new high-speed USB device number 72 using dummy_hcd [ 1356.690673][T15397] loop5: detected capacity change from 0 to 512 [ 1356.718963][T15397] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 1356.728007][T15397] ext4 filesystem being mounted at /206/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1356.919126][ T296] usb 4-1: Using ep0 maxpacket: 16 [ 1356.925530][ T296] usb 4-1: config index 0 descriptor too short (expected 64967, got 165) [ 1356.934097][ T296] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1356.944687][ T296] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1356.955272][ T296] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1356.964485][ T296] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1356.972541][ T296] usb 4-1: Product: syz [ 1356.977002][ T296] usb 4-1: Manufacturer: syz [ 1356.981786][ T296] usb 4-1: SerialNumber: syz [ 1357.041530][T15401] loop2: detected capacity change from 0 to 1024 [ 1357.058489][T15401] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1357.080625][T15401] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 1357.195710][ T296] usb 4-1: 0:2 : does not exist [ 1357.202871][ T296] usb 4-1: USB disconnect, device number 72 [ 1357.520746][T11330] EXT4-fs (loop5): unmounting filesystem. [ 1357.786998][T15407] loop5: detected capacity change from 0 to 40427 [ 1357.805124][T15407] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12 [ 1357.824338][T15407] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 1357.838304][T15407] F2FS-fs (loop5): Insane cp_payload (524288 >= 504) [ 1357.846784][T15407] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 1357.980764][T15412] loop3: detected capacity change from 0 to 512 [ 1359.472359][T11663] EXT4-fs (loop2): unmounting filesystem. [ 1359.680716][T15412] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 1359.689889][T15412] ext4 filesystem being mounted at /216/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1360.600276][T12648] usb 2-1: USB disconnect, device number 71 [ 1360.652812][T15417] 9pnet_fd: Insufficient options for proto=fd [ 1361.088872][T15431] xt_l2tp: missing protocol rule (udp|l2tpip) [ 1362.376444][T11162] EXT4-fs (loop3): unmounting filesystem. [ 1363.844639][T15436] xt_l2tp: missing protocol rule (udp|l2tpip) [ 1363.943873][ T334] Bluetooth: hci0: Frame reassembly failed (-84) [ 1364.306646][T15445] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 1364.374379][ T296] usb 5-1: new full-speed USB device number 75 using dummy_hcd [ 1366.056278][T15453] loop2: detected capacity change from 0 to 256 [ 1367.086892][ T947] Bluetooth: hci0: command 0x1003 tx timeout [ 1367.093941][T11796] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 1367.102395][T12648] usb 2-1: new full-speed USB device number 72 using dummy_hcd [ 1367.124333][T15455] loop1: detected capacity change from 0 to 1024 [ 1367.124855][ T296] usb 5-1: device descriptor read/all, error -71 [ 1367.130809][T15457] loop4: detected capacity change from 0 to 128 [ 1367.504800][T15457] FAT-fs (loop4): Unrecognized mount option "01777777777777777777777=d̞ YS38`" or missing value [ 1367.518429][T15455] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1367.528630][T15453] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 1367.589691][T15452] exFAT-fs (loop2): error, invalid access to FAT free cluster (entry 0x00000008) [ 1367.626629][T15455] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 1367.679531][T14851] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 1368.214381][T15468] input: syz0 as /devices/virtual/input/input14 [ 1368.293267][T11087] EXT4-fs (loop1): unmounting filesystem. [ 1368.386747][T15479] loop1: detected capacity change from 0 to 512 [ 1368.423165][T15479] EXT4-fs warning (device loop1): ext4_enable_quotas:7053: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 1368.439110][T15479] EXT4-fs (loop1): mount failed [ 1368.527067][T15489] loop3: detected capacity change from 0 to 256 [ 1368.540924][ T28] kauditd_printk_skb: 23 callbacks suppressed [ 1368.540943][ T28] audit: type=1326 audit(1756900800.887:3185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15470 comm="syz.2.4089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa84f18ebe9 code=0x7ffc0000 [ 1368.647313][T15492] loop4: detected capacity change from 0 to 256 [ 1368.694051][T15490] loop2: detected capacity change from 0 to 128 [ 1368.726521][T15492] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 1368.793000][T15492] exFAT-fs (loop4): error, invalid access to FAT free cluster (entry 0x00000008) [ 1369.639097][T15496] loop3: detected capacity change from 0 to 1024 [ 1369.657959][ T28] audit: type=1326 audit(1756900800.937:3186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15470 comm="syz.2.4089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fa84f18ebe9 code=0x7ffc0000 [ 1369.732807][T15496] EXT4-fs: Ignoring removed i_version option [ 1369.752816][T15496] EXT4-fs (loop3): Test dummy encryption mode enabled [ 1369.804803][T15496] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 1369.813819][ T28] audit: type=1326 audit(1756900800.937:3187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15470 comm="syz.2.4089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fa84f18ec23 code=0x7ffc0000 [ 1369.876484][T14851] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 1369.991777][T15503] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4097'. [ 1370.088562][ T28] audit: type=1326 audit(1756900800.957:3188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15470 comm="syz.2.4089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fa84f18d69f code=0x7ffc0000 [ 1370.289987][ T28] audit: type=1326 audit(1756900800.967:3189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15470 comm="syz.2.4089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fa84f18ec77 code=0x7ffc0000 [ 1370.354103][ T28] audit: type=1326 audit(1756900800.967:3190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15470 comm="syz.2.4089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa84f18d550 code=0x7ffc0000 [ 1370.394363][ T28] audit: type=1326 audit(1756900801.037:3191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15470 comm="syz.2.4089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa84f18e7eb code=0x7ffc0000 [ 1370.418724][ T28] audit: type=1326 audit(1756900801.947:3192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15470 comm="syz.2.4089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fa84f18d84a code=0x7ffc0000 [ 1370.446339][ T28] audit: type=1326 audit(1756900801.947:3193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15470 comm="syz.2.4089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fa84f18d84a code=0x7ffc0000 [ 1370.470330][ T28] audit: type=1326 audit(1756900801.947:3194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15470 comm="syz.2.4089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fa84f18d457 code=0x7ffc0000 [ 1370.483372][T15506] loop5: detected capacity change from 0 to 2048 [ 1370.532243][T15506] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 1370.550445][T15506] EXT4-fs error (device loop5): ext4_find_extent:936: inode #2: comm syz.5.4098: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 1370.593438][T11330] EXT4-fs (loop5): unmounting filesystem. [ 1370.893226][T15513] loop5: detected capacity change from 0 to 256 [ 1370.910873][T15513] exFAT-fs (loop5): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 1370.998537][T15513] exFAT-fs (loop5): error, invalid access to FAT free cluster (entry 0x00000008) [ 1373.378488][T15521] loop4: detected capacity change from 0 to 256 [ 1373.629718][T11162] EXT4-fs (loop3): unmounting filesystem. [ 1373.734356][T15524] input: syz0 as /devices/virtual/input/input15 [ 1374.284132][T15538] netlink: 40 bytes leftover after parsing attributes in process `syz.5.4108'. [ 1374.371559][T15544] loop5: detected capacity change from 0 to 1024 [ 1374.384121][T15544] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1374.473000][T15544] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 