last executing test programs: 21.71720571s ago: executing program 1 (id=498): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000007f1600850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) syz_emit_ethernet(0x86, &(0x7f00000001c0)={@random="591a1d9a2bdb", @link_local={0x1, 0x80, 0xc2, 0x25}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x78, 0x0, 0x0, 0x0, 0x29, 0x0, @empty, @multicast1}, {0x0, 0x0, 0x72, 0x0, @wg=@response={0x220, 0x0, 0x0, "bfd8a5dd2002c02142c4391145badd28fd7f0ffc0e896f38da00", "0bb10000085b2e00", {"bb3b2195c4b058706558a70864bef1f0", "524a72fc460b8cd26e095f24ab642591"}}}}}}}, 0x0) 21.695218621s ago: executing program 1 (id=499): ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f0000000240)='./bus\x00', 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="6163746976655f6c6f67733d342c646174615f666c7573682c66617374626f6f742c6a71666d743d76667376312c6e6f696e6c696e655f64656e7472792c7573726a71756f74613d66326673002c00ff371013587045d0d273e856ce75c2b11120ece6d6a76856a2cdd8c835ef14aa3aea583b7f3affd12ff9abc9b21098874a75607f009920ad1a283ce7b8b528e239692ab156e30dd8365f708e6c98cfcd0b30d5304dd70f87da026e2d4e4df1ad07ba72683f43d76541d455d1fa118f0900000009fe28bfded255e7c5806f05b80ec0e186b4f72759eb096a1fe6793e734fe61555f01ff9f23bc11370aa247215e8f1410ea4728bb2a2c2d20bc5e61b0a4c7ddb25da21c75f35f711581d1f5b8db3be07c80000000000000000"], 0x1, 0x54f4, &(0x7f0000005600)="$eJzs3M1rI2UYAPBn2u1+uxbx4G0HFqGFTdj0Y9Fb1V38wC7Fj4MnTZM0ZDfJlCZNa08ePIoH/xNR8OTRv8GDZ2/iQfEmKJmZ6tYvhKaNtb8fTJ6ZN2+eed5QCs9MmADOrfn0px+SuBFXImI2Iq5H5PtJueXWivBMRNyMiJnHtqQc/23gYkRcjYgb4+RFzqR865Pbo1ur37/245dfX7pw7dMvvpneqoFpezYietvF/l6viFm7iA/L8fqok8feyqiMxRu9R+VxVsS91maeYa9+OK+ex+V2MT/b3h2MY5LUG+PY7mzl49v94oSDUfswT/6Bh/Wd/LjZ2sxjZ5DlsX1Q1LV/UPxvOxgMizzNMt/7efoYDg9jMd7abxXr2X6Ux0Z/WI4XebNma38cR2UsTxeNrNvM69g8zjf93/Z6p7+7n45aO4NO1k9Xq7XnqrW7ldpO1mwNWyuVeq95dyVdaHfH0yrDVr231s6ydrdVbWS9xXSh3WhUarV04V5rs1Pvp7Vadbl6p7K6WO7dTl9+8HbabaYL4/hip7877HQH6Va2kxafWEyXqsvPL6a3aumb6xvpxhv3769vvPXuvXcevLD+6kvlpD+VlS4s3VlaqtTuVJZqi+do/R+WRU9w/XAsybQLADh79P/ANEyj/9/qTq7/D/3/RJyp/ve89/8nsH44Fv0/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMC59e3cZ6/kO/PF8bVy/ImIm+Ohp8rjJCJmIuKXvzAbF4/knC3zzP3N/Lk/1PBVEnmG8TkuldvViFgrt5+fPOlvAQAAAP6/Pv/g5sdFt168zE+7IE5TcdFm5vp7E8qXRMTc/HcTyjYzfnl6Qsnyv+8LsT+hbPkFrMsTSlZccrswqWz/yuyRcPmxkBRh5lTLAQAATsXRTuB0uxAAAABO00fTLoDpSOLwVubhveD8l/e/3xC8cuQIAAAAOIOSaRcAAAAAnLi8//+H5/+F5/8BAADA2Vc8/w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiVnfvJSR2K4gB8Wuh7vD9GYpy7FWewDJfg0KFhAW6CJeAW3ABrwJlLMGBoS7QGE5PetpF8X9JebkN+nBIm515SAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6NJzsZo/3l89tM3Z7tpJczcAAADAMZtiNS9fTKv5v/r6WX3pop5nEZFHxLHefRS/GpmjOqf44v3FpxqeIsqE/Wf8ro+/EXFdH6/nXX8LAAAAcLrWi+Ws6tar03ToguhTtWiT/79JlJdFRDF9SZSW70+XicLK3/c47hKllQtYk0Rh1ZLbOFXat4waw+TDkFVD3ms5AABAL5qdQL9dCAAAAH26HboAhpHFYSvzsBdc/vP+fUPwT2MGAAAA/EDZ0AUAAAAAnSv7f8//AwAAgNNWPf8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACALm2K1Xy9WM7a5mx37aS5GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgjf15R4EQCIMw2Lu+M5n7H1YaNDU1qQLh428MBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAu9uclBUIgCKJgzvjfSd//sJKgZxAhAhoeVdSiAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAudu7nNY4qDgD4d2Z2trYqxig5RETBg17sdlNbe/WgBA/+CUJItzW69Ueagy1FyMWb5NyL6FFEUOKt/0PPLfRSbz3soYJnZWZnmmkacLV0Zpt8PvD2fWcY5n3fJIR8570EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA2eW8vzoqPhWmcVudu3b+2XvS39/WFGzt3lotWxEmbST8dXm0eJEvdJQIAAMDRkdX1fUTczXdXiz5dKOv/vL6mqPl/eH4a1/X8/rq/7uvav2i//3bv5QcDLUzHKW56YWM8OvVoKr0nN8v59sK/XtErn3z57iUrvyDph9svTfLyeSbf3bz5fr8Mj7WRLQDwf5ys+yqofx8q+mGXiQFwZPQahXdd/2cL3eYEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0IbJdjxbx0lELPf24sLt+9fWD+pv7NxZrtvZ69d3mvcsbpFHxIWN8ehUi3OZd5evXP1sbTwebbYfvBYR3Y1eBR/PcE1ElxkKHjdIq+/1ecnn6Qg6/sEEAMChk1etqOvv5rurxblkMeLvHx+u/99sxDFj/X/vk7O3mmM16/9hazOcf4OtS18OLl+5+vbGpbWLo4ujz99ZGb47PH3uzJlzg/JdycAbEwAAAB5PP4no76v/08VH1/9PNOKYsf7/6vvhN82xMvX/gfYW/brOBAAA4Gh78fW//kwOOJ/0+/H12tbW5nD6WR3H5kp5vNJBqv/Zsao16/9sseusAAAAgDZMtpOH1v/PN+KYcf3/uZ9e+aV5zywijlfr/yfXvxifb286c62NPyfueo4AAAB063jVmuv/ebn/P32w5SGNiLfemMbVvwGcqf7PPvj25+ZYzf3/p9ub4lxKl6bPo+yXInpLXWcEAADAYfZM1Ypi/498d/XTX0981Lf/HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBt/wQAAP//K8ZAQg==") bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000002000000850000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) syz_open_dev$tty1(0xc, 0x4, 0x3) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) open(0x0, 0x145142, 0x0) socket$netlink(0x10, 0x3, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) write$binfmt_elf64(r4, 0x0, 0x78) getsockname$packet(r4, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="48000000100003f700000000000000a7017e0142", @ANYRES32=r5, @ANYBLOB="0000400000000005280012000c00010076657468"], 0x48}}, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="2000000014002101000000000000000002010000", @ANYRES32=r5, @ANYBLOB="08000200ac14"], 0x20}}, 0x0) 20.822354212s ago: executing program 1 (id=514): r0 = socket$inet6(0xa, 0x800000000000002, 0x0) sendmmsg$inet6(r0, &(0x7f0000000d40)=[{{&(0x7f00000000c0)={0xa, 0x4e24, 0x4, @mcast2, 0x2}, 0x1c, 0x0}}, {{&(0x7f00000006c0)={0xa, 0x4e22, 0xc, @dev={0xfe, 0x80, '\x00', 0x32}, 0xf0}, 0x1c, 0x0, 0x0, &(0x7f0000000c40)=[@rthdr={{0x14, 0x29, 0x39, {0x2c, 0x0, 0x3, 0x9}}}], 0x14}}], 0x2, 0x0) 20.743261498s ago: executing program 1 (id=519): r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r0) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x2000000, 0x0) r1 = inotify_init1(0x0) fcntl$setown(r1, 0x8, 0xffffffffffffffff) fcntl$getownex(r1, 0x10, &(0x7f0000000140)={0x0, 0x0}) r3 = syz_open_procfs(r2, &(0x7f0000000600)='fd/4\x00') ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000280)=0x20) 20.670026184s ago: executing program 1 (id=522): mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0) renameat2(0xffffffffffffff9c, &(0x7f0000000480)='./file1/file2\x00', 0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00', 0x2) 20.645036906s ago: executing program 1 (id=529): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x1a, 0x3, &(0x7f0000000400)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x31a6b}}, &(0x7f0000000340)='syzkaller\x00', 0x1, 0xc5, &(0x7f0000000180)=""/197, 0x0, 0x0, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x2600}, 0x80) 11.968879275s ago: executing program 4 (id=564): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="1500000065ffff"], 0x15) r2 = dup(r1) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000280)={r3, &(0x7f0000000340), &(0x7f00000005c0)=""/151}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10) write$FUSE_BMAP(r2, &(0x7f0000000700)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137) mount$9p_fd(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) r5 = open_tree(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0) symlinkat(&(0x7f0000000040)='./file0\x00', r5, &(0x7f0000000080)='./file0\x00') 10.562886569s ago: executing program 0 (id=565): syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r0, &(0x7f0000004180)={0x2020, 0x0, 0x0}, 0x2020) syz_fuse_handle_req(r0, &(0x7f0000008400)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a04ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9474a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd30e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab25e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d806b2ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fb784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5c3cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a57f8719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e0000bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca00", 0x2000, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x90, 0x0, 0x0, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6000, 0x0, 0x0, 0x0, 0x800}}}, 0x0, 0x0, 0x0, 0x0}) write$FUSE_INIT(r0, &(0x7f0000000340)={0x50, 0x0, r1}, 0x50) r2 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x0, 0x0) ioctl$FIBMAP(r2, 0x2284, &(0x7f0000000140)=0x1) 10.561047559s ago: executing program 4 (id=568): bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0) r0 = socket(0x8000000010, 0x2, 0x0) write(r0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x3, 0x8}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x10) r3 = socket(0x840000000002, 0x3, 0x100) connect$inet(r3, &(0x7f00000005c0)={0x2, 0x0, @local}, 0x10) sendmmsg$inet(r3, &(0x7f0000005240)=[{{0x0, 0x0, 0x0}, 0xfffffdef}], 0x4000095, 0x0) 9.05294509s ago: executing program 0 (id=569): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x3, &(0x7f0000000000), 0x1, 0x625, &(0x7f0000001400)="$eJzs3c9rXNUeAPDvncnvvPeShsd7r2/xXkC0BW3SpK0UEWwRXJVSfywEN45NWmqnP2gimlppAnUjiBsXgisX1oX/gxYEV/4DLty4kkoR6UYpOnInd8ZpMjeZxMxMm/l8YDr33HNzz7nJfHvOnDnnTgA9azL9pxCxNyIuJxETDXl9kWVOrh539+drp9NHEpXKiz8lce16stx4riR7Ho2INOO3sUi+joiJ4vpyF5auni+Vy/NXsvT04oXL0wtLVw+cu1A6O392/uLsk7NHjxw+cnTmYMNPnXluq9e3p2H7xI3X3xx77+Qrn358L5n57LuTSRyrVzq9rq2eezOTMRmVTOP+9Pd6dKcL65Ji/XXyp2TtjrWebWOF2JLa368/Iv4dY1Fs+GuOxbvPd7VyQFtVkqi3UUCvScQ/9KhaP6D23r6198EDbe6VAJ1w53jEY/X474+I1fg/NpuNDcZQdWxg5G5y3zhPEhEHd6D8tIxvvjp5I31Em8bhgOaWVwazIfC17X9Sjc3xGKqmRu4W7ov/QjaMO56NH76wcTFjeRmTa9JZ+YPbvR6gdcsrEfGfZv3/zeP/1ew53f/aNsvPiX8AAAAAAABgG24dj4gnmn3+V6jP/xloMv9nNCKO7UD5m3/+V7i9A8UATdw5HvF00/m/hdoh48Us9ffqfID+5My58vzBiPhHROyP/sE0PdN40s8bfjoiDrw/8VFe+Y3z/9JHWn5tLmBWj9t9a2YDzZUWSztw6dDz7qxE/Lcvf/5P2v4nTdr/NL4vt1jGxKM3T+XlbR7/QLtUPonY17T9T+rHJBvfn2O62h+YrvUK1vvf2x98kVe++IfuSdv/kY3jfzBpvF/PwtbOPxARh5b6Knn52+3/DyQvFaNhJeJbpcXFKzMRA8mJ9ftnt1ZneJgMtX7oOxFRjYdavKTxv/+Rjcf/6v3/hjgczu7x1Yp//T76fV6e9h+6J43/uY3b//H72/+tb8zeHP8yr/xTLbX/h6tt+v5sj/E/2FirAdrtegIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAw6gQEX+LpDBV3y4UpqYiRiPinzFSKF9aWHz8zKU3Ls6ledXv/y/Uvul3bDWd1L7/f7whPbsmfSgi9kTEh8Xhanrq9KXyXLcvHgAAAAAAAAAAAAAAAAAAAB4Qo6tP69b/p34odrVqQCf0Zc/iHXpPX7crAHSN+IfeJf6hd+XH/y/3KlUdrQ7QQa22/5Xrba4I0HHb7P/7uAB2Ae//oVf1t3bYULvrAXSD9h8AAAAAAHaVPf+/9W0SEctPDVcfqYEsr/7B4HC3age0UyEvY7Cz9QA6zxxe6F2m/kDvanHyL7CLJfWtX5su9s+f/Z+0p0IAAAAAAAAAAAAAwDr79raw/h/YlXLX/wO73gbr/5st7HG7ANhFrP+H3uU2X0Cts5/3Tf/W/wMAAAAAAAAAAADAA2Do6vlSuTx/ZWGp5Y3rWzn4r2/8GHlZz9Q2VjpQjUpxZ86zXOrcr+4h3+iPiDVZlbHVl+35Uvnl6Gx9ahHTibIGOlhWzkaX/j8CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADW+SMAAP//fSQouA==") 9.05242262s ago: executing program 2 (id=570): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000003680)='sched_switch\x00', r0}, 0x10) pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TCSETS(r3, 0x40045431, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, "7f12ddc1517600"}) r4 = syz_open_pts(r3, 0x0) ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000200)=0x2) read(r4, 0x0, 0x2006) io_setup(0x0, &(0x7f0000000080)=0x0) io_submit(r5, 0x3, &(0x7f0000000800)=[&(0x7f0000000680)={0x0, 0x0, 0x0, 0x6, 0x8, r1, &(0x7f00000005c0)="5aa68335a52d832830420df9d95f82fe18d69a3e75cd1da9fa8f4a9a80e9b57b9e6361636e3e6c82876cddac801b039ac09c7e1cc2790f8743670df5a61e094c46bf857fd7211fc878e92c965697b674d189852a351130d881e3c72c2f8899ad5e9440115a20a57ab653286daf3629789a083b423c3852e0461ca731ab6dcbb4b530addabb2d6c531eaf4af5ac53936dc179e1d553176480add2d296570b877d73514d081eb431e0e52e31562f06821af3f70f24dfd15f6363ee62cceda670", 0xbf, 0x1, 0x0, 0x0, r2}, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x1000, r0, &(0x7f00000006c0)="745df417211b77e95d03009475b065f6f08aa79ad7dd0340f2ed169095968928b1b00e80198a8e9fef0e5944aede89b27059621f20c5083c47c1808af06800e046c04dde02623b5d0bd0c843e9196c98d424c1008f52439b205a29769654d539c3f003cccedcfa2b519e86f8", 0x6c, 0x4953, 0x0, 0x3, r2}, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x1, 0x6, r4, &(0x7f0000000780), 0x0, 0x6, 0x0, 0x3}]) close_range(r2, 0xffffffffffffffff, 0x0) 9.05194304s ago: executing program 3 (id=571): bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x6, 0x5, 0x9f}, 0x48) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x40, &(0x7f0000000000)=0x822, 0x4) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) open(0x0, 0x0, 0x0) timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f0000000380), 0x0) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(&(0x7f0000000040)='./file0/../file0\x00', 0x0, 0x0, 0x1217880, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x10, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x1a, 0x3, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000000000000950000200000000009a1f3cd91dfa631dbadeeb3981c21b6d6536425ce4cee7ae6ce9e201c874f87741e2b9e8bf08e2c52340981b96849feb0d8ed84f7a9d8cd79366b14b02aae76f9e1f39b7953c7acf1196db27cbaa0a2e57515864068c3b7f8a54c70e0ff00bab0816550c32ebbbe327af58690bf7ec7b30964d7cbdc1a391dca35bf55b90fc799df8c98db613482013fba748f4f9a92021944958584ca5a8906fe239288"], &(0x7f0000000340)='syzkaller\x00', 0x1, 0xc5, &(0x7f0000000180)=""/197, 0x0, 0x0, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x64}, 0x80) 9.05147723s ago: executing program 4 (id=572): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413e850000000f00000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10) r4 = socket$netlink(0x10, 0x3, 0x0) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0) writev(r4, &(0x7f0000000340)=[{&(0x7f0000000180)="1c0000002000190f00003fffffffda060200000018e80001dd000004", 0x1c}], 0x1) openat2$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) r5 = open(&(0x7f0000000040)='./cgroup.cpu/cpuset.cpus\x00', 0x121342, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0x3, &(0x7f0000000380)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000a3f3ccca2ed14bb8ce5cbdeb4b7d879ebf339caa862ada823320ce0d2e4cfff8cd198dd3aea2a635f05b4e58e6392d8d122c07ecc6460caddc626e7e5d658d4137711faa98f1629737b295f4123edc23a1739af38cc7f896e0d034d14929"], &(0x7f0000000000)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wlan0\x00'}) write$tcp_mem(r5, &(0x7f0000000100)={0x0, 0x2d, 0x10000000000000, 0xa, 0x0, 0x2c}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0}, 0x10) r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0) pwritev2(r6, &(0x7f00000006c0)=[{&(0x7f00000000c0)='u', 0x1}], 0x1, 0x100000, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x103042, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) 7.43960636s ago: executing program 0 (id=573): syz_mount_image$exfat(&(0x7f0000000000), &(0x7f0000000040)='./file1\x00', 0xa10812, &(0x7f0000001080)=ANY=[@ANYBLOB='discard,utf8,fmask=00000000000000000000271,namecase=1,discard,errors=continue,errors=remount-ro,umask=00000000000000000003377,utf8,iocharset=cp861,iocharset=macturkish,umask=00000000000000000005454,dmask=00000000000000000000005,errors=continue,uid=', @ANYRESHEX=0x0, @ANYBLOB=',euid=', @ANYRESDEC=0x0, @ANYBLOB=',fscontext=user_u,subj_type=iocharset,dont_measure,uid>', @ANYRESDEC=0x0, @ANYBLOB="2c736d61636b6673666c6f6f723dda08d2b66c053ea3fe49e94ce4a991b23fb060827efcf28bd3926e46dcef32f03b7a7c690350d9ae752dadd8c9f7ebc6042462e42a43eab845c2298f1d480bf7db736035f9b6d3b34f14542aab3c1158afbfbbf2827a9c907aaaa752a5f8de74a5c8f217399f2fcd93c4f15b3106a8ee8aaa4cac999da5e1c0a7222169c3720133e6d3f9b6b59159dab0b07a5077e594aa5dfc1e180c35667988a19cb0805b00de66f2060770cc808d82974b98e9222f3ea386232be847d9c4ca81fe0631dcfb6026363a00a6dadae840ab9c12915c8c04cbad3dc338396dd6a03fb53fb184d1c403a62cf39ffa1ebc1453e1ab3b1a2d062e26f1c038cfb9458ebd158564e64f2d987952cf1f2518ffc8ab8d1efb9a6017f75c1bdf8004beab7616f8d12150fbb3f0c9a283052c6d61736b3d4d41595f415050454e442c7065726d69745f646972656374696f2c666f776e65723c", @ANYRESDEC=0x0, @ANYBLOB="5bba993834d1c8888cb7f625a7ffdc8ec8b4769356c29b1e8da21cf5419f9efe09e69589951df595bf978bfeb0a392302cfd873e4212d72d41862aa048871fa1c232bb21f9f3bcc98b70aa975e5fe24368c7ca3cc0acceeac49facca6e5781bd74acabc74a9c5c774a450c0cf5c98e5a416e565702ca3f4e71e2e324cb66c1ed"], 0x21, 0x14fd, &(0x7f0000003f40)="$eJzs3Au0jtXWOPA511oPm6Q3yX3NNR/etLFIklyS5JIkyZEkt4QkSZKkcr8lIQm5J7mH5BaS+/2We5Ik7SQJyS1Z/6HT+XRO5/v3ne873zDGt+dvjGfsNd/nneuZ65177Od53j3e97sOg6rUq1qxDjPD/wj+9UdXAEgBgL4AcA0ARABQMlvJbJf2Z9LY9X92EPHv9eDUK12BuJKk/+mb9D99k/6nb9L/9E36n75J/9M36X/6Jv0XIj3bOi33tbKl303e/0/P5Pz/f0ha0dFfrS96fcd/IUX6n75J/9M36X/6Jv1P36T/6Zv0P32T/qdv0n8h0rP//nvH8r+D/wvblf79E0IIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgiRPpwNlxkA+Nv4StclhBBCCCGEEEKIf5+Q8UpXIIQQQgghhBBCiP99CAo0GIggA2SEFMgEmeEqyAJXQ1a4BhJwLWSD6yA7XA85ICfkgtyQB/JCPrBA4IAhhvxQAJJwAxSEGyEVCkFhKAIeikIxuAmKw81QAm6BknArlILboDSUgbJQDm6H8nAHVIA7oSLcBZWgMlSBqnA3VIN7oDrcCzXgPqgJ90MteABqw1+gDjwIdeEhqAcPQ314BBpAQ2gEjaHJfyv/RXgJXobO0AW6QjfoDj2gJ/SC3tAH+sIr0A9SfnttBsIgeB0GwxswBN6EoTAMhsNbMAJGwigYDWNgLIyDt2E8vAMT4F2YCJNgMkyBqTANpsN7MANmwix4H2bDBzAH5sI8mA8L4ENYCItgMXwES+BjWArLYDmsgJWwClbDGlgL62A9bICNsAk2wxbYCp/ANtgOO2An7ILdsAc+hb3wGeyDz2E/fPEv5p/5h/yOCAioUKFBgxkwA6ZgCmbGzJgFs2BWzIoJTGA2zIbZMTvmwBw35sJcmAfzYD7Mh4SEjIz5MT8mMYkFsSCmYioWxsLo0WMxLIbF8WYsgSWwJJbEUlgKS2MZLIPlsByWx/JYAStgRayIlbASVsEqeDfejfdgdayONbAG1sSaWAtrYVre2lgH62BdrIv1sB7Wx/rYABtgI2yETbAJNsWm2AybYQtsgS2xJbbCVtgaW2MbbINtsS22w3bYHttjB+yAHfEFfAFfxBfxZXwZu2Al1Q27Y3fsiT2xN/bBPvgK9sNX8VV8DQfgQByEr+Pr+AYOwdM4FIfhcByO5dVIHIWjkdVYHIfjcDyOxwk4ASfiJJyEU3AqTsPpOB1n4Eycie/jbPwAP8C5OBfn4wJcgAtxES7GxbgEz+BSXIbLcQWuxFW4EtfgWlyD63EDrsdNuAm34Bb8BD/B7bgdd+JO3I0GAD/Fz/AzHID7cT8ewAN4EA/iITyEaZiGh/EwHsEjeBSP4jE8hsfxBJ7EE3gKT+FpPINn8Syex/N4AZ/L803d3YXWDQB1iVFGZVAZVIpKUZlVZpVFZVFZVVaVUAmVTWVT2VV2lUPlULlULpVH5VH51DlFihSrWOVX+VVSJVVBVVClqlRVWBVWXnlVTBVTxVVxVUKVUCXVraqUuk2VVmVUc19OlVPlVQtfQd2pKqqKqpKqrKqoqqqqqqaqqeqquqqhaqiaqqaqpR5QtVU37I0PqkudqacGYn01CBuohqqRaqzewEdVUzUEm6nmqoV6XA3DodhKNfWt1VOqjRqFbdUzajQ+q9qrsdhBPa86qhdUJ/Wiekk1851VFzURu6nuagr2VL1Ub9VHzcDK6lLHqqjX1AA1UA1Sr6v5+IYaot5UQ9UwNVy9pUaokWqUGq3GqLFqnHpbjVfvqAnqXTVRTVKT1RQ1VU1T09V7aoaaqWap99Vs9YGao+aqeWq+WqA+VAvVIrVYfaSWqI/VUrVMLVcr1Eq1Sq1Wa9RatU6tVxvURrVJbVZb1Fb1idqmtqsdaqfapXarPepTtVd9pvapz9V+9YU6oL5UB9VX6pD6WqWpb9Rh9a06or5TR9X36pj6QR1XJ9RJ9aM6pX5Sp9UZdVadU+fVz+qC+kVdVEGBRq201kZHOoPOqFN0Jp1ZX6Wz6Kt1Vn2NTuhrdTZ9nc6ur9c5dE6dS+fWeXRenU9bTdpp1rHOrwvopL5BF9Q36lRdSBfWRbTXRXUxfZMurm/WJfQtuqS+VZfSt+nSuowuq8vp23V5fYeuoO/UFfVdupKurKvoqvpuXU3fo6vre3UNfZ+uqe/XtfQDurb+i66jH9R19UO6nn5Y19eP6Aa6oW6kG+sm+lHdVD+mm+nmuoV+XLfUT+hW+kndWj+l2+indVv9jG6nn9Xt9XO6g35ed9Qv6E76F31RB91Zd9FddTfdXffQPXUv3Vv30X31K7qfflX316/pAXqgHqRf14P1G3qIflMP1cP0cP2WHqFH6lF6tB6jx+px+m09Xr+jJ+h39UQ9SU/WU/RUPU33/m2mWf+F/Hf+SX7/X4++RW/Vn+hterveoXfqXXq33qP36L16r96n9+n9er8+oA/og/qgPqQP6TSdpg/rw/qIPqKP6qP6mD6mj+sT+pz+UZ/SP+nT+ow+o8/p8/q8vvDbawAGjTLaGBOZDCajSTGZTGZzlclirjZZzTUmYa412cx1Jru53uQwOU0uk9vkMXlNPmMNGWfYxCa/KWCS5gb87aRpCpsixpuippi56V/JNwXNjSbVFPq7/D+rr4lpYpqapqaZaWZamBampWlpWplWprVpbdqYNqataWvamXamvWlvOpgOpqPpaDqZTuYl85LpbDqbrqar6W56mJ6ml+lt+pi+5hXTz/Qz/U1/M8AMMIPMIDPYDDZDzBAz1Aw1w81wM8KMMKPMKDPGjDHjzDgz3ow3E8wEM9FMNJPNZDPVTDXTzXQzw8wws8wsM9vMNnPMHDPPzDMLzAKz0Cw0i81is8QsMUvNMrPMrDArzCqzyqwxa8w6s85sMBvMJrPJLM241Ww128w2s8PsMLvMLrPH7DF7zV6zz+wz+81+c8AcMAfNQXPIHDJpJs0cNofNEXPEHDVHzTFzzBw3x81Jc9KcMqfMaXPanDVnzXlz3lwwF8xFc/HSZV+kIhWZyEQZogxRSpQSZY4yR1miLFHWKGuUiBJRtihblD26PsoR5YxyRbmjPFHeKF9kI4pcxFEc5Y8KRMnohqhgdGOUGhWKCkdFIh8VjYpFN0XFo5ujEtEtUcno1qhUdFtUOioTlY3KRbdH5aM7ogrRnVHF6K6oUlQ5qhJVje6OqkX3RNWje6Ma0X1Rzej+qFb0QFQ7+ktUJ3owqhs9FNWLHo7qR49EDaKGUaOocdTk3zp/CKdzPuY72y62q+1mu9setqftZXvbPravfcX2s6/a/vY1O8AOtIPs63awfcMOsW/aoXaYHW7fsiPsSDvKjrZj7Fg7zr5tx9t37AT7rp1oJ9nJdoqdaqfZ6fY9O8POtLPs+3a2/cDOsXPtPDvfLrAf2oV2kV1sP7JL7Md2qV1ml9sVdqVdZVfbNXatXWfX2w12o91kN9stdqv9xG6z2+0Ou9PusrvtHvup3Ws/s/vs53a//cIesF/ag/Yre8h+bdPsN/aw/dYesd/Zo/Z7e8z+YI/bE/ak/dGesj/Z0/aMPWvP2fP2Z3vB/mIv2nDp4v7S6Z0MGcpAGSiFUigzZaYslIWyUlZKUIKyUTbKTtkpB+WgXJSL8lAeykf56BImpvyUn5KUpIJUkFIplQpTYfLkqRgVo+JUnEpQCSpJJakUlaLSVJrKUlm6nW6nO+gOupPupLvoLqpMlakqVaVqVI2qU3WqQTWoJtWkWlSLalNtqkN1qC7VpXpUj+pTfWpADagRNaIm1ISaUlNqRs2oBbWgltSSWlErak2tqQ21obbUltpRO2pP7akDdaCO1JE6USd6iV6iztSZulJX6k7dqSf1pN7Um/pSX+pH/ag/9acBNIAG0SAaTINpCA2hoTSMhtNbNIJG0igaTWNoLI2jcTSextMEmkATaSJNpsk0labSdJpOM2gGzaJZNJtm0xyaQ/NoHi2gBbSQFtJiWkxLaAktpaW0nJbTSlpJq2k1raW1tJ7W00baSJtpM22lrbSNttEO2kG7aBftoT20l/bSPtpH+2k/HaADdJAO0iE6RGmURofpMB2hI3SUjtIxOkbH6TidpJN0ik7RaTpNZ+ksnaef6QL9QhcpUIrL5DK7q1wWd7XL6q5x/xjncrldHpfX5XPW5XA5/y4m51yqK+QKuyLOu6KumLvJpV66pfpdXNqVcWVdOXe7K+/ucBX+EFdz97jq7l5Xw93nqrq7/y6u6e53tdzDrrZ7xNVxDV1d19jVcw+7+u4R18A1dI1cY9fSPeFauSdda/eUa+Oe/kO80C1ya906t95tcHvdZ+6sO+eOuO/cefez6+y6uL7uFdfPver6u9fcADfwD/Fw95Yb4Ua6UW60G+PG/iGe7Ka4qW6am+7eczPczD/EC9yHbrZb7Oa4uW6em/9rfKmmxe4jt8R97Ja6ZW65W+FWulVutVvzH7WucJvcZrfF7XGfum1uu9vhdrpdbvev8aV17HOfu/3uC3fYfesOuq/cIXfUpblvfo0vre+o+94dcz+44+6EO+l+dKfcT+60O/Pr+i+t/Uf3i7voggNGVqzZcMQZOCOncCbOzFdxFr6as/I1nOBrORtfx9n5es7BOTkX5+Y8nJfzsWVix8wx5+cCnOQbuCDfyKlciAtzEfZclIvxTVycb+YSfAuX5Fu5FN/GpbkMl+VyfDuX5zu4At/JFfkursSVuQpX5bu5Gt/D1flersH3cU2+n2vxA1yb/8J1+EGuyw9xPX6Y6/Mj3IAbciNuzE34UW7Kj3Ezbs4t+HFuyU9wK36SW/NT3Iaf5rb8DLfjZ7k9P8cd+HnuyC9wJ36RX+KXuTN34a7cjbtzD+7Jvbg39+G+/Ar341e5P7/GA3ggD+LXeTC/wUP4TR7Kw3g4v8UjeCSP4tE8hsfyOH6bx/M7PIHf5Yk8iSfzFJ7K03g6v8czeCbP4vd5Nn/Ac3guz+P5vIA/5IW8iBfzR7yEP+alvIyX8wpeyat4Na/htbyO1/MG3sibeDNv4a38CW/j7byDd/Iu3s17+FPey5/xPv6c9/MXfIC/5IP8FR/irzmNv+HD/C0f4e/4KH/Px/gHPs4n+CT/yKf4Jz7NZ/gsn+Pz/DNf4F/4IgeGGGMV69jEUZwhzhinxJnizPFVcZb46jhrfE2ciK+Ns8XXxdnj6+Mccc44V5w7zhPnjfPFNqbYxRzHcf64QJyMb4gLxjfGqXGhuHBcJPZx0bhYfFNcPL45LhHfEpeMb41LxbfFpeMy8cP3lYtvj8vHd8QV4jvjivFdcaW4clwlrhrfHVeL74mrx/fGNeL74hLx/XGt+IEYfvu8St34obhe/HBcP34kbhA3jBvFjeMm8aNx0/ixuFncPG4RPx63jJ+IW8VPxq3jp+I28dN/ur9r3C3uHveIe8Qh3KvnJecnFyQ/TC5MLkouTn6UXJL8OLk0uSy5PLkiuTK5Krk6uSa5NrkuuT65IbkxuSm5ObklGULVjODRK6+98ZHP4DP6FJ/JZ/ZX+Sz+ap/VX+MT/lqfzV/ns/vrfQ6f0+fyuX0en9fn89aTd5597PP7Aj7pb/AF/Y0+1RfyhX0R731RX8w39k18E9/UP+ab+ea+hX/cP+6f8E/4J/2T/infxj/t2/pnfDv/rG/vn/PP+ed9R/+C7+Rf9C/5l31n38V39V19d9/d9/Q9fW/f2/f1fX0/38/39/39AD/AD/KD/GA/2A/xQ/xQP9QP98P9CD/Cj/Kj/Bg/xo/z4/x4P95P8BP8RD/RT/aT/VQ/1U/30/0MP8PP8rP87NTZfo6f4+f5eX6BX+AX+oV+sV/sl/glfqlf6pf75X6lX+lX+9V+rV/r1/v1fqPf6Df7zX6r3+q3+W1+h9/hd/ldfo/f4/f6vX6f3+f3+/3+gD/gD/qD/pD/2qf5b/xh/60/4r/zR/33/pj/wR/3J/xJ/6M/5X/yp/0Zf9af8+f9z/6C/8Vf9MGPS7ydGJ94JzEh8W5iYmJSYnJiSmJqYlpieuK9xIzEzMSsxPuJ2YkPEnMScxPzEvMTCxIfJhYmFiUWJz5KLEl8nFiaWJZYnliRWJlYlQgh77Y45A8FQjLcEAqGG0NqKBQKhyLBh6KhWLgpFA83hxLhllAy3BpKhdtC6VAmlA2PhAahYWgUGocm4dHQNDwWmoXmoUV4PLQMT4RW4cnQOjwV2oSnQ9vwTGgXng3tw3OhQ3g+dPzbHVd4OXQOXULX0C10Dz1Cz9Ar9A59Qt/wSugXXg39w2thQBgYBoXXw+DwRhgS3gxDw7AwPLwVRoSRYVQYHcaEsWFceDuMD++ECeHdMDFMCpPDlDA1TAvTw3thRpgZZoX3w+zwQZgT5oZ5YX5YED4MC8OisDh8FJaEj8PSsCwsDyvCyrAqrA5rwtqwLqwPG8LGsClsDlvC1vBJ2Ba2hx1hZ9gVdoc94dOwN3wW9oXPw/7wRTgQvgwHw1fhUPg6pIVvwuHwbTgSvgtHw/fhWPghHA8nwsnwYzgVfgqnw5lwNpwL58PP4UL4JVyUz6wJIYQQQvyX9PiT/d3+yWMGANRv4+4AcPX23Gm/368BYGOOv457qTwtEwDwVJcOD/5tq1Spa9euvz13qYaowFwASPzDAX6Ll0ELeAJaQ3Mo/k/r66VeOM9/Mn/yVoDMv8tJgcvx5fm//E/mf/Tx4QtLxWez/X/mnwuQWuByTia4HC+DFpdWA82hxH8yf86mf1J/pq/GATT7XU4WuBxfrr8YPAZPQ+u/e6YQQgghhBBCCPFXvVTZdn92/3zp/jyPuZyTES7Hf3Z/LoQQQgghhBBCiCvv2Rc6Pflo69bN28lABjKQwX8MrvRfJiGEEEIIIcS/2+WL/suPZbqSBQkhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEOnQ7770KxMA/K98ndiVXqMQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQghxpf2/AAAA//+7dzOa") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x26e1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000120000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000580)={r0, &(0x7f00000004c0)="97397d29376440250686c9b66da340", &(0x7f0000000500)=""/67}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10) r3 = socket(0x2, 0x3, 0x100000001) sendto$inet6(r0, &(0x7f00000006c0)="3b8f45ba6c6e44433b394767f5fdd83b5ba83884793d8c54c368c835d88f8fdca8b6513565bd8bdb4b915bc7222df532eace38741727e541efadf2816da7b5c61fe54400d0856fd77c35c60faf1897fe14551aebc96dfd772001a85266cfc1f61a0b3e4dddf599a1ef43ff204d1854a4cd9d7636f6f5e57c5e1155ce39799742ca5e430385710b970ba48a1c8c375c8c21ec6dc01132dcf99a577982e280c238d0e7d077b6b1ef579a625ff0994ddc9ac6c80ac98ec1265673aa7085ab9901cf53d592c3f1e1d3eebe269584e99e", 0xce, 0x1, &(0x7f0000000380)={0xa, 0x4e20, 0x2, @local, 0x2}, 0x1c) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x0, 0x24, &(0x7f00000002c0)=ANY=[@ANYRES8, @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000e1b04f8b0e64109c002000f8fffcffffff8520000003000000180000000100010000000000020000003066000004000000182600", @ANYBLOB="000000000e004d9fb4"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x90) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r5, r6, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, 0x0}], 0x1, 0x0, &(0x7f00000002c0)=[@flags={0x3, 0x10200}], 0x1) ioctl$KVM_SET_VAPIC_ADDR(r6, 0x4008ae93, &(0x7f0000000640)=0x1) ioctl$KVM_SET_VCPU_EVENTS(r6, 0x4400ae8f, &(0x7f0000000140)) ioctl$KVM_RUN(r6, 0xae80, 0x0) bind$inet(r3, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10) r7 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_IP_XFRM_POLICY(r7, 0x0, 0x11, &(0x7f0000005b80)={{{@in6=@remote, @in6=@rand_addr=' \x01\x00', 0x0, 0x0, 0x0, 0x0, 0x2}}, {{@in, 0x0, 0x6c}, 0x0, @in6=@dev}}, 0xe8) syz_emit_ethernet(0x3e, &(0x7f00000003c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaf368656e065b0800450000300000000000019078ac1e00feff000001040000450000000000000000000000ac141400ac141400b32a7b7f77c3055dc4357608c1b9f8a25aa2d554ed69165493ff80d25ee03dabc5c4356e00ab89c7dea3ad27590eb4b44c8e856ad8e1c70f"], 0x0) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) splice(r8, 0x0, r10, 0x0, 0x88000cc, 0x0) fcntl$setpipe(r9, 0x407, 0x100004) 7.43904661s ago: executing program 2 (id=574): bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000500)=ANY=[@ANYBLOB="611834000000000061134c0000000000bfa000000000000007000000080000002d0301000000000095000000000000006916000000000000bf37000000000000350607000fff0720dc06000020000000260300000ee60060bf050000000000000f630000000000006507f9ff01000000070700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f3fa039a196ee920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f625480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081383409ed2912c811ae63f03212a5331c2a4ead000000000000000000008e69cc5c1e7319d39fa6f96c23c8ffd591ef011294c50a0a705549134c4aa3544a99edc9535105d3aeba9ec9441f912bdc65695e731c872278b64167aa46a07c68a9eace7fa485108f9d8cb4304c4b65d61d88aacea85b53893ee96edc310c23b1fc83b4b0f3d28c3861480840b7fe39a2bc2f6a558a20ae4d30b41f32e275faf92af8456141fde716d8d10a6b30981563db05312c39e8074fd5bb8bf95c24ccdb04e40e595927181d1138510fc6162da1a5898534fc2460b957e7b77bc5e192cc36ad2949c85e15142da926fbf6f830e1aaaa5dd9538e259e7f107e49b194c537ed4a"], &(0x7f0000000100)='GPL\x00'}, 0x48) 7.43808146s ago: executing program 3 (id=575): sendmmsg$inet6(0xffffffffffffffff, &(0x7f00000006c0)=[{{&(0x7f00000002c0)={0xa, 0x4e21, 0x0, @empty}, 0x1c, 0x0}}, {{&(0x7f0000000000)={0xa, 0x4e23, 0x7ff, @private1={0xfc, 0x1, '\x00', 0x1}, 0x1ff}, 0x1c, &(0x7f00000005c0), 0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1800010400000000003700000062000000000000001400000000000000290000003e00000080000000000000001400000000000000290000003e0b00eddd00"/72], 0x48}}], 0x2, 0x0) 7.43714768s ago: executing program 4 (id=576): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12010000000000406c256d0000000000000109022400010000000009040000010300000009210000000122050009058103"], 0x0) r1 = socket(0x1, 0x1, 0x0) getsockopt$SO_BINDTODEVICE(r1, 0x1, 0x5, &(0x7f0000000000), 0x20000000) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000540)={0x2c, &(0x7f0000000200)={0x0, 0x0, 0x5, {0x5, 0x0, "a8c6df"}}, 0x0, 0x0, 0x0, 0x0}, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xffd, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r3}, 0x10) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r2}, &(0x7f0000000000), &(0x7f0000000180)}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r4}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc}, 0x48) syz_usb_control_io$hid(r0, &(0x7f00000002c0)={0x24, 0x0, &(0x7f0000000380)={0x0, 0x3, 0x2, @string={0x2}}, 0x0, 0x0}, 0x0) syz_usb_control_io(r0, &(0x7f0000001780)={0x2c, 0x0, &(0x7f00000014c0)={0x0, 0x3, 0x4, @lang_id={0x4}}, 0x0, 0x0, 0x0}, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x23}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r5}, 0x10) futex(&(0x7f0000000000), 0x5, 0x0, 0x0, &(0x7f0000004000), 0xb1024000) r6 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7f, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r8}, 0x10) r9 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r9, 0x4018620d, &(0x7f0000000100)) r10 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r10, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0}) dup3(r10, r9, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0) 5.729613268s ago: executing program 0 (id=577): r0 = syz_usb_connect$cdc_ncm(0x2, 0x6e, &(0x7f0000000200)=ANY=[@ANYBLOB="12010000020000402505a1a440000102030109025c0002010000000904000001020d0000052406000105240000000d240f0100000000000000000006241a0000000905810300020000000904010008020d00000904010102020d0000090582020002000000090503020002000000bc94ef907df247d46eaa274c8f51e61fb4cfc6664d5c9315a37e6e4eae4cdd654f17856753d01b00310244243631e819a05df18c7f"], 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f00000007c0)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x20, 0x80, 0x1c, {0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x401}}, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000080)='./file2\x00', 0x100080d, &(0x7f0000000a80)=ANY=[@ANYRES32=0x0, @ANYBLOB="de60d8dc536d5258d6a94ad55604a34dc65b7ef79c1a1754e4cadfe21823d0c10a15d53dba5f2d2bc67ef2477d0412534e2f5151c7a60c8f5d6c634d173fecb5de9207a7090d302229cd3f210d34e4584c824c9dda7d35e0d7a06cd667bf9cced32944ca27d8a80e62cf6310db869ee250fb65467e3b11ad5042d600c6b8f18454d57df621e578fef0a3a93c14609231", @ANYRES8, @ANYRESDEC, @ANYBLOB="215aa15bf29ed2ff6f9241ff60693d298a3d41143bfc9091146111b4930c37eddcf542d641b821af229e7d8780d50b6f47fa3e5928555eb4d6d507d92b87b0b01c19c789895e02891afc082bb85a47087f168a6aa2c2bc51a3f3a404a4a1e6e2fbad00d592df65bd2a593f488bf41dbc7ea43fe2554fbe34e4a77f606f35e445aff55aaa19f7ffffffffffffff19bd4739c80c9e6681229c48e0c6de634c35c029c4eb3b4341ffff089416a3d63f08577a303758410658a4ec52e5b778eda9cd1bd8834e145c111690b0da927087e805000000000000008fd8b9bdfbdaa777db54127463a589eed325c34b6459505702f3a45f285c53c1b25bab2eef6324d67ad8d7e247317d80ff3ad9120b4e2294e67de9adaab76fa991571a187cd8f7fbc49bf45d6f8dbf69ef0d765a02ad98e802b1688148a8c017e3af238f82c49bbd8ba542fbfec5693d82158e3216b95656986f9d7eec7244a27dfaf8623fc76943bf142a61d9d6c622dbcac3d324d07be5a5cc88f85a857ff9d45924d5d82a04424d3453c96fafa37d952940f3147d5af234b39c3ff742a2e5300e10ee692a32f5c3321d44eadaa8c44bf9d534b52fe758082299e04f839e529a6d0293bf12770ac948730a0c367e117137c6fd930b1f306138163b7180e111d6926255a71bd227b1d27f2897721e3bda884b0792a81134d8fbc9aafc732b15aee5c9e0a835ac17b457efa36ce1095a3196d278207846ea81172826d49b87aac6e662bb824f16b0b65fc6989395ba022bd6af2f1830375c311bdf55f15d9830564e65dc76e5b7c9a91e857dbcef3909cfd628649337de6ff04a398f4325a430467aee51d7fa12ef61bc0b67d1e18e62754d8a2b65fb", @ANYRESOCT, @ANYRESOCT=0x0, @ANYRES32, @ANYRESDEC, @ANYRESOCT, @ANYRES64, @ANYRES8, @ANYBLOB="3dea3f"], 0xff, 0x1fc, &(0x7f0000002c80)="$eJzsmb+LE0EUx78zu5c9DxFsLGwsPPBEb39F5ZorThArQYiilsFsQnCTSLJCEhANNjaWIoKt/4CFRSoLOztbLVQQLEwpWAgjMztuJokbExQN+D5wc995M/PmzbD7TbEgCOK/5cP7L+8enN25dBLAfmzC0fFP1ngOB7Le28e3TjzcPffk2ZunL5sHbg+n860DEGLx/WXiF3sWEtUTQtyZHN+UzaPJ2GVwHNf6Chhc3JXym1Ck8QgM15SygUwDrX1axJF7vRVXqvU48mUTyCaUTdHcS64eDRgq2dmEYMZ4p9e/UY7jqD0t1sSPfWaGlhXz7k/Vt8exq/uyPg7g6v17A9l3ddwHT+8SQACOQOsiGEpa78CB67rjKzHOf9ge57cWOf+/Euxr+hjIyMHtP5hZXsAqHPDvC/kC/XqycFag1IUEm47IFzqLHBoNX82u+rgqxecLhhzHUcZlPr3n9ZzXG3F84Tc2LegdZ4cs05+YDRwz/MmGnfmHlzRuep1ef7veKNeiWtQMw+IZ/5Tvnw69at2B7yk7muN/68qfNoz8a+YE4welwArolpOkHXSBpB1k/TBtDcctPW99Vmu48j+OraNpDnnJ6tjOz+th+o+r/1JtWbnFEwRBEARBEARBEARBEARBLMURMKSfQNSHKpFDeFHN/h4AAP//g4dqzQ==") stat(&(0x7f0000005280)='./file0\x00', 0x0) dup(0xffffffffffffffff) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000071122700000000009500c9df00000000de54efd337d35285c161c5277edb8ebb15b58f91a5ee2dfc464680aaeda509f80db720be849cfad349052a513d731f3e1ab1616de782ebeab3fad78b022a9488de94c51041787406824c841f2e132d053e63230d79544561215df07865865ca3b1d4cd0ca39c621b8bcb16c583a7d45d18615d25d7189e29edf825cc4555d6357089204333610ca3ad8e0bd555a1a819abd1c3df59e861ad355c8b4c483a06d01b"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x90) syz_open_dev$tty1(0xc, 0x4, 0x1) sendmsg$unix(0xffffffffffffffff, 0x0, 0x0) r1 = socket$pptp(0x18, 0x1, 0x2) bind$pptp(r1, &(0x7f0000000000)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x11}}}, 0x1e) connect$pptp(r1, &(0x7f0000000040)={0x18, 0x2, {0x0, @multicast1}}, 0x1e) syz_usb_control_io$cdc_ncm(r0, &(0x7f0000000380)={0x14, &(0x7f00000006c0)=ANY=[@ANYBLOB="400de7000000e706173f3627f5404b6e6b6c7a5fe4db5a83630cce986a9b1b8a213f109c098e8fa8145a0c4d58bc15a92772afcb3cfa4d7e2a7522c1533c1654ae91d1ed9de1c4490488ed11953d195bfb6fd8238a0181bbcfe27e1ecaa79793ff27645914aaafa1312a1815193dcd7af2a7e1384c1c2b6a67c06d1bfd5e09c32d950001ec07e82416c5f44e5e3746131bdd4e6fc9fcf839363c206f78edd1af9a3f17023f8844259347671b4826d8ab8d8fda1b2f6e5a420cf6744f3c9e6dbc730ec5c9d4f667f6b2194a5f8a1e65342d2a3c38064047d914f2a96d173ee04b29d4605d00000000"], &(0x7f0000000340)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f00000009c0)={0x44, &(0x7f0000000f00)=ANY=[@ANYBLOB="20159800000084bc90b51cd0cb9125a6e7ba8536532aa552e796d0962066dee140dc9098b68befdd1267ba1f3eb407d3414e363973a826bb58e6efa2124724fd15d9af3eeec6ac33773032108a40e2ffca9b1cf6684a798b15c0a0e93352db7d01990f426d36904824d54395d1de1f39c411d16c7ff82b9709c5fa556c756296de1b1eb5c358f36ef7a5742a2f18151234126a99b7bdf4488555dff410dde54af9c9d604e8f332b273438cc510d307f5f22f69320fd7c8989e106859718847f6d0be03199a6b5312da1d8ff9c2d46e5e59a71102ddc925fd1cf55665468a6ef3e6e7a12d60c3236be1c6afbc487bdd552d31d0df409656ac6250ae54783d8f27b8851c4d7550ef0ecfbcfb7701aa5b88639c5e2a7c473bf22689f0b7b545867a3c10ddb1ef3efa5bb8786644450941ad90711a8ae08494aa7ff6b25439b270bb47e363555805d4ef99dec7c0e76fbffc3ecb02a73e8f1a6ff8140dfdb59239"], &(0x7f0000000400)={0x0, 0xa, 0x1, 0x1}, &(0x7f00000004c0)={0x0, 0x8, 0x1, 0x7f}, &(0x7f0000000500)={0x20, 0x80, 0x1c, {0x7, 0x8a, 0x2, 0x3, 0x5, 0x1, 0x80, 0xa455, 0x400, 0xb6, 0xffff, 0x8}}, &(0x7f0000000640)={0x20, 0x85, 0x4, 0xffffffc0}, &(0x7f0000000900)={0x20, 0x83, 0x2, 0x1}, &(0x7f0000000940)={0x20, 0x87, 0x2, 0x3bf3}, &(0x7f0000000980)={0x20, 0x89, 0x2}}) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0}, 0x90) r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000e40)={0x0, 0x0}, &(0x7f0000000e80)=0xc) quotactl$Q_GETINFO(0xffffffff80000501, &(0x7f0000000e00)=@loop={'/dev/loop', 0x0}, r4, &(0x7f0000000ec0)) ioctl$EVIOCGPROP(0xffffffffffffffff, 0x40047438, &(0x7f0000000180)=""/246) writev(r3, &(0x7f0000000680)=[{&(0x7f00000002c0)="2614", 0xf00}], 0x1) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r5}, &(0x7f00000003c0), &(0x7f00000002c0)}, 0x20) 5.728980458s ago: executing program 3 (id=578): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413e850000000f00000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10) r4 = socket$netlink(0x10, 0x3, 0x0) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0) writev(r4, &(0x7f0000000340)=[{&(0x7f0000000180)="1c0000002000190f00003fffffffda060200000018e80001dd000004", 0x1c}], 0x1) openat2$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) r5 = open(&(0x7f0000000040)='./cgroup.cpu/cpuset.cpus\x00', 0x121342, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0x3, &(0x7f0000000380)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000a3f3ccca2ed14bb8ce5cbdeb4b7d879ebf339caa862ada823320ce0d2e4cfff8cd198dd3aea2a635f05b4e58e6392d8d122c07ecc6460caddc626e7e5d658d4137711faa98f1629737b295f4123edc23a1739af38cc7f896e0d034d14929"], &(0x7f0000000000)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wlan0\x00'}) write$tcp_mem(r5, &(0x7f0000000100)={0x0, 0x2d, 0x10000000000000, 0xa, 0x0, 0x2c}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0}, 0x10) r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0) pwritev2(r6, &(0x7f00000006c0)=[{&(0x7f00000000c0)='u', 0x1}], 0x1, 0x100000, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x103042, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) 5.728593388s ago: executing program 2 (id=585): syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000100000000000000040000850000006d00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e"], 0x15) r1 = dup(0xffffffffffffffff) write$FUSE_BMAP(r1, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="9802"], 0x298) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r1}}) 3.919248474s ago: executing program 2 (id=579): bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x2000000000000383, &(0x7f0000000040)=ANY=[@ANYRES64], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x90) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$incfs(&(0x7f00000001c0)='./file0/file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000340), 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000080)='kfree\x00', r0}, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@bloom_filter={0x1e, 0x7, 0x87a, 0x6, 0x1042, 0xffffffffffffffff, 0x7ffffffe, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x3, 0xfffffffffffffffd}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f00000003c0)=ANY=[], 0x0, 0x101, 0x4f}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r1}, 0x0, &(0x7f00000002c0)}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x13, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10) socket$pptp(0x18, 0x1, 0x2) bpf$PROG_LOAD(0x5, 0x0, 0x0) r3 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101}) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r5 = openat$tun(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) close(r5) socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)) ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast}) close(r4) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)) ioctl$SIOCSIFHWADDR(r4, 0x8943, &(0x7f0000002280)={'syzkaller0\x00'}) close(r3) 3.916113984s ago: executing program 4 (id=580): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0}) openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x40400, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x0, 0x0, 0x9, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93i|\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xcb\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x2d) r7 = socket$inet6(0xa, 0x802, 0x0) setsockopt$inet6_buf(r7, 0x29, 0x39, &(0x7f0000000040)="ff02040000ffffffffffffffff1f2be82db1af0000000000", 0x18) connect$inet6(r7, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback}, 0x1c) sendmmsg$inet6(r7, &(0x7f0000001700)=[{{0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0xfc}, 0x1030000}], 0x40000000000035c, 0x0) 3.914481474s ago: executing program 3 (id=590): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec8500000075000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e23}, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$ext4(&(0x7f0000000ac0)='ext4\x00', &(0x7f0000000180)='./file0\x00', 0x3810744, &(0x7f0000000740)={[{@usrquota}, {@user_xattr}, {@data_writeback}, {@prjquota}, {@jqfmt_vfsv0}, {@delalloc}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x400000}}, {@noauto_da_alloc}, {@test_dummy_encryption}, {@journal_path={'journal_path', 0x3d, './file0'}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x3}}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x4d7}}]}, 0x1, 0x451, &(0x7f0000000d00)="$eJzs281vVFUbAPDn3pkCL/DSivgBglbR2PjR0oLKwo1GExeamOgCl7UtBBmooTUR0mg1BpeGxL1xaeJf4MqVUVcmbnVvSIg2JqAbx9yZe9vOdKb0Y8pU5vdLBs6Ze+ae8+Tcc+fMOb0B9KzB7J8kYm9E/BIR/fVsY4HB+n83F+Ym/lqYm0iiWn3j96RW7sbC3ERRtPjcnjwzlEaknyR5JY1mLl0+N16pTF3M8yOz598dmbl0+emz58fPTJ2ZujB28uSJ46PPPTv2TEfizNp049AH04cPvvLW1dcmTl19+4evs/bee6R+fHkcnTKYBf5Htab52GOdrqzL/qkuxZmUu90a1qoUEVl39dXGf3+UYqnz+uPlj7vaOGBLZffsne0Pz1eBO1gS3W4B0B3FF332+7d43aapx7Zw/YX6D6As7pv5q36kHGlepm8L6x+MiFPzf3+RvaJpHaLaYt0AAGCzvs3mP0+tnP/V9kaWlUvyvaGBiLgrIvZHxN0RcSAi7snL3hcR96+z/uatoZXzz/TaBkNbk2z+93y+t9U4/ytmfzFQynP/r8Xfl5w+W5k6FhH7ImIo+nZm+dFWJy9O8dLPn7Wrf/n8L3tl9Rdzwfwk18pNC3ST47PjnZqUXv8o4lC5VfzJ4k5A1vcHI+LQ+k69r0icfeKrw+0K3Tr+VXRgn6n6ZcTj9f6fj6b4C8nq+5Mju6IydWykuCpW+vGnK6+3q39T8XdA1v+7G6//phL9fybL92tn1l/HlV8/bfubsrzB639H8mZtz3pH/t7747OzF0cjdiSv1vIN748tfbbIF+Wz+IeOth7/+/PPZPE/EBHZRXwkIh6MiIfyvns4Ih6JiKOrxP/9i4++0+7Yduj/yZb3v8Xrf6Cx/9efKJ377pt29a/t/neilhrK36nd/26hfXN25SU2ejUDAADAf08aEXsjSYcX02k6PFz/e/kDsTutTM/MPnl6+r0Lk/VnBAaiLy1WuvqXrYeOJvP5Gev5sXytuDh+PF83/rz0v1p+eGK6Mtnl2KHX7Wkz/jO/lbrdOmDLeV4Lelfz+E+71A7g9vP9D73L+IfeZfxD72o1/j9sytsLgDuT73/oXcY/9C7jH3qX8Q89aTPP9W9VorzK0/sS2yUR6bZohkSLRLkDo7vLNyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAO+TcAAP//uZjx6g==") 2.009197578s ago: executing program 0 (id=581): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000008000000000000836110011", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) memfd_create(0x0, 0x0) syz_mount_image$exfat(&(0x7f0000001500), &(0x7f0000001540)='./file0\x00', 0x0, &(0x7f0000000100)=ANY=[], 0x2, 0x14fe, &(0x7f0000002ac0)="$eJzs3QuYjtX6MPB1r7UexjTxNslhWPe6H940WCZJckiSQ5IkSZJTQtIkSUJiyCkJSchxkhyGkBwmJo3z+ZBz0mRLkiSnnML6rqndtve//b/s/e39//y/Pffvutb1rvtaz72etd6beZ/nuebwQ9fhtZrUrt6IiMS/BH57SRFCxAghBgkh8gkhAiFE+fjy8dnjeRSk/GsnYf9ej6Zd6xWwa4nrn7Nx/XM2rn/OxvXP2bj+ORvXP2fj+udsXH/GcrKtMwvfwC3ntn/9+X/Mby/8/P//Q/z5n7Nx/f/TnM7zzxzN9f9Pctl7/89lcP1zNq5/zsb1z9m4/jkb1z9n4/ozlpNd6+fP3K5tu9b//hhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOM5Qzn/BVaCPF7/1qvizHGGGOMMcYYY/8+Pve1XgFjjDHGGGOMMcb+54GQQgktApFL5BYxIo+IFdeJOHG9yCvyiYi4QcSLG0V+cZMoIAqKQqKwSBBFRFFhBAorSISimCguouJmUULcIhJFSVFKlBZOlBFJ4lZRVtwmyonbRXlxh6gg7hQVRSVRWVQRd4mq4m5RTdwjqot7RQ1RU9QStcV9oo64X9QVD4h64kFRXzwkGoiHRUPxiGgkHhWNxWOiiXhcNBVPiGaiuWghWopW/1f5r4ie4lXRS/QWKaKP6CteE/1EfzFADBSDxOtisHhDDBFviqFimBgu3hIjxNtipHhHjBKjxRjxrhgrxonxYoKYKCaJVPGemCzeF1PEB2KqmCamixkiTcwUs8SHYraYI+aKj8Q88bGYLxaIhWKRSBefiMViicgQn4ql4jORKZaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Co+F9vEdrFD7BS7xG6xR3wh9oovxT7xlcgSX/+T+Wf/S343ECBAggQNGnJBLoiBGIiFWIiDOMgLeSECEYiHeMgP+aEAFIBCUAgSIAGKQlFAQCAgKAbFIApRKAElIBESoRSUAgcOkiAJysJtUA7KQXkoDxWgAlSESlAJqkAVqApVoRpUg+pQHWpADagFteA+uA/uh7pQF+pBPagP9aEBNICG0BAaQSNoDI2hCTSBptAUmkEzaAEtoBW0gtbQGtpAG2gH7aA9tIcO0AGSIRk6QkfoBJ2gM3SGLtAFukJX6AbdoTu8Aq/Aq/Aq9IYasg/0hb7QD/rBABgIA+F1GAxvwBvwJgyFYTAc3oK34G0YCWdgFIyGMTAGqspxMB4mAMlJkAqpMBkmwxSYAlNhGkyDGZAGM2EWzILZMAfmwEcwDz6Gj2EBLIBFkA7psBiWQAZkwFI4C5mwDJbDClgJq2AlrIG1sAbWwwZYD5tgE2yBLfA5fA7bYTvshJ2wG3bDF/AFfAlfwlDIgizYD/vhAByAg3AQDsEhOAyH4QgcgaNwFI7BMTgOJ+AknIDTcBrOwFk4B+fgAlyAi3ARLsPl7P/8MpuWWuaSuWSMjJGxMlbGyTiZV+aVERmR8TJe5pf5ZQFZQBaShWSCTJBFZVGJEiXJUBaTxWRURmUJWUImykRZSpaSTjqZJJNkWVlWlpPlZHl5h6wg75QVZSXZ1lWRVWRV2c5Vk/fI6rK6rCFrylqytqwt68g6sq6sK+vJerK+rC8byIdlQ9kHBsCjMrsyTeQwaCqHQzPZXLaQLeXb8KRsLUdCG9lWtpNPy9EwCjrI1i5ZPic7yvHQSb4gJ8CLsoucBF3ly7Kb7C57yFdkT9nG9ZK95VToI/vKGdBP9pcD5EA5G2rK7IrVkm/KoXKYHC7fkovgbTlSviNHydFyjHxXjpXj5Hg5QU6Uk2SqfE9Olu/LKfIDOVVOk9PlDJkmZ8pZ8kM5W86Rc+VHcp78WM6XC+RCuUimy0/kYrlEZshP5VL5mcyUy+RyuUKulKvkarlGrpXr5Hq5QW6Um+RmuUVulZ/LbXK73CF3yl1yt9wjv5B75Zdyn/xKZsmv5X75J3lAfiMPym/lIfmdPCy/l0fkD/Ko/FEekz/J4/KEPClPydPyZ3lGnpXn5Hl5Qf4iL8pL8rL0UihQUimlVaByqdwqRuVRseo6FaeuV3lVPhVRN6h4daPKr25SBVRBVUgVVgmqiCqqjEJlFalQFVPFVVTdrEqoW1SiKqlKqdLKqTIqSd2qyqrbVDl1uyqv7lAV1J2qoqqkKqsq6i5VVd2tqql7VHV1r6qhaqpaqra6T9VR96u66gFVTz2o6quHVAP1sGqoHlGN1KOqsXpMNVGPq6bqCdVMNVctVEvVSj2pWqunVBvVVrVTT6v26hnVQT2rktVzqqN6XnVSL6jO6kXVRb2kuqqXVTfVXfVQl9Rl5VUv1VulqD6qr3pN9VP91QA1UA1Sr6vB6g01RL2phqpharh6S41Qb6uR6h01So1WY9S7aqwap8arCWqimqRS1XtqsnpfTVEfqKlqmpquZqg0NVMN+PNMc/+B/Pf/Tv6QX8++RW1Vn6ttarvaoXaqXWq32qP2qL1qr9qn9qkslaX2q/3qgDqgDqqD6pA6pA6rw+qIOqKOqqPqmDqmjqsT6rw6pU6rn9UZdVadVefVBXVBXfzzeyA0aKmV1jrQuXRuHaPz6Fh9nY7T1+u8Op+O6Bt0vL5R59c36QK6oC6kC+sEXUQX1Uajtpp0qIvp4jqqb9Yl9C06UZfUpXRp7XQZnaRv/Zfzr7a+VrqVbq1b6za6jW6n2+n2ur3uoDvoZJ2sO+qOupPupDvrzrqL7qK76q66m+6me+geuqfuqb0QIkWn6L76Nd1P99cD9EA9SL+uB+vBeogeoofqoXq4Hq5H6BF6pB6pR+lReoweo8fqsXq8Hq8n6ok6VafqyXqynqKn6Kl6qp6up+s0naZn6Vl6tp6t5+q5ep6ep+fr+XqhXqjTdbperBfrDJ2hl+qlOlMv08v0Cr1Cr9Kr9Bq9Rq/T6/QGvUFv0pt0pv79GzR36B16l96l9+g9eq/eq/fpfTpLZ+n9er8+oA/og/qgPqQP6cP6sD6ij+ij+qg+po/p4/q4PqlP6tP6tD6jz+hz+py+oC/oi/qivqwvZ1/2BTKQgQ50kCvIFcQEMUFsEBvEBXFB3iBvEAkiQXwQH+QPbgoKBAWDQkHhICEoEhQNTICBDSgIg2JB8SAa3ByUCG4JEoOSQamgdOCCMkFScGtQNrgtKBfcHpQP7ggqBHcGFYNKQeWgSnBXUDW4O6gW3BNUD+4NagQ1g1pB7eC+oE5wf1A3eCCoFzwY1A8eChoEDwcNg0eCRsGjQePgsaBJ8HjQNHgiaBY0D1oELYNW/9b5vT9T8CnXy/Q2KaaP6WteM/1MfzPADDSDzOtmsHnDDDFvmqFmmBlu3jIjzNtmpHnHjDKjzRjzrhlrxpnxZoKZaCaZVPOemWzeN1PMB2aqmWammxkmzcw0s8yHZraZY+aaj8w887GZbxaYhWaRSTefmMVmickwn5ql5jOTaZaZ5WaFWWlWmdVmjVlr1pn1ZoPZaDaZzWaL2Wo+N9vMdrPD7DS7zG6zx3xh9povzT7zlckyX5v95k/mgPnGHDTfmkPmO3PYfG+OmB/MUfOjOWZ+MsfNCXPSnDKnzc/mjDlrzpnz5oL5xVw0l8xl47Mv7rM/3lGjxlyYC2MwBmMxFuMwDvNiXoxgBOMxHvNjfiyABbAQFsIETMCiWBSzERIWw2IYxSiWwBKYiIlYCkuhQ4dJmIRlsSyWw3JYHstjBayAFbEiVsbs+5G78G68G+/Be/BevBdrYk2sjbWxDtbBulgX62E9rI/1sQE2wIbYEBthI2yMjbEJNsGm2BSbYTNsgS2wFbbC1tga22AbbIftsD22xw7YAZMxGTtiR+yEnbAzdsYu2AW7Ylfsht2wB/bAntgTe2EvTMEU7It9sR/2wwE4AAfhIByMg3EIDsGhOBSH43AcgSNwJI7EUTgax+C7OBbH4XicgBNxEqZiKk7GyTgFp+BUnIrTcTqmYRrOwlk4G2fjXJyL83Aezsf5uBAXYjqm42JcjBmYgUtxKWZiJi7H5bgSV+JqXI1rcS2ux/W4ETfiZtyMW3ErbsNtuAN34C7chXtwD+7FvbgP92EWZuF+3I8H8AAexIN4CA/hYTyMR/AIHsWjeAyP4XE8DifxJJ7G03gGz+A5PIcX8Be8iJfwMnqMsXlsrL3OxtnrbV6bz8bYPL2FEH+JC9nCNsEWsUWtsQVswb+J0VqbaEvaUra0dbaMTbK3/iGuaCvZyraKvctWtXfban+I69j7bV37gK1nH7S17X1/E9e3D9kG9nHb0D5hG9nmtrFtaZvYx21T+4RtZpvbFralbW+fsR3sszbZPmc72uf/EC+2S+xau86utxvsXvulPWfP2yP2B3vB/mJ72d52kH3dDrZv2CH2TTvUDvtDPMa+a8facXa8nWAn2kl/iKfbGTbNzrSz7Id2tp3zhzjdfmLn2Qw73y6wC+2iX+PsNWXYT+1S+5nNtMvscrvCrrSr7Gq75i9rXWE32c12i91jv7Db7Ha7w+60u+zuX+PsfeyzX9ks+7U9bL+3B+w39qA9ag/Z736Ns/d31P5oj9mf7HF7wp60p+xp+7M9Y8/+uv/svZ+yl+xl660gIEmKNAWUi3JTDOWhWLqO4uh6ykv5KEI3UDzdSPnpJipABakQFaYEKkJFyRCSJaKQilFxitLNVIJuoUQqSaWoNDkqQ0l0K5Wl26gc3U7l6Q6qQHdSRapElakK3UVV6W6qRvdQdbqXalBNqkW16T6qQ/dTXXqA6tGDVJ8eogb0MDWkR6gRPUqN6TFqQo9TU3qCmlFzakEtqRU9Sa3pKWpDbakdPU3t6RnqQM9SMj1HHel56kQvUGd6kbrQS9SVXqZu1J160CvUk16lXtSbUqgP9aXXqB/1pwE0kAbR6zSY3qAh9CYNpWE0nN6iEfQ2jaR3aBSNpjH0Lo2lcTSeJtBEmkSp9B5NpvdpCn1AU2kaTacZlEYzaRZ9SLNpDs2lj2gefUzzaQEtpEWUTp/QYlpCGfQpLaXPKJOW0XJaQStpFa2mNbSW1tF62kAbaRNtpi20lT6nbbSddtBO2kW7aQ99QXvpS9pHX1EWfU376U90gL6hg/QtHaLv6DB9T0foBzpKP9Ix+omO0wk6SafoNP1MZ+gsnaPzdIF+oYt0iS6TJxFCKEMV6jAIc4W5w5gwTxgbXhfGhdeHecN8YSS8IYwPbwzzhzeFBcKCYaGwcJgQFgmLhibE0IYUhmGxsHgYDW8OS4S3hIlhybBUWDp0YZkwKbw1LBveFpYLbw/Lh3eEFcI7w4phpbByWCW8K6wa3h1WC+8Jq4f3hjXCmmGtsHZ4X1gnvD+sGz4Q1gsfDMuFD4UNwofDhuEjYaPw0bBx+FjYJHw8bBo+ETYLm4ctwpZhq/DJsHX4VNgmbBu2C58O24fPhB3CZ8Pk8LmwY/j8VcdTwj5h3/C18LXQ+wfUwuiiaHr0k+ji6JJoRvTT6NLoZ9HM6LLo8uiK6Mroqujq6Jro2ui66ProhujG6Kbo5uiWqPe1cwsHTjrltAtcLpfbxbg8LtZd5+Lc9S6vy+ci7gYX7250+d1NroAr6Aq5wi7BFXFFnXHorCMXumKuuIu6m10Jd4tLdCVdKVfaOVfGJbmWrpVr5Vq7p1wb19a1c0+7p90z7hn3rHvWPec6uuddJ/eC6+xedF3cS+4l97Lr5rq7Hu4V19O96nq53i7Fpbi+rq/r5/q5AW6AG+QGucFusBvihrihbqgb7oa7EW6EG+lGulFulBvjxrixbqwb78a7iW6iS3WpbrKb7Ka4KW6qm+qmu+kuzaW5WW6Wm+1mu7lurpvn5rn5br5b6Ba6dJfuFrvFLsNluKVuqct0mW65W+5WupVutVvt1rq1br1b7za6jW6z2+y2uq1um9vmdrgdbpfb5fa4PW6v2+v2uX0uy2W5/W6/O+AOuIPuW3fIfecOu+/dEfeDO+p+dMfcT+64O+FOulPutPvZnXFn3Tl33l1wv7iL7pK77LxLjbwXmRx5PzIl8kFkamRaZHpkRiQtMjMyK/JhZHZkTmRu5KPIvMjHkfmRBZGFkUWR9MgnkcWRJZGMyKeRpZHPIpmRZZHlkRWRlZFVEe+LbAt9MV/cR/3NvoS/xSf6kr6UL+2dL+OT/K2+rL/Nl/O3+/L+Dl/B3+kr+kq+sn/CN/PNfQvf0rfyT/rW/infxrf17fzTvr1/xnfwz/pk/5zv6J/3nfwLvrN/0XfxL/mu/mXfzXf3Pfwrvqd/1ffyvX2K7+P7+td8P9/fD/AD/SD/uh/s3/BD/Jt+qB/mh/u3/Aj/th/p3/Gj/Gg/xr/rx/pxfryf4Cf6ST7Vv+cn+/f9FP+Bn+qn+el+hk/zM/0s/6Gf7ef4uf4jP89/7Of7BX6hX+TT/Sd+sV/iM/ynfqn/zGf6ZX65X+FX+lV+tV/j1/p1fr3f4Df6TX6z3+K3+s/9Nr/d7/A7/S6/2+/xX/i9/ku/z3/ls/zXfr//kz/gv/EH/bf+kP/OH/bf+yP+B3/U/+iP+Z/8cX/Cn/Sn/Gn/sz/jz/pz/ry/4H/xF/0lf5l/Zo0xxhhj7B+irjLe57/JkX/u9xVCXL+98KH/Or6xwG/9/rkT2keEEM/17vro761GjZSUlD8fm6lEUHyBECJyJT+XuBIvE+3EMyJZtBVl/zIe81fn6i+7X6CrzB+9Q4jYv8rJzv89vjL/bX93//3luHlXnX+BEInFr+TkEVfiK/OX+2/mL9j6KvPn+SZViDZ/lRMnrsRX5k8ST4nnRfLfHMkYY4wxxhhjjP2mv6zc+Wr3t9n35wn6Sk5ucSX+e/fnjDHGGGOMMcYY+9/lxe49nn0yObltZ+78T3V8vt/e6v8t6+EOd/6BzrX+ysQYY4wxxhj7d7ty0X+tV8IYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjOVc/y9+ndjv57ra3xpkjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHG/lP9nwAAAP//sjE7Eg==") syz_mount_image$fuse(0x0, &(0x7f0000000540)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) setsockopt$inet6_IPV6_RTHDR(0xffffffffffffffff, 