1374.624188][T15559] loop4: detected capacity change from 0 to 256 [ 1374.641255][T15559] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 1375.494996][T15559] exFAT-fs (loop4): error, invalid access to FAT free cluster (entry 0x00000008) [ 1375.540919][T11330] EXT4-fs (loop5): unmounting filesystem. [ 1375.952172][T15569] loop1: detected capacity change from 0 to 256 [ 1375.970398][T15569] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 1376.000747][T15569] exFAT-fs (loop1): error, invalid access to FAT free cluster (entry 0x00000008) [ 1376.934322][T12648] usb 4-1: new full-speed USB device number 73 using dummy_hcd [ 1377.094363][ T296] usb 3-1: new high-speed USB device number 74 using dummy_hcd [ 1377.301177][T12648] usb 4-1: unable to get BOS descriptor or descriptor too short [ 1377.309882][T12648] usb 4-1: not running at top speed; connect to a high speed hub [ 1377.318683][T12648] usb 4-1: config 4 has an invalid interface number: 147 but max is 0 [ 1377.326929][T12648] usb 4-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 1377.337073][T12648] usb 4-1: config 4 has no interface number 0 [ 1377.337541][T15588] loop5: detected capacity change from 0 to 256 [ 1377.345352][T12648] usb 4-1: string descriptor 0 read error: -22 [ 1377.356005][T12648] usb 4-1: New USB device found, idVendor=04f2, idProduct=b746, bcdDevice=8e.6e [ 1377.365403][T12648] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1377.379277][T12648] usb 4-1: Found UVC 0.00 device (04f2:b746) [ 1377.393709][T12648] usb 4-1: No valid video chain found. [ 1377.403574][T15590] syz.4.4124[15590] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1377.403908][T15590] syz.4.4124[15590] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1377.474427][ T28] kauditd_printk_skb: 6 callbacks suppressed [ 1377.474477][ T28] audit: type=1400 audit(1756900809.777:3201): avc: denied { create } for pid=15581 comm="syz.4.4124" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 1378.433590][T12648] usb 4-1: USB disconnect, device number 73 [ 1378.458356][T15596] loop2: detected capacity change from 0 to 512 [ 1378.466757][T15598] loop5: detected capacity change from 0 to 256 [ 1378.486067][T15596] ext2: Unknown parameter 'quota"errors' [ 1379.335758][T15610] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 1379.464326][ T296] usb 3-1: device not accepting address 74, error -71 [ 1379.470620][T15615] loop3: detected capacity change from 0 to 1024 [ 1379.483624][T15617] loop5: detected capacity change from 0 to 1024 [ 1379.484691][T15615] EXT4-fs: Ignoring removed i_version option [ 1379.520967][T15617] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1379.542625][T15615] EXT4-fs (loop3): Test dummy encryption mode enabled [ 1379.569810][T15617] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 1379.578844][T15615] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 1380.377952][T11330] EXT4-fs (loop5): unmounting filesystem. [ 1380.403013][T15639] loop4: detected capacity change from 0 to 256 [ 1380.411408][T15639] FAT-fs (loop4): Unrecognized mount option "shortname`Power" or missing value [ 1380.664481][ T296] usb 3-1: new full-speed USB device number 75 using dummy_hcd [ 1381.164288][ T345] Bluetooth: hci0: Frame reassembly failed (-84) [ 1381.232206][ T345] Bluetooth: hci0: Frame reassembly failed (-84) [ 1381.353475][ T296] usb 3-1: unable to get BOS descriptor or descriptor too short [ 1381.358149][T15650] loop4: detected capacity change from 0 to 512 [ 1381.431931][T15650] ext2: Unknown parameter 'quota"errors' [ 1381.588511][ T296] usb 3-1: not running at top speed; connect to a high speed hub [ 1381.597214][ T296] usb 3-1: config 4 has an invalid interface number: 147 but max is 0 [ 1381.605451][ T296] usb 3-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 1381.615796][ T296] usb 3-1: config 4 has no interface number 0 [ 1381.624124][ T296] usb 3-1: string descriptor 0 read error: -22 [ 1381.636267][ T296] usb 3-1: New USB device found, idVendor=04f2, idProduct=b746, bcdDevice=8e.6e [ 1381.654376][ T296] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1381.711514][ T296] usb 3-1: Found UVC 0.00 device (04f2:b746) [ 1381.721716][ T296] usb 3-1: No valid video chain found. [ 1381.915125][ T296] usb 3-1: USB disconnect, device number 75 [ 1382.089670][T11162] EXT4-fs (loop3): unmounting filesystem. [ 1382.107601][T15659] loop3: detected capacity change from 0 to 512 [ 1382.116267][T15659] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 1382.305676][T15668] loop4: detected capacity change from 0 to 256 [ 1384.342060][ T947] Bluetooth: hci0: command 0x1003 tx timeout [ 1384.342106][T11796] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 1384.373693][T11162] EXT4-fs (loop3): unmounting filesystem. [ 1384.408170][T15677] tmpfs: Unknown parameter 'nolazytimele0' [ 1384.423347][T15680] loop3: detected capacity change from 0 to 1024 [ 1384.449641][T15685] serio: Serial port ptm0 [ 1384.455252][T15680] EXT4-fs: Ignoring removed i_version option [ 1384.464885][T15680] EXT4-fs (loop3): Test dummy encryption mode enabled [ 1384.552045][T15689] loop2: detected capacity change from 0 to 1024 [ 1384.559540][T15689] EXT4-fs: Ignoring removed i_version option [ 1384.561054][T15680] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 1384.575374][T15689] EXT4-fs (loop2): Test dummy encryption mode enabled [ 1384.655110][T15692] loop4: detected capacity change from 0 to 256 [ 1384.673831][T15692] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 1384.732274][T15692] exFAT-fs (loop4): error, invalid access to FAT free cluster (entry 0x00000008) [ 1385.171857][T11162] EXT4-fs (loop3): unmounting filesystem. [ 1385.230174][T15689] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 1385.662865][T15693] loop5: detected capacity change from 0 to 256 [ 1385.737430][T15700] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4162'. [ 1385.856386][T15693] exFAT-fs (loop5): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 1387.185087][T15693] exFAT-fs (loop5): error, invalid access to FAT free cluster (entry 0x00000008) [ 1387.241294][T11663] EXT4-fs (loop2): unmounting filesystem. [ 1387.331331][T15725] loop3: detected capacity change from 0 to 1024 [ 1387.346786][T15725] EXT4-fs: Ignoring removed i_version option [ 1387.353383][T15725] EXT4-fs (loop3): Test dummy encryption mode enabled [ 1387.362713][T15725] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 1387.462278][T11162] EXT4-fs (loop3): unmounting filesystem. [ 1387.532183][T12648] usb 2-1: new full-speed USB device number 73 using dummy_hcd [ 1387.604344][ T6324] usb 3-1: new full-speed USB device number 76 using dummy_hcd [ 1387.612274][T11765] usb 5-1: new high-speed USB device number 77 using dummy_hcd [ 1387.685401][T15730] loop3: detected capacity change from 0 to 256 [ 1387.746595][T12648] usb 2-1: unable to get BOS descriptor or descriptor too short [ 1387.776138][T15730] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 1387.832695][T11765] usb 5-1: Using ep0 maxpacket: 32 [ 1387.842447][ T6324] usb 3-1: unable to get BOS descriptor or descriptor too short [ 1387.852805][T15730] exFAT-fs (loop3): error, invalid access to FAT free cluster (entry 0x00000008) [ 1387.909124][T11765] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1387.926655][T12648] usb 2-1: not running at top speed; connect to a high speed hub [ 1387.952799][ T6324] usb 3-1: not running at top speed; connect to a high speed hub [ 1388.013298][T12648] usb 2-1: config 4 has an invalid interface number: 147 but max is 0 [ 1388.040302][ T6324] usb 3-1: config 4 has an invalid interface number: 147 but max is 0 [ 1388.052105][T11765] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1388.092758][T12648] usb 2-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 1388.115198][ T6324] usb 3-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 1388.130515][T11765] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 1388.165123][T12648] usb 2-1: config 4 has no interface number 0 [ 1388.183654][ T6324] usb 3-1: config 4 has no interface number 0 [ 1388.183819][T11765] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1388.202344][ T6324] usb 3-1: string descriptor 0 read error: -22 [ 1388.224388][T12648] usb 2-1: string descriptor 0 read error: -22 [ 1388.242881][ T6324] usb 3-1: New USB device found, idVendor=04f2, idProduct=b746, bcdDevice=8e.6e [ 1388.266464][T12648] usb 2-1: New USB device found, idVendor=04f2, idProduct=b746, bcdDevice=8e.6e [ 1388.300286][ T6324] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1388.664519][T11765] usb 5-1: config 0 descriptor?? [ 1388.669640][T12648] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1388.687348][ T6324] usb 3-1: Found UVC 0.00 device (04f2:b746) [ 1388.698835][ T6324] usb 3-1: No valid video chain found. [ 1388.705769][T12648] usb 2-1: Found UVC 0.00 device (04f2:b746) [ 1388.712788][T12648] usb 2-1: No valid video chain found. [ 1388.815836][T15732] loop3: detected capacity change from 0 to 1024 [ 1388.875883][T15732] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 1388.898745][ T5687] usb 3-1: USB disconnect, device number 76 [ 1388.925506][T12648] usb 2-1: USB disconnect, device number 73 [ 1388.947831][T11162] EXT4-fs (loop3): unmounting filesystem. [ 1388.995217][ T28] audit: type=1400 audit(1756900821.347:3202): avc: denied { setcurrent } for pid=15736 comm="syz.3.4173" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 1389.015600][ T28] audit: type=1401 audit(1756900821.367:3203): op=security_bounded_transition seresult=denied oldcontext=root:sysadm_r:sysadm_t newcontext=system_u:object_r:hugetlbfs_t [ 1389.060193][T15739] loop3: detected capacity change from 0 to 512 [ 1389.090599][T15739] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 1389.102452][T11765] savu 0003:1E7D:2D5A.0023: hiddev96,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.4-1/input0 [ 1389.104415][T15739] ext4 filesystem being mounted at /243/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1389.162236][T11162] EXT4-fs (loop3): unmounting filesystem. [ 1389.282208][T15742] loop5: detected capacity change from 0 to 40427 [ 1389.295046][T15742] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12 [ 1389.303002][T15742] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 1389.313873][T15742] F2FS-fs (loop5): Found nat_bits in checkpoint [ 1389.341238][T15742] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0 [ 1389.348433][T15742] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 1389.572747][T12648] usb 5-1: USB disconnect, device number 77 [ 1389.859987][T15763] syz.5.4175[15763] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1389.860083][T15763] syz.5.4175[15763] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1390.270509][ T5687] usb 2-1: new high-speed USB device number 74 using dummy_hcd [ 1390.432614][T15772] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4183'. [ 1390.475954][ T5687] usb 2-1: Using ep0 maxpacket: 16 [ 1390.498873][ T5687] usb 2-1: config index 0 descriptor too short (expected 64967, got 165) [ 1390.514760][ T5687] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1390.527103][ T5687] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1390.582811][ T5687] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1391.257250][ T5687] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1391.281904][ T5687] usb 2-1: Product: syz [ 1391.291246][ T5687] usb 2-1: Manufacturer: syz [ 1391.303177][ T5687] usb 2-1: SerialNumber: syz [ 1391.483369][T15786] loop4: detected capacity change from 0 to 256 [ 1391.537789][ T5687] usb 2-1: 0:2 : does not exist [ 1391.596825][T15787] loop3: detected capacity change from 0 to 256 [ 1391.613228][ T5687] usb 2-1: USB disconnect, device number 74 [ 1392.773063][T15787] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 1392.843632][T15784] exFAT-fs (loop3): error, invalid access to FAT free cluster (entry 0x00000008) [ 1392.948557][T11765] usb 3-1: new high-speed USB device number 77 using dummy_hcd [ 1393.155152][T15803] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4193'. [ 1393.214364][T11765] usb 3-1: Using ep0 maxpacket: 32 [ 1393.221398][T11765] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1393.352851][T11765] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1393.368130][T11765] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 1393.379225][T11765] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1393.463998][T11765] usb 3-1: config 0 descriptor?? [ 1393.468450][ T296] usb 5-1: new full-speed USB device number 78 using dummy_hcd [ 1393.695800][ T296] usb 5-1: unable to get BOS descriptor or descriptor too short [ 1393.784400][T15812] xt_l2tp: missing protocol rule (udp|l2tpip) [ 1393.798118][T12648] usb 6-1: new full-speed USB device number 15 using dummy_hcd [ 1393.977552][ T296] usb 5-1: not running at top speed; connect to a high speed hub [ 1393.983034][T11765] savu 0003:1E7D:2D5A.0024: hiddev96,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.2-1/input0 [ 1393.986258][ T296] usb 5-1: config 4 has an invalid interface number: 147 but max is 0 [ 1394.006577][ T296] usb 5-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 1394.022986][ T296] usb 5-1: config 4 has no interface number 0 [ 1394.045499][ T296] usb 5-1: string descriptor 0 read error: -22 [ 1394.052359][ T296] usb 5-1: New USB device found, idVendor=04f2, idProduct=b746, bcdDevice=8e.6e [ 1394.062123][ T296] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1394.071886][ T296] usb 5-1: Found UVC 0.00 device (04f2:b746) [ 1394.078914][ T296] usb 5-1: No valid video chain found. [ 1394.095289][T12648] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 1394.106564][T12648] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1394.116531][T12648] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 1394.125734][T12648] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1394.134208][T12648] usb 6-1: config 0 descriptor?? [ 1394.274416][T11765] usb 5-1: USB disconnect, device number 78 [ 1394.310921][ T6324] usb 3-1: USB disconnect, device number 77 [ 1394.334290][ T5687] usb 2-1: new full-speed USB device number 75 using dummy_hcd [ 1394.515351][ T5687] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 1394.529751][ T5687] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1394.544298][ T5687] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 1394.544519][T12648] savu 0003:1E7D:2D5A.0025: unknown main item tag 0x0 [ 1394.559728][ T5687] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1394.570325][T12648] savu 0003:1E7D:2D5A.0025: unknown main item tag 0x0 [ 1394.577167][ T5687] usb 2-1: config 0 descriptor?? [ 1394.589292][T12648] savu 0003:1E7D:2D5A.0025: unknown main item tag 0x0 [ 1394.596358][T12648] savu 0003:1E7D:2D5A.0025: unknown main item tag 0x0 [ 1394.603168][T12648] savu 0003:1E7D:2D5A.0025: unknown main item tag 0x0 [ 1394.620369][T12648] savu 0003:1E7D:2D5A.0025: unbalanced collection at end of report description [ 1394.634473][T12648] savu 0003:1E7D:2D5A.0025: parse failed [ 1394.640206][T12648] savu: probe of 0003:1E7D:2D5A.0025 failed with error -22 [ 1394.764422][T12648] usb 6-1: USB disconnect, device number 15 [ 1394.835910][T15829] loop3: detected capacity change from 0 to 256 [ 1395.009753][T15838] loop2: detected capacity change from 0 to 512 [ 1395.169159][T15838] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 1395.178796][T15838] ext4 filesystem being mounted at /228/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1395.255531][ T5687] savu 0003:1E7D:2D5A.0026: unknown main item tag 0x0 [ 1395.262525][ T5687] savu 0003:1E7D:2D5A.0026: unknown main item tag 0x0 [ 1395.269420][ T5687] savu 0003:1E7D:2D5A.0026: unknown main item tag 0x0 [ 1395.279473][ T5687] savu 0003:1E7D:2D5A.0026: unknown main item tag 0x0 [ 1395.287048][ T5687] savu 0003:1E7D:2D5A.0026: unknown main item tag 0x0 [ 1395.293900][ T5687] savu 0003:1E7D:2D5A.0026: unbalanced collection at end of report description [ 1395.303144][ T5687] savu 0003:1E7D:2D5A.0026: parse failed [ 