0x29, 0x39, 0x0, 0x18) bpf$MAP_CREATE(0x0, &(0x7f0000000800)=@bloom_filter={0x1e, 0x6, 0x6, 0x9, 0x42, r1, 0x7ff, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x4, 0x9}, 0x48) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0) r2 = signalfd4(r0, &(0x7f0000000640)={[0x8]}, 0x8, 0x80800) ioctl$VHOST_SET_VRING_CALL(r2, 0x4008af21, &(0x7f0000000680)={0x2}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143042, 0x0) pwritev2(r3, &(0x7f0000000100), 0x27, 0x5405, 0xe, 0x8) sendfile(r3, r3, 0x0, 0x7a680000) connect$inet6(0xffffffffffffffff, &(0x7f0000002200)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c) writev(0xffffffffffffffff, 0x0, 0x0) truncate(0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kmem_cache_free\x00'}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10) socket$inet_udplite(0x2, 0x2, 0x88) socket$nl_route(0x10, 0x3, 0x0) syz_mount_image$vfat(&(0x7f0000000a40), &(0x7f0000000140)='./bus\x00', 0x0, &(0x7f0000000000)=ANY=[], 0x1, 0x35a, &(0x7f0000000b00)="$eJzs3c9rI2UYwPEnaTa/lm1yEEVB+qAXvQxt9KwG2QUx4NLdiLuCMLudaMiYlEyoRMTWk1fx5j8guOxxbwX1H+jFWwXx4q2XgqBFxJH51ebHJGnSlLTb7wdKnsn7PpP3TUJ43oF5e/DBN582ao5RMzuSzKokRESORIqSlEgifEz6cVp67cir1//cf/HOvfvvliuVm+uqt8p3Xyup6vLKj599kQu77WZkr/jRwWHpj71n954/+O/uJ3VH6442Wx019UHr9475wLZ0o+40DNXbtmU6ltabjtUO2ltBe81ubW521Wxu3Mhvti3HUbPZ1YbV1U5LO+2umh+b9aYahqE38nK1ZGfIqT5aXzfLM77gwxnzMG//uK47prndLptLIkZuqKX66FzHBQAALqSB+v+7qEYoSvK4oEz0rQWG6/8o9ut/b7FwUv8/funnzvX3nyyH9f9uOq7+f/3XIL+v/vdefe71/w8Dx8MV0aW3PU3nM9X/uBhW0kNPJfqOvPo/H67ffV99+HjVD6j/AQAAAAAAAAAAAAAAAAAAAAC4DI5ct+C6biF6jP5ObiEIj6OjcTca49IZ9flnwh0Fjr8PeCrduXdfsv6Ne6llEfvrrepWNXgM26OOq1KQf/3vQyjYcGLHb1RPUX6yt8P87a3qkt9SFlGxxZI1KUixL9+Pb71Tubmmgf78RCrv5dek7ueXpCDPxOeXYvPT8srLPfmGFOSXh9ISWzbC37Eo/8s11bffqwzk5/x+cd48/48FAAAAAIC5MlSz4fI5dv1uGKpx7d5aXnrX58PXB47X16ux6/NU4YXUYucOAAAAAMBV4aQ/b5i2bbWd7sggJ5P6ZMKzjT9PfJCaprMX7PvBtXF9lnpm2NsU7ZQal5UO/4PGFIMPziNHwQWP02T9lZHYNzN2YNkzvKumHc3/FJ2z034EbScZ+x5OCla88ehM0+kJostGo/rI7VnPPCqIds79bULn5779/u/ZXiIR7trb2/TGk+yEmfpBYuCZnQlf2kPXnTiea+f1ewMAAABgcaKiP+dEz7y12AEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHAFzXWbtBHBoucIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXBT/BwAA//8L3Pjk") r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x101000, 0x0) ioctl$TUNSETQUEUE(r4, 0x400454d9, &(0x7f00000003c0)={'syz_tun\x00', 0x400}) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) 2.007599918s ago: executing program 2 (id=582): pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) splice(r0, 0x0, r2, 0x0, 0x88000cc, 0x0) fcntl$setpipe(r1, 0x407, 0x100004) write$eventfd(r1, &(0x7f0000000240), 0xffffff14) 2.006691918s ago: executing program 3 (id=583): sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00'}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) dup(0xffffffffffffffff) mmap(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x0, 0x12, 0xffffffffffffffff, 0x0) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r5}, 0x10) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="9feb010018000000000000004c0000004c00000002000000000000000000000903000000000000000000000105000000080000000000000000000003000000000200000002000000000200000000000000000003000000000100000002"], 0x0, 0x66}, 0x20) r6 = socket$inet6(0xa, 0x2, 0x0) ioctl$sock_inet6_SIOCSIFDSTADDR(r6, 0x8918, &(0x7f0000000080)={@loopback={0x0, 0x3fc}}) 2.33915ms ago: executing program 0 (id=584): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000100000000000000040000850000006d00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r2, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b0000"], 0x15) r3 = dup(r2) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r3}}) 1.75525ms ago: executing program 2 (id=586): syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='mounts\x00') prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x40, &(0x7f0000000000)=0x822, 0x4) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) open(0x0, 0x0, 0x0) timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f0000000380), 0x0) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(&(0x7f0000000040)='./file0/../file0\x00', 0x0, 0x0, 0x1217880, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x10, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x1a, 0x3, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000000000000950000200000000009a1f3cd91dfa631dbadeeb3981c21b6d6536425ce4cee7ae6ce9e201c874f87741e2b9e8bf08e2c52340981b96849feb0d8ed84f7a9d8cd79366b14b02aae76f9e1f39b7953c7acf1196db27cbaa0a2e57515864068c3b7f8a54c70e0ff00bab0816550c32ebbbe327af58690bf7ec7b30964d7cbdc1a391dca35bf55b90fc799df8c98db613482013fba748f4f9a92021944958584ca5a8906fe239288"], &(0x7f0000000340)='syzkaller\x00', 0x1, 0xc5, &(0x7f0000000180)=""/197, 0x0, 0x0, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x64}, 0x80) 1.36477ms ago: executing program 3 (id=587): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413e850000000f00000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10) r4 = socket$netlink(0x10, 0x3, 0x0) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0) writev(r4, &(0x7f0000000340)=[{&(0x7f0000000180)="1c0000002000190f00003fffffffda060200000018e80001dd000004", 0x1c}], 0x1) openat2$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) r5 = open(&(0x7f0000000040)='./cgroup.cpu/cpuset.cpus\x00', 0x121342, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0x3, &(0x7f0000000380)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000a3f3ccca2ed14bb8ce5cbdeb4b7d879ebf339caa862ada823320ce0d2e4cfff8cd198dd3aea2a635f05b4e58e6392d8d122c07ecc6460caddc626e7e5d658d4137711faa98f1629737b295f4123edc23a1739af38cc7f896e0d034d14929"], &(0x7f0000000000)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wlan0\x00'}) write$tcp_mem(r5, &(0x7f0000000100)={0x0, 0x2d, 0x10000000000000, 0xa, 0x0, 0x2c}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0}, 0x10) r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0) pwritev2(r6, &(0x7f00000006c0)=[{&(0x7f00000000c0)='u', 0x1}], 0x1, 0x100000, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) 0s ago: executing program 4 (id=588): syz_mount_image$exfat(&(0x7f0000000000), &(0x7f0000000040)='./file1\x00', 0xa10812, &(0x7f0000001080)=ANY=[@ANYBLOB='discard,utf8,fmask=00000000000000000000271,namecase=1,discard,errors=continue,errors=remount-ro,umask=00000000000000000003377,utf8,iocharset=cp861,iocharset=macturkish,umask=00000000000000000005454,dmask=00000000000000000000005,errors=continue,uid=', @ANYRESHEX=0x0, @ANYBLOB=',euid=', @ANYRESDEC=0x0, @ANYBLOB=',fscontext=user_u,subj_type=iocharset,dont_measure,uid>', @ANYRESDEC=0x0, @ANYBLOB="2c736d61636b6673666c6f6f723dda08d2b66c053ea3fe49e94ce4a991b23fb060827efcf28bd3926e46dcef32f03b7a7c690350d9ae752dadd8c9f7ebc6042462e42a43eab845c2298f1d480bf7db736035f9b6d3b34f14542aab3c1158afbfbbf2827a9c907aaaa752a5f8de74a5c8f217399f2fcd93c4f15b3106a8ee8aaa4cac999da5e1c0a7222169c3720133e6d3f9b6b59159dab0b07a5077e594aa5dfc1e180c35667988a19cb0805b00de66f2060770cc808d82974b98e9222f3ea386232be847d9c4ca81fe0631dcfb6026363a00a6dadae840ab9c12915c8c04cbad3dc338396dd6a03fb53fb184d1c403a62cf39ffa1ebc1453e1ab3b1a2d062e26f1c038cfb9458ebd158564e64f2d987952cf1f2518ffc8ab8d1efb9a6017f75c1bdf8004beab7616f8d12150fbb3f0c9a283052c6d61736b3d4d41595f415050454e442c7065726d69745f646972656374696f2c666f776e65723c", @ANYRESDEC=0x0, @ANYBLOB="5bba993834d1c8888cb7f625a7ffdc8ec8b4769356c29b1e8da21cf5419f9efe09e69589951df595bf978bfeb0a392302cfd873e4212d72d41862aa048871fa1c232bb21f9f3bcc98b70aa975e5fe24368c7ca3cc0acceeac49facca6e5781bd74acabc74a9c5c774a450c0cf5c98e5a416e565702ca3f4e71e2e324cb66c1ed"], 0x21, 0x14fd, &(0x7f0000003f40)="$eJzs3Au0jtXWOPA511oPm6Q3yX3NNR/etLFIklyS5JIkyZEkt4QkSZKkcr8lIQm5J7mH5BaS+/2We5Ik7SQJyS1Z/6HT+XRO5/v3ne873zDGt+dvjGfsNd/nneuZ65177Od53j3e97sOg6rUq1qxDjPD/wj+9UdXAEgBgL4AcA0ARABQMlvJbJf2Z9LY9X92EPHv9eDUK12BuJKk/+mb9D99k/6nb9L/9E36n75J/9M36X/6Jv0XIj3bOi33tbKl303e/0/P5Pz/f0ha0dFfrS96fcd/IUX6n75J/9M36X/6Jv1P36T/6Zv0P32T/qdv0n8h0rP//nvH8r+D/wvblf79E0IIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgiRPpwNlxkA+Nv4StclhBBCCCGEEEKIf5+Q8UpXIIQQQgghhBBCiP99CAo0GIggA2SEFMgEmeEqyAJXQ1a4BhJwLWSD6yA7XA85ICfkgtyQB/JCPrBA4IAhhvxQAJJwAxSEGyEVCkFhKAIeikIxuAmKw81QAm6BknArlILboDSUgbJQDm6H8nAHVIA7oSLcBZWgMlSBqnA3VIN7oDrcCzXgPqgJ90MteABqw1+gDjwIdeEhqAcPQ314BBpAQ2gEjaHJfyv/RXgJXobO0AW6QjfoDj2gJ/SC3tAH+sIr0A9SfnttBsIgeB0GwxswBN6EoTAMhsNbMAJGwigYDWNgLIyDt2E8vAMT4F2YCJNgMkyBqTANpsN7MANmwix4H2bDBzAH5sI8mA8L4ENYCItgMXwES+BjWArLYDmsgJWwClbDGlgL62A9bICNsAk2wxbYCp/ANtgOO2An7ILdsAc+hb3wGeyDz2E/fPEv5p/5h/yOCAioUKFBgxkwA6ZgCmbGzJgFs2BWzIoJTGA2zIbZMTvmwBw35sJcmAfzYD7Mh4SEjIz5MT8mMYkFsSCmYioWxsLo0WMxLIbF8WYsgSWwJJbEUlgKS2MZLIPlsByWx/JYAStgRayIlbASVsEqeDfejfdgdayONbAG1sSaWAtrYVre2lgH62BdrIv1sB7Wx/rYABtgI2yETbAJNsWm2AybYQtsgS2xJbbCVtgaW2MbbINtsS22w3bYHttjB+yAHfEFfAFfxBfxZXwZu2Al1Q27Y3fsiT2xN/bBPvgK9sNX8VV8DQfgQByEr+Pr+AYOwdM4FIfhcByO5dVIHIWjkdVYHIfjcDyOxwk4ASfiJJyEU3AqTsPpOB1n4Eycie/jbPwAP8C5OBfn4wJcgAtxES7GxbgEz+BSXIbLcQWuxFW4EtfgWlyD63EDrsdNuAm34Bb8BD/B7bgdd+JO3I0GAD/Fz/AzHID7cT8ewAN4EA/iITyEaZiGh/EwHsEjeBSP4jE8hsfxBJ7EE3gKT+FpPINn8Syex/N4AZ/L803d3YXWDQB1iVFGZVAZVIpKUZlVZpVFZVFZVVaVUAmVTWVT2VV2lUPlULlULpVH5VH51DlFihSrWOVX+VVSJVVBVVClqlRVWBVWXnlVTBVTxVVxVUKVUCXVraqUuk2VVmVUc19OlVPlVQtfQd2pKqqKqpKqrKqoqqqqqqaqqeqquqqhaqiaqqaqpR5QtVU37I0PqkudqacGYn01CBuohqqRaqzewEdVUzUEm6nmqoV6XA3DodhKNfWt1VOqjRqFbdUzajQ+q9qrsdhBPa86qhdUJ/Wiekk1851VFzURu6nuagr2VL1Ub9VHzcDK6lLHqqjX1AA1UA1Sr6v5+IYaot5UQ9UwNVy9pUaokWqUGq3GqLFqnHpbjVfvqAnqXTVRTVKT1RQ1VU1T09V7aoaaqWap99Vs9YGao+aqeWq+WqA+VAvVIrVYfaSWqI/VUrVMLVcr1Eq1Sq1Wa9RatU6tVxvURrVJbVZb1Fb1idqmtqsdaqfapXarPepTtVd9pvapz9V+9YU6oL5UB9VX6pD6WqWpb9Rh9a06or5TR9X36pj6QR1XJ9RJ9aM6pX5Sp9UZdVadU+fVz+qC+kVdVEGBRq201kZHOoPOqFN0Jp1ZX6Wz6Kt1Vn2NTuhrdTZ9nc6ur9c5dE6dS+fWeXRenU9bTdpp1rHOrwvopL5BF9Q36lRdSBfWRbTXRXUxfZMurm/WJfQtuqS+VZfSt+nSuowuq8vp23V5fYeuoO/UFfVdupKurKvoqvpuXU3fo6vre3UNfZ+uqe/XtfQDurb+i66jH9R19UO6nn5Y19eP6Aa6oW6kG+sm+lHdVD+mm+nmuoV+XLfUT+hW+kndWj+l2+indVv9jG6nn9Xt9XO6g35ed9Qv6E76F31RB91Zd9FddTfdXffQPXUv3Vv30X31K7qfflX316/pAXqgHqRf14P1G3qIflMP1cP0cP2WHqFH6lF6tB6jx+px+m09Xr+jJ+h39UQ9SU/WU/RUPU33/m2mWf+F/Hf+SX7/X4++RW/Vn+hterveoXfqXXq33qP36L16r96n9+n9er8+oA/og/qgPqQP6TSdpg/rw/qIPqKP6qP6mD6mj+sT+pz+UZ/SP+nT+ow+o8/p8/q8vvDbawAGjTLaGBOZDCajSTGZTGZzlclirjZZzTUmYa412cx1Jru53uQwOU0uk9vkMXlNPmMNGWfYxCa/KWCS5gb87aRpCpsixpuippi56V/JNwXNjSbVFPq7/D+rr4lpYpqapqaZaWZamBampWlpWplWprVpbdqYNqataWvamXamvWlvOpgOpqPpaDqZTuYl85LpbDqbrqar6W56mJ6ml+lt+pi+5hXTz/Qz/U1/M8AMMIPMIDPYDDZDzBAz1Aw1w81wM8KMMKPMKDPGjDHjzDgz3ow3E8wEM9FMNJPNZDPVTDXTzXQzw8wws8wsM9vMNnPMHDPPzDMLzAKz0Cw0i81is8QsMUvNMrPMrDArzCqzyqwxa8w6s85sMBvMJrPJLM241Ww128w2s8PsMLvMLrPH7DF7zV6zz+wz+81+c8AcMAfNQXPIHDJpJs0cNofNEXPEHDVHzTFzzBw3x81Jc9KcMqfMaXPanDVnzXlz3lwwF8xFc/HSZV+kIhWZyEQZogxRSpQSZY4yR1miLFHWKGuUiBJRtihblD26PsoR5YxyRbmjPFHeKF9kI4pcxFEc5Y8KRMnohqhgdGOUGhWKCkdFIh8VjYpFN0XFo5ujEtEtUcno1qhUdFtUOioTlY3KRbdH5aM7ogrRnVHF6K6oUlQ5qhJVje6OqkX3RNWje6Ma0X1Rzej+qFb0QFQ7+ktUJ3owqhs9FNWLHo7qR49EDaKGUaOocdTk3zp/CKdzPuY72y62q+1mu9setqftZXvbPravfcX2s6/a/vY1O8AOtIPs63awfcMOsW/aoXaYHW7fsiPsSDvKjrZj7Fg7zr5tx9t37AT7rp1oJ9nJdoqdaqfZ6fY9O8POtLPs+3a2/cDOsXPtPDvfLrAf2oV2kV1sP7JL7Md2qV1ml9sVdqVdZVfbNXatXWfX2w12o91kN9stdqv9xG6z2+0Ou9PusrvtHvup3Ws/s/vs53a//cIesF/ag/Yre8h+bdPsN/aw/dYesd/Zo/Z7e8z+YI/bE/ak/dGesj/Z0/aMPWvP2fP2Z3vB/mIv2nDp4v7S6Z0MGcpAGSiFUigzZaYslIWyUlZKUIKyUTbKTtkpB+WgXJSL8lAeykf56BImpvyUn5KUpIJUkFIplQpTYfLkqRgVo+JUnEpQCSpJJakUlaLSVJrKUlm6nW6nO+gOupPupLvoLqpMlakqVaVqVI2qU3WqQTWoJtWkWlSLalNtqkN1qC7VpXpUj+pTfWpADagRNaIm1ISaUlNqRs2oBbWgltSSWlErak2tqQ21obbUltpRO2pP7akDdaCO1JE6USd6iV6iztSZulJX6k7dqSf1pN7Um/pSX+pH/ag/9acBNIAG0SAaTINpCA2hoTSMhtNbNIJG0igaTWNoLI2jcTSextMEmkATaSJNpsk0labSdJpOM2gGzaJZNJtm0xyaQ/NoHi2gBbSQFtJiWkxLaAktpaW0nJbTSlpJq2k1raW1tJ7W00baSJtpM22lrbSNttEO2kG7aBftoT20l/bSPtpH+2k/HaADdJAO0iE6RGmURofpMB2hI3SUjtIxOkbH6TidpJN0ik7RaTpNZ+ksnaef6QL9QhcpUIrL5DK7q1wWd7XL6q5x/xjncrldHpfX5XPW5XA5/y4m51yqK+QKuyLOu6KumLvJpV66pfpdXNqVcWVdOXe7K+/ucBX+EFdz97jq7l5Xw93nqrq7/y6u6e53tdzDrrZ7xNVxDV1d19jVcw+7+u4R18A1dI1cY9fSPeFauSdda/eUa+Oe/kO80C1ya906t95tcHvdZ+6sO+eOuO/cefez6+y6uL7uFdfPver6u9fcADfwD/Fw95Yb4Ua6UW60G+PG/iGe7Ka4qW6am+7eczPczD/EC9yHbrZb7Oa4uW6em/9rfKmmxe4jt8R97Ja6ZW65W+FWulVutVvzH7WucJvcZrfF7XGfum1uu9vhdrpdbvev8aV17HOfu/3uC3fYfesOuq/cIXfUpblvfo0vre+o+94dcz+44+6EO+l+dKfcT+60O/Pr+i+t/Uf3i7voggNGVqzZcMQZOCOncCbOzFdxFr6as/I1nOBrORtfx9n5es7BOTkX5+Y8nJfzsWVix8wx5+cCnOQbuCDfyKlciAtzEfZclIvxTVycb+YSfAuX5Fu5FN/GpbkMl+VyfDuX5zu4At/JFfkursSVuQpX5bu5Gt/D1flersH3cU2+n2vxA1yb/8J1+EGuyw9xPX6Y6/Mj3IAbciNuzE34UW7Kj3Ezbs4t+HFuyU9wK36SW/NT3Iaf5rb8DLfjZ7k9P8cd+HnuyC9wJ36RX+KXuTN34a7cjbtzD+7Jvbg39+G+/Ar341e5P7/GA3ggD+LXeTC/wUP4TR7Kw3g4v8UjeCSP4tE8hsfyOH6bx/M7PIHf5Yk8iSfzFJ7K03g6v8czeCbP4vd5Nn/Ac3guz+P5vIA/5IW8iBfzR7yEP+alvIyX8wpeyat4Na/htbyO1/MG3sibeDNv4a38CW/j7byDd/Iu3s17+FPey5/xPv6c9/MXfIC/5IP8FR/irzmNv+HD/C0f4e/4KH/Px/gHPs4n+CT/yKf4Jz7NZ/gsn+Pz/DNf4F/4IgeGGGMV69jEUZwhzhinxJnizPFVcZb46jhrfE2ciK+Ns8XXxdnj6+Mccc44V5w7zhPnjfPFNqbYxRzHcf64QJyMb4gLxjfGqXGhuHBcJPZx0bhYfFNcPL45LhHfEpeMb41LxbfFpeMy8cP3lYtvj8vHd8QV4jvjivFdcaW4clwlrhrfHVeL74mrx/fGNeL74hLx/XGt+IEYfvu8St34obhe/HBcP34kbhA3jBvFjeMm8aNx0/ixuFncPG4RPx63jJ+IW8VPxq3jp+I28dN/ur9r3C3uHveIe8Qh3KvnJecnFyQ/TC5MLkouTn6UXJL8OLk0uSy5PLkiuTK5Krk6uSa5NrkuuT65IbkxuSm5ObklGULVjODRK6+98ZHP4DP6FJ/JZ/ZX+Sz+ap/VX+MT/lqfzV/ns/vrfQ6f0+fyuX0en9fn89aTd5597PP7Aj7pb/AF/Y0+1RfyhX0R731RX8w39k18E9/UP+ab+ea+hX/cP+6f8E/4J/2T/infxj/t2/pnfDv/rG/vn/PP+ed9R/+C7+Rf9C/5l31n38V39V19d9/d9/Q9fW/f2/f1fX0/38/39/39AD/AD/KD/GA/2A/xQ/xQP9QP98P9CD/Cj/Kj/Bg/xo/z4/x4P95P8BP8RD/RT/aT/VQ/1U/30/0MP8PP8rP87NTZfo6f4+f5eX6BX+AX+oV+sV/sl/glfqlf6pf75X6lX+lX+9V+rV/r1/v1fqPf6Df7zX6r3+q3+W1+h9/hd/ldfo/f4/f6vX6f3+f3+/3+gD/gD/qD/pD/2qf5b/xh/60/4r/zR/33/pj/wR/3J/xJ/6M/5X/yp/0Zf9af8+f9z/6C/8Vf9MGPS7ydGJ94JzEh8W5iYmJSYnJiSmJqYlpieuK9xIzEzMSsxPuJ2YkPEnMScxPzEvMTCxIfJhYmFiUWJz5KLEl8nFiaWJZYnliRWJlYlQgh77Y45A8FQjLcEAqGG0NqKBQKhyLBh6KhWLgpFA83hxLhllAy3BpKhdtC6VAmlA2PhAahYWgUGocm4dHQNDwWmoXmoUV4PLQMT4RW4cnQOjwV2oSnQ9vwTGgXng3tw3OhQ3g+dPzbHVd4OXQOXULX0C10Dz1Cz9Ar9A59Qt/wSugXXg39w2thQBgYBoXXw+DwRhgS3gxDw7AwPLwVRoSRYVQYHcaEsWFceDuMD++ECeHdMDFMCpPDlDA1TAvTw3thRpgZZoX3w+zwQZgT5oZ5YX5YED4MC8OisDh8FJaEj8PSsCwsDyvCyrAqrA5rwtqwLqwPG8LGsClsDlvC1vBJ2Ba2hx1hZ9gVdoc94dOwN3wW9oXPw/7wRTgQvgwHw1fhUPg6pIVvwuHwbTgSvgtHw/fhWPghHA8nwsnwYzgVfgqnw5lwNpwL58PP4UL4JVyUz6wJIYQQQvyX9PiT/d3+yWMGANRv4+4AcPX23Gm/368BYGOOv457qTwtEwDwVJcOD/5tq1Spa9euvz13qYaowFwASPzDAX6Ll0ELeAJaQ3Mo/k/r66VeOM9/Mn/yVoDMv8tJgcvx5fm//E/mf/Tx4QtLxWez/X/mnwuQWuByTia4HC+DFpdWA82hxH8yf86mf1J/pq/GATT7XU4WuBxfrr8YPAZPQ+u/e6YQQgghhBBCCPFXvVTZdn92/3zp/jyPuZyTES7Hf3Z/LoQQQgghhBBCiCvv2Rc6Pflo69bN28lABjKQwX8MrvRfJiGEEEIIIcS/2+WL/suPZbqSBQkhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEOnQ7770KxMA/K98ndiVXqMQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQghxpf2/AAAA//+7dzOa") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x26e1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000120000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000580)={r0, &(0x7f00000004c0)="97397d29376440250686c9b66da340", &(0x7f0000000500)=""/67}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10) r3 = socket(0x2, 0x3, 0x100000001) sendto$inet6(r0, &(0x7f00000006c0)="3b8f45ba6c6e44433b394767f5fdd83b5ba83884793d8c54c368c835d88f8fdca8b6513565bd8bdb4b915bc7222df532eace38741727e541efadf2816da7b5c61fe54400d0856fd77c35c60faf1897fe14551aebc96dfd772001a85266cfc1f61a0b3e4dddf599a1ef43ff204d1854a4cd9d7636f6f5e57c5e1155ce39799742ca5e430385710b970ba48a1c8c375c8c21ec6dc01132dcf99a577982e280c238d0e7d077b6b1ef579a625ff0994ddc9ac6c80ac98ec1265673aa7085ab9901cf53d592c3f1e1d3eebe269584e99e", 0xce, 0x1, &(0x7f0000000380)={0xa, 0x4e20, 0x2, @local, 0x2}, 0x1c) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x0, 0x24, &(0x7f00000002c0)=ANY=[@ANYRES8, @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000e1b04f8b0e64109c002000f8fffcffffff8520000003000000180000000100010000000000020000003066000004000000182600", @ANYBLOB="000000000e004d9fb4"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x90) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r5, r6, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, 0x0}], 0x1, 0x0, &(0x7f00000002c0)=[@flags={0x3, 0x10200}], 0x1) ioctl$KVM_SET_VAPIC_ADDR(r6, 0x4008ae93, &(0x7f0000000640)=0x1) ioctl$KVM_SET_VCPU_EVENTS(r6, 0x4400ae8f, &(0x7f0000000140)) ioctl$KVM_RUN(r6, 0xae80, 0x0) bind$inet(r3, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10) r7 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_IP_XFRM_POLICY(r7, 0x0, 0x11, &(0x7f0000005b80)={{{@in6=@remote, @in6=@rand_addr=' \x01\x00', 0x0, 0x0, 0x0, 0x0, 0x2}}, {{@in, 0x0, 0x6c}, 0x0, @in6=@dev}}, 0xe8) syz_emit_ethernet(0x3e, &(0x7f00000003c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaf368656e065b0800450000300000000000019078ac1e00feff000001040000450000000000000000000000ac141400ac141400b32a7b7f77c3055dc4357608c1b9f8a25aa2d554ed69165493ff80d25ee03dabc5c4356e00ab89c7dea3ad27590eb4b44c8e856ad8e1c70f"], 0x0) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) splice(r8, 0x0, r10, 0x0, 0x88000cc, 0x0) fcntl$setpipe(r9, 0x407, 0x100004) kernel console output (not intermixed with test programs): 007][ T1060] attempt to access beyond end of device [ 69.847007][ T1060] loop4: rw=2049, want=53320, limit=40427 [ 70.151612][ T1038] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0 [ 70.176819][ T1038] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 70.176926][ T294] attempt to access beyond end of device [ 70.176926][ T294] loop4: rw=2049, want=45104, limit=40427 [ 70.259701][ T1061] syz.3.141 (1061) used greatest stack depth: 19736 bytes left [ 70.267596][ T299] usb 1-1: Using ep0 maxpacket: 8 [ 70.305261][ T1059] netlink: 'syz.3.141': attribute type 4 has an invalid length. [ 71.187857][ T1068] attempt to access beyond end of device [ 71.187857][ T1068] loop2: rw=2049, want=53256, limit=40427 [ 71.360783][ T1068] attempt to access beyond end of device [ 71.360783][ T1068] loop2: rw=2049, want=53320, limit=40427 [ 71.397625][ T299] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 71.410224][ T299] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 71.419887][ T299] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 71.432607][ T299] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2c24, bcdDevice= 0.00 [ 71.441460][ T299] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 71.452781][ T299] usb 1-1: config 0 descriptor?? [ 71.536951][ T854] attempt to access beyond end of device [ 71.536951][ T854] loop1: rw=2049, want=45104, limit=40427 [ 71.537824][ T293] attempt to access beyond end of device [ 71.537824][ T293] loop2: rw=2049, want=45104, limit=40427 [ 71.751743][ T26] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 72.545422][ T1079] loop1: detected capacity change from 0 to 512 [ 72.745109][ T30] kauditd_printk_skb: 9 callbacks suppressed [ 72.745130][ T30] audit: type=1400 audit(1723490094.149:238): avc: denied { read } for pid=1083 comm="syz.2.153" name="msr" dev="devtmpfs" ino=85 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 72.780133][ T1088] fuse: Unknown parameter '0x0000000000000004' [ 72.797146][ T1079] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 72.813487][ T1079] ext4 filesystem being mounted at /8/file0 supports timestamps until 2038 (0x7fffffff) [ 72.880381][ T30] audit: type=1400 audit(1723490094.149:239): avc: denied { open } for pid=1083 comm="syz.2.153" path="/dev/cpu/0/msr" dev="devtmpfs" ino=85 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 72.917268][ T30] audit: type=1400 audit(1723490094.319:240): avc: denied { create } for pid=1091 comm="syz.3.150" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 72.937642][ T299] usbhid 1-1:0.0: can't add hid device: -71 [ 72.945095][ T299] usbhid: probe of 1-1:0.0 failed with error -71 [ 72.954225][ T299] usb 1-1: USB disconnect, device number 8 [ 73.037603][ T26] usb 5-1: Using ep0 maxpacket: 16 [ 73.091667][ T1098] loop1: detected capacity change from 0 to 256 [ 73.098669][ T1088] loop0: detected capacity change from 0 to 40427 [ 73.105235][ T1098] exfat: Deprecated parameter 'utf8' [ 73.110787][ T1098] exfat: Deprecated parameter 'namecase' [ 73.116299][ T1098] exfat: Deprecated parameter 'utf8' [ 73.130178][ T1098] exFAT-fs (loop1): failed to load upcase table (idx : 0x00012153, chksum : 0xc3dffc2e, utbl_chksum : 0xe619d30d) [ 73.138303][ T1088] F2FS-fs (loop0): Invalid SB checksum offset: 0 [ 73.157189][ T1088] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock [ 73.168262][ T1088] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 