1395.309147][ T5687] savu: probe of 0003:1E7D:2D5A.0026 failed with error -22 [ 1395.320062][ T5687] usb 2-1: USB disconnect, device number 75 [ 1395.341980][T15844] loop5: detected capacity change from 0 to 512 [ 1395.358879][T15844] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 1395.368002][T15844] ext4 filesystem being mounted at /231/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1395.385311][T11330] EXT4-fs (loop5): unmounting filesystem. [ 1395.485404][T15848] loop5: detected capacity change from 0 to 40427 [ 1395.494412][T15848] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12 [ 1395.502241][T15848] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 1395.515202][T15848] F2FS-fs (loop5): Found nat_bits in checkpoint [ 1395.538641][T15848] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0 [ 1395.545750][T15848] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 1395.682208][T15853] syz.5.4208[15853] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1395.682320][T15853] syz.5.4208[15853] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1395.770218][T11663] EXT4-fs (loop2): unmounting filesystem. [ 1396.753131][T15866] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4211'. [ 1397.084373][T12648] usb 3-1: new full-speed USB device number 78 using dummy_hcd [ 1397.276144][T12648] usb 3-1: unable to get BOS descriptor or descriptor too short [ 1397.729916][T12648] usb 3-1: not running at top speed; connect to a high speed hub [ 1397.746099][T12648] usb 3-1: config 4 has an invalid interface number: 147 but max is 0 [ 1397.754385][T12648] usb 3-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 1397.764539][T12648] usb 3-1: config 4 has no interface number 0 [ 1397.777095][T12648] usb 3-1: string descriptor 0 read error: -22 [ 1397.783371][T12648] usb 3-1: New USB device found, idVendor=04f2, idProduct=b746, bcdDevice=8e.6e [ 1397.809698][ T6324] usb 2-1: new full-speed USB device number 76 using dummy_hcd [ 1397.849767][T12648] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1397.859470][T12648] usb 3-1: Found UVC 0.00 device (04f2:b746) [ 1397.866411][T12648] usb 3-1: No valid video chain found. [ 1398.145789][ T6324] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 1398.210461][ T6324] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1398.221490][ T6324] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 1398.231392][ T6324] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1398.265750][T12648] usb 3-1: USB disconnect, device number 78 [ 1398.302228][ T6324] usb 2-1: config 0 descriptor?? [ 1399.018543][ T5687] usb 6-1: new full-speed USB device number 16 using dummy_hcd [ 1399.056049][ T6324] savu 0003:1E7D:2D5A.0027: unknown main item tag 0x0 [ 1399.062880][ T6324] savu 0003:1E7D:2D5A.0027: unknown main item tag 0x0 [ 1399.124424][ T6324] savu 0003:1E7D:2D5A.0027: unknown main item tag 0x0 [ 1399.157430][ T6324] savu 0003:1E7D:2D5A.0027: unknown main item tag 0x0 [ 1399.164337][ T6324] savu 0003:1E7D:2D5A.0027: unknown main item tag 0x0 [ 1399.171144][ T6324] savu 0003:1E7D:2D5A.0027: unbalanced collection at end of report description [ 1399.194488][ T6324] savu 0003:1E7D:2D5A.0027: parse failed [ 1399.200283][ T6324] savu: probe of 0003:1E7D:2D5A.0027 failed with error -22 [ 1399.913880][T13227] Bluetooth: hci0: Frame reassembly failed (-84) [ 1400.115125][T12648] usb 2-1: USB disconnect, device number 76 [ 1400.132348][T13227] Bluetooth: hci0: Frame reassembly failed (-84) [ 1400.168076][ T5687] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 1400.179262][ T5687] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1400.189070][ T5687] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 1400.198342][ T5687] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1400.207111][ T5687] usb 6-1: config 0 descriptor?? [ 1400.321975][T15903] loop2: detected capacity change from 0 to 40427 [ 1400.338402][T15903] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 1400.354087][T15903] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 1400.365851][T15903] F2FS-fs (loop2): Insane cp_payload (524288 >= 504) [ 1400.372647][T15903] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock [ 1401.034953][T15912] device pim6reg1 entered promiscuous mode [ 1401.411285][T15925] loop1: detected capacity change from 0 to 256 [ 1401.419945][T15925] FAT-fs (loop1): Unrecognized mount option "shortname`Power" or missing value [ 1401.641700][ T5687] savu 0003:1E7D:2D5A.0028: unknown main item tag 0x0 [ 1401.648637][ T5687] savu 0003:1E7D:2D5A.0028: unknown main item tag 0x0 [ 1401.655468][ T5687] savu 0003:1E7D:2D5A.0028: unknown main item tag 0x0 [ 1401.662262][ T5687] savu 0003:1E7D:2D5A.0028: unknown main item tag 0x0 [ 1401.725340][T15929] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4233'. [ 1401.730058][T15930] loop5: detected capacity change from 0 to 1024 [ 1401.742570][ T5687] savu 0003:1E7D:2D5A.0028: unknown main item tag 0x0 [ 1401.752999][ T5687] savu 0003:1E7D:2D5A.0028: unbalanced collection at end of report description [ 1401.764580][T15930] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1401.766869][ T5687] savu 0003:1E7D:2D5A.0028: parse failed [ 1401.783534][ T5687] savu: probe of 0003:1E7D:2D5A.0028 failed with error -22 [ 1401.800624][ T5687] usb 6-1: USB disconnect, device number 16 [ 1401.820341][T15930] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 1401.944318][T11796] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 1403.154436][T11330] EXT4-fs (loop5): unmounting filesystem. [ 1403.248907][T15950] syz.3.4236[15950] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1403.249248][T15950] syz.3.4236[15950] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1403.310428][T15949] loop1: detected capacity change from 0 to 512 [ 1403.332897][ T28] audit: type=1400 audit(1756900835.637:3204): avc: denied { create } for pid=15938 comm="syz.3.4236" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 1404.065105][T15947] loop5: detected capacity change from 0 to 1024 [ 1404.092432][T15949] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 1404.101618][T15949] ext4 filesystem being mounted at /254/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1404.129281][T15947] EXT4-fs: Ignoring removed i_version option [ 1404.150814][T15947] EXT4-fs (loop5): Test dummy encryption mode enabled [ 1404.184089][T15947] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 1404.222274][T11087] EXT4-fs (loop1): unmounting filesystem. [ 1404.341150][T15968] loop1: detected capacity change from 0 to 256 [ 1405.669686][T15971] loop4: detected capacity change from 0 to 512 [ 1405.678242][T11330] EXT4-fs (loop5): unmounting filesystem. [ 1405.831200][T15975] loop1: detected capacity change from 0 to 128 [ 1405.852237][T15971] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 1405.861259][T15971] ext4 filesystem being mounted at /240/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1406.232062][T11232] EXT4-fs (loop4): unmounting filesystem. [ 1406.394663][T15975] FAT-fs (loop1): Unrecognized mount option "01777777777777777777777=d̞ YS38`" or missing value [ 1406.442524][T15981] loop5: detected capacity change from 0 to 256 [ 1406.642564][T15961] loop3: detected capacity change from 0 to 40427 [ 1406.972071][T15993] syz.4.4249[15993] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1406.972154][T15993] syz.4.4249[15993] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1407.077889][T15961] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 1407.130352][T15994] loop2: detected capacity change from 0 to 256 [ 1407.137554][T15994] FAT-fs (loop2): Unrecognized mount option "shortname`Power" or missing value [ 1407.264433][T15961] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 1407.460780][T15961] F2FS-fs (loop3): Insane cp_payload (524288 >= 504) [ 1407.469038][T15961] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock [ 1407.661656][T16003] loop3: detected capacity change from 0 to 512 [ 1407.826079][T15995] input: syz0 as /devices/virtual/input/input16 [ 1407.857301][T16003] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 1407.866388][T16003] ext4 filesystem being mounted at /260/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1407.979604][T16014] loop5: detected capacity change from 0 to 256 [ 1407.988187][T16014] FAT-fs (loop5): Unrecognized mount option "shortname`Power" or missing value [ 1408.291802][T16017] loop1: detected capacity change from 0 to 1024 [ 1408.314691][T16017] EXT4-fs: Ignoring removed i_version option [ 1408.329401][T16017] EXT4-fs (loop1): Test dummy encryption mode enabled [ 1408.350631][T16017] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 1408.374545][T16020] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 1408.405647][T11162] EXT4-fs (loop3): unmounting filesystem. [ 1408.554805][T16026] loop5: detected capacity change from 0 to 1024 [ 1408.595106][T16027] loop3: detected capacity change from 0 to 512 [ 1408.771201][T16026] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 1408.783335][T16027] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 1408.793088][T16027] ext4 filesystem being mounted at /261/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1408.847408][T16026] overlayfs: missing 'lowerdir' [ 1408.898815][T11330] EXT4-fs (loop5): unmounting filesystem. [ 1409.149763][T11087] EXT4-fs (loop1): unmounting filesystem. [ 1409.163532][T16035] loop2: detected capacity change from 0 to 1024 [ 1409.190002][T16035] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1409.237220][T16035] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 1409.409294][T11162] EXT4-fs (loop3): unmounting filesystem. [ 1410.015232][T11663] EXT4-fs (loop2): unmounting filesystem. [ 1410.069296][T16044] loop5: detected capacity change from 0 to 40427 [ 1410.073419][T16056] loop2: detected capacity change from 0 to 512 [ 1410.086613][T16058] loop1: detected capacity change from 0 to 512 [ 1410.094992][T16044] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12 [ 1410.102758][T16044] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 1410.125714][T16044] F2FS-fs (loop5): Insane cp_payload (524288 >= 504) [ 1410.132627][T16044] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 1410.185337][T16056] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 1410.195864][T16058] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 1410.204871][T16058] ext4 filesystem being mounted at /259/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1411.462826][T16065] loop4: detected capacity change from 0 to 256 [ 1413.439644][T11087] EXT4-fs (loop1): unmounting filesystem. [ 1413.452735][T11663] EXT4-fs (loop2): unmounting filesystem. [ 1413.463746][T16065] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 1413.523584][T16064] exFAT-fs (loop4): error, invalid access to FAT free cluster (entry 0x00000008) [ 1413.679122][T16073] loop1: detected capacity change from 0 to 1024 [ 1413.719429][T16073] EXT4-fs: Ignoring removed i_version option [ 1413.747252][T16073] EXT4-fs (loop1): Test dummy encryption mode enabled [ 1413.789812][T16077] serio: Serial port ptm0 [ 1413.840654][T16073] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 1413.948136][T16086] loop5: detected capacity change from 0 to 512 [ 1413.976867][T16086] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 1413.986079][T16086] ext4 filesystem being mounted at /242/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1414.500667][T11087] EXT4-fs (loop1): unmounting filesystem. [ 1414.697853][T11330] EXT4-fs (loop5): unmounting filesystem. [ 1415.141503][T16102] loop5: detected capacity change from 0 to 512 [ 1415.161482][T16102] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 1415.174418][T16102] ext4 filesystem being mounted at /243/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1415.174843][ T2401] usb 2-1: new full-speed USB device number 77 using dummy_hcd [ 1415.202541][T11330] EXT4-fs (loop5): unmounting filesystem. [ 1415.261053][T16115] loop5: detected capacity change from 0 to 1024 [ 1415.267991][T16115] EXT4-fs: Ignoring removed i_version option [ 1415.274930][T16115] EXT4-fs (loop5): Test dummy encryption mode enabled [ 1415.283949][T16115] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 1415.374349][T12648] usb 4-1: new high-speed USB device number 74 using dummy_hcd [ 1415.395626][ T2401] usb 2-1: unable to get BOS descriptor or descriptor too short [ 1415.403712][ T2401] usb 2-1: not running at top speed; connect to a high speed hub [ 1415.707336][T16121] loop2: detected capacity change from 0 to 256 [ 1415.714103][T16121] FAT-fs (loop2): Unrecognized mount option "shortname`Power" or missing value [ 1415.875288][ T2401] usb 2-1: config 4 has an invalid interface number: 147 but max is 0 [ 1415.883512][ T2401] usb 2-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 1415.893724][ T2401] usb 2-1: config 4 has no interface number 0 [ 1415.902284][ T2401] usb 2-1: string descriptor 0 read error: -22 [ 1415.908702][ T2401] usb 2-1: New USB device found, idVendor=04f2, idProduct=b746, bcdDevice=8e.6e [ 1415.911666][T12648] usb 4-1: Using ep0 maxpacket: 32 [ 1415.924587][ T2401] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1415.933863][T12648] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1415.945245][T12648] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1415.955510][T12648] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 1415.956086][ T2401] usb 2-1: Found UVC 0.00 device (04f2:b746) [ 1415.964657][T12648] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1415.982451][T12648] usb 4-1: config 0 descriptor?? [ 1415.994310][ T2401] usb 2-1: No valid video chain found. [ 1416.125782][T11330] EXT4-fs (loop5): unmounting filesystem. [ 1416.190306][T16129] fuse: Bad value for 'user_id' [ 1416.237273][ T6324] usb 2-1: USB disconnect, device number 77 [ 1416.275894][T16132] loop5: detected capacity change from 0 to 512 [ 1416.305971][T16132] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 1416.314960][T16132] ext4 filesystem being mounted at /247/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1416.393089][T12648] savu 0003:1E7D:2D5A.0029: hiddev96,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.3-1/input0 [ 1416.444344][ T2401] usb 3-1: new full-speed USB device number 79 using dummy_hcd [ 1416.625532][ T2401] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 1416.636783][ T2401] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1416.646757][ T2401] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 1416.655887][ T2401] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1416.664410][ T2401] usb 3-1: config 0 descriptor?? [ 1416.798187][T16140] loop4: detected capacity change from 0 to 512 [ 1416.819217][T16140] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 1416.828414][T16140] ext4 filesystem being mounted at /247/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1416.844594][T11232] EXT4-fs (loop4): unmounting filesystem. [ 1417.058703][T11330] EXT4-fs (loop5): unmounting filesystem. [ 1417.073357][ T2401] savu 0003:1E7D:2D5A.002A: unknown main item tag 0x0 [ 1417.080757][ T2401] savu 0003:1E7D:2D5A.002A: unknown main item tag 0x0 [ 1417.087742][ T2401] savu 0003:1E7D:2D5A.002A: unknown main item tag 0x0 [ 1417.094698][ T2401] savu 0003:1E7D:2D5A.002A: unknown main item tag 0x0 [ 1417.101469][ T2401] savu 0003:1E7D:2D5A.002A: unknown main item tag 0x0 [ 1417.108378][ T2401] savu 0003:1E7D:2D5A.002A: unbalanced collection at end of report description [ 1417.117625][ T2401] savu 0003:1E7D:2D5A.002A: parse failed [ 1417.123460][ T2401] savu: probe of 0003:1E7D:2D5A.002A failed with error -22 [ 1417.228277][T16150] loop5: detected capacity change from 0 to 40427 [ 1417.237477][T16150] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12 [ 1417.245509][T16150] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 1417.256291][T16150] F2FS-fs (loop5): Found nat_bits in checkpoint [ 1417.274696][T16150] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0 [ 1417.281912][T16150] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 1417.310081][ T2401] usb 3-1: USB disconnect, device number 79 [ 1417.437004][T16155] syz.5.4297[16155] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1417.437063][T16155] syz.5.4297[16155] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1417.642806][T16161] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4300'. [ 1417.679436][T16163] loop1: detected capacity change from 0 to 1024 [ 1417.686666][T16163] EXT4-fs: Ignoring removed i_version option [ 1417.706248][T16163] EXT4-fs (loop1): Test dummy encryption mode enabled [ 1417.716335][T16163] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 1417.774127][ T6324] usb 4-1: reset high-speed USB device number 74 using dummy_hcd [ 1418.374455][T11765] usb 5-1: new full-speed USB device number 79 using dummy_hcd [ 1418.588855][T11087] EXT4-fs (loop1): unmounting filesystem. [ 1418.701085][T11765] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 1418.712620][T11765] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1418.727790][T16185] loop3: detected capacity change from 0 to 512 [ 1418.728529][T11765] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 1418.739094][T16183] loop5: detected capacity change from 0 to 512 [ 1418.790448][T11765] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1418.790543][T16185] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 1418.796239][T16183] EXT4-fs warning (device loop5): ext4_enable_quotas:7053: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 1418.799283][T16185] ext4 filesystem being mounted at /269/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1418.808695][T16183] EXT4-fs (loop5): mount failed [ 1418.854811][T11765] usb 5-1: config 0 descriptor?? [ 1419.054751][T12648] usb 4-1: USB disconnect, device number 74 [ 1419.268694][T11765] savu 0003:1E7D:2D5A.002B: unknown main item tag 0x0 [ 1419.276119][T11765] savu 0003:1E7D:2D5A.002B: unknown main item tag 0x0 [ 1419.283025][T11765] savu 0003:1E7D:2D5A.002B: unknown main item tag 0x0 [ 1419.290043][T11765] savu 0003:1E7D:2D5A.002B: unknown main item tag 0x0 [ 1419.297027][T11765] savu 0003:1E7D:2D5A.002B: unknown main item tag 0x0 [ 1419.320345][T11765] savu 0003:1E7D:2D5A.002B: unbalanced collection at end of report description [ 1419.343705][T11765] savu 0003:1E7D:2D5A.002B: parse failed [ 1419.357375][T11765] savu: probe of 0003:1E7D:2D5A.002B failed with error -22 [ 1419.383181][T16195] loop2: detected capacity change from 0 to 256 [ 1419.490213][T11765] usb 5-1: USB disconnect, device number 79 [ 1419.509649][T11162] EXT4-fs (loop3): unmounting filesystem. [ 1420.741752][T16206] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4312'. [ 1420.852276][T16212] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4313'. [ 1420.948291][T16213] loop3: detected capacity change from 0 to 512 [ 1421.153900][T16213] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 1421.268017][T16213] ext4 filesystem being mounted at /272/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1421.528891][T16222] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 1421.647848][T16224] loop2: detected capacity change from 0 to 1024 [ 1421.664669][T16224] EXT4-fs: Ignoring removed i_version option [ 1421.685745][T16224] EXT4-fs (loop2): Test dummy encryption mode enabled [ 1421.710373][T16225] loop4: detected capacity change from 0 to 256 [ 1421.718054][T16224] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 1421.842905][T16225] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 1422.057398][T16225] exFAT-fs (loop4): error, invalid access to FAT free cluster (entry 0x00000008) [ 1422.648989][T11663] EXT4-fs (loop2): unmounting filesystem. [ 1422.744297][ T496] Bluetooth: hci0: command 0x1003 tx timeout [ 1422.744312][T11796] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 1424.082235][T16242] loop5: detected capacity change from 0 to 8192 [ 1424.328385][T16248] loop2: detected capacity change from 0 to 1024 [ 1424.357564][T16248] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 1424.441565][ T28] audit: type=1326 audit(1756900856.777:3205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16241 comm="syz.5.4321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde6e58ebe9 code=0x7ffc0000 [ 1424.647956][T16248] overlayfs: missing 'workdir' [ 1424.673168][ T28] audit: type=1326 audit(1756900856.777:3206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16241 comm="syz.5.4321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde6e58ebe9 code=0x7ffc0000 [ 1424.698179][T11663] EXT4-fs (loop2): unmounting filesystem. [ 1424.724307][ T28] audit: type=1326 audit(1756900856.777:3207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16241 comm="syz.5.4321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=6 compat=0 ip=0x7fde6e58ebe9 code=0x7ffc0000 [ 1424.747673][T11765] usb 6-1: new high-speed USB device number 17 using dummy_hcd [ 1424.778057][ T28] audit: type=1326 audit(1756900856.787:3208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16241 comm="syz.5.4321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde6e58ebe9 code=0x7ffc0000 [ 1424.852277][ T28] audit: type=1326 audit(1756900856.787:3209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16241 comm="syz.5.4321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde6e58ebe9 code=0x7ffc0000 [ 1424.924291][ T28] audit: type=1326 audit(1756900856.787:3210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16241 comm="syz.5.4321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fde6e58d550 code=0x7ffc0000 [ 1424.950314][T11162] EXT4-fs (loop3): unmounting filesystem. [ 1424.956721][T11765] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1424.975347][T11765] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1424.993745][ T28] audit: type=1326 audit(1756900856.787:3211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16241 comm="syz.5.4321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fde6e58e7eb code=0x7ffc0000 [ 1425.075514][ T28] audit: type=1326 audit(1756900856.787:3212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16241 comm="syz.5.4321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fde6e58e7eb code=0x7ffc0000 [ 1425.099800][ T28] audit: type=1326 audit(1756900856.787:3213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16241 comm="syz.5.4321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fde6e58e7eb code=0x7ffc0000 [ 1425.124649][ T28] audit: type=1326 audit(1756900856.787:3214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16241 comm="syz.5.4321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fde6e58e7eb code=0x7ffc0000 [ 1425.154328][T11765] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1425.163592][T11765] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1425.196570][T11765] usb 6-1: Product: syz [ 1425.200939][T11765] usb 6-1: Manufacturer: syz [ 1425.220074][T11765] usb 6-1: SerialNumber: syz [ 1425.245369][T16260] loop3: detected capacity change from 0 to 256 [ 1425.265586][T16260] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 1425.327354][T16260] exFAT-fs (loop3): error, invalid access to FAT free cluster (entry 0x00000008) [ 1425.525815][T11765] cdc_ncm 6-1:1.0: CDC Union missing and no IAD found [ 1425.628578][T11765] cdc_ncm 6-1:1.0: bind() failure [ 1426.531071][T16266] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4329'. [ 1426.575213][T16268] loop1: detected capacity change from 0 to 1024 [ 1426.598319][T16268] EXT4-fs: Ignoring removed i_version option [ 1426.629514][T16268] EXT4-fs (loop1): Test dummy encryption mode enabled [ 1426.638078][T16268] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 1426.680552][T11765] usb 3-1: new full-speed USB device number 80 using dummy_hcd [ 1426.867001][T11765] usb 3-1: unable to get BOS descriptor or descriptor too short [ 1426.875541][T11765] usb 3-1: not running at top speed; connect to a high speed hub [ 1426.885652][T11765] usb 3-1: config 4 has an invalid interface number: 147 but max is 0 [ 1426.894066][T11765] usb 3-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 1427.404290][T11765] usb 