73.179223][ T26] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 73.189558][ T26] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 73.204197][ T1088] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0 [ 73.211118][ T1088] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 73.257618][ T318] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 73.337595][ T312] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 73.387748][ T26] usb 5-1: New USB device found, idVendor=045e, idProduct=0721, bcdDevice=90.c4 [ 73.397366][ T26] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 73.405960][ T26] usb 5-1: Product: syz [ 73.410486][ T26] usb 5-1: Manufacturer: syz [ 73.431482][ T1106] attempt to access beyond end of device [ 73.431482][ T1106] loop0: rw=2049, want=53256, limit=40427 [ 73.450220][ T1106] attempt to access beyond end of device [ 73.450220][ T1106] loop0: rw=2049, want=53320, limit=40427 [ 73.474790][ T26] usb 5-1: SerialNumber: syz [ 73.503487][ T26] usb 5-1: config 0 descriptor?? [ 73.640955][ T1029] attempt to access beyond end of device [ 73.640955][ T1029] loop0: rw=2049, want=45104, limit=40427 [ 73.678118][ T318] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 73.688830][ T318] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 73.701714][ T318] usb 4-1: New USB device found, idVendor=0eef, idProduct=72d0, bcdDevice= 0.00 [ 73.707673][ T312] usb 3-1: Using ep0 maxpacket: 32 [ 73.710714][ T318] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 73.724200][ T318] usb 4-1: config 0 descriptor?? [ 73.760884][ T1072] syz.4.149[1072] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 73.760974][ T1072] syz.4.149[1072] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 73.778148][ T318] usbhid 4-1:0.0: couldn't find an input interrupt endpoint [ 73.809279][ T30] audit: type=1400 audit(1723490095.219:241): avc: denied { name_bind } for pid=1071 comm="syz.4.149" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 73.809877][ T1072] syz.4.149[1072] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 73.831701][ T1072] syz.4.149[1072] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 73.847670][ T312] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 73.866587][ T1072] device pim6reg1 entered promiscuous mode [ 73.876205][ T30] audit: type=1400 audit(1723490095.219:242): avc: denied { node_bind } for pid=1071 comm="syz.4.149" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1 [ 73.890458][ T312] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 73.901962][ T1108] loop0: detected capacity change from 0 to 40427 [ 73.906506][ T312] usb 3-1: New USB device found, idVendor=0461, idProduct=4e72, bcdDevice= 0.00 [ 73.921188][ T312] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 73.931670][ T312] usb 3-1: config 0 descriptor?? [ 73.950390][ T1108] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 73.958004][ T1108] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 73.966822][ T1108] F2FS-fs (loop0): invalid crc value [ 73.975709][ T1108] F2FS-fs (loop0): Found nat_bits in checkpoint [ 74.015618][ T1108] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 74.022545][ T1108] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 74.061378][ T30] audit: type=1400 audit(1723490095.459:243): avc: denied { setopt } for pid=1114 comm="syz.1.159" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 74.139434][ T1094] loop3: detected capacity change from 0 to 512 [ 74.157622][ T30] audit: type=1400 audit(1723490095.459:244): avc: denied { ioctl } for pid=1114 comm="syz.1.159" path="socket:[19471]" dev="sockfs" ino=19471 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 74.741136][ T1124] syz.0.158[1124] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 74.741213][ T1124] syz.0.158[1124] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 74.764644][ T30] audit: type=1400 audit(1723490095.459:245): avc: denied { write } for pid=1114 comm="syz.1.159" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 74.817349][ T1094] EXT4-fs (loop3): 1 orphan inode deleted [ 74.823132][ T1094] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 74.833989][ T1094] ext4 filesystem being mounted at /16/file1 supports timestamps until 2038 (0x7fffffff) [ 74.896480][ T318] usb 4-1: USB disconnect, device number 7 [ 74.916781][ T1096] netlink: 12 bytes leftover after parsing attributes in process `syz.2.157'. [ 74.951605][ T319] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 74.953646][ T1110] loop4: detected capacity change from 0 to 40427 [ 74.960808][ T319] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 75.082051][ T312] usbhid 3-1:0.0: can't add hid device: -71 [ 75.108361][ T312] usbhid: probe of 3-1:0.0 failed with error -71 [ 75.189406][ T312] usb 3-1: USB disconnect, device number 12 [ 75.225330][ T299] usb 5-1: USB disconnect, device number 9 [ 75.356659][ T1136] loop4: detected capacity change from 0 to 2048 [ 75.403435][ T1136] EXT4-fs (loop4): Mount option "noacl" will be removed by 3.5 [ 75.403435][ T1136] Contact linux-ext4@vger.kernel.org if you think we should keep it. [ 75.403435][ T1136] [ 75.424069][ T1136] EXT4-fs (loop4): Unrecognized mount option "smackfstransmute=-]]%.{-#/[" or missing value [ 75.430245][ T652] EXT4-fs error (device loop3): ext4_readdir:260: inode #11: block 4: comm syz-executor: path /16/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=7947, rec_len=12, size=4096 fake=1 [ 75.456901][ T652] EXT4-fs error (device loop3): ext4_empty_dir:3099: inode #11: block 4: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=7947, rec_len=12, size=4096 fake=1 [ 75.477074][ T652] EXT4-fs warning (device loop3): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.' [ 75.489457][ T652] EXT4-fs error (device loop3): ext4_readdir:260: inode #11: block 4: comm syz-executor: path /16/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=7947, rec_len=12, size=4096 fake=1 [ 75.537352][ T652] EXT4-fs error (device loop3): ext4_empty_dir:3099: inode #11: block 4: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=7947, rec_len=12, size=4096 fake=1 [ 75.556561][ T652] EXT4-fs warning (device loop3): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.' [ 75.597239][ T652] EXT4-fs error (device loop3): ext4_readdir:260: inode #11: block 4: comm syz-executor: path /16/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=7947, rec_len=12, size=4096 fake=1 [ 75.618358][ T652] EXT4-fs error (device loop3): ext4_empty_dir:3099: inode #11: block 4: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=7947, rec_len=12, size=4096 fake=1 [ 75.637076][ T652] EXT4-fs warning (device loop3): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.' [ 75.648656][ T652] EXT4-fs error (device loop3): ext4_readdir:260: inode #11: block 4: comm syz-executor: path /16/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=7947, rec_len=12, size=4096 fake=1 [ 75.669480][ T652] EXT4-fs error (device loop3): ext4_empty_dir:3099: inode #11: block 4: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=7947, rec_len=12, size=4096 fake=1 [ 75.688126][ T652] EXT4-fs warning (device loop3): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.' [ 75.699568][ T652] EXT4-fs error (device loop3): ext4_readdir:260: inode #11: block 4: comm syz-executor: path /16/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=7947, rec_len=12, size=4096 fake=1 [ 75.720759][ T652] EXT4-fs error (device loop3): ext4_empty_dir:3099: inode #11: block 4: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=7947, rec_len=12, size=4096 fake=1 [ 75.751310][ T652] EXT4-fs warning (device loop3): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.' [ 75.764238][ T652] EXT4-fs warning (device loop3): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.' [ 75.786873][ T652] EXT4-fs warning (device loop3): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.' [ 75.802946][ T1140] loop2: detected capacity change from 0 to 40427 [ 75.812319][ T1136] loop7: detected capacity change from 0 to 16384 [ 75.820691][ T652] EXT4-fs warning (device loop3): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.' [ 75.838427][ T652] EXT4-fs warning (device loop3): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.' [ 75.854813][ T1140] F2FS-fs (loop2): Invalid SB checksum offset: 0 [ 75.866384][ T1142] loop1: detected capacity change from 0 to 512 [ 75.870812][ T652] EXT4-fs warning (device loop3): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.' [ 75.875108][ T1140] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock [ 75.918091][ T1140] F2FS-fs (loop2): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 75.947014][ T1140] F2FS-fs (loop2): Try to recover 2th superblock, ret: 0 [ 75.954045][ T1140] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 75.954125][ T1143] loop_set_block_size: loop7 () has still dirty pages (nrpages=544) [ 75.972313][ T1136] blk_update_request: I/O error, dev loop7, sector 7688 op 0x0:(READ) flags 0x80700 phys_seg 31 prio class 0 [ 75.985451][ T1142] EXT4-fs (loop1): Test dummy encryption mode enabled [ 75.992140][ T1142] EXT4-fs (loop1): error: journal path ./file0 is not a block device [ 76.012201][ T1136] blk_update_request: I/O error, dev loop7, sector 7560 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 76.027216][ T30] audit: type=1400 audit(1723490097.439:246): avc: denied { write } for pid=1139 comm="syz.2.164" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 76.050069][ T1140] netlink: 12 bytes leftover after parsing attributes in process `syz.2.164'. [ 76.061637][ T1140] netlink: 8 bytes leftover after parsing attributes in process `syz.2.164'. [ 76.076758][ T1140] attempt to access beyond end of device [ 76.076758][ T1140] loop2: rw=10241, want=53256, limit=40427 [ 76.095290][ T30] audit: type=1400 audit(1723490097.469:247): avc: denied { create } for pid=1133 comm="syz.4.162" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 76.118756][ T1140] attempt to access beyond end of device [ 76.118756][ T1140] loop2: rw=2049, want=53264, limit=40427 [ 76.133285][ T1140] attempt to access beyond end of device [ 76.133285][ T1140] loop2: rw=2049, want=53328, limit=40427 [ 76.163664][ T293] attempt to access beyond end of device [ 76.163664][ T293] loop2: rw=2049, want=45104, limit=40427 [ 76.271428][ T1162] Unsupported ieee802154 address type: 0 [ 76.381164][ T1169] FAULT_INJECTION: forcing a failure. [ 76.381164][ T1169] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 76.605000][ T1169] CPU: 0 PID: 1169 Comm: syz.2.171 Not tainted 5.15.152-syzkaller-00143-g70e1a731d986 #0 [ 76.614639][ T1169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 76.624542][ T1169] Call Trace: [ 76.627654][ T1169] [ 76.630432][ T1169] dump_stack_lvl+0x151/0x1b7 [ 76.633450][ T1164] loop0: detected capacity change from 0 to 512 [ 76.634943][ T1169] ? io_uring_drop_tctx_refs+0x190/0x190 [ 76.634969][ T1169] dump_stack+0x15/0x17 [ 76.650478][ T1169] should_fail+0x3c6/0x510 [ 76.654730][ T1169] should_fail_usercopy+0x1a/0x20 [ 76.659594][ T1169] strncpy_from_user+0x24/0x2d0 [ 76.664277][ T1169] bpf_prog_load+0x185/0x1b50 [ 76.668792][ T1169] ? map_freeze+0x370/0x370 [ 76.673132][ T1169] ? selinux_bpf+0xcb/0x100 [ 76.677469][ T1169] ? security_bpf+0x82/0xb0 [ 76.681815][ T1169] __sys_bpf+0x4bc/0x760 [ 76.685891][ T1169] ? bpf_link_show_fdinfo+0x2d0/0x2d0 [ 76.691271][ T1169] ? irqentry_exit_cond_resched+0x2a/0x30 [ 76.696828][ T1169] __x64_sys_bpf+0x7c/0x90 [ 76.701080][ T1169] do_syscall_64+0x3d/0xb0 [ 76.705330][ T1169] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 76.711072][ T1169] RIP: 0033:0x7f38828dc9f9 [ 76.715313][ T1169] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 76.735023][ T1169] RSP: 002b:00007f388155a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 76.743257][ T1169] RAX: ffffffffffffffda RBX: 00007f3882a78f80 RCX: 00007f38828dc9f9 [ 76.751069][ T1169] RDX: 0000000000000090 RSI: 00000000200000c0 RDI: 0000000000000005 [ 76.758881][ T1169] RBP: 00007f388155a090 R08: 0000000000000000 R09: 0000000000000000 [ 76.766693][ T1169] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 76.774505][ T1169] R13: 0000000000000000 R14: 00007f3882a78f80 R15: 00007ffcb9720b28 [ 76.782323][ T1169] [ 76.798975][ T1159] bridge0: port 1(bridge_slave_0) entered blocking state [ 76.805903][ T1159] bridge0: port 1(bridge_slave_0) entered disabled state [ 76.813132][ T1159] device bridge_slave_0 entered promiscuous mode [ 76.820710][ T1159] bridge0: port 2(bridge_slave_1) entered blocking state [ 76.827531][ T1159] bridge0: port 2(bridge_slave_1) entered disabled state [ 76.835864][ T1159] device bridge_slave_1 entered promiscuous mode [ 76.879384][ T1164] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option [ 76.886648][ T1164] EXT4-fs (loop0): journaled quota format not specified [ 76.887088][ T1159] bridge0: port 2(bridge_slave_1) entered blocking state [ 76.900167][ T1159] bridge0: port 2(bridge_slave_1) entered forwarding state [ 76.907225][ T1159] bridge0: port 1(bridge_slave_0) entered blocking state [ 76.914057][ T1159] bridge0: port 1(bridge_slave_0) entered forwarding state [ 76.932114][ T508] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 76.939608][ T508] bridge0: port 1(bridge_slave_0) entered disabled state [ 76.946744][ T508] bridge0: port 2(bridge_slave_1) entered disabled state [ 76.968534][ T523] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 76.976632][ T523] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 76.985399][ T523] bridge0: port 1(bridge_slave_0) entered blocking state [ 76.992254][ T523] bridge0: port 1(bridge_slave_0) entered forwarding state [ 77.000515][ T523] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 77.008862][ T523] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 77.017190][ T523] bridge0: port 2(bridge_slave_1) entered blocking state [ 77.024058][ T523] bridge0: port 2(bridge_slave_1) entered forwarding state [ 77.031571][ T523] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 77.039481][ T523] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 77.047268][ T523] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 77.055568][ T523] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 77.063627][ T523] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 77.071945][ T523] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 77.082322][ T1159] device veth0_vlan entered promiscuous mode [ 77.088828][ T319] device bridge_slave_1 left promiscuous mode [ 77.094748][ T319] bridge0: port 2(bridge_slave_1) entered disabled state [ 77.101947][ T319] device bridge_slave_0 left promiscuous mode [ 77.108550][ T319] bridge0: port 1(bridge_slave_0) entered disabled state [ 77.116753][ T319] device veth1_macvtap left promiscuous mode [ 77.122959][ T318] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 77.126217][ T319] device veth0_vlan left promiscuous mode [ 77.277107][ T508] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 77.319752][ T508] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 77.329535][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 77.336910][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 77.350663][ T1159] device veth1_macvtap entered promiscuous mode [ 77.360240][ T523] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 77.368187][ T523] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 77.376109][ T523] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 77.387651][ T26] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 77.395484][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 77.404063][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 77.412487][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 77.420640][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 77.477711][ T508] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 77.498667][ T1185] loop1: detected capacity change from 0 to 40427 [ 77.532971][ T1185] F2FS-fs (loop1): invalid crc value [ 77.588796][ T1189] loop3: detected capacity change from 0 to 512 [ 77.639809][ T1189] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 77.651038][ T1189] ext4 filesystem being mounted at /0/file0 supports timestamps until 2038 (0x7fffffff) [ 77.767301][ T1185] F2FS-fs (loop1): Found nat_bits in checkpoint [ 77.789441][ T1185] F2FS-fs (loop1): Cannot turn on quotas: -2 on 1 [ 77.796046][ T1185] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 77.842557][ T318] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 77.853898][ T318] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 77.866627][ T318] usb 3-1: New USB device found, idVendor=0eef, idProduct=72d0, bcdDevice= 0.00 [ 77.875448][ T318] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 77.885433][ T318] usb 3-1: config 0 descriptor?? [ 77.906174][ T30] kauditd_printk_skb: 2 callbacks suppressed [ 77.906185][ T30] audit: type=1400 audit(1723490099.309:250): avc: denied { map } for pid=1184 comm="syz.1.177" path="/17/file1/file0/blkio.bfq.group_wait_time" dev="loop1" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 77.936549][ T26] usb 1-1: device descriptor read/64, error -71 [ 77.943286][ T318] usbhid 3-1:0.0: couldn't find an input interrupt endpoint [ 77.943856][ T30] audit: type=1400 audit(1723490099.349:251): avc: denied { read } for pid=1184 comm="syz.1.177" name="loop-control" dev="devtmpfs" ino=111 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 77.975682][ T30] audit: type=1400 audit(1723490099.349:252): avc: denied { open } for pid=1184 comm="syz.1.177" path="/dev/loop-control" dev="devtmpfs" ino=111 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 78.000269][ T30] audit: type=1400 audit(1723490099.349:253): avc: denied { ioctl } for pid=1184 comm="syz.1.177" path="/dev/loop-control" dev="devtmpfs" ino=111 ioctlcmd=0x4c80 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 78.001060][ T508] usb 5-1: Using ep0 maxpacket: 32 [ 78.176026][ T508] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 78.186965][ T508] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 78.199106][ T1175] loop2: detected capacity change from 0 to 512 [ 78.222861][ T508] usb 5-1: New USB device found, idVendor=0461, idProduct=4e72, bcdDevice= 0.00 [ 78.223308][ T854] attempt to access beyond end of device [ 78.223308][ T854] loop1: rw=524288, want=45072, limit=40427 [ 78.231828][ T508] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 78.243596][ T854] attempt to access beyond end of device [ 78.243596][ T854] loop1: rw=0, want=45072, limit=40427 [ 78.251392][ T508] usb 5-1: config 0 descriptor?? [ 78.309600][ T1175] EXT4-fs (loop2): 1 orphan inode deleted [ 78.315161][ T1175] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 78.326086][ T1175] ext4 filesystem being mounted at /30/file1 supports timestamps until 2038 (0x7fffffff) [ 78.336078][ T26] usb 1-1: device descriptor read/64, error -71 [ 78.338245][ T854] attempt to access beyond end of device [ 78.338245][ T854] loop1: rw=2049, want=45104, limit=40427 [ 78.355818][ T299] usb 3-1: USB disconnect, device number 13 [ 78.392668][ T1202] loop3: detected capacity change from 0 to 2048 [ 78.458268][ T1202] EXT4-fs (loop3): Mount option "noacl" will be removed by 3.5 [ 78.458268][ T1202] Contact linux-ext4@vger.kernel.org if you think we should keep it. [ 78.458268][ T1202] [ 78.476215][ T1202] EXT4-fs (loop3): Unrecognized mount option "smackfstransmute=-]]%.{-#/[" or missing value [ 78.546454][ T1204] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.553390][ T1204] bridge0: port 1(bridge_slave_0) entered disabled state [ 78.560751][ T1204] device bridge_slave_0 entered promiscuous mode [ 78.567759][ T1204] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.574683][ T1204] bridge0: port 2(bridge_slave_1) entered disabled state [ 78.584013][ T1204] device bridge_slave_1 entered promiscuous mode [ 78.585614][ T1202] loop7: detected capacity change from 0 to 16384 [ 78.608010][ T26] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 78.662398][ T1204] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.669285][ T1204] bridge0: port 2(bridge_slave_1) entered forwarding state [ 78.676360][ T1204] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.683171][ T1204] bridge0: port 1(bridge_slave_0) entered forwarding state [ 78.713610][ T523] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 78.721794][ T523] bridge0: port 1(bridge_slave_0) entered disabled state [ 78.729027][ T523] bridge0: port 2(bridge_slave_1) entered disabled state [ 78.749116][ T299] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 78.757181][ T299] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.764037][ T299] bridge0: port 1(bridge_slave_0) entered forwarding state [ 78.771217][ T299] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 78.779239][ T299] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.786055][ T299] bridge0: port 2(bridge_slave_1) entered forwarding state [ 78.798974][ T299] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 78.806848][ T299] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 78.825755][ T1204] device veth0_vlan entered promiscuous mode [ 78.833548][ T318] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 78.889047][ T1208] loop_set_block_size: loop7 () has still dirty pages (nrpages=544) [ 78.905419][ T26] usb 1-1: device descriptor read/64, error -71 [ 78.906108][ T293] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 4: comm syz-executor: path /30/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=7947, rec_len=12, size=4096 fake=1 [ 78.911859][ T318] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 78.940091][ T318] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 78.942089][ T293] EXT4-fs error (device loop2): ext4_empty_dir:3099: inode #11: block 4: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=7947, rec_len=12, size=4096 fake=1 [ 78.947330][ T318] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 78.972531][ T508] usbhid 5-1:0.0: can't add hid device: -71 [ 78.976264][ T293] EXT4-fs warning (device loop2): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.' [ 78.979731][ T508] usbhid: probe of 5-1:0.0 failed with error -71 [ 79.016214][ T508] usb 5-1: USB disconnect, device number 10 [ 79.241639][ T293] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 4: comm syz-executor: path /30/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=7947, rec_len=12, size=4096 fake=1 [ 79.264201][ T293] EXT4-fs error (device loop2): ext4_empty_dir:3099: inode #11: block 4: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=7947, rec_len=12, size=4096 fake=1 [ 79.274760][ T1204] device veth1_macvtap entered promiscuous mode [ 79.296847][ T293] EXT4-fs warning (device loop2): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.' [ 79.311175][ T318] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 79.311954][ T293] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 4: comm syz-executor: path /30/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=7947, rec_len=12, size=4096 fake=1 [ 79.319184][ T318] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 79.340199][ T293] EXT4-fs error (device loop2): ext4_empty_dir:3099: inode #11: block 4: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=7947, rec_len=12, size=4096 fake=1 [ 79.347857][ T318] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 79.366326][ T293] EXT4-fs warning (device loop2): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.' [ 79.387148][ T293] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 4: comm syz-executor: path /30/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=7947, rec_len=12, size=4096 fake=1 [ 79.401922][ T30] audit: type=1400 audit(1723490100.809:254): avc: denied { bind } for pid=1224 comm="syz.3.185" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 79.417797][ T293] EXT4-fs error (device loop2): ext4_empty_dir:3099: inode #11: block 4: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=7947, rec_len=12, size=4096 fake=1 [ 79.446085][ T293] EXT4-fs warning (device loop2): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.' [ 79.457937][ T293] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 4: comm syz-executor: path /30/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=7947, rec_len=12, size=4096 fake=1 [ 79.481777][ T318] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 79.488152][ T293] EXT4-fs error (device loop2): ext4_empty_dir:3099: inode #11: block 4: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=7947, rec_len=12, size=4096 fake=1 [ 79.489859][ T318] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 79.508395][ T293] EXT4-fs warning (device loop2): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.' [ 79.516034][ T318] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 79.527619][ T293] EXT4-fs warning (device loop2): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.' [ 79.535538][ T318] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 79.554302][ T26] usb 1-1: device descriptor read/64, error -71 [ 79.606404][ T30] audit: type=1400 audit(1723490101.009:255): avc: denied { write } for pid=1224 comm="syz.3.185" path="socket:[19147]" dev="sockfs" ino=19147 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 79.760052][ T1229] loop1: detected capacity change from 0 to 2048 [ 79.768010][ T293] EXT4-fs warning (device loop2): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.' [ 79.779908][ T26] usb usb1-port1: attempt power cycle [ 79.780576][ T422] device bridge_slave_1 left promiscuous mode [ 79.795137][ T293] EXT4-fs warning (device loop2): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.' [ 79.798643][ T422] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.808281][ T293] EXT4-fs warning (device loop2): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.' [ 79.836235][ T293] EXT4-fs warning (device loop2): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.' [ 79.852222][ T422] device bridge_slave_0 left promiscuous mode [ 79.858655][ T422] bridge0: port 1(bridge_slave_0) entered disabled state [ 79.869422][ T422] device veth1_macvtap left promiscuous mode [ 79.875448][ T422] device veth0_vlan left promiscuous mode [ 79.880567][ T1229] EXT4-fs error (device loop1): ext4_orphan_get:1423: comm syz.1.181: bad orphan inode 8192 [ 79.891257][ T1229] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 80.320458][ T30] audit: type=1400 audit(1723490101.729:256): avc: denied { read } for pid=1160 comm="syz.0.172" path="socket:[18827]" dev="sockfs" ino=18827 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 80.401272][ T30] audit: type=1400 audit(1723490101.779:257): avc: denied { map } for pid=1160 comm="syz.0.172" path="socket:[19938]" dev="sockfs" ino=19938 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 80.599172][ T26] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 80.606748][ T30] audit: type=1400 audit(1723490101.779:258): avc: denied { read } for pid=1160 comm="syz.0.172" path="socket:[19938]" dev="sockfs" ino=19938 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 80.635630][ T434] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 80.779991][ T1250] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.786918][ T1250] bridge0: port 1(bridge_slave_0) entered disabled state [ 80.794218][ T1250] device bridge_slave_0 entered promiscuous mode [ 80.801250][ T1250] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.808334][ T1250] bridge0: port 2(bridge_slave_1) entered disabled state [ 80.815528][ T1250] device bridge_slave_1 entered promiscuous mode [ 80.884428][ T26] usb 1-1: device descriptor read/8, error -71 [ 81.007955][ T434] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 81.067329][ T434] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 81.091111][ T434] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 81.100288][ T434] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 81.109570][ T434] usb 4-1: config 0 descriptor?? [ 81.140397][ T1250] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.147273][ T1250] bridge0: port 2(bridge_slave_1) entered forwarding state [ 81.154389][ T1250] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.161157][ T1250] bridge0: port 1(bridge_slave_0) entered forwarding state [ 81.169186][ T26] usb 1-1: device descriptor read/8, error -71 [ 81.173644][ T1256] loop4: detected capacity change from 0 to 40427 [ 81.184900][ T1256] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 81.193964][ T1256] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 81.203496][ T1256] F2FS-fs (loop4): invalid crc value [ 81.206357][ T523] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 81.210950][ T1256] F2FS-fs (loop4): Found nat_bits in checkpoint [ 81.226304][ T523] bridge0: port 1(bridge_slave_0) entered disabled state [ 81.234110][ T523] bridge0: port 2(bridge_slave_1) entered disabled state [ 81.245049][ T1256] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 81.252057][ T1256] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 81.301405][ T318] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 81.309405][ T318] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.316233][ T318] bridge0: port 1(bridge_slave_0) entered forwarding state [ 81.323424][ T318] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 81.331348][ T318] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.338180][ T318] bridge0: port 2(bridge_slave_1) entered forwarding state [ 81.353064][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 81.404689][ T1264] syz.4.193[1264] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 81.404981][ T1264] syz.4.193[1264] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 81.447682][ T26] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 81.556519][ T508] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 81.565057][ T8] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 81.574735][ T8] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 81.630441][ T434] hid (null): bogus close delimiter [ 81.652084][ T299] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 81.660253][ T299] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 81.676902][ T1250] device veth0_vlan entered promiscuous mode [ 81.684221][ T508] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 81.692279][ T508] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 81.725661][ T508] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 81.735314][ T508] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 81.744584][ T508] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 81.780111][ T26] usb 1-1: device descriptor read/8, error -71 [ 81.789610][ T508] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 81.821873][ T1250] device veth1_macvtap entered promiscuous mode [ 81.850256][ T508] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 81.859864][ T508] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 81.895243][ T508] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 81.906922][ T508] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 81.915521][ T434] usb 4-1: language id specifier not provided by device, defaulting to English [ 81.924499][ T508] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 82.057669][ T26] usb 1-1: device descriptor read/8, error -71 [ 82.080334][ T422] device bridge_slave_1 left promiscuous mode [ 82.086658][ T422] bridge0: port 2(bridge_slave_1) entered disabled state [ 82.162099][ T1275] loop2: detected capacity change from 0 to 1024 [ 82.170795][ T422] device bridge_slave_0 left promiscuous mode [ 82.177068][ T422] bridge0: port 1(bridge_slave_0) entered disabled state [ 82.184942][ T26] usb usb1-port1: unable to enumerate USB device [ 82.222280][ T422] device veth1_macvtap left promiscuous mode [ 82.228399][ T422] device veth0_vlan left promiscuous mode [ 82.229720][ T1275] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 82.287630][ T312] usb 5-1: new full-speed USB device number 11 using dummy_hcd [ 82.429638][ T1240] futex_wake_op: syz.3.188 tries to shift op by 36; fix this program [ 82.441892][ T30] audit: type=1400 audit(1723490103.849:259): avc: denied { read } for pid=1239 comm="syz.3.188" name="binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 82.503293][ T434] uclogic 0003:256C:006D.0010: failed retrieving string descriptor #200: -71 [ 82.511985][ T434] uclogic 0003:256C:006D.0010: failed retrieving pen parameters: -71 [ 82.519986][ T434] uclogic 0003:256C:006D.0010: failed probing pen v2 parameters: -71 [ 82.529499][ T1281] loop1: detected capacity change from 0 to 512 [ 82.535602][ T434] uclogic 0003:256C:006D.0010: failed probing parameters: -71 [ 82.542891][ T434] uclogic: probe of 0003:256C:006D.0010 failed with error -71 [ 82.551095][ T434] usb 4-1: USB disconnect, device number 8 [ 82.571942][ T1281] EXT4-fs (loop1): Test dummy encryption mode enabled [ 82.578738][ T1281] EXT4-fs (loop1): error: journal path ./file0 is not a block device [ 82.680004][ T1283] syz.1.197[1283] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 82.680046][ T1283] syz.1.197[1283] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 82.698091][ T312] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 82.720538][ T312] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64 [ 82.731486][ T312] usb 5-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 8 [ 82.744412][ T312] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 512, setting to 64 [ 82.755089][ T312] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 512, setting to 64 [ 82.958310][ T312] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 82.967255][ T312] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 82.987722][ T312] usb 5-1: Product: syz [ 82.991706][ T312] usb 5-1: Manufacturer: syz [ 82.996131][ T312] usb 5-1: SerialNumber: syz [ 83.037685][ T1271] raw-gadget.2 gadget: fail, usb_ep_enable returned -22 [ 83.053586][ T30] kauditd_printk_skb: 8 callbacks suppressed [ 83.053597][ T30] audit: type=1326 audit(1723490104.459:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1287 comm="syz.3.200" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1829c549f9 code=0x0 [ 83.288809][ T1271] raw-gadget.2 gadget: fail, usb_ep_enable returned -22 [ 83.330387][ T1271] raw-gadget.2 gadget: fail, usb_ep_enable returned -22 [ 83.405188][ T30] audit: type=1400 audit(1723490104.809:269): avc: denied { name_bind } for pid=1298 comm="syz.3.201" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1 [ 83.468402][ T1301] FAULT_INJECTION: forcing a failure. [ 83.468402][ T1301] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 83.481477][ T1301] CPU: 0 PID: 1301 Comm: syz.3.202 Not tainted 5.15.152-syzkaller-00143-g70e1a731d986 #0 [ 83.491177][ T1301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 83.501072][ T1301] Call Trace: [ 83.504194][ T1301] [ 83.506971][ T1301] dump_stack_lvl+0x151/0x1b7 [ 83.511487][ T1301] ? io_uring_drop_tctx_refs+0x190/0x190 [ 83.517170][ T1301] ? __alloc_pages+0x27e/0x8f0 [ 83.521755][ T1301] dump_stack+0x15/0x17 [ 83.525746][ T1301] should_fail+0x3c6/0x510 [ 83.529990][ T1301] should_fail_usercopy+0x1a/0x20 [ 83.534848][ T1301] copy_page_from_iter+0x2eb/0x640 [ 83.539885][ T1301] tun_get_user+0x76e/0x3aa0 [ 83.544316][ T1301] ? tun_do_read+0x1ef0/0x1ef0 [ 83.548911][ T1301] ? kstrtouint_from_user+0x20a/0x2a0 [ 83.554120][ T1301] ? kstrtol_from_user+0x310/0x310 [ 83.559066][ T1301] ? bpf_trace_run3+0x123/0x250 [ 83.563754][ T1301] ? avc_policy_seqno+0x1b/0x70 [ 83.568438][ T1301] ? selinux_file_permission+0x2c4/0x570 [ 83.573906][ T1301] tun_chr_write_iter+0x1e1/0x2e0 [ 83.578771][ T1301] vfs_write+0xd5d/0x1110 [ 83.582933][ T1301] ? kmem_cache_free+0x2c3/0x2e0 [ 83.587713][ T1301] ? file_end_write+0x1c0/0x1c0 [ 83.592399][ T1301] ? __fdget_pos+0x209/0x3a0 [ 83.596819][ T1301] ? ksys_write+0x77/0x2c0 [ 83.601072][ T1301] ksys_write+0x199/0x2c0 [ 83.605238][ T1301] ? __ia32_sys_read+0x90/0x90 [ 83.609838][ T1301] ? debug_smp_processor_id+0x17/0x20 [ 83.615047][ T1301] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 83.620947][ T1301] __x64_sys_write+0x7b/0x90 [ 83.625377][ T1301] do_syscall_64+0x3d/0xb0 [ 83.629626][ T1301] ? sysvec_apic_timer_interrupt+0x55/0xc0 [ 83.635267][ T1301] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 83.640995][ T1301] RIP: 0033:0x7f1829c534df [ 83.645257][ T1301] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8d 02 00 48 [ 83.664692][ T1301] RSP: 002b:00007f18288d2000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 83.672935][ T1301] RAX: ffffffffffffffda RBX: 00007f1829df0f80 RCX: 00007f1829c534df [ 83.680747][ T1301] RDX: 0000000000000086 RSI: 00000000200000c0 RDI: 00000000000000c8 [ 83.688558][ T1301] RBP: 00007f18288d2090 R08: 0000000000000000 R09: 0000000000000000 [ 83.696368][ T1301] R10: 0000000000000086 R11: 0000000000000293 R12: 0000000000000001 [ 83.704184][ T1301] R13: 0000000000000000 R14: 00007f1829df0f80 R15: 00007ffe4ef5e9b8 [ 83.711997][ T1301] [ 84.329798][ T1312] loop1: detected capacity change from 0 to 256 [ 84.387973][ T1271] raw-gadget.2 gadget: fail, usb_ep_enable returned -22 [ 84.394759][ T1271] raw-gadget.2 gadget: fail, usb_ep_enable returned -22 [ 84.447684][ T523] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 84.618363][ T1271] loop4: detected capacity change from 0 to 16 [ 84.668606][ T1271] erofs: (device loop4): mounted with root inode @ nid 36. [ 84.676877][ T1271] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -1027 in[4096, 0] out[4096] [ 84.691793][ T508] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 84.702380][ T30] audit: type=1400 audit(1723490106.109:270): avc: denied { rename } for pid=82 comm="syslogd" name="messages" dev="tmpfs" ino=6 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 84.724394][ T30] audit: type=1400 audit(1723490106.109:271): avc: denied { unlink } for pid=82 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 84.746508][ T30] audit: type=1400 audit(1723490106.109:272): avc: denied { create } for pid=82 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 84.767789][ T30] audit: type=1400 audit(1723490106.179:273): avc: denied { bind } for pid=1270 comm="syz.4.194" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 84.786929][ T30] audit: type=1400 audit(1723490106.179:274): avc: denied { connect } for pid=1270 comm="syz.4.194" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 84.787724][ T312] cdc_ncm 5-1:1.0: MAC-Address: 42:42:42:42:42:42 [ 84.812979][ T312] cdc_ncm 5-1:1.0: dwNtbInMaxSize=3 is too small. Using 2048 [ 84.820237][ T523] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 84.830857][ T312] cdc_ncm 5-1:1.0: setting rx_max = 2048 [ 84.836328][ T523] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 84.845857][ T523] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 84.858543][ T523] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 84.867361][ T523] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 84.875911][ T523] usb 3-1: config 0 descriptor?? [ 84.880703][ T20] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 84.947735][ T508] usb 2-1: Using ep0 maxpacket: 8 [ 85.007638][ T30] audit: type=1400 audit(1723490106.409:275): avc: denied { getopt } for pid=1270 comm="syz.4.194" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 85.038760][ T312] cdc_ncm 5-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.4-1, CDC NCM, 42:42:42:42:42:42 [ 85.053544][ T312] usb 5-1: USB disconnect, device number 11 [ 85.059901][ T312] cdc_ncm 5-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.4-1, CDC NCM [ 85.060995][ T30] audit: type=1400 audit(1723490106.459:276): avc: denied { read } for pid=138 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1 [ 85.088992][ T508] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 13 [ 85.287668][ T508] usb 2-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58 [ 85.296544][ T508] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 85.304362][ T508] usb 2-1: Product: syz [ 85.308339][ T508] usb 2-1: Manufacturer: syz [ 85.312752][ T508] usb 2-1: SerialNumber: syz [ 85.317653][ T508] usb 2-1: config 0 descriptor?? [ 85.368489][ T523] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0 [ 85.376385][ T523] plantronics 0003:047F:FFFF.0011: No inputs registered, leaving [ 85.386204][ T523] plantronics 0003:047F:FFFF.0011: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 85.417692][ T20] usb 4-1: New USB device found, idVendor=3923, idProduct=718a, bcdDevice=ba.c5 [ 85.426535][ T20] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 85.434553][ T20] usb 4-1: Product: syz [ 85.438538][ T20] usb 4-1: Manufacturer: syz [ 85.442941][ T20] usb 4-1: SerialNumber: syz [ 85.448084][ T20] usb 4-1: config 0 descriptor?? [ 85.573731][ T60] usb 3-1: USB disconnect, device number 14 [ 85.688800][ T508] usb 4-1: USB disconnect, device number 9 [ 85.746609][ T1360] process 'syz.4.214' launched './file0' with NULL argv: empty string added [ 85.921092][ T30] audit: type=1400 audit(1723490107.329:277): avc: denied { write } for pid=1314 comm="syz.1.207" name="event2" dev="devtmpfs" ino=178 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 86.197698][ C0] TCP: request_sock_TCP: Possible SYN flooding on port 2. Sending cookies. Check SNMP counters. [ 86.365160][ T1380] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.373082][ T1380] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.380374][ T1380] device bridge_slave_0 entered promiscuous mode [ 86.386987][ T1380] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.393935][ T1380] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.401090][ T1380] device bridge_slave_1 entered promiscuous mode [ 86.450928][ T1380] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.457785][ T1380] bridge0: port 2(bridge_slave_1) entered forwarding state [ 86.464880][ T1380] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.471705][ T1380] bridge0: port 1(bridge_slave_0) entered forwarding state [ 86.506534][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 86.514549][ T60] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.521711][ T60] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.544046][ T508] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 86.552924][ T508] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.559960][ T508] bridge0: port 1(bridge_slave_0) entered forwarding state [ 86.567176][ T508] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 86.575754][ T508] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.582621][ T508] bridge0: port 2(bridge_slave_1) entered forwarding state [ 86.603674][ T508] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 86.611667][ T508] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 86.635774][ T434] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 86.648003][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 86.655960][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 86.663332][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 86.670764][ T1380] device veth0_vlan entered promiscuous mode [ 86.687917][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 86.700194][ T1380] device veth1_macvtap entered promiscuous mode [ 86.715373][ T508] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 86.723774][ T508] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 86.948485][ T8] device bridge_slave_1 left promiscuous mode [ 86.954478][ T8] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.961773][ T8] device bridge_slave_0 left promiscuous mode [ 86.968145][ T8] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.976000][ T8] device veth1_macvtap left promiscuous mode [ 86.981880][ T8] device veth0_vlan left promiscuous mode [ 87.346835][ T1427] loop2: detected capacity change from 0 to 2048 [ 87.388601][ T1427] EXT4-fs (loop2): failed to initialize system zone (-117) [ 87.395902][ T1427] EXT4-fs (loop2): mount failed [ 87.410020][ T508] usb 2-1: USB disconnect, device number 9 [ 87.425668][ C0] TCP: request_sock_TCP: Possible SYN flooding on port 2. Sending cookies. Check SNMP counters. [ 87.453653][ T1427] loop2: detected capacity change from 0 to 512 [ 87.497282][ T1427] EXT4-fs (loop2): Quota format mount options ignored when QUOTA feature is enabled [ 87.535170][ T1427] [EXT4 FS bs=4096, gc=1, bpg=71, ipg=32, mo=a842c09c, mo2=0000] [ 87.543314][ T1427] System zones: 0-2, 18-18, 34-34 [ 87.557584][ T1427] EXT4-fs (loop2): 1 orphan inode deleted [ 87.563264][ T1427] EXT4-fs (loop2): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000001,stripe=0x0000000000000000,nolazytime,noquota,jqfmt=vfsold,minixdf,nodiscard,grpid,debug,,errors=continue. Quota mode: writeback. [ 87.585043][ T1427] ext4 filesystem being mounted at /9/file1 supports timestamps until 2038 (0x7fffffff) [ 87.675292][ T1450] loop2: detected capacity change from 0 to 128 [ 87.763839][ T1464] loop1: detected capacity change from 0 to 128 [ 87.821985][ T1464] overlayfs: missing 'lowerdir' [ 87.836552][ T1469] syz.0.255[1469] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 87.836632][ T1469] syz.0.255[1469] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 87.911433][ T1471] Zero length message leads to an empty skb [ 88.119246][ T30] kauditd_printk_skb: 13 callbacks suppressed [ 88.119260][ T30] audit: type=1400 audit(1723490109.529:291): avc: denied { audit_write } for pid=1475 comm="syz.0.257" capability=29 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 88.136928][ T1473] loop4: detected capacity change from 0 to 2048 [ 88.149067][ T30] audit: type=1107 audit(1723490109.529:292): pid=1475 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='' [ 88.172047][ T1473] EXT4-fs (loop4): Ignoring removed mblk_io_submit option [ 88.179657][ T30] audit: type=1400 audit(1723490109.579:293): avc: denied { ioctl } for pid=1480 comm="syz.3.259" path="/dev/uinput" dev="devtmpfs" ino=166 ioctlcmd=0x5504 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 88.205848][ T1481] ------------[ cut here ]------------ [ 88.207344][ T1473] EXT4-fs (loop4): mounted filesystem without journal. Opts: nombcache,journal_ioprio=0x0000000000000005,errors=remount-ro,norecovery,max_batch_time=0x0000000000000005,mblk_io_submit,nobarrier,barrier=0x0000000000000003,grpjquota=,bsddf,. Quota mode: none. [ 88.211314][ T1481] WARNING: CPU: 0 PID: 1481 at mm/page_alloc.c:5752 __alloc_pages+0x770/0x8f0 [ 88.244575][ T1481] Modules linked in: [ 88.248461][ T1481] CPU: 0 PID: 1481 Comm: syz.3.259 Not tainted 5.15.152-syzkaller-00143-g70e1a731d986 #0 [ 88.258289][ T1481] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 88.260445][ T30] audit: type=1400 audit(1723490109.669:294): avc: denied { create } for pid=1466 comm="syz.4.254" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 88.268250][ T1481] RIP: 0010:__alloc_pages+0x770/0x8f0 [ 88.292582][ T1481] Code: df e9 aa fb ff ff 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c ba fb ff ff e8 5f 11 05 00 48 ba 00 00 00 00 00 fc ff df e9 a6 fb ff ff <0f> 0b 45 31 e4 e9 73 fc ff ff 48 8d 4c 24 40 80 e1 07 80 c1 03 38 [ 88.312262][ T1481] RSP: 0018:ffffc90000cbfa20 EFLAGS: 00010246 [ 88.318228][ T1481] RAX: 0000000000000004 RBX: 0000000000040dc0 RCX: ffffc90000cbfa03 [ 88.319685][ T1473] cgroup: noprefix used incorrectly [ 88.326362][ T1481] RDX: dffffc0000000000 RSI: 0000000000000000 RDI: ffffc90000cbfab8 [ 88.339071][ T1481] RBP: ffffc90000cbfb30 R08: dffffc0000000000 R09: ffffc90000cbfa90 [ 88.346831][ T1481] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000000 [ 88.354864][ T1481] R13: 1ffff92000197f4c R14: 1ffff92000197f4e R15: 1ffff92000197f48 [ 88.377652][ T1481] FS: 00007f18288d26c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 88.392140][ T1486] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.254: bg 0: block 234: padding at end of block bitmap is not set [ 88.392149][ T1481] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 88.393488][ T1486] EXT4-fs (loop4): Remounting filesystem read-only [ 88.406801][ T1481] CR2: 0000000020523000 CR3: 000000010deee000 CR4: 00000000003506b0 [ 88.426875][ T1481] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 88.437205][ T1481] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 88.445309][ T1481] Call Trace: [ 88.448524][ T1481] [ 88.451326][ T1481] ? show_regs+0x58/0x60 [ 88.455386][ T1481] ? __warn+0x160/0x2f0 [ 88.459436][ T1481] ? __alloc_pages+0x770/0x8f0 [ 88.463965][ T1481] ? report_bug+0x3d9/0x5b0 [ 88.468788][ T1481] ? __alloc_pages+0x770/0x8f0 [ 88.473414][ T1481] ? handle_bug+0x41/0x70 [ 88.480025][ T1481] ? exc_invalid_op+0x1b/0x50 [ 88.484929][ T1481] ? asm_exc_invalid_op+0x1b/0x20 [ 88.491299][ T1481] ? __alloc_pages+0x770/0x8f0 [ 88.511395][ T1481] ? prep_new_page+0x110/0x110 [ 88.516002][ T1481] ? do_vfs_ioctl+0xbc1/0x2a80 [ 88.520681][ T1481] ? memcpy+0x56/0x70 [ 88.524419][ T1481] ? __x64_compat_sys_ioctl+0x90/0x90 [ 88.532283][ T1481] kmalloc_order+0x4a/0x160 [ 88.536747][ T1481] kmalloc_order_trace+0x1a/0xb0 [ 88.543957][ T1481] __kmalloc+0x19c/0x270 [ 88.546060][ T1492] netlink: 8 bytes leftover after parsing attributes in process `syz.0.262'. [ 88.554142][ T1481] input_mt_init_slots+0xcf/0xa50 [ 88.561784][ T1481] ? mutex_lock_interruptible+0xb6/0x1e0 [ 88.568023][ T1481] uinput_create_device+0x522/0x630 [ 88.573125][ T1481] uinput_ioctl_handler+0xa63/0x16a0 [ 88.583025][ T1481] ? uinput_release+0x50/0x50 [ 88.587872][ T1481] ? selinux_file_ioctl+0x3cc/0x540 [ 88.593045][ T1481] ? __fget_files+0x31e/0x380 [ 88.598575][ T1481] uinput_ioctl+0x28/0x30 [ 88.603163][ T1481] ? uinput_poll+0x120/0x120 [ 88.607927][ T1481] __se_sys_ioctl+0x114/0x190 [ 88.611373][ T1498] loop0: detected capacity change from 0 to 256 [ 88.612457][ T1481] __x64_sys_ioctl+0x7b/0x90 [ 88.623997][ C1] TCP: request_sock_TCP: Possible SYN flooding on port 2. Sending cookies. Check SNMP counters. [ 88.647661][ T1481] do_syscall_64+0x3d/0xb0 [ 88.651920][ T1481] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 88.658687][ T1500] loop2: detected capacity change from 0 to 1024 [ 88.664946][ T1481] RIP: 0033:0x7f1829c549f9 [ 88.669145][ T1481] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 88.689425][ T1481] RSP: 002b:00007f18288d2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 88.697776][ T1481] RAX: ffffffffffffffda RBX: 00007f1829df0f80 RCX: 00007f1829c549f9 [ 88.705572][ T1481] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000003 [ 88.714706][ T1481] RBP: 00007f1829cc28ee R08: 0000000000000000 R09: 0000000000000000 [ 88.722578][ T1481] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 88.732812][ T1500] EXT4-fs (loop2): Quota format mount options ignored when QUOTA feature is enabled [ 88.734290][ T1481] R13: 0000000000000000 R14: 00007f1829df0f80 R15: 00007ffe4ef5e9b8 [ 88.747795][ T1500] EXT4-fs (loop2): Ignoring removed nomblk_io_submit option [ 88.749989][ T1481] [ 88.761398][ T1481] ---[ end trace 09260d4cf4907f6d ]--- [ 88.766962][ T1500] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 88.804709][ T1500] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,delalloc,resuid=0x0000000000000000,errors=remount-ro,dioread_nolock,jqfmt=vfsold,nomblk_io_submit,noauto_da_alloc,. Quota mode: writeback. [ 88.868588][ T1515] blk_update_request: I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 88.879402][ T1515] FAT-fs (loop4): unable to read boot sector [ 88.943234][ T1525] device syzkaller0 entered promiscuous mode [ 88.986706][ T1532] loop1: detected capacity change from 0 to 256 [ 88.999481][ T1535] tap0: tun_chr_ioctl cmd 1074025681 [ 89.056914][ T1545] request_module fs-rpc_pipefs succeeded, but still no fs? [ 89.206628][ T30] audit: type=1400 audit(1723490110.609:295): avc: denied { audit_read } for pid=1564 comm="syz.0.294" capability=37 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 89.250061][ T30] audit: type=1400 audit(1723490110.639:296): avc: denied { map } for pid=1571 comm="syz.0.299" path="/dev/bus/usb/003/001" dev="devtmpfs" ino=146 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 89.275191][ T30] audit: type=1400 audit(1723490110.669:297): avc: denied { sys_module } for pid=1575 comm="syz.2.301" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 89.352669][ T508] hid-generic 0000:0000:0000.0012: item fetching failed at offset 0/2 [ 89.360821][ T30] audit: type=1400 audit(1723490110.759:298): avc: denied { read write } for pid=1571 comm="syz.0.299" name="uhid" dev="devtmpfs" ino=171 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 89.418016][ T30] audit: type=1400 audit(1723490110.759:299): avc: denied { open } for pid=1571 comm="syz.0.299" path="/dev/uhid" dev="devtmpfs" ino=171 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 89.431416][ T508] hid-generic: probe of 0000:0000:0000.0012 failed with error -22 [ 89.491452][ T30] audit: type=1400 audit(1723490110.899:300): avc: denied { map } for pid=1598 comm="syz.2.307" path="/dev/binderfs/binder0" dev="binder" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 89.491973][ T1599] binder: transaction release 9 bad handle 1, ret = -22 [ 89.525182][ T523] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 89.549261][ T1601] binder: transaction release 23 bad handle 1, ret = -22 [ 89.574054][ T1605] binder: transaction release 31 bad object at offset 536871168, size 72 [ 89.887633][ T523] usb 4-1: config 0 has an invalid interface number: 18 but max is 0 [ 89.895673][ T523] usb 4-1: config 0 has no interface number 0 [ 89.901658][ T523] usb 4-1: config 0 interface 18 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 89.912716][ T523] usb 4-1: config 0 interface 18 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 89.997658][ T523] usb 4-1: New USB device found, idVendor=054c, idProduct=03d5, bcdDevice= 0.10 [ 90.009824][ T523] usb 4-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0 [ 90.026408][ T523] usb 4-1: Manufacturer: syz [ 90.040200][ T523] usb 4-1: config 0 descriptor?? [ 90.533697][ T523] input: syz as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.18/0003:054C:03D5.0013/input/input18 [ 90.559098][ T523] sony 0003:054C:03D5.0013: input,hidraw0: USB HID v0.00 Joystick [syz] on usb-dummy_hcd.3-1/input18 [ 90.853770][ T508] usb 4-1: USB disconnect, device number 10 [ 91.189490][ T1649] loop1: detected capacity change from 0 to 512 [ 91.261494][ T1649] EXT4-fs (loop1): 1 orphan inode deleted [ 91.267216][ T1649] EXT4-fs (loop1): mounted filesystem without journal. Opts: resgid=0x0000000000000000,discard,noblock_validity,init_itable,stripe=0x000000000000002e,resgid=0x0000000000000000,sysvgroups,norecovery,usrquota,,errors=continue. Quota mode: writeback. [ 91.295111][ T1649] ext4 filesystem being mounted at /29/file1 supports timestamps until 2038 (0x7fffffff) [ 91.617662][ T1649] loop_set_status: loop1 () has still dirty pages (nrpages=4) [ 91.648589][ T1664] loop2: detected capacity change from 0 to 8192 [ 91.727811][ T1204] EXT4-fs warning (device loop1): __ext4_unlink:3289: inode #16: comm syz-executor: Deleting file 'file3' with no links [ 91.740418][ T1204] EXT4-fs error (device loop1): ext4_ext_check_inode:501: inode #17: comm syz-executor: pblk 0 bad header/extent: invalid magic - magic 0, entries 0, max 0(0), depth 0(0) [ 91.772673][ T1204] EXT4-fs error (device loop1): ext4_ext_check_inode:501: inode #17: comm syz-executor: pblk 0 bad header/extent: invalid magic - magic 0, entries 0, max 0(0), depth 0(0) [ 91.801148][ T1679] loop0: detected capacity change from 0 to 256 [ 91.845770][ T1681] loop2: detected capacity change from 0 to 512 [ 91.877606][ T434] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 91.889400][ T1681] EXT4-fs (loop2): mounted filesystem without journal. Opts: user_xattr,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback. [ 91.905563][ T1681] ext4 filesystem being mounted at /33/bus supports timestamps until 2038 (0x7fffffff) [ 91.954489][ T1685] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.961375][ T1685] bridge0: port 1(bridge_slave_0) entered disabled state [ 91.968791][ T1685] device bridge_slave_0 entered promiscuous mode [ 91.976937][ T1685] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.983973][ T1685] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.993531][ T1685] device bridge_slave_1 entered promiscuous mode [ 92.085720][ T1685] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.092620][ T1685] bridge0: port 2(bridge_slave_1) entered forwarding state [ 92.099792][ T1685] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.106548][ T1685] bridge0: port 1(bridge_slave_0) entered forwarding state [ 92.131944][ T508] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 92.139334][ T508] bridge0: port 1(bridge_slave_0) entered disabled state [ 92.146410][ T508] bridge0: port 2(bridge_slave_1) entered disabled state [ 92.156290][ T523] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 92.170013][ T523] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.176869][ T523] bridge0: port 1(bridge_slave_0) entered forwarding state [ 92.288056][ T434] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 92.329680][ T434] usb 5-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d [ 92.339004][ T434] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 92.350427][ T434] usb 5-1: config 0 descriptor?? [ 92.406409][ T1685] device veth0_vlan entered promiscuous mode [ 92.414120][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 92.423532][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 92.437029][ T1714] loop2: detected capacity change from 0 to 16 [ 92.443349][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 92.450867][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 92.458314][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 92.466252][ T26] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.473099][ T26] bridge0: port 2(bridge_slave_1) entered forwarding state [ 92.480469][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 92.488453][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 92.489941][ T1714] erofs: (device loop2): mounted with root inode @ nid 36. [ 92.518441][ T312] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 92.527966][ T1685] device veth1_macvtap entered promiscuous mode [ 92.542628][ T312] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 92.551753][ T312] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 92.583980][ T1722] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 92.596857][ T1722] erofs: (device loop2): z_erofs_lz4_decompress_mem: failed to decompress -35 in[64, 4032] out[1851] [ 92.598678][ T434] usb 5-1: USB disconnect, device number 12 [ 92.646442][ T1722] erofs: (device loop2): z_erofs_readpage: failed to read, err [-117] [ 92.981060][ T8] device bridge_slave_1 left promiscuous mode [ 92.987013][ T8] bridge0: port 2(bridge_slave_1) entered disabled state [ 93.019533][ T8] device bridge_slave_0 left promiscuous mode [ 93.037234][ T8] bridge0: port 1(bridge_slave_0) entered disabled state [ 93.059724][ T8] device veth1_macvtap left promiscuous mode [ 93.071726][ T8] device veth0_vlan left promiscuous mode [ 93.143372][ T1727] loop1: detected capacity change from 0 to 40427 [ 93.202254][ T1727] F2FS-fs (loop1): invalid crc value [ 93.224355][ T1727] F2FS-fs (loop1): Found nat_bits in checkpoint [ 93.333509][ T30] kauditd_printk_skb: 15 callbacks suppressed [ 93.333532][ T30] audit: type=1400 audit(1723490114.739:316): avc: denied { ioctl } for pid=1734 comm="syz.4.355" path="socket:[21500]" dev="sockfs" ino=21500 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 93.510866][ T1727] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 93.533490][ T1727] overlayfs: failed to resolve './file0': -2 [ 93.549458][ T1685] attempt to access beyond end of device [ 93.549458][ T1685] loop1: rw=2049, want=45104, limit=40427 [ 93.693491][ T1748] netlink: 8 bytes leftover after parsing attributes in process `syz.1.357'. [ 93.703836][ T1748] device macsec1 entered promiscuous mode [ 93.709611][ T1748] device vlan0 entered promiscuous mode [ 93.728427][ T1750] loop1: detected capacity change from 0 to 256 [ 93.768755][ T1746] loop0: detected capacity change from 0 to 40427 [ 93.818000][ T1746] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 93.825685][ T1746] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 93.856184][ T1746] F2FS-fs (loop0): invalid crc value [ 93.868118][ T1746] F2FS-fs (loop0): Found nat_bits in checkpoint [ 93.906268][ T1746] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 93.913741][ T1746] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 93.993335][ T1752] loop1: detected capacity change from 0 to 40427 [ 94.045530][ T1752] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 94.065049][ T1752] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 94.086608][ T1752] F2FS-fs (loop1): invalid crc value [ 94.094344][ T1760] mmap: syz.4.364 (1760) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst. [ 94.124263][ T1766] loop0: detected capacity change from 0 to 256 [ 94.127592][ T523] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 94.131192][ T1752] F2FS-fs (loop1): Found nat_bits in checkpoint [ 94.177343][ T1752] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 94.186217][ T1752] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 94.194008][ T1766] exfat: Unknown parameter './file2' [ 94.252850][ T1766] loop0: detected capacity change from 0 to 1024 [ 94.568086][ T1766] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:476: comm syz.0.363: Invalid block bitmap block 0 in block_group 0 [ 94.582204][ T1766] Quota error (device loop0): write_blk: dquota write failed [ 94.589869][ T1766] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 94.599694][ T1766] EXT4-fs error (device loop0): ext4_free_blocks:6216: comm syz.0.363: Freeing blocks not in datazone - block = 0, count = 4096 [ 94.612990][ T1766] EXT4-fs error (device loop0): ext4_read_inode_bitmap:140: comm syz.0.363: Invalid inode bitmap blk 0 in block_group 0 [ 94.625427][ T1063] Quota error (device loop0): remove_tree: Getting block too big (0 >= 9) [ 94.625457][ T1766] EXT4-fs error (device loop0) in ext4_free_inode:362: Corrupt filesystem [ 94.642341][ T1766] EXT4-fs (loop0): 1 orphan inode deleted [ 94.647966][ T1766] EXT4-fs (loop0): mounted filesystem without journal. Opts: ; sysvgroups,stripe=0x0000000000000000,auto_da_alloc,quota,nogrpid,norecovery,bsddf,bsdgroups,,errors=continue. Quota mode: writeback. [ 94.707829][ T523] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0 [ 94.720662][ T30] audit: type=1400 audit(1723490116.129:317): avc: denied { create } for pid=1765 comm="syz.0.363" name="file6" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1 [ 94.845102][ T1780] netlink: 40 bytes leftover after parsing attributes in process `syz.3.367'. [ 94.958917][ T1782] EXT4-fs error (device loop0): ext4_lookup:1855: inode #15: comm syz.0.363: iget: bad extra_isize 65535 (inode size 256) [ 94.983692][ T523] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8E has invalid maxpacket 0 [ 94.999718][ T523] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 95.186680][ T319] Quota error (device loop0): remove_tree: Getting block too big (0 >= 9) [ 95.277783][ T1790] netlink: 40 bytes leftover after parsing attributes in process `syz.1.368'. [ 95.460951][ T1780] syz.3.367 (1780) used greatest stack depth: 19480 bytes left [ 95.504736][ T1802] syz.3.376 (1802) used obsolete PPPIOCDETACH ioctl [ 95.537691][ T523] usb 3-1: New USB device found, idVendor=05ab, idProduct=0301, bcdDevice= 1.00 [ 95.546793][ T523] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 95.555053][ T523] usb 3-1: Product: syz [ 95.559524][ T523] usb 3-1: Manufacturer: syz [ 95.563966][ T523] usb 3-1: SerialNumber: syz [ 95.572626][ T523] usb 3-1: config 0 descriptor?? [ 95.849174][ T523] ums-isd200 3-1:0.0: USB Mass Storage device detected [ 95.879191][ T1814] overlayfs: unrecognized mount option "verity=on" or missing value [ 95.894546][ T1807] loop3: detected capacity change from 0 to 40427 [ 95.909154][ T1807] F2FS-fs (loop3): invalid crc value [ 95.915776][ T1807] F2FS-fs (loop3): Found nat_bits in checkpoint [ 95.937447][ T1807] F2FS-fs (loop3): Cannot turn on quotas: -2 on 1 [ 95.944166][ T1807] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 95.954708][ T1807] attempt to access beyond end of device [ 95.954708][ T1807] loop3: rw=2049, want=45104, limit=40427 [ 95.957628][ T20] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 95.966725][ T1807] attempt to access beyond end of device [ 95.966725][ T1807] loop3: rw=2049, want=45160, limit=40427 [ 95.984245][ T1807] attempt to access beyond end of device [ 95.984245][ T1807] loop3: rw=2049, want=45104, limit=40427 [ 96.000661][ T1159] attempt to access beyond end of device [ 96.000661][ T1159] loop3: rw=2049, want=45168, limit=40427 [ 96.143725][ T30] audit: type=1400 audit(1723490117.549:318): avc: denied { create } for pid=1753 comm="syz.2.362" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 96.145322][ T1754] UDC core: couldn't find an available UDC or it's busy: -16 [ 96.163904][ T30] audit: type=1400 audit(1723490117.549:319): avc: denied { setopt } for pid=1753 comm="syz.2.362" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 96.171104][ T1754] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 96.191276][ T434] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 96.201166][ T397] usb 3-1: USB disconnect, device number 15 [ 96.347789][ T20] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0 [ 96.357392][ T20] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8E has invalid maxpacket 0 [ 96.366999][ T20] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0 [ 96.376637][ T20] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0xA has invalid maxpacket 0 [ 96.397664][ T523] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 96.537693][ T20] usb 5-1: New USB device found, idVendor=05ab, idProduct=0301, bcdDevice= 1.00 [ 96.546565][ T20] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 96.554504][ T20] usb 5-1: Product: syz [ 96.558509][ T20] usb 5-1: Manufacturer: syz [ 96.562888][ T20] usb 5-1: SerialNumber: syz [ 96.567968][ T20] usb 5-1: config 0 descriptor?? [ 96.597642][ T312] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 96.608068][ T20] ums-isd200 5-1:0.0: USB Mass Storage device detected [ 96.637887][ T434] usb 2-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping [ 96.648355][ T434] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 96.661029][ T434] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 96.669883][ T434] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 96.678431][ T434] usb 2-1: config 0 descriptor?? [ 96.697675][ T1816] raw-gadget.2 gadget: fail, usb_ep_enable returned -22 [ 96.718135][ T434] usbhid 2-1:0.0: couldn't find an input interrupt endpoint [ 96.757755][ T523] usb 4-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping [ 96.768508][ T523] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 96.781333][ T523] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 96.790316][ T523] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 96.798620][ T523] usb 4-1: config 0 descriptor?? [ 96.817650][ T1823] raw-gadget.3 gadget: fail, usb_ep_enable returned -22 [ 96.838107][ T523] usbhid 4-1:0.0: couldn't find an input interrupt endpoint [ 96.907208][ T1798] UDC core: couldn't find an available UDC or it's busy: -16 [ 96.914417][ T1798] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 96.947883][ T20] scsi host1: usb-storage 5-1:0.0 [ 96.954827][ T20] usb 5-1: USB disconnect, device number 13 [ 97.007695][ T299] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 97.117658][ T312] usb 1-1: New USB device found, idVendor=2770, idProduct=9052, bcdDevice=15.f5 [ 97.126542][ T312] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 97.134457][ T312] usb 1-1: Product: syz [ 97.138440][ T312] usb 1-1: Manufacturer: syz [ 97.142841][ T312] usb 1-1: SerialNumber: syz [ 97.147824][ T312] usb 1-1: config 0 descriptor?? [ 97.247618][ T299] usb 3-1: Using ep0 maxpacket: 16 [ 97.367664][ T299] usb 3-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 97.376190][ T299] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 