3-1: config 4 has no interface number 0 [ 1427.422175][T11765] usb 3-1: string descriptor 0 read error: -22 [ 1427.791646][ T296] usb 6-1: USB disconnect, device number 17 [ 1427.856037][T11765] usb 3-1: New USB device found, idVendor=04f2, idProduct=b746, bcdDevice=8e.6e [ 1427.856629][T11087] EXT4-fs (loop1): unmounting filesystem. [ 1427.865965][T11765] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1427.881832][T11765] usb 3-1: Found UVC 0.00 device (04f2:b746) [ 1427.890555][T11765] usb 3-1: No valid video chain found. [ 1427.897801][T16281] loop4: detected capacity change from 0 to 1024 [ 1427.934851][T16281] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 1427.953072][T16281] overlayfs: missing 'workdir' [ 1427.977200][T11232] EXT4-fs (loop4): unmounting filesystem. [ 1427.980244][T16292] loop1: detected capacity change from 0 to 1024 [ 1427.993217][T16292] EXT4-fs: Ignoring removed i_version option [ 1428.004637][T16292] EXT4-fs (loop1): Test dummy encryption mode enabled [ 1428.053712][T16292] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 1428.063929][T16299] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4341'. [ 1428.099068][T11765] usb 3-1: USB disconnect, device number 80 [ 1428.125113][T16301] device pim6reg1 entered promiscuous mode [ 1428.254295][ T296] usb 6-1: new high-speed USB device number 18 using dummy_hcd [ 1428.331800][T16312] loop4: detected capacity change from 0 to 8192 [ 1428.476636][ T296] usb 6-1: Using ep0 maxpacket: 16 [ 1428.482985][ T296] usb 6-1: config index 0 descriptor too short (expected 64967, got 165) [ 1428.501753][ T296] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1428.512225][ T296] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1428.789185][ T296] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1428.798439][ T296] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1428.806530][ T296] usb 6-1: Product: syz [ 1428.810773][ T296] usb 6-1: Manufacturer: syz [ 1428.817171][ T296] usb 6-1: SerialNumber: syz [ 1428.891214][T16319] loop2: detected capacity change from 0 to 512 [ 1428.904456][T11765] usb 5-1: new high-speed USB device number 80 using dummy_hcd [ 1428.936821][T16319] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 1428.946031][T16319] ext4 filesystem being mounted at /261/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1429.027248][ T296] usb 6-1: 0:2 : does not exist [ 1429.036423][ T296] usb 6-1: USB disconnect, device number 18 [ 1429.105367][T11765] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1429.116087][T11087] EXT4-fs (loop1): unmounting filesystem. [ 1429.122204][T11765] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1429.155707][T11765] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1429.168527][T11765] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1429.181561][T16325] loop1: detected capacity change from 0 to 512 [ 1429.186009][T11765] usb 5-1: Product: syz [ 1429.194936][T11765] usb 5-1: Manufacturer: syz [ 1429.204800][T11765] usb 5-1: SerialNumber: syz [ 1429.205288][T16325] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 1429.220295][T11765] cdc_ncm 5-1:1.0: CDC Union missing and no IAD found [ 1429.272767][T11765] cdc_ncm 5-1:1.0: bind() failure [ 1429.317691][T16328] loop3: detected capacity change from 0 to 128 [ 1429.324723][T16328] FAT-fs (loop3): Unrecognized mount option "01777777777777777777777=d̞ YS38`" or missing value [ 1429.814308][ T28] kauditd_printk_skb: 54 callbacks suppressed [ 1429.814325][ T28] audit: type=1326 audit(1756900861.787:3269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16311 comm="syz.4.4346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f59df18ebe9 code=0x7ffc0000 [ 1429.845603][T11663] EXT4-fs (loop2): unmounting filesystem. [ 1429.851807][ T28] audit: type=1326 audit(1756900861.787:3270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16311 comm="syz.4.4346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f59df18ebe9 code=0x7ffc0000 [ 1429.968140][T16339] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4354'. [ 1429.996896][T16331] input: syz0 as /devices/virtual/input/input17 [ 1430.445734][T11087] EXT4-fs (loop1): unmounting filesystem. [ 1430.722956][T16350] loop1: detected capacity change from 0 to 256 [ 1431.068197][T16350] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 1431.085499][T16350] exFAT-fs (loop1): error, invalid access to FAT free cluster (entry 0x00000008) [ 1431.340931][T11765] usb 5-1: USB disconnect, device number 80 [ 1431.571991][T16364] loop5: detected capacity change from 0 to 512 [ 1431.583652][T16363] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 1431.599115][T16364] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 1431.608223][T16364] ext4 filesystem being mounted at /258/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1432.214687][T16377] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4366'. [ 1432.326285][T16382] loop2: detected capacity change from 0 to 1024 [ 1432.352112][T11330] EXT4-fs (loop5): unmounting filesystem. [ 1432.362436][T16382] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1432.415806][T16382] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 1432.593465][T16389] loop5: detected capacity change from 0 to 8192 [ 1433.748688][T11663] EXT4-fs (loop2): unmounting filesystem. [ 1433.894301][ T28] audit: type=1400 audit(1756900866.197:3271): avc: denied { read } for pid=16391 comm="poweroff" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 [ 1434.157139][T16401] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 1434.294274][T11765] usb 5-1: new full-speed USB device number 81 using dummy_hcd [ 1434.331153][T16415] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4378'. Stopping sshd: stopped /usr/sbin/sshd (pid 194) OK [ 1434.486078][ T28] audit: type=1400 audit(1756900866.837:3272): avc: denied { ioctl } for pid=16396 comm="syz.4.4373" path="/dev/raw-gadget" dev="devtmpfs" ino=258 ioctlcmd=0x5503 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 1434.513711][T11765] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 1434.530315][T11765] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 Stopping crond: [ 1434.566097][T11765] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 1434.575424][T11765] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1434.589824][T11765] usb 5-1: config 0 descriptor?? stopped /usr/sbin/crond (pid 186) OK [ 1434.744313][T12648] usb 6-1: new full-speed USB device number 19 using dummy_hcd Stopping dhcpcd... stopped /sbin/dhcpcd (pid 140) [ 1434.850784][ T28] audit: type=1400 audit(1756900867.197:3273): avc: denied { search } for pid=16432 comm="dhcpcd-run-hook" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 Stopping network: [ 1434.950477][T16431] loop1: detected capacity change from 0 to 256 [ 1434.959894][T16431] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 1434.980254][T12648] usb 6-1: unable to get BOS descriptor or descriptor too short [ 1434.988798][T16431] exFAT-fs (loop1): error, invalid access to FAT free cluster (entry 0x00000008) [ 1435.012250][T11765] savu 0003:1E7D:2D5A.002C: unknown main item tag 0x0 [ 1435.020005][T11765] savu 0003:1E7D:2D5A.002C: unknown main item tag 0x0 [ 1435.031056][T12648] usb 6-1: not running at top speed; connect to a high speed hub [ 1435.039164][T11765] savu 0003:1E7D:2D5A.002C: unknown main item tag 0x0 [ 1435.046782][T11765] savu 0003:1E7D:2D5A.002C: unknown main item tag 0x0 [ 1435.053974][T11765] savu 0003:1E7D:2D5A.002C: unknown main item tag 0x0 [ 1435.061284][T16442] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4382'. [ 1435.065042][ T28] audit: type=1400 audit(1756900867.417:3274): avc: denied { write } for pid=141 comm="dhcpcd" name="dhcpcd" dev="tmpfs" ino=489 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1435.074385][T12648] usb 6-1: config 4 has an invalid interface number: 147 but max is 0 [ 1435.113131][T11765] savu 0003:1E7D:2D5A.002C: unbalanced collection at end of report description [ 1435.118067][ T28] audit: type=1400 audit(1756900867.417:3275): avc: denied { remove_name } for pid=141 comm="dhcpcd" name="sock" dev="tmpfs" ino=491 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1435.129411][T11765] savu 0003:1E7D:2D5A.002C: parse failed [ 1435.150051][T12648] usb 6-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 1435.160782][T12648] usb 6-1: config 4 has no interface number 0 [ 1435.167093][T11765] savu: probe of 0003:1E7D:2D5A.002C failed with error -22 [ 1435.181170][ T28] audit: type=1400 audit(1756900867.417:3276): avc: denied { unlink } for pid=141 comm="dhcpcd" name="sock" dev="tmpfs" ino=491 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=sock_file permissive=1 [ 1435.203685][ T28] audit: type=1400 audit(1756900867.447:3277): avc: denied { unlink } for pid=141 comm="dhcpcd" name="pid" dev="tmpfs" ino=490 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 1435.240248][T12648] usb 6-1: string descriptor 0 read error: -22 [ 1435.248091][T16447] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4383'. [ 1435.252385][T12648] usb 6-1: New USB device found, idVendor=04f2, idProduct=b746, bcdDevice=8e.6e [ 1435.271600][ T28] audit: type=1400 audit(1756900867.537:3278): avc: denied { read write } for pid=16446 comm="ip" path="/dev/console" dev="rootfs" ino=38 scontext=system_u:system_r:ifconfig_t tcontext=system_u:object_r:root_t tclass=chr_file permissive=1 [ 1435.296161][T12648] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1435.321264][ T4511] usb 5-1: USB disconnect, device number 81 [ 1435.331855][T12648] usb 6-1: Found UVC 0.00 device (04f2:b746) OK [ 1435.354331][T12648] usb 6-1: No valid video chain found. Stopping iptables: [ 1435.374431][ T28] audit: type=1400 audit(1756900867.727:3279): avc: denied { read write } for pid=16458 comm="iptables" path="/dev/console" dev="rootfs" ino=38 scontext=system_u:system_r:iptables_t tcontext=system_u:object_r:root_t tclass=chr_file permissive=1 OK [ 1435.412087][ T28] audit: type=1400 audit(1756900867.757:3280): avc: denied { search } for pid=16458 comm="iptables" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:iptables_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 Stopping system message bus: [ 1435.445699][ T28] audit: type=1400 audit(1756900867.757:3281): avc: denied { write } for pid=16458 comm="iptables" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:iptables_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1435.469330][ T28] audit: type=1400 audit(1756900867.757:3282): avc: denied { add_name } for pid=16458 comm="iptables" name="xtables.lock" scontext=system_u:system_r:iptables_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 1435.499595][T16451] loop3: detected capacity change from 0 to 40427 done [ 1435.554589][T16451] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 1435.562375][T16451] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 1435.568824][ T296] usb 6-1: USB disconnect, device number 19 [ 1435.583418][T16451] F2FS-fs (loop3): Found nat_bits in checkpoint [ 1435.644131][T16451] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 1435.651855][T16451] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 killall: can't kill pid 8002: No such process killall: can't kill pid 8003: No such process killall: can't kill pid 8014: No such process killall: can't kill pid 8334: No such process killall: can't kill pid 8335: No such process killall: can't kill pid 13987: No such process killall: can't kill p[ 1435.861242][T16484] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4392'. id 14850: No such process killall: can't kill pid 14851: No such process [ 1435.939583][T16486] syz.3.4384[16486] is installing a program with bpf_probe_write_user helper that may corrupt user memory! Stopping klogd: OK Stopping acpid: [ 1435.939911][T16486] syz.3.4384[16486] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1436.858399][T16496] loop5: detected capacity change from 0 to 8192 [ 1437.045394][T16490] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 1437.629888][ T296] usb 6-1: new high-speed USB device number 20 using dummy_hcd [ 1437.716575][T16511] loop1: detected capacity change from 0 to 256 [ 1437.725657][T16511] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 1437.757974][T16511] exFAT-fs (loop1): error, invalid access to FAT free cluster (entry 0x00000008) [ 1437.906889][T16516] xt_l2tp: missing protocol rule (udp|l2tpip) OK Stopping syslogd: stopped /sbin/syslogd (pid 84) [ 1438.305750][ T296] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1438.324577][ T296] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1438.337657][ T296] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1438.347881][ T296] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 OK [ 1438.357579][ T296] usb 6-1: Product: syz [ 1438.362842][ T296] usb 6-1: Manufacturer: syz [ 1438.372770][ T296] usb 6-1: SerialNumber: syz [ 1438.377661][T16522] loop2: detected capacity change from 0 to 2048 [ 1438.386093][ T296] cdc_ncm 6-1:1.0: CDC Union missing and no IAD found [ 1438.388827][T16525] loop3: detected capacity change from 0 to 512 [ 1438.393531][ T296] cdc_ncm 6-1:1.0: bind() failure [ 1438.423913][T16525] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 1438.475505][T16522] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 1438.563847][T11663] EXT4-fs (loop2): unmounting filesystem. [ 1438.918515][T16539] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4405'. [ 1438.922298][T16545] loop4: detected capacity change from 0 to 512 umount: can't remount debugfs read-only [ 1439.061208][T16545] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 1439.070612][T16545] ext4 filesystem being mounted at /264/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1439.164917][T16552] syz.2.4407[16552] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1439.165296][T16552] syz.2.4407[16552] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1439.344662][T11162] EXT4-fs (loop3): unmounting filesystem. [ 1440.427771][T16556] loop1: detected capacity change from 0 to 512 Connection to 10.128.10.4 closed by remote host. umount: sysfs busy - remounted read-only umount: devtmpfs busy - remounted read-only umount: can't remount /dev/root read-only The system is going down NOW! [ 1440.728879][T16556] EXT4-fs warning (device loop1): ext4_multi_mount_protect:404: Unable to create kmmpd thread for loop1. [ 1440.790105][ T28] kauditd_printk_skb: 55 callbacks suppressed [ 1440.790127][ T28] audit: type=1400 audit(1756900873.027:3338): avc: denied { unmount } for pid=11330 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1 Sent SIGTERM to all processes [ 1440.849700][ T28] audit: type=1400 audit(1756900873.097:3339): avc: denied { write } for pid=274 comm="syz-executor" path="pipe:[840]" dev="pipefs" ino=840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 1441.048526][T11232] EXT4-fs (loop4): unmounting filesystem. [ 1441.050771][ T4511] usb 6-1: USB disconnect, device number 20 [ 1441.195223][T13227] tipc: Disabling bearer [ 1441.201184][T13227] tipc: Left network mode [ 1441.725810][T13227] device veth1_macvtap left promiscuous mode [ 1441.731827][T13227] device veth0_vlan left promiscuous mode Sent SIGKILL to all processes Requesting system poweroff [ 1442.325334][T13227] tipc: Disabling bearer [ 1442.330449][T13227] tipc: Left network mode [ 1442.334984][T13227] tipc: Disabling bearer [ 1442.340058][T13227] tipc: Left network mode [ 1442.827611][T13227] device veth1_macvtap left promiscuous mode [ 1442.833748][T13227] device veth0_vlan left promiscuous mode [ 1442.839993][T13227] device veth1_macvtap left promiscuous mode [ 1442.846018][T13227] device veth0_vlan left promiscuous mode [ 1442.852172][T13227] device veth1_macvtap left promiscuous mode [ 1442.858379][T13227] device veth0_vlan left promiscuous mode [ 1443.172240][T16561] kvm: exiting hardware virtualization [ 1443.178469][T16561] sd 0:0:1:0: [sda] Synchronizing SCSI cache [ 1443.185528][T16561] ACPI: PM: Preparing to enter system sleep state S5 [ 1443.192361][T16561] reboot: Power down serialport: VM disconnected.