97.386092][ T299] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 97.395560][ T1833] UDC core: couldn't find an available UDC or it's busy: -16 [ 97.402770][ T1833] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 97.547654][ T299] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 97.556506][ T299] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 97.564391][ T299] usb 3-1: Product: syz [ 97.568348][ T299] usb 3-1: Manufacturer: syz [ 97.572716][ T299] usb 3-1: SerialNumber: syz [ 97.887689][ T299] usb 3-1: 0:2 : does not exist [ 97.893794][ T299] usb 3-1: USB disconnect, device number 16 [ 97.977438][ T1842] UDC core: couldn't find an available UDC or it's busy: -16 [ 97.989656][ T1842] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 98.046658][ T30] audit: type=1400 audit(1723490119.449:320): avc: denied { create } for pid=1859 comm="syz.4.394" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 98.066055][ T30] audit: type=1400 audit(1723490119.449:321): avc: denied { write } for pid=1859 comm="syz.4.394" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 98.327529][ T1865] fuse: Unknown parameter 'gro00000000000000000000' [ 99.006452][ T60] usb 2-1: USB disconnect, device number 10 [ 99.117800][ T30] audit: type=1400 audit(1723490120.529:322): avc: denied { read } for pid=1882 comm="syz.4.404" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 99.144476][ T434] usb 4-1: USB disconnect, device number 11 [ 99.159346][ T1895] device pim6reg1 entered promiscuous mode [ 99.216315][ T30] audit: type=1326 audit(1723490120.619:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1897 comm="syz.3.410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1829c549f9 code=0x7ffc0000 [ 99.247068][ T30] audit: type=1326 audit(1723490120.619:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1897 comm="syz.3.410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1829c549f9 code=0x7ffc0000 [ 99.270541][ T30] audit: type=1326 audit(1723490120.629:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1897 comm="syz.3.410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=161 compat=0 ip=0x7f1829c549f9 code=0x7ffc0000 [ 99.294672][ T30] audit: type=1326 audit(1723490120.629:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1897 comm="syz.3.410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1829c549f9 code=0x7ffc0000 [ 99.317765][ T30] audit: type=1326 audit(1723490120.629:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1897 comm="syz.3.410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1829c549f9 code=0x7ffc0000 [ 99.346488][ T508] usb 1-1: USB disconnect, device number 13 [ 99.407682][ T60] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 99.454518][ T1913] loop0: detected capacity change from 0 to 512 [ 99.460732][ T30] audit: type=1400 audit(1723490120.859:328): avc: denied { setattr } for pid=1914 comm="syz.2.417" name="kvm" dev="devtmpfs" ino=82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 99.542697][ T1913] EXT4-fs (loop0): error: journal path ./file1 is not a block device [ 99.647667][ T434] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 99.657700][ T60] usb 2-1: Using ep0 maxpacket: 8 [ 99.665291][ T1912] loop0: detected capacity change from 0 to 16 [ 99.671920][ T1912] erofs: (device loop0): mounted with root inode @ nid 36. [ 99.679454][ T1912] attempt to access beyond end of device [ 99.679454][ T1912] loop0: rw=0, want=1049264, limit=16 [ 99.927662][ T60] usb 2-1: config 0 interface 0 altsetting 252 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 99.944063][ T60] usb 2-1: config 0 interface 0 altsetting 252 endpoint 0x81 has invalid wMaxPacketSize 0 [ 99.954092][ T60] usb 2-1: config 0 interface 0 altsetting 252 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 99.967013][ T60] usb 2-1: config 0 interface 0 has no altsetting 0 [ 99.973487][ T60] usb 2-1: New USB device found, idVendor=28de, idProduct=1102, bcdDevice= 0.00 [ 99.990994][ T60] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 99.999463][ T60] usb 2-1: config 0 descriptor?? [ 100.127650][ T434] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 100.147580][ T434] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 100.167313][ T434] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 100.177502][ T1939] loop2: detected capacity change from 0 to 40427 [ 100.186385][ T434] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 100.201205][ T434] usb 4-1: config 0 descriptor?? [ 100.248206][ T1939] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 100.255757][ T1939] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 100.265214][ T1939] F2FS-fs (loop2): invalid crc value [ 100.271690][ T1939] F2FS-fs (loop2): Found nat_bits in checkpoint [ 100.277583][ T312] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 100.307107][ T1939] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 100.314205][ T1939] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 100.321686][ T30] audit: type=1326 audit(1723490121.719:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1944 comm="syz.0.427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15b264f9f9 code=0x7ffc0000 [ 100.358424][ T30] audit: type=1326 audit(1723490121.719:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1944 comm="syz.0.427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f15b264f9f9 code=0x7ffc0000 [ 100.386639][ T30] audit: type=1326 audit(1723490121.719:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1944 comm="syz.0.427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15b264f9f9 code=0x7ffc0000 [ 100.478926][ T60] hid-steam 0003:28DE:1102.0014: unknown main item tag 0x0 [ 100.486358][ T60] hid-steam 0003:28DE:1102.0014: : USB HID v0.00 Device [HID 28de:1102] on usb-dummy_hcd.1-1/input0 [ 100.489210][ T1949] loop0: detected capacity change from 0 to 40427 [ 100.507455][ T60] hid-steam 0003:28DE:1102.0015: unknown main item tag 0x0 [ 100.514810][ T1950] kernel profiling enabled (shift: 9) [ 100.515566][ T60] hid-steam 0003:28DE:1102.0015: hidraw0: USB HID v0.00 Device [HID 28de:1102] on usb-dummy_hcd.1-1/input0 [ 100.538360][ T1949] F2FS-fs (loop0): Invalid SB checksum offset: 0 [ 100.548057][ T1949] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock [ 100.558592][ T1949] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 100.569528][ T312] usb 5-1: Using ep0 maxpacket: 16 [ 100.592039][ T1949] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0 [ 100.598939][ T1949] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 100.608061][ T60] hid-steam 0003:28DE:1102.0014: Steam Controller 'XXXXXXXXXX' connected [ 100.617200][ T60] input: Steam Controller as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:28DE:1102.0014/input/input20 [ 100.894231][ T1890] UDC core: couldn't find an available UDC or it's busy: -16 [ 100.907718][ T1890] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 100.915581][ T1890] UDC core: couldn't find an available UDC or it's busy: -16 [ 100.920068][ T1961] attempt to access beyond end of device [ 100.920068][ T1961] loop0: rw=2049, want=57344, limit=40427 [ 100.922850][ T1890] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 100.947680][ T312] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 100.956163][ T1961] attempt to access beyond end of device [ 100.956163][ T1961] loop0: rw=2049, want=53248, limit=40427 [ 100.958412][ T312] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 100.982614][ T1961] attempt to access beyond end of device [ 100.982614][ T1961] loop0: rw=2049, want=63608, limit=40427 [ 101.117774][ T312] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00 [ 101.126745][ T312] usb 5-1: New USB device strings: Mfr=236, Product=255, SerialNumber=0 [ 101.134928][ T312] usb 5-1: Product: syz [ 101.138898][ T312] usb 5-1: Manufacturer: syz [ 101.143863][ T312] usb 5-1: config 0 descriptor?? [ 101.150215][ T1890] UDC core: couldn't find an available UDC or it's busy: -16 [ 101.157478][ T1890] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 101.165167][ T1890] UDC core: couldn't find an available UDC or it's busy: -16 [ 101.172429][ T1890] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 101.181689][ T20] usb 2-1: USB disconnect, device number 11 [ 101.191000][ T20] hid-steam 0003:28DE:1102.0014: Steam Controller 'XXXXXXXXXX' disconnected [ 101.571095][ T1380] attempt to access beyond end of device [ 101.571095][ T1380] loop0: rw=2049, want=45104, limit=40427 [ 101.618413][ T312] kovaplus 0003:1E7D:2D50.0017: item fetching failed at offset 5/7 [ 101.626278][ T312] kovaplus 0003:1E7D:2D50.0017: parse failed [ 101.647707][ T312] kovaplus: probe of 0003:1E7D:2D50.0017 failed with error -22 [ 101.670546][ T1964] loop0: detected capacity change from 0 to 512 [ 101.823003][ T312] usb 5-1: USB disconnect, device number 14 [ 102.352000][ T1970] loop1: detected capacity change from 0 to 40427 [ 102.397708][ T434] usb 4-1: string descriptor 0 read error: -71 [ 102.417646][ T434] uclogic 0003:256C:006D.0016: failed retrieving string descriptor #200: -71 [ 102.438157][ T434] uclogic 0003:256C:006D.0016: failed retrieving pen parameters: -71 [ 102.450407][ T1970] F2FS-fs (loop1): invalid crc value [ 102.476320][ T1982] device pim6reg1 entered promiscuous mode [ 102.485163][ T434] uclogic 0003:256C:006D.0016: failed probing pen v2 parameters: -71 [ 102.495703][ T1970] F2FS-fs (loop1): Found nat_bits in checkpoint [ 102.501522][ T434] uclogic 0003:256C:006D.0016: failed probing parameters: -71 [ 102.532745][ T1987] binder: 1986:1987 ioctl c0306201 0 returned -14 [ 102.532893][ T434] uclogic: probe of 0003:256C:006D.0016 failed with error -71 [ 102.545796][ T1970] F2FS-fs (loop1): Cannot turn on quotas: -2 on 0 [ 102.553051][ T1970] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4 [ 102.577824][ T1991] loop3: detected capacity change from 0 to 2048 [ 102.580693][ T434] usb 4-1: USB disconnect, device number 12 [ 102.693613][ T1991] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 102.736831][ T1991] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 102.758187][ T2000] netlink: 24 bytes leftover after parsing attributes in process `syz.1.433'. [ 102.810847][ T1991] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 128 with max blocks 1 with error 28 [ 102.823205][ T1991] EXT4-fs (loop3): This should not happen!! Data will be lost [ 102.823205][ T1991] [ 102.833807][ T1991] EXT4-fs (loop3): Total free blocks count 0 [ 102.834675][ T2004] loop2: detected capacity change from 0 to 128 [ 102.839641][ T1991] EXT4-fs (loop3): Free/Dirty block details [ 102.851748][ T1991] EXT4-fs (loop3): free_blocks=2415919104 [ 102.857509][ T1991] EXT4-fs (loop3): dirty_blocks=16 [ 102.877306][ T1991] EXT4-fs (loop3): Block reservation details [ 102.893472][ T1991] EXT4-fs (loop3): i_reserved_data_blocks=1 [ 103.009999][ T2004] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 103.028050][ T2004] ext4 filesystem being mounted at /61/mnt supports timestamps until 2038 (0x7fffffff) [ 103.213955][ T2015] loop1: detected capacity change from 0 to 512 [ 103.247722][ T20] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 103.258373][ T2015] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem [ 103.270100][ T2015] EXT4-fs error (device loop1): ext4_orphan_get:1397: inode #15: comm syz.1.445: iget: bad i_size value: -67835469387268086 [ 103.297824][ T2015] EXT4-fs error (device loop1): ext4_orphan_get:1402: comm syz.1.445: couldn't read orphan inode 15 (err -117) [ 103.319541][ T2015] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 103.330180][ T2015] ext2 filesystem being mounted at /15/file0 supports timestamps until 2038 (0x7fffffff) [ 103.675228][ T20] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 103.704412][ T20] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 103.723239][ T20] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 103.747139][ T20] usb 4-1: New USB device found, idVendor=1670, idProduct=ff00, bcdDevice= 0.00 [ 103.765326][ T20] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 103.784091][ T20] usb 4-1: config 0 descriptor?? [ 103.890453][ T2027] loop0: detected capacity change from 0 to 512 [ 103.908120][ T2027] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem [ 103.924299][ T2027] EXT4-fs error (device loop0): ext4_orphan_get:1397: inode #15: comm syz.0.448: iget: bad i_size value: -67835469387268086 [ 103.937880][ T2027] EXT4-fs error (device loop0): ext4_orphan_get:1402: comm syz.0.448: couldn't read orphan inode 15 (err -117) [ 103.950035][ T2027] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 103.960475][ T2027] ext2 filesystem being mounted at /47/file0 supports timestamps until 2038 (0x7fffffff) [ 104.303786][ T20] hid-generic 0003:1670:FF00.0018: item fetching failed at offset 1/5 [ 104.307980][ T2036] loop1: detected capacity change from 0 to 512 [ 104.317795][ T20] hid-generic: probe of 0003:1670:FF00.0018 failed with error -22 [ 104.416968][ T2046] loop2: detected capacity change from 0 to 512 [ 104.480074][ T2046] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 104.552061][ T2046] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -13 [ 104.561187][ T2046] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.454: invalid indirect mapped block 2683928664 (level 1) [ 104.576122][ T60] usb 4-1: USB disconnect, device number 13 [ 104.702302][ T2046] EXT4-fs (loop2): Remounting filesystem read-only [ 104.716928][ T2046] EXT4-fs (loop2): 1 truncate cleaned up [ 104.724947][ T2046] EXT4-fs (loop2): mounted filesystem without journal. Opts: noblock_validity,dioread_nolock,errors=remount-ro,minixdf,jqfmt=vfsv0,usrjquota=.,. Quota mode: writeback. [ 104.756013][ T30] kauditd_printk_skb: 22 callbacks suppressed [ 104.756015][ T2046] SELinux: security_context_str_to_sid(dity) failed for (dev ?, type ?) errno=-22 [ 104.756027][ T30] audit: type=1400 audit(1723490126.159:354): avc: denied { remount } for pid=2045 comm="syz.2.454" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 104.791140][ T2046] SELinux: security_context_str_to_sid(dity) failed for (dev incremental-fs, type incremental-fs) errno=-22 [ 104.966099][ T30] audit: type=1400 audit(1723490126.369:355): avc: denied { write } for pid=2051 comm="syz.0.455" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 105.040641][ T30] audit: type=1400 audit(1723490126.369:356): avc: denied { nlmsg_write } for pid=2051 comm="syz.0.455" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 105.119324][ T2056] loop1: detected capacity change from 0 to 512 [ 105.198459][ T2056] EXT4-fs (loop1): error: could not find journal device path: error -2 [ 105.587915][ T20] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 105.760833][ T2068] loop0: detected capacity change from 0 to 40427 [ 105.819137][ T2068] F2FS-fs (loop0): invalid crc value [ 105.828649][ T2068] F2FS-fs (loop0): Found nat_bits in checkpoint [ 105.850415][ T2068] F2FS-fs (loop0): Cannot turn on quotas: -2 on 0 [ 105.857070][ T2068] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4 [ 105.957931][ T20] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 106.018129][ T2075] netlink: 24 bytes leftover after parsing attributes in process `syz.0.461'. [ 106.161061][ T20] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 106.173515][ T20] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 106.182695][ T20] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 106.191129][ T20] usb 4-1: config 0 descriptor?? [ 106.530367][ T2075] syz.0.461 (2075) used greatest stack depth: 19200 bytes left [ 106.697625][ T508] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 106.957621][ T508] usb 5-1: Using ep0 maxpacket: 16 [ 107.077667][ T508] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 107.087638][ T508] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 107.100292][ T508] usb 5-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 107.109115][ T508] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 107.117716][ T508] usb 5-1: config 0 descriptor?? [ 107.158720][ T508] usbhid 5-1:0.0: couldn't find an input interrupt endpoint [ 107.332030][ T2106] netlink: 16 bytes leftover after parsing attributes in process `syz.1.472'. [ 107.883990][ T2118] loop0: detected capacity change from 0 to 40427 [ 107.978036][ T2118] F2FS-fs (loop0): Invalid log_blocksize (0), supports only 12 [ 107.985496][ T2118] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock [ 107.994348][ T2118] F2FS-fs (loop0): invalid crc value [ 108.000863][ T2118] F2FS-fs (loop0): Wrong journal entry on segno 2053 [ 108.015066][ T2118] F2FS-fs (loop0): Failed to initialize F2FS segment manager (-117) [ 108.538008][ T20] usb 4-1: string descriptor 0 read error: -71 [ 108.563261][ T20] uclogic 0003:256C:006D.0019: failed retrieving string descriptor #200: -71 [ 108.572213][ T20] uclogic 0003:256C:006D.0019: failed retrieving pen parameters: -71 [ 108.580140][ T20] uclogic 0003:256C:006D.0019: failed probing pen v2 parameters: -71 [ 108.588028][ T20] uclogic 0003:256C:006D.0019: failed probing parameters: -71 [ 108.595305][ T20] uclogic: probe of 0003:256C:006D.0019 failed with error -71 [ 108.604299][ T20] usb 4-1: USB disconnect, device number 14 [ 108.801228][ T312] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 109.027657][ T1998] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:476: comm ext4lazyinit: Invalid block bitmap block 3 in block_group 0 [ 109.041404][ T1998] EXT4-fs (loop2): Remounting filesystem read-only [ 109.047704][ T312] usb 1-1: Using ep0 maxpacket: 16 [ 109.079225][ T2143] loop1: detected capacity change from 0 to 256 [ 109.164416][ T2143] FAT-fs (loop1): Directory bread(block 64) failed [ 109.170857][ T312] usb 1-1: config 0 has an invalid interface number: 104 but max is 1 [ 109.170866][ T2143] FAT-fs (loop1): Directory bread(block 65) failed [ 109.170907][ T2143] FAT-fs (loop1): Directory bread(block 66) failed [ 109.178809][ T312] usb 1-1: config 0 has an invalid interface number: 104 but max is 1 [ 109.185602][ T2143] FAT-fs (loop1): Directory bread(block 67) failed [ 109.191550][ T312] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 109.191570][ T312] usb 1-1: config 0 has no interface number 0 [ 109.191596][ T312] usb 1-1: config 0 interface 104 altsetting 0 endpoint 0x8 has an invalid bInterval 0, changing to 7 [ 109.199991][ T2143] FAT-fs (loop1): Directory bread(block 68) failed [ 109.205859][ T312] usb 1-1: config 0 interface 104 has no altsetting 1 [ 109.214769][ T2143] FAT-fs (loop1): Directory bread(block 69) failed [ 109.250519][ T2143] FAT-fs (loop1): Directory bread(block 70) failed [ 109.256793][ T2143] FAT-fs (loop1): Directory bread(block 71) failed [ 109.263164][ T2143] FAT-fs (loop1): Directory bread(block 72) failed [ 109.269495][ T2143] FAT-fs (loop1): Directory bread(block 73) failed [ 109.377650][ T312] usb 1-1: New USB device found, idVendor=1189, idProduct=0893, bcdDevice= 7.36 [ 109.401580][ T312] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 109.409955][ T312] usb 1-1: Product: syz [ 109.414016][ T312] usb 1-1: Manufacturer: syz [ 109.424121][ T312] usb 1-1: SerialNumber: syz [ 109.434921][ T20] usb 5-1: USB disconnect, device number 15 [ 109.441425][ T2153] loop4: detected capacity change from 0 to 512 [ 109.441914][ T312] usb 1-1: config 0 descriptor?? [ 109.470484][ T2153] EXT4-fs (loop4): orphan cleanup on readonly fs [ 109.600758][ T2153] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.488: bg 0: block 248: padding at end of block bitmap is not set [ 109.618899][ T30] audit: type=1326 audit(1723490131.029:357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2150 comm="syz.3.487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1829c549f9 code=0x7fc00000 [ 109.662008][ T2153] Quota error (device loop4): write_blk: dquota write failed [ 109.669321][ T2153] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 109.679529][ T2153] EXT4-fs (loop4): 1 truncate cleaned up [ 109.697847][ T2153] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 109.710217][ T2153] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended [ 109.728375][ T2153] EXT4-fs (loop4): re-mounted. Opts: (null). Quota mode: writeback. [ 109.802725][ T2166] loop4: detected capacity change from 0 to 1024 [ 109.889031][ T2166] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 109.947637][ T312] asix 1-1:0.104 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 109.959144][ T312] asix: probe of 1-1:0.104 failed with error -71 [ 109.961347][ T2174] loop4: detected capacity change from 0 to 512 [ 109.968091][ T312] usb 1-1: USB disconnect, device number 14 [ 110.018446][ T2174] EXT4-fs (loop4): Ignoring removed oldalloc option [ 110.025683][ T2174] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 110.033474][ T2174] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=80fc01c, mo2=0002] [ 110.041669][ T2174] EXT4-fs (loop4): couldn't mount RDWR because of unsupported optional features (80) [ 110.051101][ T2174] EXT4-fs (loop4): Skipping orphan cleanup due to unknown ROCOMPAT features [ 110.059695][ T2174] EXT4-fs (loop4): mounted filesystem without journal. Opts: init_itable,noinit_itable,noauto_da_alloc,noblock_validity,usrquota,oldalloc,jqfmt=vfsv0,grpjquota=,lazytime,,errors=continue. Quota mode: writeback. [ 110.082399][ T30] audit: type=1326 audit(1723490131.489:358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2173 comm="syz.4.493" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f48bdfc09f9 code=0x0 [ 110.182977][ T2176] EXT4-fs warning (device loop4): dx_probe:892: inode #2: comm syz.4.493: dx entry: limit 65535 != root limit 120 [ 110.194931][ T2176] EXT4-fs warning (device loop4): dx_probe:965: inode #2: comm syz.4.493: Corrupt directory, running e2fsck is recommended [ 110.217751][ T2176] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 3: comm syz.4.493: path /104/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0 [ 110.241717][ T2176] sch_tbf: burst 1399 is lower than device veth0_to_team mtu (1514) ! [ 110.250279][ T2176] EXT4-fs error (device loop4): htree_dirblock_to_tree:1111: inode #2: block 3: comm syz.4.493: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0 [ 110.273560][ T30] audit: type=1326 audit(1723490131.679:359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2150 comm="syz.3.487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f1829c549f9 code=0x7fc00000 [ 110.317964][ T2187] sit: Dst spoofed 0.0.0.0/2002::bfd8:a5dd -> 224.0.0.1/2002:c021:42c4:3911:45ba:dd28:fd7f:ffc [ 110.354402][ T30] audit: type=1326 audit(1723490131.759:360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2184 comm="syz.3.497" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1829c549f9 code=0x0 [ 110.427395][ T30] audit: type=1326 audit(1723490131.829:361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2191 comm="syz.3.500" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1829c549f9 code=0x0 [ 110.437539][ T2189] loop1: detected capacity change from 0 to 40427 [ 110.489050][ T2189] F2FS-fs (loop1): invalid crc value [ 110.499686][ T2189] F2FS-fs (loop1): Found nat_bits in checkpoint [ 110.511525][ T30] audit: type=1400 audit(1723490131.919:362): avc: denied { execute_no_trans } for pid=2202 comm="syz.0.504" path=2F6D656D66643A5B0BDB58AE5B1AA9FDFAADD16D64C8854858A9250C1A65E0202864656C6574656429 dev="tmpfs" ino=1263 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 110.540503][ T2189] F2FS-fs (loop1): Cannot turn on quotas: -2 on 0 [ 110.548014][ T2189] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4 [ 110.557365][ T30] audit: type=1400 audit(1723490131.959:363): avc: denied { ioctl } for pid=2202 comm="syz.0.504" path="socket:[23250]" dev="sockfs" ino=23250 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 110.583012][ T2203] bridge0: port 2(bridge_slave_1) entered disabled state [ 110.590059][ T2203] bridge0: port 1(bridge_slave_0) entered disabled state [ 110.765599][ T2209] netlink: 24 bytes leftover after parsing attributes in process `syz.1.499'. [ 111.107511][ T30] audit: type=1400 audit(1723490132.509:364): avc: denied { write } for pid=2221 comm="syz.0.510" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1 [ 111.125749][ T2224] netlink: 28 bytes leftover after parsing attributes in process `syz.0.511'. [ 111.135804][ T30] audit: type=1400 audit(1723490132.539:365): avc: denied { bind } for pid=2223 comm="syz.0.511" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 111.226109][ T30] audit: type=1400 audit(1723490132.629:366): avc: denied { create } for pid=2232 comm="syz.0.516" dev="anon_inodefs" ino=23351 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 111.256951][ T30] audit: type=1400 audit(1723490132.629:367): avc: denied { ioctl } for pid=2232 comm="syz.0.516" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=23351 ioctlcmd=0xaa3f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 111.351890][ T2252] overlayfs: missing 'lowerdir' [ 111.371224][ T2256] SELinux: security_context_str_to_sid(defcontext) failed for (dev ?, type ?) errno=-22 [ 111.406067][ T2256] SELinux: duplicate or incompatible mount options [ 111.840470][ T2270] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 111.865390][ T319] device bridge_slave_1 left promiscuous mode [ 111.871390][ T319] bridge0: port 2(bridge_slave_1) entered disabled state [ 111.878776][ T319] device bridge_slave_0 left promiscuous mode [ 111.884945][ T319] bridge0: port 1(bridge_slave_0) entered disabled state [ 111.892866][ T319] device vlan0 left promiscuous mode [ 111.898077][ T319] device veth1_macvtap left promiscuous mode [ 111.903778][ T319] device veth0_vlan left promiscuous mode [ 112.355166][ T2280] loop3: detected capacity change from 0 to 512 [ 112.433863][ T2280] EXT4-fs (loop3): corrupt root inode, run e2fsck [ 112.440184][ T2280] EXT4-fs (loop3): mount failed [ 112.531752][ T2280] netlink: 12 bytes leftover after parsing attributes in process `syz.3.535'. [ 112.957464][ T2286] loop0: detected capacity change from 0 to 512 [ 112.961996][ T2289] loop4: detected capacity change from 0 to 512 [ 112.970918][ T2286] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 112.981383][ T2286] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec01c, mo2=0002] [ 112.989252][ T2286] System zones: 1-12 [ 112.993820][ T2286] EXT4-fs (loop0): 1 truncate cleaned up [ 112.999494][ T2286] EXT4-fs (loop0): mounted filesystem without journal. Opts: data_err=ignore,grpid,max_batch_time=0x0000000000000003,debug,jqfmt=vfsv0,quota,,errors=continue. Quota mode: writeback. [ 113.000396][ T2289] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 113.028299][ T2289] EXT4-fs (loop4): 1 truncate cleaned up [ 113.033751][ T2289] EXT4-fs (loop4): mounted filesystem without journal. Opts: journal_dev=0x0000000000000003,journal_ioprio=0x0000000000000001,stripe=0x0000000000000000,,errors=continue. Quota mode: none. [ 113.058319][ T2289] EXT4-fs warning (device loop4): __ext4fs_dirhash:270: inode #2: comm syz.4.539: Siphash requires key [ 114.481910][ T2308] capability: warning: `syz.3.544' uses deprecated v2 capabilities in a way that may be insecure [ 114.556450][ T2309] bridge0: port 1(bridge_slave_0) entered blocking state [ 114.563445][ T2309] bridge0: port 1(bridge_slave_0) entered disabled state [ 114.570628][ T2309] device bridge_slave_0 entered promiscuous mode [ 114.577176][ T2309] bridge0: port 2(bridge_slave_1) entered blocking state [ 114.584014][ T2309] bridge0: port 2(bridge_slave_1) entered disabled state [ 114.591111][ T2309] device bridge_slave_1 entered promiscuous mode [ 114.632539][ T2309] bridge0: port 2(bridge_slave_1) entered blocking state [ 114.639388][ T2309] bridge0: port 2(bridge_slave_1) entered forwarding state [ 114.646445][ T2309] bridge0: port 1(bridge_slave_0) entered blocking state [ 114.653282][ T2309] bridge0: port 1(bridge_slave_0) entered forwarding state [ 114.672591][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 114.679980][ T26] bridge0: port 1(bridge_slave_0) entered disabled state [ 114.686962][ T26] bridge0: port 2(bridge_slave_1) entered disabled state [ 114.695346][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 114.703326][ T20] bridge0: port 1(bridge_slave_0) entered blocking state [ 114.710172][ T20] bridge0: port 1(bridge_slave_0) entered forwarding state [ 114.728390][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 114.736265][ T20] bridge0: port 2(bridge_slave_1) entered blocking state [ 114.743048][ T20] bridge0: port 2(bridge_slave_1) entered forwarding state [ 114.750233][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 114.758520][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 114.771916][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 114.781508][ T2309] device veth0_vlan entered promiscuous mode [ 114.788466][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 114.796501][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 114.804136][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 114.816330][ T2309] device veth1_macvtap entered promiscuous mode [ 114.823190][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 114.835581][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 114.843810][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 115.148197][ T1063] device bridge_slave_1 left promiscuous mode [ 115.154117][ T1063] bridge0: port 2(bridge_slave_1) entered disabled state [ 115.161572][ T1063] device bridge_slave_0 left promiscuous mode [ 115.167474][ T1063] bridge0: port 1(bridge_slave_0) entered disabled state [ 115.174988][ T1063] device veth1_macvtap left promiscuous mode [ 115.180824][ T1063] device veth0_vlan left promiscuous mode [ 115.411811][ T2320] loop4: detected capacity change from 0 to 128 [ 115.448619][ T30] kauditd_printk_skb: 9 callbacks suppressed [ 115.448643][ T30] audit: type=1400 audit(1723490136.859:377): avc: denied { remount } for pid=2319 comm="syz.4.548" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 116.430629][ T2328] loop2: detected capacity change from 0 to 2048 [ 116.458089][ T2328] loop2: p1 < > p4 [ 116.462898][ T2328] loop2: p4 size 8388608 extends beyond EOD, truncated [ 116.476915][ T30] audit: type=1400 audit(1723490137.879:378): avc: denied { read } for pid=2327 comm="syz.2.550" name="loop2p4" dev="devtmpfs" ino=804 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 116.499521][ T30] audit: type=1400 audit(1723490137.879:379): avc: denied { open } for pid=2327 comm="syz.2.550" path="/dev/loop2p4" dev="devtmpfs" ino=804 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 116.523803][ T30] audit: type=1400 audit(1723490137.929:380): avc: denied { ioctl } for pid=2327 comm="syz.2.550" path="/dev/loop2p4" dev="devtmpfs" ino=804 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 116.569185][ T315] blk_update_request: I/O error, dev loop2, sector 8 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 116.569229][ T329] blk_update_request: I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 116.580296][ T315] blk_update_request: I/O error, dev loop2, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 116.591400][ T2328] __loop_clr_fd: partition scan of loop2 failed (rc=-16) [ 116.602342][ T315] Buffer I/O error on dev loop2p4, logical block 1, async page read [ 116.608901][ T329] Buffer I/O error on dev loop2p1, logical block 0, async page read [ 116.624422][ T329] blk_update_request: I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 116.635693][ T329] Buffer I/O error on dev loop2p1, logical block 0, async page read [ 116.643563][ T329] blk_update_request: I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 116.654177][ T329] Buffer I/O error on dev loop2p1, logical block 0, async page read [ 116.662181][ T329] blk_update_request: I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 116.673019][ T329] Buffer I/O error on dev loop2p1, logical block 0, async page read [ 116.681016][ T329] blk_update_request: I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 116.691725][ T508] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 116.691873][ T329] Buffer I/O error on dev loop2p1, logical block 0, async page read [ 116.714953][ T315] udevd[315]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory [ 116.714982][ T329] udevd[329]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory [ 116.947785][ T508] usb 5-1: Using ep0 maxpacket: 16 [ 117.067703][ T508] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 117.078509][ T508] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 117.088023][ T508] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 117.100614][ T508] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 117.109785][ T508] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 117.118415][ T508] usb 5-1: config 0 descriptor?? [ 117.541299][ T2346] loop2: detected capacity change from 0 to 512 [ 117.559420][ T2343] kvm: pic: non byte write [ 117.564023][ T2343] kvm: pic: non byte write [ 117.568556][ T2343] kvm: pic: non byte write [ 117.573017][ T2343] kvm: pic: non byte write [ 117.577449][ T2343] kvm: pic: non byte write [ 117.582316][ T2343] kvm: pic: non byte write [ 117.586662][ T2343] kvm: pic: non byte write [ 117.591301][ T2343] kvm: pic: non byte write [ 117.592515][ T508] microsoft 0003:045E:07DA.001A: unbalanced collection at end of report description [ 117.595758][ T2343] kvm: pic: non byte write [ 117.606520][ T508] microsoft 0003:045E:07DA.001A: parse failed [ 117.609560][ T2343] kvm: pic: non byte write [ 117.614888][ T508] microsoft: probe of 0003:045E:07DA.001A failed with error -22 [ 117.620427][ T2343] kvm: pic: non byte read [ 117.633088][ T2346] EXT4-fs error (device loop2): ext4_orphan_get:1397: inode #15: comm syz.2.556: casefold flag without casefold feature [ 117.645820][ T2346] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: inode #2: comm syz.2.556: missing EA_INODE flag [ 117.657494][ T2346] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.556: error while reading EA inode 2 err=-117 [ 117.669918][ T2346] EXT4-fs (loop2): 1 orphan inode deleted [ 117.675449][ T2346] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 117.733170][ T2346] EXT4-fs (loop2): shut down requested (2) [ 117.800749][ T434] usb 5-1: USB disconnect, device number 16 [ 118.759210][ T2357] loop0: detected capacity change from 0 to 2048 [ 118.809102][ T30] audit: type=1400 audit(1723490140.219:381): avc: denied { read } for pid=2351 comm="syz.4.560" name="file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1 [ 118.831658][ T30] audit: type=1400 audit(1723490140.219:382): avc: denied { open } for pid=2351 comm="syz.4.560" path="/113/file0/file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1 [ 118.875882][ T2357] EXT4-fs (loop0): mounted filesystem without journal. Opts: mb_optimize_scan=0x0000000000000001,nojournal_checksum,nogrpid,user_xattr,nodioread_nolock,jqfmt=vfsv0,discard,,errors=continue. Quota mode: none. [ 122.985502][ T2394] loop0: detected capacity change from 0 to 1024 [ 122.985683][ T2396] serio: Serial port pts0 [ 123.032505][ T2394] EXT4-fs (loop0): INFO: recovery required on readonly filesystem [ 123.040240][ T2394] EXT4-fs (loop0): write access will be enabled during recovery [ 123.047835][ T2394] EXT4-fs (loop0): barriers disabled [ 123.069388][ T2394] JBD2: no valid journal superblock found [ 123.075072][ T2394] EXT4-fs (loop0): error loading journal [ 124.592232][ T2409] loop0: detected capacity change from 0 to 256 [ 124.637973][ T2409] exfat: Deprecated parameter 'utf8' [ 124.643151][ T2409] exfat: Deprecated parameter 'namecase' [ 124.648629][ T2409] exfat: Deprecated parameter 'utf8' [ 124.689953][ T2409] exFAT-fs (loop0): failed to load upcase table (idx : 0x00012153, chksum : 0xc3dffc2e, utbl_chksum : 0xe619d30d) [ 124.867658][ T434] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 125.297644][ T434] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 125.308340][ T434] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 125.318016][ T434] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 125.326858][ T434] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 125.335521][ T434] usb 5-1: config 0 descriptor?? [ 125.817817][ T434] hid (null): bogus close delimiter [ 126.057645][ T434] usb 5-1: language id specifier not provided by device, defaulting to English [ 126.303579][ T2421] 9pnet: Insufficient options for proto=fd [ 126.486740][ T2412] futex_wake_op: syz.4.576 tries to shift op by 36; fix this program [ 126.566795][ T434] uclogic 0003:256C:006D.001B: failed retrieving string descriptor #200: -71 [ 126.575592][ T434] uclogic 0003:256C:006D.001B: failed retrieving pen parameters: -71 [ 126.583504][ T434] uclogic 0003:256C:006D.001B: failed probing pen v2 parameters: -71 [ 126.591420][ T434] uclogic 0003:256C:006D.001B: failed probing parameters: -71 [ 126.598710][ T434] uclogic: probe of 0003:256C:006D.001B failed with error -71 [ 126.606816][ T434] usb 5-1: USB disconnect, device number 17 [ 126.717605][ T508] usb 1-1: new full-speed USB device number 15 using dummy_hcd [ 127.097653][ T508] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 127.108474][ T508] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64 [ 127.119073][ T508] usb 1-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 8 [ 127.131692][ T508] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 512, setting to 64 [ 127.142371][ T508] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 512, setting to 64 [ 127.307672][ T508] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 127.316518][ T508] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 127.324390][ T508] usb 1-1: Product: syz [ 127.328334][ T508] usb 1-1: Manufacturer: syz [ 127.332747][ T508] usb 1-1: SerialNumber: syz [ 127.357675][ T2425] raw-gadget.1 gadget: fail, usb_ep_enable returned -22 [ 127.578763][ T2425] raw-gadget.1 gadget: fail, usb_ep_enable returned -22 [ 127.585529][ T2425] raw-gadget.1 gadget: fail, usb_ep_enable returned -22 [ 128.113596][ T2432] incfs: Error accessing: ./file0/file0. [ 128.119152][ T2432] incfs: mount failed -2 [ 128.120504][ T2434] loop4: detected capacity change from 0 to 512 [ 128.144019][ T2432] device syzkaller0 entered promiscuous mode [ 128.184059][ T2436] loop3: detected capacity change from 0 to 512 [ 128.209209][ T2434] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 128.220115][ T2434] ext4 filesystem being mounted at /118/file0 supports timestamps until 2038 (0x7fffffff) [ 128.230982][ T2436] EXT4-fs (loop3): Test dummy encryption mode enabled [ 128.237647][ T2436] EXT4-fs (loop3): error: journal path ./file0 is not a block device [ 128.245732][ T2425] raw-gadget.1 gadget: fail, usb_ep_enable returned -22 [ 128.247040][ T2434] EXT4-fs error (device loop4): ext4_do_update_inode:5191: inode #2: comm syz.4.580: corrupted inode contents [ 128.252837][ T2425] raw-gadget.1 gadget: fail, usb_ep_enable returned -22 [ 128.264382][ T2434] EXT4-fs error (device loop4): ext4_dirty_inode:6024: inode #2: comm syz.4.580: mark_inode_dirty error [ 128.282067][ T2434] EXT4-fs error (device loop4): ext4_do_update_inode:5191: inode #2: comm syz.4.580: corrupted inode contents [ 128.293760][ T2434] EXT4-fs error (device loop4): __ext4_ext_dirty:183: inode #2: comm syz.4.580: mark_inode_dirty error [ 128.499394][ T2425] loop0: detected capacity change from 0 to 16 [ 128.587644][ T26] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 128.587964][ T2425] erofs: (device loop0): mounted with root inode @ nid 36. [ 128.609144][ T2425] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -1027 in[4096, 0] out[4096] [ 128.687664][ T508] cdc_ncm 1-1:1.0: MAC-Address: 42:42:42:42:42:42 [ 128.693919][ T508] cdc_ncm 1-1:1.0: dwNtbInMaxSize=3 is too small. Using 2048 [ 128.701129][ T508] cdc_ncm 1-1:1.0: setting rx_max = 2048 [ 128.827631][ T26] usb 5-1: Using ep0 maxpacket: 8 [ 128.908833][ T508] cdc_ncm 1-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.0-1, CDC NCM, 42:42:42:42:42:42 [ 128.920092][ T508] usb 1-1: USB disconnect, device number 15 [ 128.926136][ T508] cdc_ncm 1-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.0-1, CDC NCM [ 128.947692][ T26] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 128.958379][ T26] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 128.967926][ T26] usb 5-1: New USB device found, idVendor=046a, idProduct=0027, bcdDevice= 0.00 [ 128.976749][ T26] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 128.985080][ T26] usb 5-1: config 0 descriptor?? [ 129.468352][ T26] cherry 0003:046A:0027.001C: unknown main item tag 0x0 [ 129.475254][ T26] cherry 0003:046A:0027.001C: unknown main item tag 0x6 [ 129.482133][ T26] cherry 0003:046A:0027.001C: unknown main item tag 0x5 [ 129.489110][ T26] cherry 0003:046A:0027.001C: unknown main item tag 0x4 [ 129.495851][ T26] cherry 0003:046A:0027.001C: unknown main item tag 0x0 [ 129.502668][ T26] cherry 0003:046A:0027.001C: unknown main item tag 0x0 [ 129.509395][ T26] cherry 0003:046A:0027.001C: unknown main item tag 0x0 [ 129.516151][ T26] cherry 0003:046A:0027.001C: unknown main item tag 0x0 [ 129.522960][ T26] cherry 0003:046A:0027.001C: unknown main item tag 0x0 [ 129.529747][ T26] cherry 0003:046A:0027.001C: unknown main item tag 0x0 [ 129.536550][ T26] cherry 0003:046A:0027.001C: unknown global tag 0xd [ 129.543080][ T26] cherry 0003:046A:0027.001C: item 0 4 1 13 parsing failed [ 129.550240][ T26] cherry: probe of 0003:046A:0027.001C failed with error -22 [ 130.021923][ T2445] loop0: detected capacity change from 0 to 256 [ 130.239029][ T2445] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 131.138824][ T434] usb 5-1: USB disconnect, device number 18 SYZFAIL: mmap of output file failed want 0x1b30f20000, got 0xffffffffffffffff (errno 13: Permission denied) SYZFAIL: mmap of output file failed want 0x1b31120000, got 0xffffffffffffffff (errno 13: Permission denied) SYZFAIL: mmap of output file failed want 0x1b31620000, got 0xffffffffffffffff (errno 13: Permission denied) SYZFAIL: mmap of output file failed want 0x1b31e20000, got 0xffffffffffffffff (errno 13: Permission denied) SYZFAIL: mmap of output file failed want 0x1b32720000, got 0xffffffffffffffff (errno 13: Permission denied) SYZFAIL: mmap of output file failed want 0x1b33320000, got 0xffffffffffffffff (errno 13: Permission denied) SYZFAIL: mmap of output file failed want 0x1b33920000, got 0xffffffffffffffff (errno 13: Permission denied) SYZFAIL: mmap of output file failed want 0x1b2c620000, got 0xffffffffffffffff (errno 13: Permission denied) SYZFAIL: mmap of output file failed want 0x1b2d120000, got 0xffffffffffffffff (errno 13: Permission denied) SYZFAIL: mmap of output file failed want 0x1b2dd20000, got 0xffffffffffffffff (errno 13: Permission denied) SYZFAIL: mmap of output file failed want 0x1b2ea20000, got 0xffffffffffffffff (errno 13: Permission denied) SYZFAIL: mmap of output file failed want 0x1b2fa20000, got 0xffffffffffffffff (errno 13: Permission denied) SYZFAIL: mmap of output file failed want 0x1b30620000, got 0xffffffffffffffff (errno 13: Permission denied) SYZFAIL: mmap of output file failed want 0x1b31220000, got 0xffffffffffffffff (errno 13: Permission denied) SYZFAIL: mmap of output file failed want 0x1b32120000, got 0xffffffffffffffff (errno 13: Permission denied) SYZFAIL: mmap of output file failed want 0x1b32f20000, got 0xffffffffffffffff (errno 13: Permission denied) SYZFAIL: mmap of output file failed want 0x1b33a20000, got 0xffffffffffffffff (errno 13: Permission denied) SYZFAIL: mmap of output file failed want 0x1b2c720000, got 0xffffffffffffffff (errno 13: Permission denied) SYZFAIL: mmap of output file failed want 0x1b2d220000, got 0xffffffffffffffff (errno 13: Permission denied) SYZFAIL: repeatedly failed to execute the program proc=1 req=529 state=1 status=67 (errno 9: Bad file descriptor) [ 132.033834][ T2462] loop4: detected capacity change from 0 to 256 [ 132.988260][ T8] device bridge_slave_1 left promiscuous mode [ 132.994320][ T8] bridge0: port 2(bridge_slave_1) entered disabled state [ 133.001558][ T8] device bridge_slave_0 left promiscuous mode [ 133.007478][ T8] bridge0: port 1(bridge_slave_0) entered disabled state [ 133.015228][ T8] device veth1_macvtap left promiscuous mode [ 133.021067][ T8] device veth0_vlan left promiscuous mode [ 134.548600][ T8] device bridge_slave_1 left promiscuous mode [ 134.554516][ T8] bridge0: port 2(bridge_slave_1) entered disabled state [ 134.561857][ T8] device bridge_slave_0 left promiscuous mode [ 134.567829][ T8] bridge0: port 1(bridge_slave_0) entered disabled state [ 134.575341][ T8] device bridge_slave_1 left promiscuous mode [ 134.581325][ T8] bridge0: port 2(bridge_slave_1) entered disabled state [ 134.588497][ T8] device bridge_slave_0 left promiscuous mode [ 134.594395][ T8] bridge0: port 1(bridge_slave_0) entered disabled state [ 134.602092][ T8] device bridge_slave_1 left promiscuous mode [ 134.608038][ T8] bridge0: port 2(bridge_slave_1) entered disabled state [ 134.615183][ T8] device bridge_slave_0 left promiscuous mode [ 134.621166][ T8] bridge0: port 1(bridge_slave_0) entered disabled state [ 134.629012][ T8] device veth1_macvtap left promiscuous mode [ 134.634804][ T8] device veth0_vlan left promiscuous mode [ 134.640652][ T8] device veth1_macvtap left promiscuous mode [ 134.646446][ T8] device veth0_vlan left promiscuous mode [ 134.652318][ T8] device veth1_macvtap left promiscuous mode [ 134.658240][ T8] device veth0_vlan left promiscuous mode